2003-06-18 19:56:13 +00:00
|
|
|
/* pkglue.c - public key operations glue code
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
* Copyright (C) 2000, 2003, 2010 Free Software Foundation, Inc.
|
|
|
|
* Copyright (C) 2014 Werner Koch
|
2003-06-18 19:56:13 +00:00
|
|
|
*
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
*
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 19:49:40 +00:00
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-06-18 19:56:13 +00:00
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-06-18 19:56:13 +00:00
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <errno.h>
|
|
|
|
|
|
|
|
#include "gpg.h"
|
2017-03-07 20:21:23 +09:00
|
|
|
#include "../common/util.h"
|
2003-06-18 19:56:13 +00:00
|
|
|
#include "pkglue.h"
|
2011-01-05 17:33:17 -08:00
|
|
|
#include "main.h"
|
2011-01-25 20:28:25 +01:00
|
|
|
#include "options.h"
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2015-11-16 12:41:46 +01:00
|
|
|
/* FIXME: Better change the function name because mpi_ is used by
|
2011-01-21 12:00:57 +01:00
|
|
|
gcrypt macros. */
|
2011-01-05 17:33:17 -08:00
|
|
|
gcry_mpi_t
|
2013-11-15 08:59:45 +01:00
|
|
|
get_mpi_from_sexp (gcry_sexp_t sexp, const char *item, int mpifmt)
|
2003-08-25 21:12:43 +00:00
|
|
|
{
|
|
|
|
gcry_sexp_t list;
|
|
|
|
gcry_mpi_t data;
|
2011-02-02 17:40:32 +01:00
|
|
|
|
2003-08-25 21:12:43 +00:00
|
|
|
list = gcry_sexp_find_token (sexp, item, 0);
|
2016-04-29 11:05:24 +02:00
|
|
|
log_assert (list);
|
2013-11-15 08:59:45 +01:00
|
|
|
data = gcry_sexp_nth_mpi (list, 1, mpifmt);
|
2016-04-29 11:05:24 +02:00
|
|
|
log_assert (data);
|
2003-08-25 21:12:43 +00:00
|
|
|
gcry_sexp_release (list);
|
|
|
|
return data;
|
|
|
|
}
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2020-06-09 10:32:47 +09:00
|
|
|
/* Extract SOS representation from SEXP for PARAM, return the result
|
|
|
|
in R_SOS. */
|
|
|
|
gpg_error_t
|
|
|
|
sexp_extract_param_sos (gcry_sexp_t sexp, const char *param, gcry_mpi_t *r_sos)
|
|
|
|
{
|
|
|
|
gpg_error_t err;
|
|
|
|
gcry_sexp_t l2 = gcry_sexp_find_token (sexp, param, 0);
|
|
|
|
|
|
|
|
*r_sos = NULL;
|
|
|
|
if (!l2)
|
|
|
|
err = gpg_error (GPG_ERR_NO_OBJ);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
size_t buflen;
|
|
|
|
void *p0 = gcry_sexp_nth_buffer (l2, 1, &buflen);
|
|
|
|
|
|
|
|
if (!p0)
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
gcry_mpi_t sos;
|
|
|
|
unsigned int nbits = buflen*8;
|
|
|
|
unsigned char *p = p0;
|
|
|
|
|
2020-10-30 15:21:20 +09:00
|
|
|
if (*p && nbits >= 8 && !(*p & 0x80))
|
2020-06-09 10:32:47 +09:00
|
|
|
if (--nbits >= 7 && !(*p & 0x40))
|
|
|
|
if (--nbits >= 6 && !(*p & 0x20))
|
|
|
|
if (--nbits >= 5 && !(*p & 0x10))
|
|
|
|
if (--nbits >= 4 && !(*p & 0x08))
|
|
|
|
if (--nbits >= 3 && !(*p & 0x04))
|
|
|
|
if (--nbits >= 2 && !(*p & 0x02))
|
|
|
|
if (--nbits >= 1 && !(*p & 0x01))
|
|
|
|
--nbits;
|
|
|
|
|
|
|
|
sos = gcry_mpi_set_opaque (NULL, p0, nbits);
|
|
|
|
if (sos)
|
|
|
|
{
|
|
|
|
gcry_mpi_set_flag (sos, GCRYMPI_FLAG_USER2);
|
|
|
|
*r_sos = sos;
|
|
|
|
err = 0;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
err = gpg_error_from_syserror ();
|
|
|
|
}
|
|
|
|
gcry_sexp_release (l2);
