1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-11 13:14:25 +01:00

gpgsm: Support key generation with ECC.

* sm/certreqgen.c (pKEYCURVE): New.
(read_parameters): Add pKEYCURVE handling.
(proc_parameters): Support ECC key generation.
--

GnuPG-bug-id: 4888, 6253
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 49ea53b755f0fef468055a1493e790735908f865)
This commit is contained in:
NIIBE Yutaka 2020-03-26 15:54:14 +09:00 committed by Werner Koch
parent 8b2c55d3c5
commit 37a853d808
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -74,6 +74,7 @@ enum para_name
pKEYTYPE, pKEYTYPE,
pKEYLENGTH, pKEYLENGTH,
pKEYGRIP, pKEYGRIP,
pKEYCURVE,
pKEYUSAGE, pKEYUSAGE,
pNAMEDN, pNAMEDN,
pNAMEEMAIL, pNAMEEMAIL,
@ -236,6 +237,7 @@ read_parameters (ctrl_t ctrl, estream_t fp, estream_t out_fp)
{ "Key-Type", pKEYTYPE}, { "Key-Type", pKEYTYPE},
{ "Key-Length", pKEYLENGTH }, { "Key-Length", pKEYLENGTH },
{ "Key-Grip", pKEYGRIP }, { "Key-Grip", pKEYGRIP },
{ "Key-Curve", pKEYCURVE },
{ "Key-Usage", pKEYUSAGE }, { "Key-Usage", pKEYUSAGE },
{ "Name-DN", pNAMEDN }, { "Name-DN", pNAMEDN },
{ "Name-Email", pNAMEEMAIL, 1 }, { "Name-Email", pNAMEEMAIL, 1 },
@ -462,7 +464,10 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
if (algo < 1 && !cardkeyid) if (algo < 1 && !cardkeyid)
{ {
r = get_parameter (para, pKEYTYPE, 0); r = get_parameter (para, pKEYTYPE, 0);
log_error (_("line %d: invalid algorithm\n"), r ? r->lnr: -1); if (r)
log_error (_("line %d: invalid algorithm\n"), r->lnr);
else
log_error ("No Key-Type specified\n");
return gpg_error (GPG_ERR_INV_PARAMETER); return gpg_error (GPG_ERR_INV_PARAMETER);
} }
@ -719,10 +724,37 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
} }
else if (!outctrl->dryrun) /* Generate new key. */ else if (!outctrl->dryrun) /* Generate new key. */
{ {
sprintf (numbuf, "%u", nbits); if (algo == GCRY_PK_RSA)
snprintf ((char*)keyparms, DIM (keyparms), {
"(6:genkey(3:rsa(5:nbits%d:%s)))", sprintf (numbuf, "%u", nbits);
(int)strlen (numbuf), numbuf); snprintf ((char*)keyparms, DIM (keyparms),
"(6:genkey(3:rsa(5:nbits%d:%s)))",
(int)strlen (numbuf), numbuf);
}
else if (algo == GCRY_PK_ECC || algo == GCRY_PK_EDDSA)
{
const char *curve = get_parameter_value (para, pKEYCURVE, 0);
const char *flags;
if (algo == GCRY_PK_EDDSA)
flags = "(flags eddsa)";
else if (!strcmp (curve, "Curve25519"))
flags = "(flags djb-tweak)";
else
flags = "";
snprintf ((char*)keyparms, DIM (keyparms),
"(genkey(ecc(curve %zu:%s)%s))",
strlen (curve), curve, flags);
}
else
{
r = get_parameter (para, pKEYTYPE, 0);
log_error (_("line %d: invalid algorithm\n"), r->lnr);
xfree (sigkey);
xfree (cardkeyid);
return gpg_error (GPG_ERR_INV_PARAMETER);
}
rc = gpgsm_agent_genkey (ctrl, keyparms, &public); rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
if (rc) if (rc)
{ {