mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-02 22:38:02 +02:00
6dc3846d78
* sm/misc.c (transform_sigval): Support EdDSA.
* sm/certreqgen.c (create_request): Support EdDSA cert creation.
* sm/certcheck.c (gpgsm_check_cert_sig): Map some ECC algo OIDs to
hash algos.
* sm/call-agent.c (struct sethash_inq_parm_s): New.
(sethash_inq_cb): New.
(gpgsm_agent_pksign): Add mode to pass plain data for EdDSA.
--
Tested using a parameter file
Key-Type: EdDSA
Key-Length: 1024
Key-Grip: 09D9AE3D494F7888C93BE5106AD8A734A87617F0
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test ed25519
where the keygrip is from a gpg generated Ed25519 key. ECDSA was
tested using
Key-Type: ECDSA
Key-Length: 1024
Key-Grip: 8E06A180EFFE4C65B812150CAF19BF30C0689A4C
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test nistp256
and RSA using
Key-Type: RSA
Key-Length: 2048
Key-Grip: C6A6390E9388CDBAD71EAEA698233FE5E04F001E
Key-Usage: sign
Serial: random
Name-DN: CN=dummy test rsa
The command used in all cases is
gpgsm -v --gen-key --batch a.parm >a.crt
gpgsm -v --import <a.crt
More support, in particular in the user interface, is required and
will follow soon.
GnuPG-bug-id: 4888
Signed-off-by: Werner Koch <wk@gnupg.org>
287 lines
9.0 KiB
C
287 lines
9.0 KiB
C
/* misc.c - Miscellaneous functions
|
|
* Copyright (C) 2004, 2009, 2011 Free Software Foundation, Inc.
|
|
*
|
|
* This file is part of GnuPG.
|
|
*
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include <config.h>
|
|
#include <errno.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <ctype.h>
|
|
#include <unistd.h>
|
|
#ifdef HAVE_LOCALE_H
|
|
#include <locale.h>
|
|
#endif
|
|
|
|
#include "gpgsm.h"
|
|
#include "../common/i18n.h"
|
|
#include "../common/sysutils.h"
|
|
#include "../common/tlv.h"
|
|
#include "../common/sexp-parse.h"
|
|
|
|
|
|
/* Setup the environment so that the pinentry is able to get all
|
|
required information. This is used prior to an exec of the
|
|
protect-tool. */
|
|
void
|
|
setup_pinentry_env (void)
|
|
{
|
|
#ifndef HAVE_W32_SYSTEM
|
|
char *lc;
|
|
const char *name, *value;
|
|
int iterator;
|
|
|
|
/* Try to make sure that GPG_TTY has been set. This is needed if we
|
|
call for example the protect-tools with redirected stdin and thus
|
|
it won't be able to ge a default by itself. Try to do it here
|
|
but print a warning. */
|
|
value = session_env_getenv (opt.session_env, "GPG_TTY");
|
|
if (value)
|
|
gnupg_setenv ("GPG_TTY", value, 1);
|
|
else if (!(lc=getenv ("GPG_TTY")) || !*lc)
|
|
{
|
|
log_error (_("GPG_TTY has not been set - "
|
|
"using maybe bogus default\n"));
|
|
lc = gnupg_ttyname (0);
|
|
if (!lc)
|
|
lc = "/dev/tty";
|
|
gnupg_setenv ("GPG_TTY", lc, 1);
|
|
}
|
|
|
|
if (opt.lc_ctype)
|
|
gnupg_setenv ("LC_CTYPE", opt.lc_ctype, 1);
|
|
#if defined(HAVE_SETLOCALE) && defined(LC_CTYPE)
|
|
else if ( (lc = setlocale (LC_CTYPE, "")) )
|
|
gnupg_setenv ("LC_CTYPE", lc, 1);
|
|
#endif
|
|
|
|
if (opt.lc_messages)
|
|
gnupg_setenv ("LC_MESSAGES", opt.lc_messages, 1);
|
|
#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES)
|
|
else if ( (lc = setlocale (LC_MESSAGES, "")) )
|
|
gnupg_setenv ("LC_MESSAGES", lc, 1);
|
|
#endif
|
|
|
|
iterator = 0;
|
|
while ((name = session_env_list_stdenvnames (&iterator, NULL)))
|
|
{
|
|
if (!strcmp (name, "GPG_TTY"))
|
|
continue; /* Already set. */
|
|
value = session_env_getenv (opt.session_env, name);
|
|
if (value)
|
|
gnupg_setenv (name, value, 1);
|
|
}
|
|
|
|
#endif /*!HAVE_W32_SYSTEM*/
|
|
}
|
|
|
|
|
|
|
|
/* Transform a sig-val style s-expression as returned by Libgcrypt to
|
|
one which includes an algorithm identifier encoding the public key
|
|
and the hash algorithm. The public key algorithm is taken directly
|
|
from SIGVAL and the hash algorithm is given by MDALGO. This is
|
|
required because X.509 merges the public key algorithm and the hash
|
|
algorithm into one OID but Libgcrypt is not aware of that. The
|
|
function ignores missing parameters so that it can also be used to
|
|
create an siginfo value as expected by ksba_certreq_set_siginfo.