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2020-06-09 15:45:51 +09:00
|
|
|
static byte *
|
|
|
|
get_data_from_sexp (gcry_sexp_t sexp, const char *item, size_t *r_size)
|
|
|
|
{
|
|
|
|
gcry_sexp_t list;
|
|
|
|
size_t valuelen;
|
|
|
|
const char *value;
|
|
|
|
byte *v;
|
|
|
|
|
2020-06-23 10:10:29 +09:00
|
|
|
if (DBG_CRYPTO)
|
|
|
|
log_printsexp ("get_data_from_sexp:", sexp);
|
2020-06-09 15:45:51 +09:00
|
|
|
|
|
|
|
list = gcry_sexp_find_token (sexp, item, 0);
|
|
|
|
log_assert (list);
|
|
|
|
value = gcry_sexp_nth_data (list, 1, &valuelen);
|
|
|
|
log_assert (value);
|
|
|
|
v = xtrymalloc (valuelen);
|
|
|
|
memcpy (v, value, valuelen);
|
|
|
|
gcry_sexp_release (list);
|
|
|
|
*r_size = valuelen;
|
|
|
|
return v;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-10-08 12:00:56 +09:00
|
|
|
static void
|
|
|
|
openpgp_ecc_parse_signature (pubkey_algo_t pkalgo, gcry_mpi_t sig_data,
|
|
|
|
gcry_mpi_t *r, gcry_mpi_t *s)
|
|
|
|
{
|
|
|
|
unsigned int nbits = 0;
|
|
|
|
unsigned char *buf;
|
|
|
|
|
|
|
|
if (pkalgo != PUBKEY_ALGO_EDDSA)
|
|
|
|
return;
|
|
|
|
|
|
|
|
buf = gcry_mpi_get_opaque (sig_data, &nbits);
|
|
|
|
if ((nbits+7)/8 != (8 /*prefix*/ + 448 + 8 /*r*/ + 448 + 8 /*s*/)/8)
|
|
|
|
return;
|
|
|
|
|
|
|
|
/* Ed448 signature with the prefix. */
|
|
|
|
*r = gcry_mpi_set_opaque_copy (NULL, buf+1, 8 + 448);
|
|
|
|
*s = gcry_mpi_set_opaque_copy (NULL, buf+1+57, 8 + 448);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
/****************
|
|
|
|
* Emulate our old PK interface here - sometime in the future we might
|
|
|
|
* change the internal design to directly fit to libgcrypt.
|
|
|
|
*/
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
|
|
|
|
gcry_mpi_t *data, gcry_mpi_t *pkey)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
gcry_sexp_t s_sig, s_hash, s_pkey;
|
|
|
|
int rc;
|
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Make a sexp from pkey. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2], pkey[3]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL_E || pkalgo == PUBKEY_ALGO_ELGAMAL)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(elg(p%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_RSA || pkalgo == PUBKEY_ALGO_RSA_S)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(rsa(n%m)(e%m)))", pkey[0], pkey[1]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
char *curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(ecdsa(curve %s)(q%m)))",
|
|
|
|
curve, pkey[1]);
|
|
|
|
xfree (curve);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
|
|
|
char *curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
2011-01-31 09:27:06 +01:00
|
|
|
else
|
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_t pubkey;
|
2021-10-08 22:25:05 +09:00
|
|
|
const char *curve_name = openpgp_oid_to_curve (curve, 1);
|
2020-06-24 10:05:03 +09:00
|
|
|
|
2021-11-25 14:17:31 +09:00
|
|
|
pubkey = openpgp_to_libgcrypt (pkalgo, curve_name, pkey[1]);
|
2020-06-24 10:05:03 +09:00
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
|
|
|
fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
|
|
|
|
else
|
|
|
|
fmt = "(public-key(ecc(curve %s)(q%m)))";
|
|
|
|
|
2021-10-08 22:25:05 +09:00
