security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Code Activity

gpg: Allow creating keys using an existing ECC key.

Browse Source 
* common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
Change to return the algo id.  Reimplement using get_pk_algo_from_key.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Ditto.
--

GnuPG-bug-id: 2976
Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2017-03-01 13:36:01 +01:00
parent 19f8d53191
commit 2bbdeb8ee8
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
4 changed files with 34 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
common/sexputil.c
View File

@ -512,53 +512,6 @@ get_rsa_pk_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
} }
/* Return the algo of a public RSA expressed as an canonical encoded
S-expression. The return value is a statically allocated
string. On error that string is set to NULL. */
gpg_error_t
get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
const char **r_algo)
{
gpg_error_t err;
const unsigned char *buf, *tok;
size_t buflen, toklen;
int depth;
*r_algo = NULL;
buf = keydata;
buflen = keydatalen;
depth = 0;
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
return err;
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
return err;
if (!tok || toklen != 10 || memcmp ("public-key", tok, toklen))
return gpg_error (GPG_ERR_BAD_PUBKEY);
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
return err;
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
return err;
if (!tok)
return gpg_error (GPG_ERR_BAD_PUBKEY);
if (toklen == 3 && !memcmp ("rsa", tok, toklen))
*r_algo = "rsa";
else if (toklen == 3 && !memcmp ("dsa", tok, toklen))
*r_algo = "dsa";
else if (toklen == 3 && !memcmp ("elg", tok, toklen))
*r_algo = "elg";
else if (toklen == 5 && !memcmp ("ecdsa", tok, toklen))
*r_algo = "ecdsa";
else if (toklen == 5 && !memcmp ("eddsa", tok, toklen))
*r_algo = "eddsa";
else
return gpg_error (GPG_ERR_PUBKEY_ALGO);
return 0;
}
/* Return the algo of a public KEY of SEXP. */ /* Return the algo of a public KEY of SEXP. */
int int
get_pk_algo_from_key (gcry_sexp_t key) get_pk_algo_from_key (gcry_sexp_t key)
@ -606,3 +559,21 @@ get_pk_algo_from_key (gcry_sexp_t key)
return algo; return algo;
} }
/* This is a variant of get_pk_algo_from_key but takes an canonical
* encoded S-expression as input. Returns a GCRYPT public key
* identiier or 0 on error. */
int
get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen)
{
gcry_sexp_t sexp;
int algo;
if (gcry_sexp_sscan (&sexp, NULL, keydata, keydatalen))
return 0;
algo = get_pk_algo_from_key (sexp);
gcry_sexp_release (sexp);
return algo;
}

6
common/util.h
View File

@ -195,10 +195,10 @@ gpg_error_t get_rsa_pk_from_canon_sexp (const unsigned char *keydata,
size_t *r_nlen, size_t *r_nlen,
unsigned char const **r_e, unsigned char const **r_e,
size_t *r_elen); size_t *r_elen);
gpg_error_t get_pk_algo_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen,
const char **r_algo);
int get_pk_algo_from_key (gcry_sexp_t key); int get_pk_algo_from_key (gcry_sexp_t key);
int get_pk_algo_from_canon_sexp (const unsigned char *keydata,
size_t keydatalen);
/*-- convert.c --*/ /*-- convert.c --*/
int hex2bin (const char *string, void *buffer, size_t length); int hex2bin (const char *string, void *buffer, size_t length);

22
g10/keygen.c
View File

@ -1839,7 +1839,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
gpg_error_t err; gpg_error_t err;
unsigned char *public; unsigned char *public;
size_t publiclen; size_t publiclen;
const char *algostr; int algo;
if (hexgrip[0] == '&') if (hexgrip[0] == '&')
hexgrip++; hexgrip++;
@ -1849,26 +1849,10 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
return 0; return 0;
publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL); publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL);
get_pk_algo_from_canon_sexp (public, publiclen, &algostr); algo = get_pk_algo_from_canon_sexp (public, publiclen);
xfree (public); xfree (public);
/* FIXME: Mapping of ECC algorithms is probably not correct. */ return map_pk_gcry_to_openpgp (algo);
if (!algostr)
return 0;
else if (!strcmp (algostr, "rsa"))
return PUBKEY_ALGO_RSA;
else if (!strcmp (algostr, "dsa"))
return PUBKEY_ALGO_DSA;
else if (!strcmp (algostr, "elg"))
return PUBKEY_ALGO_ELGAMAL_E;
else if (!strcmp (algostr, "ecc"))
return PUBKEY_ALGO_ECDH;
else if (!strcmp (algostr, "ecdsa"))
return PUBKEY_ALGO_ECDSA;
else if (!strcmp (algostr, "eddsa"))
return PUBKEY_ALGO_EDDSA;
else
return 0;
} }

24
sm/certreqgen-ui.c
View File

@ -95,7 +95,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
gpg_error_t err; gpg_error_t err;
ksba_sexp_t public; ksba_sexp_t public;
size_t publiclen; size_t publiclen;
const char *algostr; int algo;
if (hexgrip[0] == '&') if (hexgrip[0] == '&')
hexgrip++; hexgrip++;
@ -105,21 +105,17 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
return NULL; return NULL;
publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL); publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL);
get_pk_algo_from_canon_sexp (public, publiclen, &algostr); algo = get_pk_algo_from_canon_sexp (public, publiclen);
xfree (public); xfree (public);
if (!algostr) switch (algo)
return NULL; {
else if (!strcmp (algostr, "rsa")) case GCRY_PK_RSA: return "RSA";
return "RSA"; case GCRY_PK_DSA: return "DSA";
else if (!strcmp (algostr, "dsa")) case GCRY_PK_ELG: return "ELG";
return "DSA"; case GCRY_PK_EDDSA: return "ECDSA";
else if (!strcmp (algostr, "elg")) default: return NULL;
return "ELG"; }
else if (!strcmp (algostr, "ecdsa"))
return "ECDSA";
else
return NULL;
} }