aboutsummaryrefslogtreecommitdiffstats
path: root/g10/pkglue.c
diff options
context:
space:
mode:
Diffstat (limited to 'g10/pkglue.c')
-rw-r--r--g10/pkglue.c130
1 files changed, 64 insertions, 66 deletions
diff --git a/g10/pkglue.c b/g10/pkglue.c
index 14a27535f..f5c85976f 100644
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@@ -1,5 +1,5 @@
/* pkglue.c - public key operations glue code
- * Copyright (C) 2000, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 2000, 2003, 2010 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -27,9 +27,11 @@
#include "gpg.h"
#include "util.h"
#include "pkglue.h"
+#include "main.h"
-
-static gcry_mpi_t
+/* FIXME: Better chnage the fucntion name because mpi_ is used by
+ gcrypt macros. */
+gcry_mpi_t
mpi_from_sexp (gcry_sexp_t sexp, const char * item)
{
gcry_sexp_t list;
@@ -50,42 +52,48 @@ mpi_from_sexp (gcry_sexp_t sexp, const char * item)
* change the internal design to directly fit to libgcrypt.
*/
int
-pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t * data, gcry_mpi_t * pkey)
+pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t *data, gcry_mpi_t *pkey)
{
gcry_sexp_t s_sig, s_hash, s_pkey;
int rc;
+ const int pkalgo = map_pk_openpgp_to_gcry (algo);
- /* make a sexp from pkey */
- if (algo == GCRY_PK_DSA)
+ /* Make a sexp from pkey. */
+ if (pkalgo == GCRY_PK_DSA)
{
rc = gcry_sexp_build (&s_pkey, NULL,
"(public-key(dsa(p%m)(q%m)(g%m)(y%m)))",
pkey[0], pkey[1], pkey[2], pkey[3]);
}
- else if (algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E)
+ else if (pkalgo == GCRY_PK_ELG || pkalgo == GCRY_PK_ELG_E)
{
rc = gcry_sexp_build (&s_pkey, NULL,
"(public-key(elg(p%m)(g%m)(y%m)))",
pkey[0], pkey[1], pkey[2]);
}
- else if (algo == GCRY_PK_RSA || algo == GCRY_PK_RSA_S)
+ else if (pkalgo == GCRY_PK_RSA || pkalgo == GCRY_PK_RSA_S)
{
rc = gcry_sexp_build (&s_pkey, NULL,
"(public-key(rsa(n%m)(e%m)))", pkey[0], pkey[1]);
}
+ else if (pkalgo == GCRY_PK_ECDSA) /* Same as GCRY_PK_ECDH */
+ {
+ rc = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(ecdsa(c%m)(q%m)))", pkey[0], pkey[1]);
+ }
else
return GPG_ERR_PUBKEY_ALGO;
if (rc)
BUG (); /* gcry_sexp_build should never fail. */
- /* put hash into a S-Exp s_hash */
+ /* Put hash into a S-Exp s_hash. */
if (gcry_sexp_build (&s_hash, NULL, "%m", hash))
BUG (); /* gcry_sexp_build should never fail. */
/* Put data into a S-Exp s_sig. */
s_sig = NULL;
- if (algo == GCRY_PK_DSA)
+ if (pkalgo == GCRY_PK_DSA)
{
if (!data[0] || !data[1])
rc = gpg_error (GPG_ERR_BAD_MPI);
@@ -93,7 +101,15 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t * data, gcry_mpi_t * pkey)
rc = gcry_sexp_build (&s_sig, NULL,
"(sig-val(dsa(r%m)(s%m)))", data[0], data[1]);
}
- else if (algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E)
+ else if (pkalgo == GCRY_PK_ECDSA)
+ {
+ if (!data[0] || !data[1])
+ rc = gpg_error (GPG_ERR_BAD_MPI);
+ else
+ rc = gcry_sexp_build (&s_sig, NULL,
+ "(sig-val(ecdsa(r%m)(s%m)))", data[0], data[1]);
+ }
+ else if (pkalgo == GCRY_PK_ELG || pkalgo == GCRY_PK_ELG_E)
{
if (!data[0] || !data[1])
rc = gpg_error (GPG_ERR_BAD_MPI);
@@ -101,7 +117,7 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t * data, gcry_mpi_t * pkey)
rc = gcry_sexp_build (&s_sig, NULL,
"(sig-val(elg(r%m)(s%m)))", data[0], data[1]);
}
- else if (algo == GCRY_PK_RSA || algo == GCRY_PK_RSA_S)
+ else if (pkalgo == GCRY_PK_RSA || pkalgo == GCRY_PK_RSA_S)
{
if (!data[0])
rc = gpg_error (GPG_ERR_BAD_MPI);
@@ -128,12 +144,13 @@ pk_verify (int algo, gcry_mpi_t hash, gcry_mpi_t * data, gcry_mpi_t * pkey)
* change the internal design to directly fit to libgcrypt.