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve_name, pubkey);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
xfree (curve);
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_release (pubkey);
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
else
|
|
|
|
return GPG_ERR_PUBKEY_ALGO;
|
|
|
|
|
|
|
|
if (rc)
|
2009-02-24 11:47:25 +00:00
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Put hash into a S-Exp s_hash. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_EDDSA)
|
2013-11-15 08:59:45 +01:00
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
|
|
|
|
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
|
|
|
fmt = "(data(flags eddsa)(hash-algo sha512)(value %m))";
|
|
|
|
else
|
|
|
|
fmt = "(data(value %m))";
|
|
|
|
|
|
|
|
if (gcry_sexp_build (&s_hash, NULL, fmt, hash))
|
2013-11-15 08:59:45 +01:00
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
if (gcry_sexp_build (&s_hash, NULL, "%m", hash))
|
|
|
|
BUG (); /* gcry_sexp_build should never fail. */
|
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2009-02-24 11:47:25 +00:00
|
|
|
/* Put data into a S-Exp s_sig. */
|
|
|
|
s_sig = NULL;
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(dsa(r%m)(s%m)))", data[0], data[1]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(ecdsa(r%m)(s%m)))", data[0], data[1]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
2016-08-25 15:18:51 +02:00
|
|
|
gcry_mpi_t r = data[0];
|
|
|
|
gcry_mpi_t s = data[1];
|
2021-12-14 17:59:06 +09:00
|
|
|
unsigned int nbits;
|
|
|
|
const unsigned char *p;
|
2016-08-25 15:18:51 +02:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (openpgp_oid_is_ed25519 (pkey[0]))
|
2016-08-25 15:18:51 +02:00
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
size_t rlen, slen, n; /* (bytes) */
|
|
|
|
char buf[64];
|
|
|
|
unsigned int neededfixedlen = 256 / 8;
|
2020-06-09 10:32:47 +09:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
log_assert (neededfixedlen <= sizeof buf);
|
2020-06-09 10:32:47 +09:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (!r || !s)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else if ((rlen = (gcry_mpi_get_nbits (r)+7)/8) > neededfixedlen || !rlen)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else if ((slen = (gcry_mpi_get_nbits (s)+7)/8) > neededfixedlen || !slen)
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
{
|
|
|
|
/* We need to fixup the length in case of leading zeroes.
|
|
|
|
* OpenPGP does not allow leading zeroes and the parser for
|
|
|
|
* the signature packet has no information on the use curve,
|
|
|
|
* thus we need to do it here. We won't do it for opaque
|
|
|
|
* MPIs under the assumption that they are known to be fine;
|
|
|
|
* we won't see them here anyway but the check is anyway
|
|
|
|
* required. Fixme: A nifty feature for gcry_sexp_build
|
|
|
|
* would be a format to left pad the value (e.g. "%*M"). */
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
if (rlen < neededfixedlen
|
|
|
|
&& !gcry_mpi_get_flag (r, GCRYMPI_FLAG_OPAQUE)
|
|
|
|
&& !(rc=gcry_mpi_print (GCRYMPI_FMT_USG, buf, sizeof buf, &n, r)))
|
|
|
|
{
|
|
|
|
log_assert (n < neededfixedlen);
|
|
|
|
memmove (buf + (neededfixedlen - n), buf, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
