aboutsummaryrefslogtreecommitdiffstats
path: root/g10
diff options
context:
space:
mode:
Diffstat (limited to 'g10')
-rw-r--r--g10/keyid.c6
-rw-r--r--g10/misc.c3
-rw-r--r--g10/pkglue.c54
3 files changed, 56 insertions, 7 deletions
diff --git a/g10/keyid.c b/g10/keyid.c
index 522cc9cda..d0a3e4057 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -1068,6 +1068,9 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
err = gpg_error_from_syserror ();
else
{
+ gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (pk->pubkey_algo,
+ curve, pk->pkey[1]);
+
err = gcry_sexp_build (&s_pkey, NULL,
pk->pubkey_algo == PUBKEY_ALGO_EDDSA?
"(public-key(ecc(curve%s)(flags eddsa)(q%m)))":
@@ -1075,8 +1078,9 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
&& openpgp_oid_is_cv25519 (pk->pkey[0]))?
"(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))":
"(public-key(ecc(curve%s)(q%m)))",
- curve, pk->pkey[1]);
+ curve, pubkey);
xfree (curve);
+ gcry_mpi_release (pubkey);
}
}
break;
diff --git a/g10/misc.c b/g10/misc.c
index 2a431b137..c329bef55 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -1805,10 +1805,13 @@ pubkey_nbits( int algo, gcry_mpi_t *key )
rc = gpg_error_from_syserror ();
else
{
+ gcry_mpi_t pubkey = openpgp_ecc_parse_pubkey (algo, curve, key[1]);
+
rc = gcry_sexp_build (&sexp, NULL,
"(public-key(ecc(curve%s)(q%m)))",
curve, key[1]);
xfree (curve);
+ gcry_mpi_release (pubkey);
}
}
else
diff --git a/g10/pkglue.c b/g10/pkglue.c
index 1e0191e12..137e520e4 100644
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@@ -121,6 +121,26 @@ get_data_from_sexp (gcry_sexp_t sexp, const char *item, size_t *r_size)
}
+static void
+openpgp_ecc_parse_signature (pubkey_algo_t pkalgo, gcry_mpi_t sig_data,
+ gcry_mpi_t *r, gcry_mpi_t *s)
+{
+ unsigned int nbits = 0;
+ unsigned char *buf;
+
+ if (pkalgo != PUBKEY_ALGO_EDDSA)
+ return;
+
+ buf = gcry_mpi_get_opaque (sig_data, &nbits);
+ if ((nbits+7)/8 != (8 /*prefix*/ + 448 + 8 /*r*/ + 448 + 8 /*s*/)/8)
+ return;
+
+ /* Ed448 signature with the prefix. */
+ *r = gcry_mpi_set_opaque_copy (NULL, buf+1, 8 + 448);
+ *s = gcry_mpi_set_opaque_copy (NULL, buf+1+57, 8 + 448);
+}
+
+
/****************
* Emulate our old PK interface here - sometime in the future we might
* change the internal design to directly fit to libgcrypt.
@@ -171,14 +191,17 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
else
{
const char *fmt;
+ gcry_mpi_t pubkey;
+ pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, pkey[1]);
if (openpgp_oid_is_ed25519 (pkey[0]))
fmt = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
else
fmt = "(public-key(ecc(curve %s)(q%m)))";
- rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pkey[1]);
+ rc = gcry_sexp_build (&s_pkey, NULL, fmt, curve, pubkey);
xfree (curve);
+ gcry_mpi_release (pubkey);
}
}
else
@@ -298,6 +321,9 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
}
}
}
+ else if (!gcry_mpi_cmp_ui (s, 0))
+ /* When data[1] == MPI(0), parse the signature into R and S parts. */
+ openpgp_ecc_parse_signature (pkalgo, r, &r, &s);
else
rc = 0;
@@ -388,14 +414,17 @@ pk_encrypt (pubkey_algo_t algo, gcry_mpi_t *resarr, gcry_mpi_t data,
else
{
int with_djb_tweak_flag = openpgp_oid_is_cv25519 (pkey[0]);
+ gcry_mpi_t pubkey;
+ pubkey = openpgp_ecc_parse_pubkey (algo, curve, pkey[1]);
/* Now use the ephemeral secret to compute the shared point. */
rc = gcry_sexp_build (&s_pkey, NULL,
with_djb_tweak_flag ?
- "(public-key(ecdh(curve%s)(flags djb-tweak)(q%m)))"
- : "(public-key(ecdh(curve%s)(q%m)))",
- curve, pkey[1]);
+ "(public-key(ecc(curve%s)(flags djb-tweak)(q%m)))"
+ : "(public-key(ecc(curve%s)(q%m)))",
+ curve, pubkey);
xfree (curve);
+ gcry_mpi_release (pubkey);
/* Put K into a simplified S-expression. */
if (!rc)
rc = gcry_sexp_build (&s_data, NULL, "%m", k);
@@ -508,10 +537,17 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
rc = gpg_error_from_syserror ();
else
{
+ gcry_mpi_t pubkey;
+ gcry_mpi_t seckey;
+
+ pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
+ seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
rc = gcry_sexp_build (&s_skey, NULL,
"(private-key(ecc(curve%s)(q%m)(d%m)))",
- curve, skey[1], skey[2]);
+ curve, pubkey, seckey);
xfree (curve);
+ gcry_mpi_release (pubkey);
+ gcry_mpi_release (seckey);
}
}
else if (pkalgo == PUBKEY_ALGO_EDDSA)
@@ -522,14 +558,20 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
else
{
const char *fmt;
+ gcry_mpi_t pubkey;
+ gcry_mpi_t seckey;
+ pubkey = openpgp_ecc_parse_pubkey (pkalgo, curve, skey[1]);
+ seckey = openpgp_ecc_parse_seckey (pkalgo, curve, skey[2]);
if (openpgp_oid_is_ed25519 (skey[0]))
fmt = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
else
fmt = "(private-key(ecc(curve %s)(q%m)(d%m)))";
- rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, skey[1], skey[2]);
+ rc = gcry_sexp_build (&s_skey, NULL, fmt, curve, pubkey, seckey);
xfree (curve);
+ gcry_mpi_release (pubkey);
+ gcry_mpi_release (seckey);
}
}
else
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-20 14:40:14 +0000