|
|
To create a siginfo s-expression a public-key s-expression may be
|
|
used instead of a sig-val. */
|
|
gpg_error_t
|
|
transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
|
|
unsigned char **r_newsigval, size_t *r_newsigvallen)
|
|
{
|
|
gpg_error_t err;
|
|
const unsigned char *buf, *tok;
|
|
size_t buflen, toklen;
|
|
int depth, last_depth1, last_depth2, pkalgo;
|
|
int is_pubkey = 0;
|
|
const unsigned char *rsa_s, *ecc_r, *ecc_s;
|
|
size_t rsa_s_len, ecc_r_len, ecc_s_len;
|
|
const char *oid;
|
|
gcry_sexp_t sexp;
|
|
const char *eddsa_curve = NULL;
|
|
|
|
rsa_s = ecc_r = ecc_s = NULL;
|
|
rsa_s_len = ecc_r_len = ecc_s_len = 0;
|
|
|
|
*r_newsigval = NULL;
|
|
if (r_newsigvallen)
|
|
*r_newsigvallen = 0;
|
|
|
|
buf = sigval;
|
|
buflen = sigvallen;
|
|
depth = 0;
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if (tok && toklen == 7 && !memcmp ("sig-val", tok, toklen))
|
|
;
|
|
else if (tok && toklen == 10 && !memcmp ("public-key", tok, toklen))
|
|
is_pubkey = 1;
|
|
else
|
|
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if (!tok)
|
|
return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
|
if (toklen == 3 && !memcmp ("rsa", tok, 3))
|
|
pkalgo = GCRY_PK_RSA;
|
|
else if (toklen == 3 && !memcmp ("ecc", tok, 3))
|
|
pkalgo = GCRY_PK_ECC;
|
|
else if (toklen == 5 && !memcmp ("ecdsa", tok, 5))
|
|
pkalgo = GCRY_PK_ECC;
|
|
else if (toklen == 5 && !memcmp ("eddsa", tok, 5))
|
|
pkalgo = GCRY_PK_EDDSA;
|
|
else
|
|
return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
|
|
|
|
last_depth1 = depth;
|
|
while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
|
|
&& depth && depth >= last_depth1)
|
|
{
|
|
if (tok)
|
|
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if (tok && toklen == 1)
|
|
{
|
|
const unsigned char **mpi = NULL;
|
|
size_t *mpi_len = NULL;
|
|
|
|
switch (*tok)
|
|
{
|
|
case 's':
|
|
if (pkalgo == GCRY_PK_RSA)
|
|
{
|
|
mpi = &rsa_s;
|
|
mpi_len = &rsa_s_len;
|
|
}
|
|
else if (pkalgo == GCRY_PK_ECC || pkalgo == GCRY_PK_EDDSA)
|
|
{
|
|
mpi = &ecc_s;
|
|
mpi_len = &ecc_s_len;
|
|
}
|
|
break;
|
|
|
|
case 'r': mpi = &ecc_r; mpi_len = &ecc_r_len; break;
|
|
default: mpi = NULL; mpi_len = NULL; break;
|
|
}
|
|
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if (tok && mpi)
|
|
{
|
|
*mpi = tok;
|
|
*mpi_len = toklen;
|
|
}
|
|
}
|
|
else if (toklen == 5 && !memcmp (tok, "curve", 5))
|
|
{
|
|
if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
|
|
return err;
|
|
if ((toklen == 7 && !memcmp (tok, "Ed25519", 7))
|
|
