From d1c3bfda2a8c032165ad41dc750f31d92369cd37 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Mon, 19 May 2025 14:51:17 +0900
Subject: gpg: Use the KEM API for ECC encryption.

* g10/ecdh.c (gnupg_ecc_6637_kdf): New.
(pk_ecdh_encrypt_with_shared_point, gen_k): Remove.
(pk_ecdh_generate_ephemeral_key): Remove.
* g10/pkglue.c (get_data_from_sexp): Remove.
(do_encrypt_ecdh): Use gcry_kem_encap of the KEM API,
gnupg_ecc_6637_kdf, and AESWRAP.
* g10/pkglue.h (gnupg_ecc_6637_kdf): New.
(pk_ecdh_encrypt_with_shared_point): Remove.
(pk_ecdh_generate_ephemeral_key, pk_ecdh_encrypt): Remove.

--

GnuPG-bug-id: 7649
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 common/kem.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'common/kem.c')

diff --git a/common/kem.c b/common/kem.c
index 0e498d37e..bbb450e1b 100644
--- a/common/kem.c
+++ b/common/kem.c
@@ -144,8 +144,8 @@ compute_kmac256 (void *digest, size_t digestlen,
 }
 
 
-/* Compute KEK (shared secret) for ECC with HASHALGO, ECDH result,
-   ciphertext in ECC_CT, public key in ECC_PK.  */
+/* Compute KEK for ECC with HASHALGO, ECDH result, ciphertext in
+   ECC_CT (which is an ephemeral key), and public key in ECC_PK.  */
 gpg_error_t
 gnupg_ecc_kem_kdf (void *kek, size_t kek_len,
                    int hashalgo, const void *ecdh, size_t ecdh_len,
-- 
cgit v1.2.3