sm: Support generation of card-based ed25519 CSR.

* sm/call-agent.c (gpgsm_scd_pksign): Allow SHA512. Create proper S-expression for EdDSA signature. * sm/certreqgen.c (create_request): Force use of SHA512 when using a ed25519 key. * sm/misc.c (transform_sigval): Insert OID for ed25519. -- GnuPG-bug-id: 4013 Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2025-07-02 22:46:30 +02:00 · 2019-02-17 17:40:51 +00:00 · 2019-02-17 17:40:51 +00:00 · 3cbdf896e6
commit 3cbdf896e6
parent 74e9b579ca
3 changed files with 19 additions and 4 deletions
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@ -807,8 +807,10 @@ create_request (ctrl_t ctrl,
  if (err)
    return err;

-  string = get_parameter_value (para, pHASHALGO, 0);
-  if (string)
+  len = gcry_sexp_canon_len (public, 0, NULL, NULL);
+  if (get_pk_algo_from_canon_sexp (public, len) == GCRY_PK_EDDSA)
+    mdalgo = GCRY_MD_SHA512;
+  else if ((string = get_parameter_value (para, pHASHALGO, 0)))
    mdalgo = gcry_md_map_name (string);
  else
    mdalgo = GCRY_MD_SHA256;