security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-03 22:56:33 +02:00
Code Activity

gpg: Allow shortcut algo string "pqc" for --quick-gen-key.

Browse source 
* g10/keygen.c (PQC_STD_KEY_PARAM): New.
(quickgen_set_para): Always store the provided NBITS.
(parse_key_parameter_string): Detect the special value "pqc".
(quick_generate_keypair): Ditto.
--

With this change we can finally do a

  gpg --quick-gen-key --batch --passphrase='' foo@example.org  pqc

and get a full key.  Currently with a brainpoolp386r1 primary key and
a Kyber768_brainpoolp256 subkey.
This commit is contained in:
Werner Koch 2024-06-11 15:39:00 +02:00
parent d81bb417c0
commit 12ac129a70
No known key found for this signature in database
GPG key ID: E3FDFF218E45B72B
2 changed files with 20 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

20
g10/keygen.c
View file

@ -53,6 +53,7 @@
default answer in ask_algo also needs to be adjusted. */
#define DEFAULT_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
#define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
#define PQC_STD_KEY_PARAM "bp384/cert,sign+kyber768_bp256/encr"
/* When generating keys using the streamlined key generation dialog,
use this as a default expiration interval. */
@ -4292,6 +4293,8 @@ parse_key_parameter_string (ctrl_t ctrl,
else if (!ascii_strcasecmp (string, "future-default")
|| !ascii_strcasecmp (string, "futuredefault"))
string = FUTURE_STD_KEY_PARAM;
else if (!ascii_strcasecmp (string, "pqc"))
string = PQC_STD_KEY_PARAM;
else if (!ascii_strcasecmp (string, "card"))
string = "card/cert,sign+card/encr";
@ -5281,14 +5284,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey,
r->next = para;
para = r;
}
else
{
r = xmalloc_clear (sizeof *r + 20);
r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH;
sprintf (r->u.value, "%u", nbits);
r->next = para;
para = r;
}
/* Always store the size - although not required for ECC it is
* required for compiste algos. Should not harm anyway. */
r = xmalloc_clear (sizeof *r + 20);
r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH;
sprintf (r->u.value, "%u", nbits);
r->next = para;
para = r;
r = xmalloc_clear (sizeof *r + 20);
r->key = for_subkey? pSUBVERSION : pVERSION;
@ -5394,6 +5397,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
if ((!*algostr || !ascii_strcasecmp (algostr, "default")
|| !ascii_strcasecmp (algostr, "future-default")
|| !ascii_strcasecmp (algostr, "futuredefault")
|| !ascii_strcasecmp (algostr, "pqc")
|| !ascii_strcasecmp (algostr, "card"))
&& (!*usagestr || !ascii_strcasecmp (usagestr, "default")
|| !strcmp (usagestr, "-")))