From 3cbdf896e6919333b5423001ab58c01a04363386 Mon Sep 17 00:00:00 2001
From: Damien Goutte-Gattat via Gnupg-devel <gnupg-devel@gnupg.org>
Date: Sun, 17 Feb 2019 17:40:51 +0000
Subject: sm: Support generation of card-based ed25519 CSR.

* sm/call-agent.c (gpgsm_scd_pksign): Allow SHA512. Create proper
S-expression for EdDSA signature.
* sm/certreqgen.c (create_request): Force use of SHA512 when
using a ed25519 key.
* sm/misc.c (transform_sigval): Insert OID for ed25519.

--

GnuPG-bug-id: 4013
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
---
 sm/certreqgen.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'sm/certreqgen.c')

diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 1d610c1bb..01fba30f5 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -807,8 +807,10 @@ create_request (ctrl_t ctrl,
   if (err)
     return err;
 
-  string = get_parameter_value (para, pHASHALGO, 0);
-  if (string)
+  len = gcry_sexp_canon_len (public, 0, NULL, NULL);
+  if (get_pk_algo_from_canon_sexp (public, len) == GCRY_PK_EDDSA)
+    mdalgo = GCRY_MD_SHA512;
+  else if ((string = get_parameter_value (para, pHASHALGO, 0)))
     mdalgo = gcry_md_map_name (string);
   else
     mdalgo = GCRY_MD_SHA256;
-- 
cgit v1.2.3