r = gcry_mpi_set_opaque_copy (NULL, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
else if (rlen < neededfixedlen
|
|
|
|
&& gcry_mpi_get_flag (r, GCRYMPI_FLAG_OPAQUE))
|
|
|
|
{
|
|
|
|
p = gcry_mpi_get_opaque (r, &nbits);
|
|
|
|
n = (nbits+7)/8;
|
|
|
|
memcpy (buf + (neededfixedlen - n), p, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
gcry_mpi_set_opaque_copy (r, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
if (slen < neededfixedlen
|
|
|
|
&& !gcry_mpi_get_flag (s, GCRYMPI_FLAG_OPAQUE)
|
|
|
|
&& !(rc=gcry_mpi_print (GCRYMPI_FMT_USG, buf, sizeof buf, &n, s)))
|
|
|
|
{
|
|
|
|
log_assert (n < neededfixedlen);
|
|
|
|
memmove (buf + (neededfixedlen - n), buf, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
s = gcry_mpi_set_opaque_copy (NULL, buf, neededfixedlen * 8);
|
|
|
|
}
|
|
|
|
else if (slen < neededfixedlen
|
|
|
|
&& gcry_mpi_get_flag (s, GCRYMPI_FLAG_OPAQUE))
|
|
|
|
{
|
|
|
|
p = gcry_mpi_get_opaque (s, &nbits);
|
|
|
|
n = (nbits+7)/8;
|
|
|
|
memcpy (buf + (neededfixedlen - n), p, n);
|
|
|
|
memset (buf, 0, neededfixedlen - n);
|
|
|
|
gcry_mpi_set_opaque_copy (s, buf, neededfixedlen * 8);
|
|
|
|
}
|
2020-06-09 10:32:47 +09:00
|
|
|
}
|
2020-06-24 10:05:03 +09:00
|
|
|
}
|
2021-12-14 17:59:06 +09:00
|
|
|
/*
|
|
|
|
* When data[1] is NULL or [0], parse the signature into R and S
|
|
|
|
* parts.
|
|
|
|
*/
|
|
|
|
else if (!s
|
|
|
|
|| (gcry_mpi_get_flag (s, GCRYMPI_FLAG_OPAQUE)
|
|
|
|
&& ((p = gcry_mpi_get_opaque (s, &nbits)) == NULL
|
|
|
|
|| nbits == 0
|
|
|
|
|| ((nbits+7)/8 == 1 && p[0] == 0))))
|
2021-10-08 12:00:56 +09:00
|
|
|
openpgp_ecc_parse_signature (pkalgo, r, &r, &s);
|
2020-06-24 10:05:03 +09:00
|
|
|
else
|
|
|
|
rc = 0;
|
2016-08-25 15:18:51 +02:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(eddsa(r%M)(s%M)))", r, s);
|
2016-08-25 15:18:51 +02:00
|
|
|
|
2020-06-24 10:05:03 +09:00
|
|
|
if (r != data[0])
|
|
|
|
gcry_mpi_release (r);
|
|
|
|
if (s != data[1])
|
|
|
|
gcry_mpi_release (s);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL || pkalgo == PUBKEY_ALGO_ELGAMAL_E)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0] || !data[1])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL,
|
|
|
|
"(sig-val(elg(r%m)(s%m)))", data[0], data[1]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_RSA || pkalgo == PUBKEY_ALGO_RSA_S)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2003-08-07 07:05:38 +00:00
|
|
|
if (!data[0])
|
|
|
|
rc = gpg_error (GPG_ERR_BAD_MPI);
|
|
|
|
else
|
|
|
|
rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%m)))", data[0]);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
|
|
|
else
|
|
|
|
BUG ();
|
|
|
|
|
2009-02-24 11:47:25 +00:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_pk_verify (s_sig, s_hash, s_pkey);
|
2003-06-18 19:56:13 +00:00
|
|
|
|
|
|
|
gcry_sexp_release (s_sig);
|
|
|
|
gcry_sexp_release (s_hash);
|
|
|
|
gcry_sexp_release (s_pkey);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/****************
|
|
|
|
* Emulate our old PK interface here - sometime in the future we might
|
|
|
|
* change the internal design to directly fit to libgcrypt.
|
2011-02-02 17:40:32 +01:00
|
|
|
* PK is only required to compute the fingerprint for ECDH.
