1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Allow shortcut algo string "pqc" for --quick-gen-key.

* g10/keygen.c (PQC_STD_KEY_PARAM): New.
(quickgen_set_para): Always store the provided NBITS.
(parse_key_parameter_string): Detect the special value "pqc".
(quick_generate_keypair): Ditto.
--

With this change we can finally do a

  gpg --quick-gen-key --batch --passphrase='' foo@example.org  pqc

and get a full key.  Currently with a brainpoolp386r1 primary key and
a Kyber768_brainpoolp256 subkey.
This commit is contained in:
Werner Koch 2024-06-11 15:39:00 +02:00
parent d81bb417c0
commit 12ac129a70
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
2 changed files with 20 additions and 14 deletions

View File

@ -686,12 +686,14 @@ force the creation of the key will show up.
If @var{algo} or @var{usage} are given, only the primary key is
created and no prompts are shown. To specify an expiration date but
still create a primary and subkey use ``default'' or
``future-default'' for @var{algo} and ``default'' for @var{usage}.
For a description of these optional arguments see the command
@code{--quick-add-key}. The @var{usage} accepts also the value
``cert'' which can be used to create a certification only primary key;
the default is to a create certification and signing key.
still create a primary and a subkey use ``default'',
``future-default'', or ``pqc'' for @var{algo} and ``default'' for
@var{usage}. For a description of these optional arguments see the
command @code{--quick-add-key}; the value ``pqc'' create a key with a
quantum-resistant encryption encryption subkey. The @var{usage}
accepts also the value ``cert'' which can be used to create a
certification only primary key; the default is to a create
certification and signing key.
The @var{expire} argument can be used to specify an expiration date
for the key. Several formats are supported; commonly the ISO formats

View File

@ -53,6 +53,7 @@
default answer in ask_algo also needs to be adjusted. */
#define DEFAULT_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
#define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr"
#define PQC_STD_KEY_PARAM "bp384/cert,sign+kyber768_bp256/encr"
/* When generating keys using the streamlined key generation dialog,
use this as a default expiration interval. */
@ -4292,6 +4293,8 @@ parse_key_parameter_string (ctrl_t ctrl,
else if (!ascii_strcasecmp (string, "future-default")
|| !ascii_strcasecmp (string, "futuredefault"))
string = FUTURE_STD_KEY_PARAM;
else if (!ascii_strcasecmp (string, "pqc"))
string = PQC_STD_KEY_PARAM;
else if (!ascii_strcasecmp (string, "card"))
string = "card/cert,sign+card/encr";
@ -5281,14 +5284,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey,
r->next = para;
para = r;
}
else
{
/* Always store the size - although not required for ECC it is
* required for compiste algos. Should not harm anyway. */
r = xmalloc_clear (sizeof *r + 20);
r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH;
sprintf (r->u.value, "%u", nbits);
r->next = para;
para = r;
}
r = xmalloc_clear (sizeof *r + 20);
r->key = for_subkey? pSUBVERSION : pVERSION;
@ -5394,6 +5397,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr,
if ((!*algostr || !ascii_strcasecmp (algostr, "default")
|| !ascii_strcasecmp (algostr, "future-default")
|| !ascii_strcasecmp (algostr, "futuredefault")
|| !ascii_strcasecmp (algostr, "pqc")
|| !ascii_strcasecmp (algostr, "card"))
&& (!*usagestr || !ascii_strcasecmp (usagestr, "default")
|| !strcmp (usagestr, "-")))