mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-02 12:01:32 +01:00
experiment: Support exporting new 448 key (public/secret).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka
parent
0d74c3c896
commit
a07ae85ec7
@ -53,34 +53,34 @@ openpgp_ecc_parse_key (pubkey_algo_t pkalgo, const char *curve,
|
|||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Fix up public key for OpenPGP adding the prefix.
|
* Fix up public/sec key for OpenPGP adding the prefix.
|
||||||
*/
|
*/
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
openpgp_fixup_pubkey_448 (int algo, gcry_mpi_t *p_pubkey)
|
openpgp_fixup_key_448 (int algo, gcry_mpi_t *r_key)
|
||||||
{
|
{
|
||||||
gcry_mpi_t pubkey_mpi;
|
gcry_mpi_t key_mpi;
|
||||||
gcry_mpi_t a;
|
gcry_mpi_t a;
|
||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
const unsigned char *p_key;
|
const unsigned char *p_key;
|
||||||
unsigned int nbits;
|
unsigned int nbits;
|
||||||
unsigned int len;
|
unsigned int len;
|
||||||
|
|
||||||
pubkey_mpi = *p_pubkey;
|
key_mpi = *r_key;
|
||||||
*p_pubkey = NULL;
|
*r_key = NULL;
|
||||||
p_key = gcry_mpi_get_opaque (pubkey_mpi, &nbits);
|
p_key = gcry_mpi_get_opaque (key_mpi, &nbits);
|
||||||
len = (nbits+7)/8;
|
len = (nbits+7)/8;
|
||||||
if ((algo == PUBKEY_ALGO_ECDH && len != 56)
|
if ((algo == PUBKEY_ALGO_ECDH && len != 56)
|
||||||
|| (algo == PUBKEY_ALGO_EDDSA && len != 57)
|
|| (algo == PUBKEY_ALGO_EDDSA && len != 57)
|
||||||
|| (algo != PUBKEY_ALGO_ECDH && algo != PUBKEY_ALGO_EDDSA))
|
|| (algo != PUBKEY_ALGO_ECDH && algo != PUBKEY_ALGO_EDDSA))
|
||||||
{
|
{
|
||||||
gcry_mpi_release (pubkey_mpi);
|
gcry_mpi_release (key_mpi);
|
||||||
return gpg_error (GPG_ERR_BAD_PUBKEY);
|
return gpg_error (GPG_ERR_BAD_PUBKEY);
|
||||||
}
|
}
|
||||||
|
|
||||||
p = xtrymalloc (1 + len);
|
p = xtrymalloc (1 + len);
|
||||||
if (!p)
|
if (!p)
|
||||||
{
|
{
|
||||||
gcry_mpi_release (pubkey_mpi);
|
gcry_mpi_release (key_mpi);
|
||||||
return gpg_error_from_syserror ();
|
return gpg_error_from_syserror ();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -89,8 +89,8 @@ openpgp_fixup_pubkey_448 (int algo, gcry_mpi_t *p_pubkey)
|
|||||||
|
|
||||||
a = gcry_mpi_set_opaque (NULL, p, len*8+7);
|
a = gcry_mpi_set_opaque (NULL, p, len*8+7);
|
||||||
gcry_mpi_set_flag (a, GCRYMPI_FLAG_USER2);
|
gcry_mpi_set_flag (a, GCRYMPI_FLAG_USER2);
|
||||||
*p_pubkey = a;
|
*r_key = a;
|
||||||
gcry_mpi_release (pubkey_mpi);
|
gcry_mpi_release (key_mpi);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -242,6 +242,6 @@ enum gcry_pk_algos map_openpgp_pk_to_gcry (pubkey_algo_t algo);
|
|||||||
/*-- openpgp-misc.c --*/
|
/*-- openpgp-misc.c --*/
|
||||||
gcry_mpi_t openpgp_ecc_parse_key (pubkey_algo_t pkalgo, const char *curve,
|
gcry_mpi_t openpgp_ecc_parse_key (pubkey_algo_t pkalgo, const char *curve,
|
||||||
gcry_mpi_t key);
|
gcry_mpi_t key);
|
||||||
gpg_error_t openpgp_fixup_pubkey_448 (int algo, gcry_mpi_t *p_pubkey);
|
gpg_error_t openpgp_fixup_key_448 (int algo, gcry_mpi_t *p_pubkey);
|
||||||
|
|
||||||
#endif /*GNUPG_COMMON_OPENPGPDEFS_H*/
|
#endif /*GNUPG_COMMON_OPENPGPDEFS_H*/
|
||||||
|
|||||||
22
g10/export.c
22
g10/export.c
@ -532,7 +532,8 @@ exact_subkey_match_p (KEYDB_SEARCH_DESC *desc, kbnode_t node)
|
|||||||
/* Return an error if the key represented by the S-expression S_KEY
|
/* Return an error if the key represented by the S-expression S_KEY
|
||||||
* and the OpenPGP key represented by PK do not use the same curve. */
|
* and the OpenPGP key represented by PK do not use the same curve. */
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
match_curve_skey_pk (gcry_sexp_t s_key, PKT_public_key *pk)
|
match_curve_skey_pk (gcry_sexp_t s_key, PKT_public_key *pk,
|
||||||
|
int *r_is_448)
|
||||||
{
|
{
|
||||||
gcry_sexp_t curve = NULL;
|
gcry_sexp_t curve = NULL;
|
||||||
