gpg: Use only OpenPGP public key algo ids and add the EdDSA algo id.

* common/sexputil.c (get_pk_algo_from_canon_sexp): Change to return a
string.
* g10/keygen.c (check_keygrip): Adjust for change.
* sm/certreqgen-ui.c (check_keygrip): Likewise.

* agent/pksign.c (do_encode_dsa): Remove bogus map_pk_openpgp_to_gcry.

* g10/misc.c (map_pk_openpgp_to_gcry): Remove.
(openpgp_pk_test_algo): Change to a wrapper for openpgp_pk_test_algo2.
(openpgp_pk_test_algo2): Rewrite.
(openpgp_pk_algo_usage, pubkey_nbits): Add support for EdDSA.
(openpgp_pk_algo_name): Rewrite to remove need for gcry calls.
(pubkey_get_npkey, pubkey_get_nskey): Ditto.
(pubkey_get_nsig, pubkey_get_nenc): Ditto.
* g10/keygen.c(do_create_from_keygrip):  Support EdDSA.
(common_gen, gen_ecc, ask_keysize, generate_keypair): Ditto.
* g10/build-packet.c (do_key): Ditto.
* g10/export.c (transfer_format_to_openpgp): Ditto.
* g10/getkey.c (cache_public_key): Ditto.
* g10/import.c (transfer_secret_keys): Ditto.
* g10/keylist.c (list_keyblock_print, list_keyblock_colon): Ditto.
* g10/mainproc.c (proc_pubkey_enc): Ditto.
* g10/parse-packet.c (parse_key): Ditto,
* g10/sign.c (hash_for, sign_file, make_keysig_packet): Ditto.
* g10/keyserver.c (print_keyrec): Use openpgp_pk_algo_name.
* g10/pkglue.c (pk_verify, pk_encrypt, pk_check_secret_key): Use only
OpenPGP algo ids and support EdDSA.
* g10/pubkey-enc.c (get_it): Use only OpenPGP algo ids.
* g10/seskey.c (encode_md_value): Ditto.
--

This patch separates Libgcrypt and OpenPGP public key algorithms ids
and in most cases completely removes the Libgcrypt ones.  This is
useful because for Libgcrypt we specify the algorithm in the
S-expressions and the public key ids are not anymore needed.

This patch also adds some support for PUBKEY_ALGO_EDDSA which will
eventually be used instead of merging EdDSA with ECDSA.  As of now an
experimental algorithm id is used but the plan is to write an I-D so
that we can get a new id from the IETF.  Note that EdDSA (Ed25519)
does not yet work and that more changes are required.

The ECC support is still broken right now.  Needs to be fixed.

Signed-off-by: Werner Koch <[email protected]>

1 files changed, 11 insertions, 8 deletions

diff --git a/common/sexputil.c b/common/sexputil.c
index e18756a89..f15b94c66 100644
--- a/common/sexputil.c
+++ b/common/sexputil.c
@@ -512,17 +512,18 @@ get_rsa_pk_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
 
 
 /* Return the algo of a public RSA expressed as an canonical encoded
-   S-expression.  On error the algo is set to 0. */
+   S-expression.  The return value is a statically allocated
+   string.  On error that string is set to NULL. */
 gpg_error_t
 get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
-                             int *r_algo)
+                             const char **r_algo)
 {
   gpg_error_t err;
   const unsigned char *buf, *tok;
   size_t buflen, toklen;
   int depth;
 
-  *r_algo = 0;
+  *r_algo = NULL;
 
   buf = keydata;
   buflen = keydatalen;
@@ -541,15 +542,17 @@ get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
     return gpg_error (GPG_ERR_BAD_PUBKEY);
 
   if (toklen == 3 && !memcmp ("rsa", tok, toklen))
-    *r_algo = GCRY_PK_RSA;
+    *r_algo = "rsa";
   else if (toklen == 3 && !memcmp ("dsa", tok, toklen))
-    *r_algo = GCRY_PK_DSA;
+    *r_algo = "dsa";
   else if (toklen == 3 && !memcmp ("elg", tok, toklen))
-    *r_algo = GCRY_PK_ELG;
+    *r_algo = "elg";
   else if (toklen == 5 && !memcmp ("ecdsa", tok, toklen))
-    *r_algo = GCRY_PK_ECDSA;
+    *r_algo = "ecdsa";
+  else if (toklen == 5 && !memcmp ("eddsa", tok, toklen))
+    *r_algo = "eddsa";
   else
-    return  gpg_error (GPG_ERR_PUBKEY_ALGO);
+    return gpg_error (GPG_ERR_PUBKEY_ALGO);
 
   return 0;
 }