diff options
Diffstat (limited to '')
| -rw-r--r-- | common/openpgp-oid.c | 38 | ||||
| -rw-r--r-- | common/t-openpgp-oid.c | 44 | ||||
| -rw-r--r-- | common/util.h | 1 |
3 files changed, 81 insertions, 2 deletions
diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c index a0e5566d8..ccb67bbaa 100644 --- a/common/openpgp-oid.c +++ b/common/openpgp-oid.c @@ -347,3 +347,41 @@ openpgp_oid_to_curve (const char *oidstr) return "?"; } + + +/* Return true if the curve with NAME is supported. */ +static int +curve_supported_p (const char *name) +{ + int result = 0; + gcry_sexp_t keyparms; + + if (!gcry_sexp_build (&keyparms, NULL, "(public-key(ecc(curve %s)))", name)) + { + result = !!gcry_pk_get_curve (keyparms, 0, NULL); + gcry_sexp_release (keyparms); + } + return result; +} + + +/* Enumerate available and supported OpenPGP curves. The caller needs + to set the integer variable at ITERP to zero and keep on calling + this fucntion until NULL is returned. */ +const char * +openpgp_enum_curves (int *iterp) +{ + int idx = *iterp; + + while (idx >= 0 && idx < DIM (oidtable) && oidtable[idx].name) + { + if (curve_supported_p (oidtable[idx].name)) + { + *iterp = idx + 1; + return oidtable[idx].alias? oidtable[idx].alias : oidtable[idx].name; + } + idx++; + } + *iterp = idx; + return NULL; +} diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c index 5cd778d72..afb6ebe62 100644 --- a/common/t-openpgp-oid.c +++ b/common/t-openpgp-oid.c @@ -35,6 +35,10 @@ #define BADOID "1.3.6.1.4.1.11591.2.12242973" +static int verbose; + + + static void test_openpgp_oid_from_str (void) { @@ -184,15 +188,51 @@ test_openpgp_oid_is_ed25519 (void) } +static void +test_openpgp_enum_curves (void) +{ + int iter = 0; + const char *name; + int p256 = 0; + int p384 = 0; + int p521 = 0; + + while ((name = openpgp_enum_curves (&iter))) + { + if (verbose) + printf ("curve: %s\n", name); + if (!strcmp (name, "nistp256")) + p256++; + else if (!strcmp (name, "nistp384")) + p384++; + else if (!strcmp (name, "nistp521")) + p521++; + } + + if (p256 != 1 || p384 != 1 || p521 != 1) + { + /* We can only check the basic RFC-6637 requirements. */ + fputs ("standard ECC curve missing\n", stderr); + exit (1); + } +} + + int main (int argc, char **argv) { - (void)argc; - (void)argv; + if (argc) + { argc--; argv++; } + if (argc && !strcmp (argv[0], "--verbose")) + { + verbose = 1; + argc--; argv++; + } test_openpgp_oid_from_str (); test_openpgp_oid_to_str (); test_openpgp_oid_is_ed25519 (); + test_openpgp_enum_curves (); return 0; } diff --git a/common/util.h b/common/util.h index 9103e094b..0a5471832 100644 --- a/common/util.h +++ b/common/util.h @@ -224,6 +224,7 @@ char *openpgp_oid_to_str (gcry_mpi_t a); int openpgp_oid_is_ed25519 (gcry_mpi_t a); const char *openpgp_curve_to_oid (const char *name, unsigned int *r_nbits); const char *openpgp_oid_to_curve (const char *oid); +const char *openpgp_enum_curves (int *idxp); |