|
2003-06-18 19:56:13 +00:00
|
|
|
*/
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
|
2011-02-02 17:40:32 +01:00
|
|
|
PKT_public_key *pk, gcry_mpi_t *pkey)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
2014-09-08 18:25:06 +02:00
|
|
|
gcry_sexp_t s_ciph = NULL;
|
|
|
|
gcry_sexp_t s_data = NULL;
|
|
|
|
gcry_sexp_t s_pkey = NULL;
|
2003-06-18 19:56:13 +00:00
|
|
|
int rc;
|
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Make a sexp from pkey. */
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (algo == PUBKEY_ALGO_ELGAMAL || algo == PUBKEY_ALGO_ELGAMAL_E)
|
2003-06-18 19:56:13 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(elg(p%m)(g%m)(y%m)))",
|
|
|
|
pkey[0], pkey[1], pkey[2]);
|
2011-01-25 20:28:25 +01:00
|
|
|
/* Put DATA into a simplified S-expression. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", data);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_RSA || algo == PUBKEY_ALGO_RSA_E)
|
2003-07-03 18:08:16 +00:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
|
|
|
"(public-key(rsa(n%m)(e%m)))",
|
|
|
|
pkey[0], pkey[1]);
|
2011-01-25 20:28:25 +01:00
|
|
|
/* Put DATA into a simplified S-expression. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", data);
|
2003-07-03 18:08:16 +00:00
|
|
|
}
|
2011-02-02 17:40:32 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_ECDH)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
2011-01-25 20:28:25 +01:00
|
|
|
gcry_mpi_t k;
|
|
|
|
|
|
|
|
rc = pk_ecdh_generate_ephemeral_key (pkey, &k);
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
2011-01-31 09:27:06 +01:00
|
|
|
{
|
2014-09-08 18:25:06 +02:00
|
|
|
char *curve;
|
|
|
|
|
|
|
|
curve = openpgp_oid_to_str (pkey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
|
|
|
{
|
2016-08-25 15:16:32 +02:00
|
|
|
int with_djb_tweak_flag = openpgp_oid_is_cv25519 (pkey[0]);
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_t pubkey;
|
2021-10-08 22:25:05 +09:00
|
|
|
const char *curve_name = openpgp_oid_to_curve (curve, 1);
|
2015-08-06 17:00:41 +09:00
|
|
|
|
2021-11-25 14:17:31 +09:00
|
|
|
pubkey = openpgp_to_libgcrypt (algo, curve_name, pkey[1]);
|
2014-09-08 18:25:06 +02:00
|
|
|
/* Now use the ephemeral secret to compute the shared point. */
|
|
|
|
rc = gcry_sexp_build (&s_pkey, NULL,
|
2015-08-06 17:00:41 +09:00
|
|
|
with_djb_tweak_flag ?
|
2021-10-08 12:00:56 +09:00
|
|
|
"(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))"
|
|
|
|
: "(public-key(ecc(curve%s)(q%m)))",
|
2021-10-08 22:25:05 +09:00
|
|
|
curve_name, pubkey);
|
2014-09-08 18:25:06 +02:00
|
|
|
xfree (curve);
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_release (pubkey);
|
2014-09-08 18:25:06 +02:00
|
|
|
/* Put K into a simplified S-expression. */
|
|
|
|
if (!rc)
|
|
|
|
rc = gcry_sexp_build (&s_data, NULL, "%m", k);
|
|
|
|
}
|
|
|
|
gcry_mpi_release (k);
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
2003-06-18 19:56:13 +00:00
|
|
|
else
|
2014-09-08 18:25:06 +02:00
|
|
|
rc = gpg_error (GPG_ERR_PUBKEY_ALGO);
|
2003-06-18 19:56:13 +00:00
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
/* Pass it to libgcrypt. */
|
2014-09-08 18:25:06 +02:00
|
|
|
if (!rc)
|
|
|
|
rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey);
|
|
|
|
|
2003-06-18 19:56:13 +00:00
|
|
|
gcry_sexp_release (s_data);
|
|
|
|
gcry_sexp_release (s_pkey);