|| (toklen == 22 && !memcmp (tok, "1.3.6.1.4.1.11591.15.1", 22))
|
|
|| (toklen == 11 && !memcmp (tok, "1.3.101.112", 11)))
|
|
eddsa_curve = "1.3.101.112";
|
|
else if ((toklen == 5 && !memcmp (tok, "Ed448", 5))
|
|
|| (toklen == 11 && !memcmp (tok, "1.3.101.113", 11)))
|
|
eddsa_curve = "1.3.101.113";
|
|
}
|
|
|
|
/* Skip to the end of the list. */
|
|
last_depth2 = depth;
|
|
while (!(err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen))
|
|
&& depth && depth >= last_depth2)
|
|
;
|
|
if (err)
|
|
return err;
|
|
}
|
|
if (err)
|
|
return err;
|
|
|
|
if (eddsa_curve)
|
|
oid = eddsa_curve;
|
|
else
|
|
{
|
|
/* Map the hash algorithm to an OID. */
|
|
if (mdalgo < 0 || mdalgo > (1<<15) || pkalgo < 0 || pkalgo > (1<<15))
|
|
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
|
|
|
switch (mdalgo | (pkalgo << 16))
|
|
{
|
|
case GCRY_MD_SHA1 | (GCRY_PK_RSA << 16):
|
|
oid = "1.2.840.113549.1.1.5"; /* sha1WithRSAEncryption */
|
|
break;
|
|
|
|
case GCRY_MD_SHA256 | (GCRY_PK_RSA << 16):
|
|
oid = "1.2.840.113549.1.1.11"; /* sha256WithRSAEncryption */
|
|
break;
|
|
|
|
case GCRY_MD_SHA384 | (GCRY_PK_RSA << 16):
|
|
oid = "1.2.840.113549.1.1.12"; /* sha384WithRSAEncryption */
|
|
break;
|
|
|
|
case GCRY_MD_SHA512 | (GCRY_PK_RSA << 16):
|
|
oid = "1.2.840.113549.1.1.13"; /* sha512WithRSAEncryption */
|
|
break;
|
|
|
|
case GCRY_MD_SHA224 | (GCRY_PK_ECC << 16):
|
|
oid = "1.2.840.10045.4.3.1"; /* ecdsa-with-sha224 */
|
|
break;
|
|
|
|
case GCRY_MD_SHA256 | (GCRY_PK_ECC << 16):
|
|
oid = "1.2.840.10045.4.3.2"; /* ecdsa-with-sha256 */
|
|
break;
|
|
|
|
case GCRY_MD_SHA384 | (GCRY_PK_ECC << 16):
|
|
oid = "1.2.840.10045.4.3.3"; /* ecdsa-with-sha384 */
|
|
break;
|
|
|
|
case GCRY_MD_SHA512 | (GCRY_PK_ECC << 16):
|
|
oid = "1.2.840.10045.4.3.4"; /* ecdsa-with-sha512 */
|
|
break;
|
|
|
|
case GCRY_MD_SHA512 | (GCRY_PK_EDDSA << 16):
|
|
oid = "1.3.101.112"; /* ed25519 */
|
|
break;
|
|
|
|
default:
|
|
return gpg_error (GPG_ERR_DIGEST_ALGO);
|
|
}
|
|
}
|
|
|
|
if (is_pubkey)
|
|
err = gcry_sexp_build (&sexp, NULL, "(sig-val(%s))", oid);
|
|
else if (pkalgo == GCRY_PK_RSA)
|
|
err = gcry_sexp_build (&sexp, NULL, "(sig-val(%s(s%b)))", oid,
|
|
(int)rsa_s_len, rsa_s);
|
|
else if (pkalgo == GCRY_PK_ECC || pkalgo == GCRY_PK_EDDSA)
|
|
err = gcry_sexp_build (&sexp, NULL, "(sig-val(%s(r%b)(s%b)))", oid,
|
|
(int)ecc_r_len, ecc_r, (int)ecc_s_len, ecc_s);
|
|
if (err)
|
|
return err;
|
|
err = make_canon_sexp (sexp, r_newsigval, r_newsigvallen);
|
|
gcry_sexp_release (sexp);
|
|
|
|
return err;
|
|
}
|