From 49ea53b755f0fef468055a1493e790735908f865 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Thu, 26 Mar 2020 15:54:14 +0900
Subject: [PATCH] gpgsm: Support key generation with ECC.

* sm/certreqgen.c (pKEYCURVE): New.
(read_parameters): Add pKEYCURVE handling.
(proc_parameters): Support ECC key generation.

GnuPG-bug-id: 4888
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 sm/certreqgen.c | 42 +++++++++++++++++++++++++++++++++++++-----
 1 file changed, 37 insertions(+), 5 deletions(-)

diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 364afbef2..1ca5d6f2f 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -74,6 +74,7 @@ enum para_name
     pKEYTYPE,
     pKEYLENGTH,
     pKEYGRIP,
+    pKEYCURVE,
     pKEYUSAGE,
     pNAMEDN,
     pNAMEEMAIL,
@@ -236,6 +237,7 @@ read_parameters (ctrl_t ctrl, estream_t fp, estream_t out_fp)
     { "Key-Type",       pKEYTYPE},
     { "Key-Length",     pKEYLENGTH },
     { "Key-Grip",       pKEYGRIP },
+    { "Key-Curve",      pKEYCURVE },
     { "Key-Usage",      pKEYUSAGE },
     { "Name-DN",        pNAMEDN },
     { "Name-Email",     pNAMEEMAIL, 1 },
@@ -462,7 +464,10 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
   if (algo < 1 && !cardkeyid)
     {
       r = get_parameter (para, pKEYTYPE, 0);
-      log_error (_("line %d: invalid algorithm\n"), r ? r->lnr: -1);
+      if (r)
+        log_error (_("line %d: invalid algorithm\n"), r->lnr);
+      else
+        log_error ("No Key-Type specified\n");
       return gpg_error (GPG_ERR_INV_PARAMETER);
     }
 
@@ -719,10 +724,37 @@ proc_parameters (ctrl_t ctrl, struct para_data_s *para,
     }
   else if (!outctrl->dryrun) /* Generate new key.  */
     {
-      sprintf (numbuf, "%u", nbits);
-      snprintf ((char*)keyparms, DIM (keyparms),
-                "(6:genkey(3:rsa(5:nbits%d:%s)))",
-                (int)strlen (numbuf), numbuf);
+      if (algo == GCRY_PK_RSA)
+        {
+          sprintf (numbuf, "%u", nbits);
+          snprintf ((char*)keyparms, DIM (keyparms),
+                    "(6:genkey(3:rsa(5:nbits%d:%s)))",
+                    (int)strlen (numbuf), numbuf);
+        }
+      else if (algo == GCRY_PK_ECC || algo == GCRY_PK_EDDSA)
+        {
+          const char *curve = get_parameter_value (para, pKEYCURVE, 0);
+          const char *flags;
+
+          if (algo == GCRY_PK_EDDSA)
+            flags = "(flags eddsa)";
+          else if (!strcmp (curve, "Curve25519"))
+            flags = "(flags djb-tweak)";
+          else
+            flags = "";
+
+          snprintf ((char*)keyparms, DIM (keyparms),
+                    "(genkey(ecc(curve %zu:%s)%s))",
+                    strlen (curve), curve, flags);
+        }
+      else
+        {
+          r = get_parameter (para, pKEYTYPE, 0);
+          log_error (_("line %d: invalid algorithm\n"), r->lnr);
+          xfree (sigkey);
+          xfree (cardkeyid);
+          return gpg_error (GPG_ERR_INV_PARAMETER);
+        }
       rc = gpgsm_agent_genkey (ctrl, keyparms, &public);
       if (rc)
         {