Finished ECC integration.

Wrote the ChangeLog 2011-01-13 entry for Andrey's orginal work modulo
the cleanups I did in the last week.  Adjusted my own ChangeLog
entries to be consistent with that entry.

Nuked quite some trailing spaces; again sorry for that, I will better
take care of not saving them in the future.  "git diff -b" is useful
to read the actual changes ;-).

The ECC-INTEGRATION-2-1 branch can be closed now.

AUTHORS

@@ -11,6 +11,9 @@ Authors
 
 Ales Nyakhaychyk <nyakhaychyk@i1fn.linux.by> Translations [be]
 
+Andrey Jivsov <openpgp@brainhub.org>  Assigns past and future changes for ECC.
+    (g10/ecdh.c.  other changes to support ECC)
+
 Birger Langkjer <birger.langkjer@image.dk> Translations [da]
 
 Maxim Britov <maxim.britov@gmail.com> Translations [ru]
@@ -174,4 +177,3 @@ name gpg2keys_*.
  This file is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-

NEWS

@@ -20,6 +20,8 @@ Noteworthy changes in version 2.1.0beta2 (unreleased)
  * Dirmngr has taken over the function of the keyserver helpers.  Thus
    we now have a specified direct interface to keyservers via Dirmngr.
 
+ * ECC support for GPG as described by draft-jivsov-openpgp-ecc-06.txt.
+
 
 Noteworthy changes in version 2.1.0beta1 (2010-10-26)
 -----------------------------------------------------
@@ -794,7 +796,7 @@ Noteworthy changes in version 1.9.0 (2003-08-05)
 
 
  Copyright 2002, 2003, 2004, 2005, 2006, 2007,
-           2008, 2009  Free Software Foundation, Inc.
+           2008, 2009, 2010, 2011  Free Software Foundation, Inc.
 
  This file is free software; as a special exception the author gives
  unlimited permission to copy and/or distribute it, with or without

agent/ChangeLog

@@ -1,3 +1,19 @@
+2011-02-03  Werner Koch  <wk@g10code.com>
+
+	* protect.c (protect_info): Support ECC algos.
+
+	* pksign.c (do_encode_dsa): Map public key algo number.  Extend
+	DSA size check for ECDSA.
+
+	* gpg-agent.c: Include cipher.h.
+	(map_pk_openpgp_to_gcry): New.
+
+	* findkey.c (key_parms_from_sexp): Support ECDH.
+
+	* cvt-openpgp.c (get_keygrip): Support ECC algorithms.
+	(convert_secret_key): Ditto.
+	(do_unprotect): Ditto.
+
 2011-02-02  Werner Koch  <wk@g10code.com>
 
 	* cvt-openpgp.c (convert_secret_key): Remove algo mapping.

agent/protect.c

@@ -1,6 +1,6 @@
 /* protect.c - Un/Protect a secret key
  * Copyright (C) 1998, 1999, 2000, 2001, 2002,
- *               2003, 2007, 2009 Free Software Foundation, Inc.
+ *               2003, 2007, 2009, 2011 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -1350,4 +1350,3 @@ parse_shadow_info (const unsigned char *shadow_info,
 
   return 0;
 }
-

common/ChangeLog

@@ -3,8 +3,6 @@
 	* openpgp-oid.c: New.
 	* t-openpgp-oid.c: New.
 
-	* convert.c (mpi2hex): Remove.
-
 2011-01-20  Werner Koch  <wk@g10code.com>
 
 	Fix bug#1313.

common/convert.c

@@ -23,7 +23,6 @@
 #include <ctype.h>
 
 #include "util.h"
-#include "gcrypt.h"  /* FIXME: really needed?  */
 
 
 #define tohex(n) ((n) < 10 ? ((n) + '0') : (((n) - 10) + 'A'))

g10/ChangeLog

@@ -1,3 +1,8 @@
+2011-02-03  Werner Koch  <wk@g10code.com>
+
+	Finished ECC integration.
+	Wrote change description for 2011-01-13.
+
 2011-02-02  Werner Koch  <wk@g10code.com>
 
 	* encrypt.c (write_pubkey_enc_from_list): Don't compute the
@@ -12,36 +17,31 @@
 
 2011-02-01  Werner Koch  <wk@g10code.com>
 
-	* import.c (transfer_secret_keys): Implement ECC case.
-
 	* gpg.c (main): Call setup_libgcrypt_logging.
 
