sm: Support generation of card-based ed25519 CSR.

* sm/call-agent.c (gpgsm_scd_pksign): Allow SHA512. Create proper S-expression for EdDSA signature. * sm/certreqgen.c (create_request): Force use of SHA512 when using a ed25519 key. * sm/misc.c (transform_sigval): Insert OID for ed25519. -- GnuPG-bug-id: 4013 Signed-off-by: Damien Goutte-Gattat <[email protected]>
author: Damien Goutte-Gattat via Gnupg-devel <[email protected]> 2019-02-17 17:40:51 +0000
committer: NIIBE Yutaka <[email protected]> 2019-02-18 02:33:20 +0000
commit: 3cbdf896e6919333b5423001ab58c01a04363386 (patch)
tree: 7d434971ab3021c5931e0c58e0fa1e33272ea2d8 /sm/misc.c
parent: sm: Support generation of card-based ECDSA CSR. (diff)
download: gnupg-3cbdf896e6919333b5423001ab58c01a04363386.tar.gz
gnupg-3cbdf896e6919333b5423001ab58c01a04363386.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/sm/misc.c b/sm/misc.c
index 9bf528513..4672f269e 100644
--- a/sm/misc.c
+++ b/sm/misc.c
@@ -146,6 +146,8 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
     pkalgo = GCRY_PK_RSA;
   else if (toklen == 5 && !memcmp ("ecdsa", tok, 5))
     pkalgo = GCRY_PK_ECC;
+  else if (toklen == 5 && !memcmp ("eddsa", tok, 5))
+    pkalgo = GCRY_PK_EDDSA;
   else
     return gpg_error (GPG_ERR_WRONG_PUBKEY_ALGO);
 
@@ -170,7 +172,7 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
                   mpi = &rsa_s;
                   mpi_len = &rsa_s_len;
                 }
-              else if (pkalgo == GCRY_PK_ECC)
+              else if (pkalgo == GCRY_PK_ECC || pkalgo == GCRY_PK_EDDSA)
                 {
                   mpi = &ecc_s;
                   mpi_len = &ecc_s_len;
@@ -236,6 +238,10 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
       oid = "1.2.840.10045.4.3.4"; /* ecdsa-with-sha512 */
       break;
 
+    case GCRY_MD_SHA512 | (GCRY_PK_EDDSA << 8):
+      oid = "1.3.101.112"; /* ed25519 */
+      break;
+
     default:
       return gpg_error (GPG_ERR_DIGEST_ALGO);
     }
@@ -245,7 +251,7 @@ transform_sigval (const unsigned char *sigval, size_t sigvallen, int mdalgo,
   else if (pkalgo == GCRY_PK_RSA)
     err = gcry_sexp_build (&sexp, NULL, "(sig-val(%s(s%b)))", oid,
                            (int)rsa_s_len, rsa_s);
-  else if (pkalgo == GCRY_PK_ECC)
+  else if (pkalgo == GCRY_PK_ECC || pkalgo == GCRY_PK_EDDSA)
     err = gcry_sexp_build (&sexp, NULL, "(sig-val(%s(r%b)(s%b)))", oid,
                            (int)ecc_r_len, ecc_r, (int)ecc_s_len, ecc_s);
   if (err)
author	Damien Goutte-Gattat via Gnupg-devel <[email protected]>	2019-02-17 17:40:51 +0000
committer	NIIBE Yutaka <[email protected]>	2019-02-18 02:33:20 +0000
commit	3cbdf896e6919333b5423001ab58c01a04363386 (patch)
tree	7d434971ab3021c5931e0c58e0fa1e33272ea2d8 /sm/misc.c
parent	sm: Support generation of card-based ECDSA CSR. (diff)
download	gnupg-3cbdf896e6919333b5423001ab58c01a04363386.tar.gz gnupg-3cbdf896e6919333b5423001ab58c01a04363386.zip