gpg: Support encryption with kyber_bp256 and kyber_bp384

* common/openpgp-oid.c (oidtable): Support KEM for bp256 and bp384. * g10/pkglue.c (do_encrypt_kem): Ditto. -- GnuPG-bug-id: 6815 Note, this needs the very latest Libgcrypt to work properly
2025-07-03 22:56:33 +02:00 · 2024-04-23 16:25:05 +02:00 · 2024-04-23 16:25:05 +02:00 · 32ec480024
commit 32ec480024
parent 54741685ce
3 changed files with 39 additions and 2 deletions
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@ -522,6 +522,38 @@ do_encrypt_kem (PKT_public_key *pk, gcry_mpi_t data, int seskey_algo,
      ecc_ss_len = 64;
      ecc_hash_algo = GCRY_MD_SHA3_512;
    }
+  else if (ecc_algo == GCRY_KEM_RAW_BP256)
+    {
+      ecc_pubkey = gcry_mpi_get_opaque (pk->pkey[1], &nbits);
+      ecc_pubkey_len = (nbits+7)/8;
+      if (ecc_pubkey_len != 65)
+        {
+          if (opt.verbose)
+            log_info ("%s: ECC public key length invalid (%zu)\n",
+                      __func__, ecc_pubkey_len);
+          err = gpg_error (GPG_ERR_INV_DATA);
+          goto leave;
+        }
+      ecc_ct_len = ecc_ecdh_len = 65;
+      ecc_ss_len = 32;
+      ecc_hash_algo = GCRY_MD_SHA3_256;
+    }
+  else if (ecc_algo == GCRY_KEM_RAW_BP384)
+    {
+      ecc_pubkey = gcry_mpi_get_opaque (pk->pkey[1], &nbits);
+      ecc_pubkey_len = (nbits+7)/8;
+      if (ecc_pubkey_len != 97)
+        {
+          if (opt.verbose)
+            log_info ("%s: ECC public key length invalid (%zu)\n",
+                      __func__, ecc_pubkey_len);
+          err = gpg_error (GPG_ERR_INV_DATA);
+          goto leave;
+        }
+      ecc_ct_len = ecc_ecdh_len = 97;
+      ecc_ss_len = 64;
+      ecc_hash_algo = GCRY_MD_SHA3_512;
+    }
  else
    {
      if (opt.verbose)