+	* import.c (transfer_secret_keys): Implement ECC case.
+	(one_mpi_from_pkey): New.
+	* export.c (transfer_format_to_openpgp): Ditto.
 	* keygen.c (gpg_curve_to_oid): New.
 	(ecckey_from_sexp): Factor curve name mapping out to new function.
 
 2011-01-31  Werner Koch  <wk@g10code.com>
 
-	* misc.c (make_flagged_int, openpgp_oid_from_str)
-	(openpgp_oid_to_str): Move to ../common/openpgp-oids.c.
-
 	* ecdh.c (pk_ecdh_encrypt_with_shared_point): Return an opaque MPI.
 
 	* build-packet.c (mpi_write): Rename to gpg_mpi_write and make global.
-	(write_size_body_mpi): Remove.
 
 2011-01-30  Werner Koch  <wk@g10code.com>
 
-
 	* keyid.c (keygrip_from_pk): Adjust ECC cases.
 	* pkglue.c (pk_verify): Ditto.
 
-	* parse-packet.c (read_size_body): Rewrite.
+	* parse-packet.c (parse_key): Simply ECC case.
-	(parse_key): Simply ECC case.
 	(parse_pubkeyenc): Ditto.
 
 	* misc.c (pubkey_get_npkey): Special case ECC.
 	(pubkey_get_nskey): Ditto.
-	(mpi_print): Support printfing of opaque values.
+	(mpi_print): Support printing of opaque values.
 	(openpgp_oid_to_str): New.
 	(pubkey_nbits): For ECC pass curve parameter.
 
@@ -61,19 +61,6 @@
 	(get_parameter_algo): Map algo number.
 	(ecckey_from_sexp): New.
 	* misc.c (map_pk_gcry_to_openpgp): New.
-	(openpgp_oid_from_str): New.  Based on libksba code.
-
-2011-01-26  Werner Koch  <wk@g10code.com>
-
-	* misc.c (ecdsa_qbits_from_Q): Use unsigned int.
-
-	* misc.c (iobuf_read_size_body): Move and rename to ..
-	* parse-packet.c (read_size_body): .. here.  Make static.
-	* misc.c (iobuf_write_size_body_mpi): Move and rename to ..
-	* build-packet.c (write_size_body_mpi): .. here.
-	(iobuf_name_oid_write, ecdh_kek_params_write, ecdh_esk_write):
-	Remove macros.  Replace users by direct calls to
-	write_size_body_mpi.
 
 2011-01-25  Werner Koch  <wk@g10code.com>
 
@@ -84,28 +71,17 @@
 	(pk_ecdh_encrypt): Remove.
 	(pk_ecdh_encrypt_with_shared_point): Make public.
 
-	* pubkey-enc.c (get_it): Fix assertion.
+	* pubkey-enc.c (get_it): Fix assertion.  Use GPG_ERR_WRONG_SECKEY
-	Use GPG_ERR_WRONG_SECKEY instead of log_fatal.  Add safety checks
+	instead of log_fatal.  Add safety checks for NFRAME.
-	for NFRAME.
 
-	* main.h (KEYGEN_FLAG_NO_PROTECTION, KEYGEN_FLAG_TRANSIENT_KEY):
+	* keygen.c (pk_ecc_keypair_gen): Make static.
-	Move back to ..
-	* keygen.c: .. here.
-	(pk_ecc_keypair_gen): Make static.
-	(common_key_gen): Fold back into ..
-	(common_gen): .. this.
-	(delme__pk_ecc_build_sexp): Remove unused function.
-	(pk_ecc_keypair_gen): Fold it into ..
-	(gen_ecc): .. this.
 	(ask_keysize): Use proper rounding for ECC.
 	(pk_ecc_build_key_params): Remove NBITSSTR.
 
-	* verify-stubs.c: Remove.
-
 2011-01-20  Werner Koch  <wk@g10code.com>
 
 	* keyserver.c: Rewrite most stuff for use with dirmngr.  Get rid
-	of all spawn code.  Work work pending.
+	of all spawn code.  More work pending.
 
