experiment: Fix keygrip computation for new 448 key on gpg-agent.

Signed-off-by: NIIBE Yutaka <[email protected]>
author: NIIBE Yutaka <[email protected]> 2021-10-08 13:25:05 +0000
committer: NIIBE Yutaka <[email protected]> 2021-10-08 13:25:05 +0000
commit: e6002e16c9ad638836222f6d32c462fc4c2aa5af (patch)
tree: 2184677a131bdea96ab1def61ba3e6adecd402a1
parent: experiment: Add forgotten open-misc.c. (diff)
download: gnupg-e6002e16c9ad638836222f6d32c462fc4c2aa5af.tar.gz
gnupg-e6002e16c9ad638836222f6d32c462fc4c2aa5af.zip
4 files changed, 37 insertions, 24 deletions
diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index 7defc200a..0bd56d73a 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -85,15 +85,30 @@ get_keygrip (int pubkey_algo, const char *curve, gcry_mpi_t *pkey,
       else
         {
           const char *format;
+          gcry_mpi_t pubkey = NULL;
+          pubkey_algo_t pkalgo = 0; /* Specify NONE */
 
           if (!strcmp (curve, "Ed25519"))
             format = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
           else if (!strcmp (curve, "Curve25519"))
             format = "(public-key(ecc(curve %s)(flags djb-tweak)(q%m)))";
           else
-            format = "(public-key(ecc(curve %s)(q%m)))";
+	    {
+              if (!strcmp (curve, "Ed448"))
+                pkalgo = PUBKEY_ALGO_EDDSA;
+              else if (!strcmp (curve, "X448"))
+                pkalgo = PUBKEY_ALGO_ECDH;
+	      format = "(public-key(ecc(curve %s)(q%m)))";
+	    }
 
-          err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]);
+          if (pkalgo)
+            {
+              pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[0]);
+              err = gcry_sexp_build (&s_pkey, NULL, format, curve, pubkey);
+              gcry_mpi_release (pubkey);
+            }
+          else
+	    err = gcry_sexp_build (&s_pkey, NULL, format, curve, pkey[0]);
         }
       break;
 
diff --git a/common/openpgp-misc.c b/common/openpgp-misc.c
index 7c6c56a69..e8e33689c 100644
--- a/common/openpgp-misc.c
+++ b/common/openpgp-misc.c
@@ -8,15 +8,11 @@
 #include "openpgpdefs.h"
 
 gcry_mpi_t
-openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid,
+openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve,
 			  gcry_mpi_t pubkey)
 {
   unsigned int nbits = 0;
   unsigned char *buf = NULL;
-  const char *curve = openpgp_oid_to_curve (curve_oid, 1);
-
-  if (curve == NULL)
-    curve = curve_oid;
 
   if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448"))
       || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448")))
@@ -35,15 +31,11 @@ openpgp_ecc_parse_pubkey (pubkey_algo_t pkalgo, const char *curve_oid,
 
 
 gcry_mpi_t
-openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve_oid,
+openpgp_ecc_parse_seckey (pubkey_algo_t pkalgo, const char *curve,
 			  gcry_mpi_t seckey)
 {
   unsigned int nbits = 0;
   unsigned char *buf = NULL;
-  const char *curve = openpgp_oid_to_curve (curve_oid, 1);
-
-  if (curve == NULL)
-    curve = curve_oid;
 
   if ((pkalgo == PUBKEY_ALGO_EDDSA && !strcmp (curve, "Ed448"))
       || (pkalgo == PUBKEY_ALGO_ECDH && !strcmp (curve, "X448")))
diff --git a/g10/misc.c b/g10/misc.c
index 299038fd4..e83800a85 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1805,11 +1805,13 @@ pubkey_nbits( int algo, gcry_mpi_t *key )
         rc = gpg_error_from_syserror ();
       else
         {
-          gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo, curve, key[1]);
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);
+          gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo,
+							curve_name, key[1]);
 
           rc = gcry_sexp_build (&sexp, NULL,
                                 "(public-key(ecc(curve%s)(q%m)))",
-                                curve, key[1]);
+                                curve_name, key[1]);
           xfree (curve);
           gcry_mpi_release (pubkey);
         }
diff --git a/g10/pkglue.c b/g10/pkglue.c
index 137e520e4..bc6f30e94 100644
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@@ -192,14 +192,15 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
         {
           const char *fmt;
           gcry_mpi_t pubkey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);
 
-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[1]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, pkey[1]);
           if (openpgp_oid_is_ed25519 (pkey[0]))
             fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
           else
             fmt = "(public-key(ecc(curve %s)(q%m)))";
 
-          rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pubkey);
+          rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve_name, pubkey);
           xfree (curve);
           gcry_mpi_release (pubkey);
         }
@@ -415,14 +416,15 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
             {
               int with_djb_tweak_flag = openpgp_oid_is_cv25519 (pkey[0]);
               gcry_mpi_t pubkey;
+	      const char *curve_name = openpgp_oid_to_curve (curve, 1);
 
-              pubkey = openpgp_ecc_parse_pubkey (algo, curve, pkey[1]);
+              pubkey = openpgp_ecc_parse_pubkey (algo, curve_name, pkey[1]);
               /* Now use the ephemeral secret to compute the shared point.  */
               rc = gcry_sexp_build (&s_pkey, NULL,
                                     with_djb_tweak_flag ?
                                     "(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))"
                                     : "(public-key(ecc(curve%s)(q%m)))",
-                                    curve, pubkey);
+                                    curve_name, pubkey);
               xfree (curve);
               gcry_mpi_release (pubkey);
               /* Put K into a simplified S-expression.  */
@@ -539,12 +541,13 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
         {
           gcry_mpi_t pubkey;
           gcry_mpi_t seckey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);
 
-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
-          seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]);
+          seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]);
           rc = gcry_sexp_build (&s_skey, NULL,
                                 "(private-key(ecc(curve%s)(q%m)(d%m)))",
-                                curve, pubkey, seckey);
+                                curve_name, pubkey, seckey);
           xfree (curve);
           gcry_mpi_release (pubkey);
           gcry_mpi_release (seckey);
@@ -560,15 +563,16 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
           const char *fmt;
           gcry_mpi_t pubkey;
           gcry_mpi_t seckey;
+	  const char *curve_name = openpgp_oid_to_curve (curve, 1);
 
-          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
-          seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
+          pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve_name, skey[1]);
+          seckey = openpgp_ecc_parse_seckey (pkalgo, curve_name, skey[2]);
           if (openpgp_oid_is_ed25519 (skey[0]))
             fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
           else
             fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))";
 
-          rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, pubkey, seckey);
+          rc = gcry_sexp_build (&s_skey, NULL, fmt, curve_name, pubkey, seckey);
           xfree (curve);
           gcry_mpi_release (pubkey);
           gcry_mpi_release (seckey);
author	NIIBE Yutaka <[email protected]>	2021-10-08 13:25:05 +0000
committer	NIIBE Yutaka <[email protected]>	2021-10-08 13:25:05 +0000
commit	e6002e16c9ad638836222f6d32c462fc4c2aa5af (patch)
tree	2184677a131bdea96ab1def61ba3e6adecd402a1
parent	experiment: Add forgotten open-misc.c. (diff)
download	gnupg-e6002e16c9ad638836222f6d32c462fc4c2aa5af.tar.gz gnupg-e6002e16c9ad638836222f6d32c462fc4c2aa5af.zip