|
|
|
|
|
|
|
|
if (rc)
|
|
|
|
;
|
2011-02-02 17:40:32 +01:00
|
|
|
else if (algo == PUBKEY_ALGO_ECDH)
|
2011-01-25 20:28:25 +01:00
|
|
|
{
|
2020-06-09 15:45:51 +09:00
|
|
|
gcry_mpi_t public, result;
|
2011-02-02 17:40:32 +01:00
|
|
|
byte fp[MAX_FINGERPRINT_LEN];
|
2020-06-09 15:45:51 +09:00
|
|
|
byte *shared;
|
|
|
|
size_t nshared;
|
2011-01-25 20:28:25 +01:00
|
|
|
|
|
|
|
/* Get the shared point and the ephemeral public key. */
|
2020-06-09 15:45:51 +09:00
|
|
|
shared = get_data_from_sexp (s_ciph, "s", &nshared);
|
2021-05-11 09:04:19 +02:00
|
|
|
if (!shared)
|
|
|
|
{
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
goto leave;
|
|
|
|
}
|
2020-06-09 10:32:47 +09:00
|
|
|
rc = sexp_extract_param_sos (s_ciph, "e", &public);
|
2011-01-25 20:28:25 +01:00
|
|
|
gcry_sexp_release (s_ciph);
|
|
|
|
s_ciph = NULL;
|
2021-10-21 14:58:39 +09:00
|
|
|
if (openpgp_oid_is_cv448 (pkey[0]))
|
|
|
|
{
|
2021-11-25 14:17:31 +09:00
|
|
|
rc = openpgp_from_libgcrypt (algo, &public);
|
2021-10-21 14:58:39 +09:00
|
|
|
if (rc)
|
|
|
|
goto leave;
|
|
|
|
}
|
|
|
|
|
2015-04-06 13:07:09 +02:00
|
|
|
if (DBG_CRYPTO)
|
2011-01-25 20:28:25 +01:00
|
|
|
{
|
|
|
|
log_debug ("ECDH ephemeral key:");
|
|
|
|
gcry_mpi_dump (public);
|
|
|
|
log_printf ("\n");
|
|
|
|
}
|
2011-02-02 17:40:32 +01:00
|
|
|
|
2011-01-25 20:28:25 +01:00
|
|
|
result = NULL;
|
2021-03-24 14:51:42 +09:00
|
|
|
fingerprint_from_pk (pk, fp, NULL);
|
2020-06-09 10:32:47 +09:00
|
|
|
|
|
|
|
if (!rc)
|
2020-06-09 15:45:51 +09:00
|
|
|
{
|
|
|
|
unsigned int nbits;
|
|
|
|
byte *p = gcry_mpi_get_opaque (data, &nbits);
|
|
|
|
rc = pk_ecdh_encrypt_with_shared_point (shared, nshared, fp, p,
|
|
|
|
(nbits+7)/8, pkey, &result);
|
|
|
|
}
|
|
|
|
xfree (shared);
|
2011-01-25 20:28:25 +01:00
|
|
|
if (!rc)
|
|
|
|
{
|
|
|
|
resarr[0] = public;
|
|
|
|
resarr[1] = result;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
gcry_mpi_release (public);
|
|
|
|
gcry_mpi_release (result);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else /* Elgamal or RSA case. */
|
|
|
|
{ /* Fixme: Add better error handling or make gnupg use
|
|
|
|
S-expressions directly. */
|
2013-11-15 08:59:45 +01:00
|
|
|
resarr[0] = get_mpi_from_sexp (s_ciph, "a", GCRYMPI_FMT_USG);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (!is_RSA (algo))
|
2013-11-15 08:59:45 +01:00
|
|
|
resarr[1] = get_mpi_from_sexp (s_ciph, "b", GCRYMPI_FMT_USG);
|
2003-06-18 19:56:13 +00:00
|
|
|
}
|
|
|
|
|
2021-05-11 09:04:19 +02:00
|
|
|
leave:
|
2003-06-18 19:56:13 +00:00
|
|
|
gcry_sexp_release (s_ciph);
|
|
|
|
return rc;
|
|
|
|
}
|
|
|
|
|
2011-01-21 12:00:57 +01:00
|
|
|
|
2011-01-05 17:33:17 -08:00
|
|
|
/* Check whether SKEY is a suitable secret key. */
|
|
|
|
int
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
gcry_sexp_t s_skey;
|
|
|
|
int rc;
|
|
|
|
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
if (pkalgo == PUBKEY_ALGO_DSA)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3], skey[4]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ELGAMAL || pkalgo == PUBKEY_ALGO_ELGAMAL_E)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (is_RSA (pkalgo))
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
|
|
|
"(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
|
|
|
|
skey[0], skey[1], skey[2], skey[3], skey[4],
|
|
|
|
skey[5]);
|
