security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

Require Libgcrypt 1.11.0 

* configure.ac (NEED_LIBGCRYPT_VERSION): Set to 1.11.0
* agent/pkdecrypt.c (struct ecc_params): Move constants to the top.
--

It does not make anymore sense to allow building with older Libgcrypt
versions.  After all PQ key support is a major feature and for this we
need Libgcrypt.
This commit is contained in:
Werner Koch 2024-04-23 11:09:40 +02:00
parent af98a3e5fa
commit f305e703d5
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 71 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
agent/pkdecrypt.c
View File

@ -29,6 +29,75 @@
#include "agent.h" #include "agent.h"
#include "../common/openpgpdefs.h" #include "../common/openpgpdefs.h"
/* Table with parameters for KEM decryption. Use get_ecc_parms to
* find an entry. */
struct ecc_params
{
const char *curve; /* Canonical name of the curve. */
size_t pubkey_len; /* Pubkey in the SEXP representation. */
size_t scalar_len;
size_t point_len;
size_t shared_len;
int hash_algo;
int algo;
int scalar_reverse;
};
static const struct ecc_params ecc_table[] =
{
{
"Curve25519",
33, 32, 32, 32,
GCRY_MD_SHA3_256, GCRY_KEM_RAW_X25519,
1
},
{
"X448",
56, 56, 56, 64,
GCRY_MD_SHA3_512, GCRY_KEM_RAW_X448,
0
},
{
"brainpoolP256r1",
65, 32, 65, 32,
GCRY_MD_SHA3_256, GCRY_KEM_RAW_BP256,
0
},
{
"brainpoolP384r1",
97, 48, 97, 64,
GCRY_MD_SHA3_512, GCRY_KEM_RAW_BP384,
0
},
{ NULL, 0, 0, 0, 0, 0, 0, 0 }
};
/* Maximum buffer sizes required for ECC KEM. Keep this aligned to
* the ecc_table above. */
#define ECC_SCALAR_LEN_MAX 64
#define ECC_POINT_LEN_MAX (1+2*64)
#define ECC_HASH_LEN_MAX 64
/* Return the ECC parameters for CURVE. CURVE is expected to be the
* canonical name. */
static const struct ecc_params *
get_ecc_params (const char *curve)
{
int i;
for (i = 0; ecc_table[i].curve; i++)
if (!strcmp (ecc_table[i].curve, curve))
return &ecc_table[i];
return NULL;
}
/* DECRYPT the stuff in ciphertext which is expected to be a S-Exp. /* DECRYPT the stuff in ciphertext which is expected to be a S-Exp.
Try to get the key from CTRL and write the decoded stuff back to Try to get the key from CTRL and write the decoded stuff back to
OUTFP. The padding information is stored at R_PADDING with -1 OUTFP. The padding information is stored at R_PADDING with -1
@ -173,62 +242,6 @@ reverse_buffer (unsigned char *buffer, unsigned int length)
} }
} }
struct ecc_params
{
const char *curve;
size_t pubkey_len; /* Pubkey in the SEXP representation. */
size_t scalar_len;
size_t point_len;
size_t shared_len;
int hash_algo;
int algo;
int scalar_reverse;
};
static const struct ecc_params ecc_table[] =
{
{
"Curve25519",
33, 32, 32, 32,
GCRY_MD_SHA3_256, GCRY_KEM_RAW_X25519,
1
},
{
"X448",
56, 56, 56, 64,
GCRY_MD_SHA3_512, GCRY_KEM_RAW_X448,
0
},
{
"brainpoolP256r1",
65, 32, 65, 32,
GCRY_MD_SHA3_256, GCRY_KEM_RAW_BP256,
0
},
{
"brainpoolP384r1",
97, 48, 97, 64,
GCRY_MD_SHA3_512, GCRY_KEM_RAW_BP384,
0
},
{ NULL, 0, 0, 0, 0, 0, 0, 0 }
};
static const struct ecc_params *
get_ecc_params (const char *curve)
{
int i;
for (i = 0; ecc_table[i].curve; i++)
if (!strcmp (ecc_table[i].curve, curve))
return &ecc_table[i];
return NULL;
}
#define ECC_SCALAR_LEN_MAX 64
#define ECC_POINT_LEN_MAX (1+2*64)
#define ECC_HASH_LEN_MAX 64
/* For composite PGP KEM (ECC+ML-KEM), decrypt CIPHERTEXT using KEM API. /* For composite PGP KEM (ECC+ML-KEM), decrypt CIPHERTEXT using KEM API.
First keygrip is for ECC, second keygrip is for PQC. CIPHERTEXT First keygrip is for ECC, second keygrip is for PQC. CIPHERTEXT
@ -247,7 +260,6 @@ static gpg_error_t
composite_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text, composite_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
gcry_sexp_t s_cipher, membuf_t *outbuf) gcry_sexp_t s_cipher, membuf_t *outbuf)
{ {
#if GCRYPT_VERSION_NUMBER >= 0x010b00
gcry_sexp_t s_skey0 = NULL; gcry_sexp_t s_skey0 = NULL;
gcry_sexp_t s_skey1 = NULL; gcry_sexp_t s_skey1 = NULL;
unsigned char *shadow_info = NULL; unsigned char *shadow_info = NULL;
@ -579,9 +591,6 @@ composite_pgp_kem_decrypt (ctrl_t ctrl, const char *desc_text,
gcry_sexp_release (s_skey0); gcry_sexp_release (s_skey0);
gcry_sexp_release (s_skey1); gcry_sexp_release (s_skey1);
return err; return err;
#else
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
#endif
} }
/* DECRYPT the encrypted stuff (like encrypted session key) in /* DECRYPT the encrypted stuff (like encrypted session key) in

