From e6002e16c9ad638836222f6d32c462fc4c2aa5af Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Fri, 8 Oct 2021 22:25:05 +0900 Subject: [PATCH] experiment: Fix keygrip computation for new 448 key on gpg-agent. Signed-off-by: NIIBE Yutaka --- agent/cvt-openpgp.c | 19 +++++++++++++++++-- common/openpgp-misc.c | 12 ++---------- g10/misc.c | 6 ++++-- g10/pkglue.c | 24 ++++++++++++++---------- 4 files changed, 37 insertions(+), 24 deletions(-) diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c index 7defc200a..0bd56d73a 100644 --- a/agent/cvt-openpgp.c +++ b/agent/cvt-openpgp.c @@ -85,15 +85,30 @@ get_keygrip (int pubkey_algo, const char *curve, gcry_mpi_t *pkey, else { const char *format; + gcry_mpi_t pubkey = NULL; + pubkey_algo_t pkalgo = 0; /* Specify NONE */ if (!strcmp (curve, "Ed25519")) format = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))"; else if (!strcmp (curve, "Curve25519")) format = "(public-key(ecc(curve %s)(flags djb-tweak)(q%m)))"; else - format = "(public-key(ecc(curve %s)(q%m)))"; + { + if (!strcmp (curve, "Ed448")) + pkalgo = PUBKEY_ALGO_EDDSA; + else if (!strcmp (curve, "X448")) + pkalgo = PUBKEY_ALGO_ECDH; + format = "(public-key(ecc(curve %s)(q%m)))"; + } - err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]); + if (pkalgo) + { + pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[0]); + err = gcry_sexp_build (&s_pkey, NULL, format, curve, pubkey); + gcry_mpi_release (pubkey); + } + else + err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]); } break; diff --git a/common/openpgp-misc.c b/common/openpgp-misc.c index 7c6c56a69..e8e33689c 100644 --- a/common/openpgp-misc.c +++ b/common/openpgp-misc.c @@ -8,15 +8,11 @@ #include "openpgpdefs.h" gcry_mpi_t -openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid, +openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve, gcry_mpi_t pubkey) { unsigned int nbits = 0; unsigned char *buf = NULL; - const char *curve = openpgp_oid_to_curve (curve_oid, 1); - - if (curve == NULL) - curve = curve_oid; if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448")) || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448"))) @@ -35,15 +31,11 @@ openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid, gcry_mpi_t -openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve_oid, +openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve, gcry_mpi_t seckey) { unsigned int nbits = 0; unsigned char *buf = NULL; - const char *curve = openpgp_oid_to_curve (curve_oid, 1); - - if (curve == NULL) - curve = curve_oid; if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448")) || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448"))) diff --git a/g10/misc.c b/g10/misc.c index 299038fd4..e83800a85 100644 --- a/g10/misc.c +++ b/g10/misc.c @@ -1805,11 +1805,13 @@ pubkey_nbits( int algo, gcry_mpi_t *key ) rc = gpg_error_from_syserror (); else { - gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo, curve, key[1]); + const char *curve_name = openpgp_oid_to_curve (curve, 1); + gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo, + curve_name, key[1]); rc = gcry_sexp_build (&sexp, NULL, "(public-key(ecc(curve%s)(q%m)))", - curve, key[1]); + curve_name, key[1]); xfree (curve); gcry_mpi_release (pubkey); } diff --git a/g10/pkglue.c b/g10/pkglue.c index 137e520e4..bc6f30e94 100644 --- a/g10/pkglue.c +++ b/g10/pkglue.c @@ -192,14 +192,15 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash, { const char *fmt; gcry_mpi_t pubkey; + const char *curve_name = openpgp_oid_to_curve (curve, 1); - pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[1]); + pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, pkey[1]); if (openpgp_oid_is_ed25519 (pkey[0])) fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))"; else fmt = "(public-key(ecc(curve %s)(q%m)))"; - rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pubkey); + rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve_name, pubkey); xfree (curve); gcry_mpi_release (pubkey); } @@ -415,14 +416,15 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data, { int with_djb_tweak_flag = openpgp_oid_is_cv25519 (pkey[0]); gcry_mpi_t pubkey; + const char *curve_name = openpgp_oid_to_curve (curve, 1); - pubkey = openpgp_ecc_parse_pubkey (algo, curve, pkey[1]); + pubkey = openpgp_ecc_parse_pubkey (algo, curve_name, pkey[1]); /* Now use the ephemeral secret to compute the shared point. */ rc = gcry_sexp_build (&s_pkey, NULL, with_djb_tweak_flag ? "(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))" : "(public-key(ecc(curve%s)(q%m)))", - curve, pubkey); + curve_name, pubkey); xfree (curve); gcry_mpi_release (pubkey); /* Put K into a simplified S-expression. */ @@ -539,12 +541,13 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey) { gcry_mpi_t pubkey; gcry_mpi_t seckey; + const char *curve_name = openpgp_oid_to_curve (curve, 1); - pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]); - seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]); + pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]); + seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]); rc = gcry_sexp_build (&s_skey, NULL, "(private-key(ecc(curve%s)(q%m)(d%m)))", - curve, pubkey, seckey); + curve_name, pubkey, seckey); xfree (curve); gcry_mpi_release (pubkey); gcry_mpi_release (seckey); @@ -560,15 +563,16 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey) const char *fmt; gcry_mpi_t pubkey; gcry_mpi_t seckey; + const char *curve_name = openpgp_oid_to_curve (curve, 1); - pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]); - seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]); + pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]); + seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]); if (openpgp_oid_is_ed25519 (skey[0])) fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))"; else fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))"; - rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, pubkey, seckey); + rc = gcry_sexp_build (&s_skey, NULL, fmt, curve_name, pubkey, seckey); xfree (curve); gcry_mpi_release (pubkey); gcry_mpi_release (seckey);