security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00
Code Activity

ecc-sos: Compatible mode for SOS.

Browse Source 
* g10/build-packet.c (sos_write): Add an argument COMPAT.  When
COMPAT=1, NBITS specifies number of bits when interpreted as MPI,
except the case when the first octet is zero.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2020-05-14 14:28:39 +09:00
parent 58ad686bfe
commit 93cefe9497
1 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
g10/build-packet.c
View File

@ -355,7 +355,7 @@ gpg_mpi_write (iobuf_t out, gcry_mpi_t a, unsigned int *r_nwritten)
* written, NULL may be passed for OUT. * written, NULL may be passed for OUT.
*/ */
static gpg_error_t static gpg_error_t
sos_write (iobuf_t out, gcry_mpi_t a, unsigned int *r_nwritten) sos_write (iobuf_t out, gcry_mpi_t a, unsigned int *r_nwritten, int compat)
{ {
gpg_error_t err; gpg_error_t err;
unsigned int nwritten = 0; unsigned int nwritten = 0;
@ -370,6 +370,22 @@ sos_write (iobuf_t out, gcry_mpi_t a, unsigned int *r_nwritten)
p = gcry_mpi_get_opaque (a, &nbits); p = gcry_mpi_get_opaque (a, &nbits);
/* gcry_log_debug (" [%u bit]\n", nbits); */ /* gcry_log_debug (" [%u bit]\n", nbits); */
/* gcry_log_debughex (" ", p, (nbits+7)/8); */ /* gcry_log_debughex (" ", p, (nbits+7)/8); */
if (p && *p && compat)
{
nbits = ((nbits + 7) / 8) * 8;
if (nbits >= 8 && !(*p & 0x80))
if (--nbits >= 7 && !(*p & 0x40))
if (--nbits >= 6 && !(*p & 0x20))
if (--nbits >= 5 && !(*p & 0x10))
if (--nbits >= 4 && !(*p & 0x08))
if (--nbits >= 3 && !(*p & 0x04))
if (--nbits >= 2 && !(*p & 0x02))
if (--nbits >= 1 && !(*p & 0x01))
--nbits;
}
lenhdr[0] = nbits >> 8; lenhdr[0] = nbits >> 8;
lenhdr[1] = nbits; lenhdr[1] = nbits;
err = out? iobuf_write (out, lenhdr, 2) : 0; err = out? iobuf_write (out, lenhdr, 2) : 0;
@ -604,12 +620,13 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk)
for (i=0; i < npkey; i++ ) for (i=0; i < npkey; i++ )
{ {
/* FIXME: For newer curve, sos_write should be called with COMPAT=0. */
if ( (pk->pubkey_algo == PUBKEY_ALGO_ECDSA && (i == 0)) if ( (pk->pubkey_algo == PUBKEY_ALGO_ECDSA && (i == 0))
|| (pk->pubkey_algo == PUBKEY_ALGO_EDDSA && (i == 0)) || (pk->pubkey_algo == PUBKEY_ALGO_EDDSA && (i == 0))
|| (pk->pubkey_algo == PUBKEY_ALGO_ECDH && (i == 0 || i == 2))) || (pk->pubkey_algo == PUBKEY_ALGO_ECDH && (i == 0 || i == 2)))
err = gpg_mpi_write_nohdr (a, pk->pkey[i]); err = gpg_mpi_write_nohdr (a, pk->pkey[i]);
else if (pk->pubkey_algo == PUBKEY_ALGO_ECDH) else if (pk->pubkey_algo == PUBKEY_ALGO_ECDH)
err = sos_write (a, pk->pkey[i], NULL); err = sos_write (a, pk->pkey[i], NULL, 1);
else else
err = gpg_mpi_write (a, pk->pkey[i], NULL); err = gpg_mpi_write (a, pk->pkey[i], NULL);
if (err) if (err)
@ -724,12 +741,13 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk)
unsigned int n; unsigned int n;
int j; int j;
/* FIXME: For newer curve, sos_write should be called with COMPAT=0. */
for (j=i; j < nskey; j++ ) for (j=i; j < nskey; j++ )
{ {
if (pk->pubkey_algo == PUBKEY_ALGO_EDDSA if (pk->pubkey_algo == PUBKEY_ALGO_EDDSA
|| pk->pubkey_algo == PUBKEY_ALGO_ECDH) || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
{ {
if ((err = sos_write (NULL, pk->pkey[j], &n))) if ((err = sos_write (NULL, pk->pkey[j], &n, 1)))
goto leave; goto leave;
} }
else else
@ -747,7 +765,8 @@ do_key (iobuf_t out, int ctb, PKT_public_key *pk)
if (pk->pubkey_algo == PUBKEY_ALGO_EDDSA if (pk->pubkey_algo == PUBKEY_ALGO_EDDSA
|| pk->pubkey_algo == PUBKEY_ALGO_ECDH) || pk->pubkey_algo == PUBKEY_ALGO_ECDH)
{ {
if ( (err = sos_write (a, pk->pkey[i], NULL))) /* FIXME: For newer curve, sos_write should be called with COMPAT=0. */
if ( (err = sos_write (a, pk->pkey[i], NULL, 1)))
goto leave; goto leave;
} }
else else
@ -869,7 +888,8 @@ do_pubkey_enc( IOBUF out, int ctb, PKT_pubkey_enc *enc )
if (enc->pubkey_algo == PUBKEY_ALGO_ECDH && i == 1) if (enc->pubkey_algo == PUBKEY_ALGO_ECDH && i == 1)
rc = gpg_mpi_write_nohdr (a, enc->data[i]); rc = gpg_mpi_write_nohdr (a, enc->data[i]);
else if (enc->pubkey_algo == PUBKEY_ALGO_ECDH) else if (enc->pubkey_algo == PUBKEY_ALGO_ECDH)
rc = sos_write (a, enc->data[i], NULL); /* FIXME: For newer curve, sos_write should be called with COMPAT=0. */
rc = sos_write (a, enc->data[i], NULL, 1);
else else
rc = gpg_mpi_write (a, enc->data[i], NULL); rc = gpg_mpi_write (a, enc->data[i], NULL);
} }
@ -1749,9 +1769,10 @@ do_signature( IOBUF out, int ctb, PKT_signature *sig )
n = pubkey_get_nsig( sig->pubkey_algo ); n = pubkey_get_nsig( sig->pubkey_algo );
if ( !n ) if ( !n )
write_fake_data( a, sig->data[0] ); write_fake_data( a, sig->data[0] );
/* FIXME: For newer curve, sos_write should be called with COMPAT=0. */
if (sig->pubkey_algo == PUBKEY_ALGO_EDDSA) if (sig->pubkey_algo == PUBKEY_ALGO_EDDSA)
for (i=0; i < n && !rc ; i++ ) for (i=0; i < n && !rc ; i++ )
rc = sos_write (a, sig->data[i], NULL); rc = sos_write (a, sig->data[i], NULL, 1);
else else
for (i=0; i < n && !rc ; i++ ) for (i=0; i < n && !rc ; i++ )
rc = gpg_mpi_write (a, sig->data[i], NULL); rc = gpg_mpi_write (a, sig->data[i], NULL);