5
common/kem.c
View File

@ -54,7 +54,6 @@ compute_kmac256 (void *digest, size_t digestlen,
const void *custom, size_t customlen, const void *custom, size_t customlen,
gcry_buffer_t *data_iov, int data_iovlen) gcry_buffer_t *data_iov, int data_iovlen)
{ {
#if GCRYPT_VERSION_NUMBER >= 0x010b00
gpg_error_t err; gpg_error_t err;
gcry_buffer_t iov[20]; gcry_buffer_t iov[20];
const unsigned char headPAD[2] = { 1, KECCAK512_BLOCKSIZE }; const unsigned char headPAD[2] = { 1, KECCAK512_BLOCKSIZE };
@ -142,11 +141,9 @@ compute_kmac256 (void *digest, size_t digestlen,
err = gcry_md_hash_buffers_ext (GCRY_MD_CSHAKE256, 0, err = gcry_md_hash_buffers_ext (GCRY_MD_CSHAKE256, 0,
digest, digestlen, iov, iovcnt); digest, digestlen, iov, iovcnt);
return err; return err;
#else
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
#endif
} }
/* Compute KEK (shared secret) for ECC with HASHALGO, ECDH result, /* Compute KEK (shared secret) for ECC with HASHALGO, ECDH result,
ciphertext in ECC_CT, public key in ECC_PK. */ ciphertext in ECC_CT, public key in ECC_PK. */
gpg_error_t gpg_error_t

2
configure.ac
View File

@ -58,7 +58,7 @@ AC_DEFINE_UNQUOTED(GNUPG_SWDB_TAG, "gnupg26", [swdb tag for this branch])
NEED_GPGRT_VERSION=1.46 NEED_GPGRT_VERSION=1.46
NEED_LIBGCRYPT_API=1 NEED_LIBGCRYPT_API=1
NEED_LIBGCRYPT_VERSION=1.9.1 NEED_LIBGCRYPT_VERSION=1.11.0
NEED_LIBASSUAN_API=3 NEED_LIBASSUAN_API=3
NEED_LIBASSUAN_VERSION=3.0.0 NEED_LIBASSUAN_VERSION=3.0.0