gpgsm: Cleanup the use of GCRY_PK_ECC and GCRY_PK_ECDSA.

* common/sexputil.c (pubkey_algo_to_string): New. * sm/certcheck.c (do_encode_md): Replace GCRY_PK_ECDSA by GCRY_PK_ECC. * sm/certreqgen-ui.c (check_keygrip): Add all ECC algorithms. * sm/gpgsm.c (our_pk_test_algo): Also allow EdDSA. * sm/verify.c (gpgsm_verify): Map ECC algo to ECDSA. Use new pubkey algo name function Signed-off-by: Werner Koch <wk@gnupg.org> (cherry picked from commit 34b628db4618a8712536aea695f934b0286e7b18)
2024-12-22 10:19:57 +01:00 · 2020-05-08 14:14:01 +02:00 · 2020-05-08 14:14:01 +02:00 · 88335b2d5b
commit 88335b2d5b
parent 266a6602f0
4 changed files with 11 additions and 6 deletions
--- a/sm/certcheck.c
+++ b/sm/certcheck.c
@ -74,11 +74,11 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits,
  size_t nframe;
  unsigned char *frame;

-  if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA)
+  if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECC)
    {
      unsigned int qbits;

-      if ( pkalgo == GCRY_PK_ECDSA )
+      if ( pkalgo == GCRY_PK_ECC )
        qbits = gcry_pk_get_nbits (pkey);
      else
        qbits = get_dsa_qbits (pkey);
@ -210,10 +210,8 @@ pk_algo_from_sexp (gcry_sexp_t pkey)
    algo = GCRY_PK_RSA;
  else if (n==3 && !memcmp (name, "dsa", 3))
    algo = GCRY_PK_DSA;
-  /* Because this function is called only for verification we can
-     assume that ECC actually means ECDSA.  */
  else if (n==3 && !memcmp (name, "ecc", 3))
-    algo = GCRY_PK_ECDSA;
+    algo = GCRY_PK_ECC;
  else if (n==13 && !memcmp (name, "ambiguous-rsa", 13))
    algo = GCRY_PK_RSA;
  else
--- a/sm/certreqgen-ui.c
+++ b/sm/certreqgen-ui.c
@ -113,7 +113,9 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
    case GCRY_PK_RSA:   return "RSA";
    case GCRY_PK_DSA:   return "DSA";
    case GCRY_PK_ELG:   return "ELG";
-    case GCRY_PK_EDDSA: return "ECDSA";
+    case GCRY_PK_ECC:   return "ECC";
+    case GCRY_PK_ECDSA: return "ECDSA";
+    case GCRY_PK_EDDSA: return "EdDSA";
    default: return NULL;
    }
 }
--- a/sm/gpgsm.c
+++ b/sm/gpgsm.c
@ -516,6 +516,7 @@ our_pk_test_algo (int algo)
    {
    case GCRY_PK_RSA:
    case GCRY_PK_ECDSA:
+    case GCRY_PK_EDDSA:
      return gcry_pk_test_algo (algo);
    default:
      return 1;
--- a/sm/verify.c
+++ b/sm/verify.c
@ -459,6 +459,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
      pkfpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1);
      pkalgostr = gpgsm_pubkey_algo_string (cert, NULL);
      pkalgo = gpgsm_get_key_algo_info (cert, &nbits);
+      /* Remap the ECC algo to the algo we use.  Note that EdDSA has
+       * already been mapped.  */
+      if (pkalgo == GCRY_PK_ECC)
+        pkalgo = GCRY_PK_ECDSA;

      log_info (_("Signature made "));
      if (*sigtime)