gpg: Use the KEM API for ECC encryption.

* g10/ecdh.c (gnupg_ecc_6637_kdf): New. (pk_ecdh_encrypt_with_shared_point, gen_k): Remove. (pk_ecdh_generate_ephemeral_key): Remove. * g10/pkglue.c (get_data_from_sexp): Remove. (do_encrypt_ecdh): Use gcry_kem_encap of the KEM API, gnupg_ecc_6637_kdf, and AESWRAP. * g10/pkglue.h (gnupg_ecc_6637_kdf): New. (pk_ecdh_encrypt_with_shared_point): Remove. (pk_ecdh_generate_ephemeral_key, pk_ecdh_encrypt): Remove. -- GnuPG-bug-id: 7649 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-07-03 22:56:33 +02:00 · 2025-05-19 14:51:17 +09:00 · 2025-05-19 14:51:17 +09:00 · d1c3bfda2a
commit d1c3bfda2a
parent fcac10357e
4 changed files with 358 additions and 264 deletions
--- a/common/kem.c
+++ b/common/kem.c
@ -144,8 +144,8 @@ compute_kmac256 (void *digest, size_t digestlen,
 }


-/* Compute KEK (shared secret) for ECC with HASHALGO, ECDH result,
-   ciphertext in ECC_CT, public key in ECC_PK.  */
+/* Compute KEK for ECC with HASHALGO, ECDH result, ciphertext in
+   ECC_CT (which is an ephemeral key), and public key in ECC_PK.  */
 gpg_error_t
 gnupg_ecc_kem_kdf (void *kek, size_t kek_len,
                   int hashalgo, const void *ecdh, size_t ecdh_len,