gcry_sexp_t flags = NULL;
|
gcry_sexp_t flags = NULL;
|
||||||
@ -544,6 +545,8 @@ match_curve_skey_pk (gcry_sexp_t s_key, PKT_public_key *pk)
|
|||||||
int is_eddsa = 0;
|
int is_eddsa = 0;
|
||||||
int idx = 0;
|
int idx = 0;
|
||||||
|
|
||||||
|
*r_is_448 = 0;
|
||||||
|
|
||||||
if (!(pk->pubkey_algo==PUBKEY_ALGO_ECDH
|
if (!(pk->pubkey_algo==PUBKEY_ALGO_ECDH
|
||||||
|| pk->pubkey_algo==PUBKEY_ALGO_ECDSA
|
|| pk->pubkey_algo==PUBKEY_ALGO_ECDSA
|
||||||
|| pk->pubkey_algo==PUBKEY_ALGO_EDDSA))
|
|| pk->pubkey_algo==PUBKEY_ALGO_EDDSA))
|
||||||
@ -563,7 +566,12 @@ match_curve_skey_pk (gcry_sexp_t s_key, PKT_public_key *pk)
|
|||||||
return gpg_error (GPG_ERR_UNKNOWN_CURVE);
|
return gpg_error (GPG_ERR_UNKNOWN_CURVE);
|
||||||
}
|
}
|
||||||
if (!strcmp (curve_str, "Ed448"))
|
if (!strcmp (curve_str, "Ed448"))
|
||||||
is_eddsa = 1;
|
{
|
||||||
|
is_eddsa = 1;
|
||||||
|
*r_is_448 = 1;
|
||||||
|
}
|
||||||
|
if (!strcmp (curve_str, "X448"))
|
||||||
|
*r_is_448 = 1;
|
||||||
oidstr = openpgp_curve_to_oid (curve_str, NULL, NULL);
|
oidstr = openpgp_curve_to_oid (curve_str, NULL, NULL);
|
||||||
if (!oidstr)
|
if (!oidstr)
|
||||||
{
|
{
|
||||||
@ -637,6 +645,7 @@ cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk)
|
|||||||
struct seckey_info *ski;
|
struct seckey_info *ski;
|
||||||
int idx, sec_start;
|
int idx, sec_start;
|
||||||
gcry_mpi_t pub_params[10] = { NULL };
|
gcry_mpi_t pub_params[10] = { NULL };
|
||||||
|
int is_448;
|
||||||
|
|
||||||
/* we look for a private-key, then the first element in it tells us
|
/* we look for a private-key, then the first element in it tells us
|
||||||
the type */
|
the type */
|
||||||
@ -744,11 +753,15 @@ cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case GCRY_PK_ECC:
|
case GCRY_PK_ECC:
|
||||||
err = match_curve_skey_pk (key, pk);
|
err = match_curve_skey_pk (key, pk, is_448);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
else
|
else
|
||||||
err = sexp_extract_param_sos (key, "q", &pub_params[0]);
|
err = sexp_extract_param_sos (key, "q", &pub_params[0]);
|
||||||
|
|
||||||
|
if (!err && is_448)
|
||||||
|
err = openpgp_fixup_key_448 (pk->pubkey_algo, &pub_params[0]);
|
||||||
|
|
||||||
if (!err && (gcry_mpi_cmp(pk->pkey[1], pub_params[0])))
|
if (!err && (gcry_mpi_cmp(pk->pkey[1], pub_params[0])))
|
||||||
err = gpg_error (GPG_ERR_BAD_PUBKEY);
|
err = gpg_error (GPG_ERR_BAD_PUBKEY);
|
||||||
|
|
||||||
@ -760,6 +773,9 @@ cleartext_secret_key_to_openpgp (gcry_sexp_t s_key, PKT_public_key *pk)
|
|||||||
gcry_mpi_release (pk->pkey[sec_start]);
|
gcry_mpi_release (pk->pkey[sec_start]);
|
||||||
pk->pkey[sec_start] = NULL;
|
pk->pkey[sec_start] = NULL;
|
||||||
err = sexp_extract_param_sos (key, "d", &pk->pkey[sec_start]);
|
err = sexp_extract_param_sos (key, "d", &pk->pkey[sec_start]);
|
||||||
|
if (!err && is_448)
|
||||||
|
err = openpgp_fixup_key_448 (pk->pubkey_algo,
|
||||||
|
&pk->pkey[sec_start]);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!err)
|
if (!err)
|
||||||
|
|||||||
@ -1338,7 +1338,7 @@ ecckey_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, int algo)
|
|||||||
if (openpgp_oid_is_ed448 (array[0])
|
if (openpgp_oid_is_ed448 (array[0])
|
||||||
|| openpgp_oid_is_cv448 (array[0]))
|
|| openpgp_oid_is_cv448 (array[0]))
|
||||||
{
|
{
|
||||||
err = openpgp_fixup_pubkey_448 (algo, &array[1]);
|
err = openpgp_fixup_key_448 (algo, &array[1]);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -465,7 +465,7 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
|
|||||||
s_ciph = NULL;
|
s_ciph = NULL;
|
||||||
if (openpgp_oid_is_cv448 (pkey[0]))
|
if (openpgp_oid_is_cv448 (pkey[0]))
|
||||||
{
|
{
|
||||||
rc = openpgp_fixup_pubkey_448 (algo, &public);
|
rc = openpgp_fixup_key_448 (algo, &public);
|
||||||
if (rc)
|
if (rc)
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user