 	* export.c (export_pubkeys_buffer): New.
 
@@ -116,6 +92,57 @@
 	* gpg.c: Include call-dirmngr.h.
 	(gpg_deinit_default_ctrl): Call gpg_dirmngr_deinit_session_data.
 
+2011-01-13  Andrey Jivsov  <openpgp@brainhub.org>  (wk)
+
+	Integrated ECC support.  Below are the changes finally merged into
+	the git master after some cleanup by wk until 2011-02-03.
+
+	* ecdh.c: New.
+
+	* sign.c (mpi_from_sexp): Remove.
+	(match_dsa_hash): Uses SHA-512 for ECDSA with 521 bits.
+	(hash_for): Support ECDSA.
+	(make_keysig_packet): Ditto.
+
+	* seskey.c (encode_session_key): Add arg OPENPGP_PK_ALGO.  Support
+	ECDH.
+	(encode_md_value): Map pkalgo.  Extend size checks to ECDSA.
+
+	* pubkey-enc.c (get_it): Support ECDH.
+
+	* pkglue.c (mpi_from_sexp): Make global.
+	(pk_verify, pk_encrypt, pk_check_secret_key): Support ECC.
+
+	* parse-packet.c (read_size_body): New.
+	(parse_pubkeyenc): Support ECC.
+	(parse_key): Ditto.
+
+	* misc.c (map_pk_openpgp_to_gcry, map_pk_gcry_to_openpgp): New.
+	(openpgp_pk_test_algo, openpgp_pk_test_algo2): Map algo numbers.
+	(openpgp_pk_algo_usage): Support ECDH and ECDSA.
+	(openpgp_pk_algo_name): Simplify.
+	(ecdsa_qbits_from_Q): New.
+
+	* mainproc.c (proc_pubkey_enc): Support ECC.
+
+	* keyid.c (pubkey_letter): Add 'E' and 'e'.
+	(keygrip_from_pk): Supporf ECC.
+
+	* keygen.c: Include pkglue.h.
+	(ask_algo): Add option 9 for ECDSA and ECDH.
+	(ask_keysize): Support ECDSA and ECDH.
+	(do_create): Ditto.
+	(gen_ecc): New.
+	(pk_ecc_build_key_params): New.
+
+	* getkey.c (cache_public_key): Support ECC.
+
+	* encrypt.c (write_pubkey_enc_from_list): Pass PK to PK_ENCRYPT
+	and the pkalgo to encode_session_key.
+
+	* build-packet.c (do_key, do_pubkey_enc): Support ECC.
+	(write_size_body_mpi): New.
+
 2011-01-06  Werner Koch  <wk@g10code.com>
 
 	* gpg.c (main): Use keyserver_spec_t.

g10/keygen.c

@@ -1298,6 +1298,7 @@ common_gen (const char *keyparms, int algo, const char *algoelem,
       free_public_key (pk);
       return err;
     }
+  gcry_sexp_release (s_key);
 
   pkt = xtrycalloc (1, sizeof *pkt);
   if (!pkt)

g10/pkglue.c

@@ -184,8 +184,6 @@ pk_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data,
     {
       gcry_mpi_t k;
       char *curve;
-      byte fp[MAX_FINGERPRINT_LEN];
-      size_t fpn;
 
       rc = pk_ecdh_generate_ephemeral_key (pkey, &k);
       if (rc)

g10/pubkey-enc.c

@@ -185,9 +185,11 @@ get_it (PKT_pubkey_enc *enc, DEK *dek, PKT_public_key *sk, u32 *keyid)
   if (err)
     goto leave;
 
-  /* fixme: only needed for ECDH.  Don't compute always. */
+  if (sk->pubkey_algo == PUBKEY_ALGO_ECDH)
-  fingerprint_from_pk (sk, fp, &fpn);
+    {
-  assert (fpn == 20);
+      fingerprint_from_pk (sk, fp, &fpn);
+      assert (fpn == 20);
+    }
 
   /* Decrypt. */
   desc = gpg_format_keydesc (sk, 0, 1);