* common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow.
* common/t-openpgp-oid.c (BADOID): New.
(test_openpgp_oid_to_str): Add test cases.
--
The code has an obvious error by not considering invalid encoding for
arc-2. A first byte of 0x80 can be used to make a value of less then
80 and we then subtract 80 from that value as required by the OID
encoding rules. Due to the unsigned integer this results in a pretty
long value which won't fit anymore into the allocated buffer.
The fix is obvious. Also added a few simple test cases. Note that we
keep on using sprintf instead of snprintf because managing the
remaining length of the buffer would probably be more error prone than
assuring that the buffer is large enough. Getting rid of sprintf
altogether by using direct conversion along with membuf_t like code
might be possible.
Reported-by: Hanno Böck
Signed-off-by: Werner Koch <wk@gnupg.org>
Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7
* common/openpgp-oid.c (struct oidtable): New.
(openpgp_curve_to_oid): Rewrite and allow OID as input.
(openpgp_oid_to_curve): Make use of the new table.
--
Due to the previous change we now usually store the OID with the
private key and not the name. Thus during import we do not anymore
need to map the name to an oid but can use the oid directly. We fix
that by extending openpgp_curve_to_oid to allow an oidstr as input.
* agent/cvt-openpgp.c (try_do_unprotect_arg_s): Add field "curve".
(get_keygrip): Add and use arg CURVE.
(convert_secret_key): Ditto.
(convert_transfer_key): Ditto.
(get_npkey_nskey): New.
(prepare_unprotect): Replace gcrypt functions by
get_npkey_nskey. Allow opaque MPIs.
(do_unprotect): Use CURVE instead of parameters.
(convert_from_openpgp_main): Ditto.
(convert_to_openpgp): Simplify.
* g10/import.c (one_mpi_from_pkey): Remove.
(transfer_secret_keys): Rewrite to use the curve instead of the
parameters.
* g10/parse-packet.c (parse_key): Mark protected MPIs with USER1 flag.
* common/openpgp-oid.c (openpgp_curve_to_oid): Allow the use of
"NIST P-256" et al.
* g10/keygen.c (ask_curve): Add arg ALGO.
(generate_keypair): Rewrite the ECC key logic.
* tests/openpgp/ecc.test: Provide the "ecc" passphrase.
* g10/gpg.c (oLegacyListMode, opts, main): Add --legacy-list-mode.
* g10/options.h (struct opt): Add field legacy_list_mode.
* g10/keydb.h (PUBKEY_STRING_SIZE): New.
* g10/keyid.c (pubkey_string): New.
* g10/import.c (import_one, import_secret_one): Use pubkey_string.
* g10/keylist.c (print_seckey_info): Ditto.
(print_pubkey_info, print_card_key_info): Ditto.
(list_keyblock_print): Ditto.
* g10/mainproc.c (list_node): Ditto.
* g10/pkclist.c (do_edit_ownertrust, build_pk_list): Ditto.
* g10/keyedit.c (show_key_with_all_names): Ditto. Also change the
format.
(show_basic_key_info): Ditto.
* common/openpgp-oid.c (openpgp_curve_to_oid): Also allow "ed25519".
(openpgp_oid_to_curve): Downcase "ed25519"
--
For ECC it seems to be better to show the name of the curve and not
just the size of the prime field. The curve name does not anymore fit
into the "<size><letter>" descriptor (e.g. "2048R") and a fixed length
format does not work either. Thus the new format uses
"rsa2048" - RSA with 2048 bit
"elg1024" - Elgamal with 1024 bit
"ed25519" - ECC using the curve Ed25519.
"E_1.2.3.4" - ECC using the unsupported curve with OID "1.2.3.4".
unless --legacy-list-mode is given. In does not anymore line up
nicely in columns thus I expect further changes to this new format.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/openpgp-oid.c (openpgp_curve_to_oid): Change OID for
Ed25519. Add brainpool OIDs.
(openpgp_oid_to_curve): Ditto.
--
This change is required to the change in Libgcrypt. Note that we will
likely use a different OpenPGP algorithm ID for EdDSA and thus the
current Ed25519 implementation will not stay with us.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/findkey.c (key_parms_from_sexp): Add algo name "ecc".
(agent_is_dsa_key): Ditto.
(agent_is_eddsa_key): New. Not finished, though.
* agent/pksign.c (do_encode_eddsa): New.
(agent_pksign_do): Use gcry_log_debug functions.
* agent/protect.c (agent_protect): Parse a flags parameter.
* g10/keygen.c (gpg_curve_to_oid): Move to ...
* common/openpgp-oid.c (openpgp_curve_to_oid): here and rename.
(oid_ed25519): New.
(openpgp_oid_is_ed25519): New.
(openpgp_oid_to_curve): New.
* common/t-openpgp-oid.c (test_openpgp_oid_is_ed25519): New.
* g10/build-packet.c (gpg_mpi_write): Write the length header also for
opaque MPIs.
(gpg_mpi_write_nohdr): New.
(do_key): Use gpg_mpi_write_nohdr depending on algorithm.
(do_pubkey_enc): Ditto.
* g10/ecdh.c (pk_ecdh_encrypt_with_shared_point): Use
gpg_mpi_write_nohdr.
* g10/export.c (transfer_format_to_openpgp):
* g10/keygen.c (ecckey_from_sexp): Return the error.
(gen_ecc): Repalce arg NBITS by CURVE.
(read_parameter_file): Add keywords "Key-Curve" and "Subkey-Curve".
(ask_curve): New.
(generate_keypair, generate_subkeypair): Use ask_curve.
(do_generate_keypair): Also pass curve name.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Print
curve name.
* g10/parse-packet.c (mpi_read): Remove workaround for
Libcgrypt < 1.5.
(parse_key): Fix ECC case. Print the curve name.
* g10/pkglue.c (mpi_from_sexp): Rename to get_mpi_from_sexp.
(pk_verify, pk_check_secret_key): Add special case for Ed25519.
* g10/seskey.c (encode_md_value): Ditto.
* g10/sign.c (do_sign, hash_for, sign_file): Ditto.
--
Be warned that this code is subject to further changes and that the
format will very likely change before a release. There are also known
bugs and missing code.
Signed-off-by: Werner Koch <wk@gnupg.org>