gpg: Support exporting Ed448 SSH key.

* common/openpgp-oid.c (oid_ed448, openpgp_oidbuf_is_ed448): New. (openpgp_oid_is_ed448): New. * common/util.h (openpgp_oid_is_ed448): New. * g10/export.c (export_one_ssh_key): Support Ed448 key. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-01-30 16:17:02 +01:00 · 2021-03-22 16:57:18 +09:00 · 2021-03-22 16:57:18 +09:00 · 1524a942b6
commit 1524a942b6
parent 0b45c5a994
3 changed files with 37 additions and 4 deletions
--- a/common/openpgp-oid.c
+++ b/common/openpgp-oid.c
@ -83,6 +83,10 @@ static const char oid_cv25519[] =
 */
 static const char oid_cv448[] = { 0x03, 0x2b, 0x65, 0x6f };

+/* The OID for Ed448 in OpenPGP format. */
+static const char oid_ed448[] = { 0x03, 0x2b, 0x65, 0x71 };
+
+
 /* A table to store keyalgo strings like "rsa2048 or "ed25519" so that
 * we do not need to allocate them.  This is currently a simple array
 * but may eventually be changed to a fast data structure.  Noet that
@ -346,6 +350,15 @@ openpgp_oidbuf_is_cv25519 (const void *buf, size_t len)
 }


+/* Return true if (BUF,LEN) represents the OID for Ed448.  */
+static int
+openpgp_oidbuf_is_ed448 (const void *buf, size_t len)
+{
+  return (buf && len == DIM (oid_ed448)
+          && !memcmp (buf, oid_ed448, DIM (oid_ed448)));
+}
+
+
 /* Return true if (BUF,LEN) represents the OID for X448.  */
 static int
 openpgp_oidbuf_is_cv448 (const void *buf, size_t len)
@ -370,6 +383,21 @@ openpgp_oid_is_cv25519 (gcry_mpi_t a)
 }


+/* Return true if the MPI A represents the OID for Ed448.  */
+int
+openpgp_oid_is_ed448 (gcry_mpi_t a)
+{
+  const unsigned char *buf;
+  unsigned int nbits;
+
+  if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
+    return 0;
+
+  buf = gcry_mpi_get_opaque (a, &nbits);
+  return openpgp_oidbuf_is_ed448 (buf, (nbits+7)/8);
+}
+
+
 /* Return true if the MPI A represents the OID for X448.  */
 int
 openpgp_oid_is_cv448 (gcry_mpi_t a)
--- a/common/util.h
+++ b/common/util.h
@ -245,6 +245,7 @@ int openpgp_oid_is_ed25519 (gcry_mpi_t a);
 int openpgp_oidbuf_is_cv25519 (const void *buf, size_t len);
 int openpgp_oid_is_cv25519 (gcry_mpi_t a);
 int openpgp_oid_is_cv448 (gcry_mpi_t a);
+int openpgp_oid_is_ed448 (gcry_mpi_t a);
 const char *openpgp_curve_to_oid (const char *name,
                                  unsigned int *r_nbits, int *r_algo);
 const char *openpgp_oid_to_curve (const char *oid, int canon);
--- a/g10/export.c
+++ b/g10/export.c
@ -2195,7 +2195,6 @@ export_one_ssh_key (estream_t fp, PKT_public_key *pk)
  gpg_error_t err;
  const char *identifier = NULL;
  membuf_t mb;
-  struct b64state b64_state;
  void *blob;
  size_t bloblen;

@ -2245,13 +2244,18 @@ export_one_ssh_key (estream_t fp, PKT_public_key *pk)
      break;

    case PUBKEY_ALGO_EDDSA:
-      if (!openpgp_oid_is_ed25519 (pk->pkey[0]))
-        err = gpg_error (GPG_ERR_UNKNOWN_CURVE);
-      else
+      if (openpgp_oid_is_ed25519 (pk->pkey[0]))
        {
          identifier = "ssh-ed25519";
          err = key_to_sshblob (&mb, identifier, pk->pkey[1], NULL);
        }
+      else if (openpgp_oid_is_ed448 (pk->pkey[0]))
+        {
+          identifier = "ssh-ed448";
+          err = key_to_sshblob (&mb, identifier, pk->pkey[1], NULL);
+        }
+      else
+        err = gpg_error (GPG_ERR_UNKNOWN_CURVE);
      break;

    case PUBKEY_ALGO_ELGAMAL_E: