diff options
| author | Werner Koch <[email protected]> | 2020-05-08 12:14:01 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-11-14 17:16:49 +0000 |
| commit | 88335b2d5bbe895c7e401846a59be86180bbb7f5 (patch) | |
| tree | 6aad1732a028c3cf401b71ddcfdcf41e20f082e2 | |
| parent | gpgsm: Some more ECC support backported. (diff) | |
| download | gnupg-88335b2d5bbe895c7e401846a59be86180bbb7f5.tar.gz gnupg-88335b2d5bbe895c7e401846a59be86180bbb7f5.zip | |
gpgsm: Cleanup the use of GCRY_PK_ECC and GCRY_PK_ECDSA.
* common/sexputil.c (pubkey_algo_to_string): New.
* sm/certcheck.c (do_encode_md): Replace GCRY_PK_ECDSA by GCRY_PK_ECC.
* sm/certreqgen-ui.c (check_keygrip): Add all ECC algorithms.
* sm/gpgsm.c (our_pk_test_algo): Also allow EdDSA.
* sm/verify.c (gpgsm_verify): Map ECC algo to ECDSA. Use new pubkey
algo name function
Signed-off-by: Werner Koch <[email protected]>
(cherry picked from commit 34b628db4618a8712536aea695f934b0286e7b18)
| -rw-r--r-- | sm/certcheck.c | 8 | ||||
| -rw-r--r-- | sm/certreqgen-ui.c | 4 | ||||
| -rw-r--r-- | sm/gpgsm.c | 1 | ||||
| -rw-r--r-- | sm/verify.c | 4 |
4 files changed, 11 insertions, 6 deletions
diff --git a/sm/certcheck.c b/sm/certcheck.c index 17cce4405..badad2fad 100644 --- a/sm/certcheck.c +++ b/sm/certcheck.c @@ -74,11 +74,11 @@ do_encode_md (gcry_md_hd_t md, int algo, int pkalgo, unsigned int nbits, size_t nframe; unsigned char *frame; - if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECDSA) + if (pkalgo == GCRY_PK_DSA || pkalgo == GCRY_PK_ECC) { unsigned int qbits; - if ( pkalgo == GCRY_PK_ECDSA ) + if ( pkalgo == GCRY_PK_ECC ) qbits = gcry_pk_get_nbits (pkey); else qbits = get_dsa_qbits (pkey); @@ -210,10 +210,8 @@ pk_algo_from_sexp (gcry_sexp_t pkey) algo = GCRY_PK_RSA; else if (n==3 && !memcmp (name, "dsa", 3)) algo = GCRY_PK_DSA; - /* Because this function is called only for verification we can - assume that ECC actually means ECDSA. */ else if (n==3 && !memcmp (name, "ecc", 3)) - algo = GCRY_PK_ECDSA; + algo = GCRY_PK_ECC; else if (n==13 && !memcmp (name, "ambiguous-rsa", 13)) algo = GCRY_PK_RSA; else diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c index d75b017c7..fbfaa8a8f 100644 --- a/sm/certreqgen-ui.c +++ b/sm/certreqgen-ui.c @@ -113,7 +113,9 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) case GCRY_PK_RSA: return "RSA"; case GCRY_PK_DSA: return "DSA"; case GCRY_PK_ELG: return "ELG"; - case GCRY_PK_EDDSA: return "ECDSA"; + case GCRY_PK_ECC: return "ECC"; + case GCRY_PK_ECDSA: return "ECDSA"; + case GCRY_PK_EDDSA: return "EdDSA"; default: return NULL; } } diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 6f949e951..b282b62f0 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -516,6 +516,7 @@ our_pk_test_algo (int algo) { case GCRY_PK_RSA: case GCRY_PK_ECDSA: + case GCRY_PK_EDDSA: return gcry_pk_test_algo (algo); default: return 1; diff --git a/sm/verify.c b/sm/verify.c index 5510f42cb..ea2192440 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -459,6 +459,10 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) pkfpr = gpgsm_get_fingerprint_hexstring (cert, GCRY_MD_SHA1); pkalgostr = gpgsm_pubkey_algo_string (cert, NULL); pkalgo = gpgsm_get_key_algo_info (cert, &nbits); + /* Remap the ECC algo to the algo we use. Note that EdDSA has + * already been mapped. */ + if (pkalgo == GCRY_PK_ECC) + pkalgo = GCRY_PK_ECDSA; log_info (_("Signature made ")); if (*sigtime) |