gpg: Allow shortcut algo string "pqc" for --quick-gen-key.

* g10/keygen.c (PQC_STD_KEY_PARAM): New. (quickgen_set_para): Always store the provided NBITS. (parse_key_parameter_string): Detect the special value "pqc". (quick_generate_keypair): Ditto. -- With this change we can finally do a gpg --quick-gen-key --batch --passphrase='' foo@example.org pqc and get a full key. Currently with a brainpoolp386r1 primary key and a Kyber768_brainpoolp256 subkey.
2024-12-22 10:19:57 +01:00 · 2024-06-11 15:39:00 +02:00 · 2024-06-11 15:39:00 +02:00 · 12ac129a70
commit 12ac129a70
parent d81bb417c0
2 changed files with 20 additions and 14 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -686,12 +686,14 @@ force the creation of the key will show up.

 If @var{algo} or @var{usage} are given, only the primary key is
 created and no prompts are shown.  To specify an expiration date but
-still create a primary and subkey use ``default'' or
-``future-default'' for @var{algo} and ``default'' for @var{usage}.
-For a description of these optional arguments see the command
-@code{--quick-add-key}.  The @var{usage} accepts also the value
-``cert'' which can be used to create a certification only primary key;
-the default is to a create certification and signing key.
+still create a primary and a subkey use ``default'',
+``future-default'', or ``pqc'' for @var{algo} and ``default'' for
+@var{usage}.  For a description of these optional arguments see the
+command @code{--quick-add-key}; the value ``pqc'' create a key with a
+quantum-resistant encryption encryption subkey.  The @var{usage}
+accepts also the value ``cert'' which can be used to create a
+certification only primary key; the default is to a create
+certification and signing key.

 The @var{expire} argument can be used to specify an expiration date
 for the key.  Several formats are supported; commonly the ISO formats
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -53,6 +53,7 @@
   default answer in ask_algo also needs to be adjusted.  */
 #define DEFAULT_STD_KEY_PARAM  "ed25519/cert,sign+cv25519/encr"
 #define FUTURE_STD_KEY_PARAM   "ed25519/cert,sign+cv25519/encr"
+#define PQC_STD_KEY_PARAM      "bp384/cert,sign+kyber768_bp256/encr"

 /* When generating keys using the streamlined key generation dialog,
   use this as a default expiration interval.  */
@ -4292,6 +4293,8 @@ parse_key_parameter_string (ctrl_t ctrl,
  else if (!ascii_strcasecmp (string, "future-default")
           || !ascii_strcasecmp (string, "futuredefault"))
    string = FUTURE_STD_KEY_PARAM;
+  else if (!ascii_strcasecmp (string, "pqc"))
+    string = PQC_STD_KEY_PARAM;
  else if (!ascii_strcasecmp (string, "card"))
    string = "card/cert,sign+card/encr";

@ -5281,14 +5284,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey,
      r->next = para;
      para = r;
    }
-  else
-    {
-      r = xmalloc_clear (sizeof *r + 20);
-      r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH;
-      sprintf (r->u.value, "%u", nbits);
-      r->next = para;
-      para = r;
-    }
+
+  /* Always store the size - although not required for ECC it is
+   * required for compiste algos.  Should not harm anyway.  */
+  r = xmalloc_clear (sizeof *r + 20);
+  r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH;
+  sprintf (r->u.value, "%u", nbits);
+  r->next = para;
+  para = r;

  r = xmalloc_clear (sizeof *r + 20);
  r->key = for_subkey? pSUBVERSION : pVERSION;
@ -5394,6 +5397,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
  if ((!*algostr || !ascii_strcasecmp (algostr, "default")
       || !ascii_strcasecmp (algostr, "future-default")
       || !ascii_strcasecmp (algostr, "futuredefault")
+       || !ascii_strcasecmp (algostr, "pqc")
       || !ascii_strcasecmp (algostr, "card"))
      && (!*usagestr || !ascii_strcasecmp (usagestr, "default")
          || !strcmp (usagestr, "-")))