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
else if (pkalgo == PUBKEY_ALGO_ECDSA || pkalgo == PUBKEY_ALGO_ECDH)
|
2011-01-05 17:33:17 -08:00
|
|
|
{
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
char *curve = openpgp_oid_to_str (skey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
|
|
|
else
|
2011-01-31 09:27:06 +01:00
|
|
|
{
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_t pubkey;
|
|
|
|
gcry_mpi_t seckey;
|
2021-10-08 22:25:05 +09:00
|
|
|
const char *curve_name = openpgp_oid_to_curve (curve, 1);
|
2021-10-08 12:00:56 +09:00
|
|
|
|
2021-11-25 14:17:31 +09:00
|
|
|
pubkey = openpgp_to_libgcrypt (pkalgo, curve_name, skey[1]);
|
|
|
|
seckey = openpgp_to_libgcrypt (pkalgo, curve_name, skey[2]);
|
2011-01-31 09:27:06 +01:00
|
|
|
rc = gcry_sexp_build (&s_skey, NULL,
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
"(private-key(ecc(curve%s)(q%m)(d%m)))",
|
2021-10-08 22:25:05 +09:00
|
|
|
curve_name, pubkey, seckey);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
xfree (curve);
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_release (pubkey);
|
|
|
|
gcry_mpi_release (seckey);
|
2013-11-15 08:59:45 +01:00
|
|
|
}
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
}
|
|
|
|
else if (pkalgo == PUBKEY_ALGO_EDDSA)
|
|
|
|
{
|
|
|
|
char *curve = openpgp_oid_to_str (skey[0]);
|
|
|
|
if (!curve)
|
|
|
|
rc = gpg_error_from_syserror ();
|
2013-11-15 08:59:45 +01:00
|
|
|
else
|
|
|
|
{
|
2020-06-24 10:05:03 +09:00
|
|
|
const char *fmt;
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_t pubkey;
|
|
|
|
gcry_mpi_t seckey;
|
2021-10-08 22:25:05 +09:00
|
|
|
const char *curve_name = openpgp_oid_to_curve (curve, 1);
|
2020-06-24 10:05:03 +09:00
|
|
|
|
2021-11-25 14:17:31 +09:00
|
|
|
pubkey = openpgp_to_libgcrypt (pkalgo, curve_name, skey[1]);
|
|
|
|
seckey = openpgp_to_libgcrypt (pkalgo, curve_name, skey[2]);
|
2020-06-24 10:05:03 +09:00
|
|
|
if (openpgp_oid_is_ed25519 (skey[0]))
|
|
|
|
fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
|
|
|
|
else
|
|
|
|
fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))";
|
|
|
|
|
2021-10-08 22:25:05 +09:00
|
|
|
rc = gcry_sexp_build (&s_skey, NULL, fmt, curve_name, pubkey, seckey);
|
gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.
* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.
* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.
* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip): Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--
This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones. This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.
This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA. As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF. Note that EdDSA (Ed25519)
does not yet work and that more changes are required.
The ECC support is still broken right now. Needs to be fixed.
Signed-off-by: Werner Koch <wk@gnupg.org>
2014-01-30 18:48:37 +01:00
|
|
|
xfree (curve);
|
2021-10-08 12:00:56 +09:00
|
|
|
gcry_mpi_release (pubkey);
|
|
|
|
gcry_mpi_release (seckey);
|
2011-01-31 09:27:06 +01:00
|
|
|
}
|
2011-01-05 17:33:17 -08:00
|
|
|
}
|
|
|
|
else
|
|
|
|
return GPG_ERR_PUBKEY_ALGO;
|
|
|
|
|
|
|
|
if (!rc)
|
|
|
|
{
|
|
|
|
rc = gcry_pk_testkey (s_skey);
|
|
|
|
gcry_sexp_release (s_skey);
|
|
|
|
}
|
|
|
|
return rc;
|
|
|
|
}
|