From 07e8ca2a9b541a54253e9a6a7487c2bf36589e2d Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Thu, 22 May 2025 14:36:38 +0900 Subject: gpg: Use ECC KEM interface for decryption. * g10/call-agent.c (agent_pkdecrypt): Use --kem=PGP for PUBKEY_ALGO_ECDH. * g10/pubkey-enc.c (ecdh_sexp_build): New. (get_it): Use ecdh_sexp_build for PUBKEY_ALGO_ECDH. And don't use pk_ecdh_decrypt since it's done by agent. -- GnuPG-bug-id: 7649 Signed-off-by: NIIBE Yutaka --- g10/call-agent.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'g10/call-agent.c') diff --git a/g10/call-agent.c b/g10/call-agent.c index bdde9b053..bba6fa833 100644 --- a/g10/call-agent.c +++ b/g10/call-agent.c @@ -2909,6 +2909,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, char *p, *buf, *endp; const char *keygrip2 = NULL; struct default_inq_parm_s dfltparm; + const char *cmdline; memset (&dfltparm, 0, sizeof dfltparm); dfltparm.ctrl = ctrl; @@ -2935,6 +2936,12 @@ agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, return gpg_error (GPG_ERR_INV_VALUE); } + if (*keygrip2) + cmdline = "PKDECRYPT --kem=PQC-PGP"; + else if (pubkey_algo == PUBKEY_ALGO_ECDH) + cmdline = "PKDECRYPT --kem=PGP"; + else + cmdline = "PKDECRYPT"; err = start_agent (ctrl, 0); if (err) @@ -2977,8 +2984,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *keygrip, const char *desc, err = make_canon_sexp (s_ciphertext, &parm.ciphertext, &parm.ciphertextlen); if (err) return err; - err = assuan_transact (agent_ctx, - *keygrip2? "PKDECRYPT --kem=PQC-PGP":"PKDECRYPT", + err = assuan_transact (agent_ctx, cmdline, put_membuf_cb, &data, inq_ciphertext_cb, &parm, padding_info_cb, r_padding); -- cgit v1.2.3