experiment: Fix keygrip computation for new 448 key on gpg-agent.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-11-07 21:08:51 +01:00 · 2021-10-08 22:25:05 +09:00 · 2021-10-08 22:25:05 +09:00 · e6002e16c9
commit e6002e16c9
parent f2b54b3309
4 changed files with 37 additions and 24 deletions
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@ -85,15 +85,30 @@ get_keygrip (int pubkey_algo, const char *curve, gcry_mpi_t *pkey,
      else
        {
          const char *format;
+          gcry_mpi_t pubkey = NULL;
+          pubkey_algo_t pkalgo = 0; /* Specify NONE */

          if (!strcmp (curve, "Ed25519"))
            format = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
          else if (!strcmp (curve, "Curve25519"))
            format = "(public-key(ecc(curve %s)(flags djb-tweak)(q%m)))";
          else
-            format = "(public-key(ecc(curve %s)(q%m)))";
+	    {
+              if (!strcmp (curve, "Ed448"))
+                pkalgo = PUBKEY_ALGO_EDDSA;
+              else if (!strcmp (curve, "X448"))
+                pkalgo = PUBKEY_ALGO_ECDH;
+	      format = "(public-key(ecc(curve %s)(q%m)))";
+	    }

-          err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]);
+          if (pkalgo)
+            {
+              pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[0]);
+              err = gcry_sexp_build (&s_pkey, NULL, format, curve, pubkey);
+              gcry_mpi_release (pubkey);
+            }
+          else
+	    err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]);
        }
      break;

--- a/common/openpgp-misc.c
+++ b/common/openpgp-misc.c
@ -8,15 +8,11 @@
 #include "openpgpdefs.h"

 gcry_mpi_t
-openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid,
+openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve,
 			  gcry_mpi_t pubkey)
 {
  unsigned int nbits = 0;
  unsigned char *buf = NULL;
-  const char *curve = openpgp_oid_to_curve (curve_oid, 1);
-
-  if (curve == NULL)
-    curve = curve_oid;

  if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448"))
      || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448")))
@ -35,15 +31,11 @@ openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid,


 gcry_mpi_t
-openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve_oid,
+openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve,
 			  gcry_mpi_t seckey)
 {
  unsigned int nbits = 0;
  unsigned char *buf = NULL;
-  const char *curve = openpgp_oid_to_curve (curve_oid, 1);
-
-  if (curve == NULL)
-    curve = curve_oid;

  if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448"))
      || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448")))
--- a/g10/misc.c
+++ b/g10/misc.c
@ -1805,11 +1805,13 @@ pubkey_nbits( int algo, gcry_mpi_t *key )
        rc = gpg_error_from_syserror ();
      else
        {
-          gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo, curve, key[1]);
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);
+          gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo,
+							curve_name, key[1]);

          rc = gcry_sexp_build (&sexp, NULL,
                                "(public-key(ecc(curve%s)(q%m)))",
-                                curve, key[1]);
+                                curve_name, key[1]);
          xfree (curve);
          gcry_mpi_release (pubkey);
        }
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@ -192,14 +192,15 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
        {
          const char *fmt;
          gcry_mpi_t pubkey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);

-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[1]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, pkey[1]);
          if (openpgp_oid_is_ed25519 (pkey[0]))
            fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
          else
            fmt = "(public-key(ecc(curve %s)(q%m)))";

-          rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pubkey);
+          rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve_name, pubkey);
          xfree (curve);
          gcry_mpi_release (pubkey);
        }
@ -415,14 +416,15 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
            {
              int with_djb_tweak_flag = openpgp_oid_is_cv25519 (pkey[0]);
              gcry_mpi_t pubkey;
+	      const char *curve_name = openpgp_oid_to_curve (curve, 1);

-              pubkey = openpgp_ecc_parse_pubkey (algo, curve, pkey[1]);
+              pubkey = openpgp_ecc_parse_pubkey (algo, curve_name, pkey[1]);
              /* Now use the ephemeral secret to compute the shared point.  */
              rc = gcry_sexp_build (&s_pkey, NULL,
                                    with_djb_tweak_flag ?
                                    "(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))"
                                    : "(public-key(ecc(curve%s)(q%m)))",
-                                    curve, pubkey);
+                                    curve_name, pubkey);
              xfree (curve);
              gcry_mpi_release (pubkey);
              /* Put K into a simplified S-expression.  */
@ -539,12 +541,13 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
        {
          gcry_mpi_t pubkey;
          gcry_mpi_t seckey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);

-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
-          seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]);
+          seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]);
          rc = gcry_sexp_build (&s_skey, NULL,
                                "(private-key(ecc(curve%s)(q%m)(d%m)))",
-                                curve, pubkey, seckey);
+                                curve_name, pubkey, seckey);
          xfree (curve);
          gcry_mpi_release (pubkey);
          gcry_mpi_release (seckey);
@ -560,15 +563,16 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
          const char *fmt;
          gcry_mpi_t pubkey;
          gcry_mpi_t seckey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);

-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
-          seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]);
+          seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]);
          if (openpgp_oid_is_ed25519 (skey[0]))
            fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
          else
            fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))";

-          rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, pubkey, seckey);
+          rc = gcry_sexp_build (&s_skey, NULL, fmt, curve_name, pubkey, seckey);
          xfree (curve);
          gcry_mpi_release (pubkey);
          gcry_mpi_release (seckey);