mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
tools: Use new API of libgcrypt for gpg-pair-tool.
* tools/gpg-pair-tool.c (create_dh_keypair): Just use gcry_random_bytes for secret. Call gcry_ecc_mul_point with G to get the public key. (compute_master_secret): Use gcry_ecc_mul_point. Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
parent
49671b76ea
commit
f22a004161
@ -1021,50 +1021,32 @@ create_dh_keypair (unsigned char *dh_secret, size_t dh_secret_len,
|
|||||||
unsigned char *dh_public, size_t dh_public_len)
|
unsigned char *dh_public, size_t dh_public_len)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
gcry_sexp_t sexp;
|
unsigned char *p;
|
||||||
gcry_sexp_t s_keypair;
|
const unsigned char G[32] = { 0x9 };
|
||||||
gcry_buffer_t secret;
|
|
||||||
gcry_buffer_t public;
|
|
||||||
unsigned char publicbuf[33];
|
|
||||||
|
|
||||||
/* We need a temporary buffer for the public key. Check the length
|
/* We need a temporary buffer for the public key. Check the length
|
||||||
* for the later memcpy. */
|
* for the later memcpy. */
|
||||||
if (dh_public_len < 32)
|
if (dh_public_len < 32 || dh_secret_len < 32)
|
||||||
return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
|
return gpg_error (GPG_ERR_BUFFER_TOO_SHORT);
|
||||||
|
|
||||||
secret.size = dh_secret_len;
|
p = gcry_random_bytes (32, GCRY_VERY_STRONG_RANDOM);
|
||||||
secret.data = dh_secret;
|
if (!p)
|
||||||
secret.off = 0;
|
return gpg_error_from_syserror ();
|
||||||
public.size = sizeof publicbuf;
|
|
||||||
public.data = publicbuf;
|
|
||||||
public.off = 0;
|
|
||||||
|
|
||||||
err = gcry_sexp_build (&sexp, NULL,
|
memcpy (dh_secret, p, 32);
|
||||||
"(genkey(ecc(curve Curve25519)(flags djb-tweak)))");
|
xfree (p);
|
||||||
if (err)
|
|
||||||
return err;
|
err = gcry_ecc_mul_point (GCRY_ECC_CURVE25519, &p, dh_secret, G);
|
||||||
err = gcry_pk_genkey (&s_keypair, sexp);
|
|
||||||
gcry_sexp_release (sexp);
|
|
||||||
if (err)
|
|
||||||
return err;
|
|
||||||
err = gcry_sexp_extract_param (s_keypair, "key-data!private-key",
|
|
||||||
"&dq", &secret, &public, NULL);
|
|
||||||
gcry_sexp_release (s_keypair);
|
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
/* Gcrypt prepends a 0x40 indicator - remove that. */
|
memcpy (dh_public, p, 32);
|
||||||
if (public.len == 33)
|
xfree (p);
|
||||||
{
|
|
||||||
public.len = 32;
|
|
||||||
memmove (public.data, publicbuf+1, 32);
|
|
||||||
}
|
|
||||||
memcpy (dh_public, public.data, public.len);
|
|
||||||
|
|
||||||
if (DBG_CRYPTO)
|
if (DBG_CRYPTO)
|
||||||
{
|
{
|
||||||
log_printhex (secret.data, secret.len, "DH secret:");
|
log_printhex (dh_secret, 32, "DH secret:");
|
||||||
log_printhex (public.data, public.len, "DH public:");
|
log_printhex (dh_public, 32, "DH public:");
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
@ -1189,52 +1171,24 @@ compute_master_secret (unsigned char *master, size_t masterlen,
|
|||||||
const unsigned char *pk_b, size_t pk_b_len)
|
const unsigned char *pk_b, size_t pk_b_len)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
gcry_sexp_t s_sk_a = NULL;
|
unsigned char *s;
|
||||||
gcry_sexp_t s_pk_b = NULL;
|
|
||||||
gcry_sexp_t s_shared = NULL;
|
|
||||||
gcry_sexp_t s_tmp;
|
|
||||||
const char *s;
|
|
||||||
size_t n;
|
|
||||||
|
|
||||||
log_assert (masterlen == 32);
|
log_assert (masterlen == 32);
|
||||||
|
log_assert (sk_a_len == 32);
|
||||||
|
log_assert (pk_b_len == 32);
|
||||||
|
|
||||||
err = gcry_sexp_build (&s_sk_a, NULL, "%b", (int)sk_a_len, sk_a);
|
err = gcry_ecc_mul_point (GCRY_ECC_CURVE25519, &s, sk_a, pk_b);
|
||||||
if (!err)
|
|
||||||
err = gcry_sexp_build (&s_pk_b, NULL,
|
|
||||||
"(public-key(ecdh(curve Curve25519)"
|
|
||||||
" (flags djb-tweak)(q%b)))",
|
|
||||||
(int)pk_b_len, pk_b);
|
|
||||||
if (err)
|
|
||||||
{
|
|
||||||
log_error ("error building S-expression: %s\n", gpg_strerror (err));
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
|
|
||||||
err = gcry_pk_encrypt (&s_shared, s_sk_a, s_pk_b);
|
|
||||||
if (err)
|
if (err)
|
||||||
{
|
{
|
||||||
log_error ("error computing DH: %s\n", gpg_strerror (err));
|
log_error ("error computing DH: %s\n", gpg_strerror (err));
|
||||||
goto leave;
|
goto leave;
|
||||||
}
|
}
|
||||||
/* gcry_log_debugsxp ("sk_a", s_sk_a); */
|
|
||||||
/* gcry_log_debugsxp ("pk_b", s_pk_b); */
|
|
||||||
/* gcry_log_debugsxp ("shared", s_shared); */
|
|
||||||
|
|
||||||
s_tmp = gcry_sexp_find_token (s_shared, "s", 0);
|
|
||||||
if (!s_tmp || !(s = gcry_sexp_nth_data (s_tmp, 1, &n))
|
|
||||||
|| n != 33 || s[0] != 0x40)
|
|
||||||
{
|
|
||||||
err = gpg_error (GPG_ERR_INTERNAL);
|
|
||||||
log_error ("error computing DH: %s\n", gpg_strerror (err));
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
memcpy (master, s+1, 32);
|
|
||||||
|
|
||||||
|
memcpy (master, s, 32);
|
||||||
|
|
||||||
leave:
|
leave:
|
||||||
gcry_sexp_release (s_sk_a);
|
xfree (s);
|
||||||
gcry_sexp_release (s_pk_b);
|
|
||||||
gcry_sexp_release (s_shared);
|
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user