*/
int
-pk_encrypt (int algo, gcry_mpi_t * resarr, gcry_mpi_t data, gcry_mpi_t * pkey)
+pk_encrypt (int algo, gcry_mpi_t *resarr, gcry_mpi_t data,
+ const byte pk_fp[MAX_FINGERPRINT_LEN], gcry_mpi_t *pkey)
{
gcry_sexp_t s_ciph, s_data, s_pkey;
int rc;
- /* make a sexp from pkey */
+ /* Make a sexp from pkey. */
if (algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E)
{
rc = gcry_sexp_build (&s_pkey, NULL,
@@ -146,17 +163,21 @@ pk_encrypt (int algo, gcry_mpi_t * resarr, gcry_mpi_t data, gcry_mpi_t * pkey)
"(public-key(rsa(n%m)(e%m)))",
pkey[0], pkey[1]);
}
+ else if (algo == PUBKEY_ALGO_ECDH)
+ {
+ return pk_ecdh_encrypt (resarr, pk_fp, data, pkey);
+ }
else
return GPG_ERR_PUBKEY_ALGO;
if (rc)
BUG ();
- /* put the data into a simple list */
+ /* Put the data into a simple list. */
if (gcry_sexp_build (&s_data, NULL, "%m", data))
BUG ();
- /* pass it to libgcrypt */
+ /* Pass it to libgcrypt. */
rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey);
gcry_sexp_release (s_data);
gcry_sexp_release (s_pkey);
@@ -164,9 +185,11 @@ pk_encrypt (int algo, gcry_mpi_t * resarr, gcry_mpi_t data, gcry_mpi_t * pkey)
if (rc)
;
else
- { /* add better error handling or make gnupg use S-Exp directly */
+ { /* Add better error handling or make gnupg use S-Exp directly. */
resarr[0] = mpi_from_sexp (s_ciph, "a");
- if (algo != GCRY_PK_RSA && algo != GCRY_PK_RSA_E)
+ if (algo != GCRY_PK_RSA
+ && algo != GCRY_PK_RSA_E
+ && algo != PUBKEY_ALGO_ECDH)
resarr[1] = mpi_from_sexp (s_ciph, "b");
}
@@ -175,72 +198,47 @@ pk_encrypt (int algo, gcry_mpi_t * resarr, gcry_mpi_t data, gcry_mpi_t * pkey)
}
-
-/****************
- * Emulate our old PK interface here - sometime in the future we might
- * change the internal design to directly fit to libgcrypt.
- */
+/* Check whether SKEY is a suitable secret key. */
int
-pk_decrypt (int algo, gcry_mpi_t * result, gcry_mpi_t * data,
- gcry_mpi_t * skey)
+pk_check_secret_key (int algo, gcry_mpi_t *skey)
{
- gcry_sexp_t s_skey, s_data, s_plain;
+ gcry_sexp_t s_skey;
int rc;
+ const int gcry_pkalgo = map_pk_openpgp_to_gcry( algo );
- *result = NULL;
- /* make a sexp from skey */
- if (algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E)
+ if (gcry_pkalgo == GCRY_PK_DSA)
+ {
+ rc = gcry_sexp_build (&s_skey, NULL,
+ "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))",
+ skey[0], skey[1], skey[2], skey[3], skey[4]);
+ }
+ else if (gcry_pkalgo == GCRY_PK_ELG || gcry_pkalgo == GCRY_PK_ELG_E)
{
rc = gcry_sexp_build (&s_skey, NULL,
"(private-key(elg(p%m)(g%m)(y%m)(x%m)))",
skey[0], skey[1], skey[2], skey[3]);
}
- else if (algo == GCRY_PK_RSA || algo == GCRY_PK_RSA_E)
+ else if (gcry_pkalgo == GCRY_PK_RSA
+ || gcry_pkalgo == GCRY_PK_RSA_S || gcry_pkalgo == GCRY_PK_RSA_E)
{
rc = gcry_sexp_build (&s_skey, NULL,
"(private-key(rsa(n%m)(e%m)(d%m)(p%m)(q%m)(u%m)))",
skey[0], skey[1], skey[2], skey[3], skey[4],
skey[5]);
}
+ else if (gcry_pkalgo == GCRY_PK_ECDSA || gcry_pkalgo == GCRY_PK_ECDH)
+ {
+ rc = gcry_sexp_build (&s_skey, NULL,
+ "(private-key(ecdsa(c%m)(q%m)(d%m)))",
+ skey[0], skey[1], skey[2] );
+ }
else
return GPG_ERR_PUBKEY_ALGO;
- if (rc)
- BUG ();
-
- /* put data into a S-Exp s_data */
- if (algo == GCRY_PK_ELG || algo == GCRY_PK_ELG_E)
- {
- if (!data[0] || !data[1])
- rc = gpg_error (GPG_ERR_BAD_MPI);
- else
- rc = gcry_sexp_build (&s_data, NULL,
- "(enc-val(elg(a%m)(b%m)))", data[0], data[1]);
- }
- else if (algo == GCRY_PK_RSA || algo == GCRY_PK_RSA_E)
+ if (!rc)
{
- if (!data[0])
- rc = gpg_error (GPG_ERR_BAD_MPI);
- else
- rc = gcry_sexp_build (&s_data, NULL, "(enc-val(rsa(a%m)))", data[0]);
+ rc = gcry_pk_testkey (s_skey);
+ gcry_sexp_release (s_skey);
}
- else
- BUG ();
-
- if (rc)
- BUG ();
-
- rc = gcry_pk_decrypt (&s_plain, s_data, s_skey);
- gcry_sexp_release (s_skey);
- gcry_sexp_release (s_data);
- if (rc)
- return rc;
-
- *result = gcry_sexp_nth_mpi (s_plain, 0, 0);
- gcry_sexp_release (s_plain);
- if (!*result)
- return -1; /* oops */
-
- return 0;
+ return rc;
}
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-15 18:24:54 +0000