From 649b31c663b8674bc874b4ef283d714a13dc8cfe Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Wed, 12 Dec 2012 18:47:21 +0100
Subject: ssh: Support ECDSA keys.

* agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New.
(struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO.
(ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}.
(ssh_signature_encoder_t): Add arg spec and adjust all callers.
(ssh_signature_encoder_ecdsa): New.
(sexp_key_construct, sexp_key_extract, ssh_receive_key)
(ssh_convert_key_to_blob): Support ecdsa.
(ssh_identifier_from_curve_name): New.
(ssh_send_key_public): Retrieve and pass the curve_name.
(key_secret_to_public): Ditto.
(data_sign): Add arg SPEC and change callers to pass it.
(ssh_handler_sign_request): Get the hash algo from SPEC.
* common/ssh-utils.c (get_fingerprint): Support ecdsa.

* agent/protect.c (protect_info): Add flag ECC_HACK.
(agent_protect): Allow the use of the "curve" parameter.
* agent/t-protect.c (test_agent_protect): Add a test case for ecdsa.

* agent/command-ssh.c (ssh_key_grip): Print a better error code.
--

The 3 standard curves are now supported in gpg-agent's ssh-agent
protocol implementation.  I tested this with all 3 curves and keys
generated by OpenSSH 5.9p1.

Using existing non-ssh generated keys will likely fail for now. To fix
this, the code should first undergo some more cleanup; then the fixes
are pretty straightforward.  And yes, the data structures are way too
complicated.
---
 common/ssh-utils.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

(limited to 'common/ssh-utils.c')

diff --git a/common/ssh-utils.c b/common/ssh-utils.c
index dc0ca26c9..0c7156746 100644
--- a/common/ssh-utils.c
+++ b/common/ssh-utils.c
@@ -97,6 +97,34 @@ get_fingerprint (gcry_sexp_t key, void **r_fpr, size_t *r_len, int as_string)
       elems = "pqgy";
       gcry_md_write (md, "\0\0\0\x07ssh-dss", 11);
       break;
+    case GCRY_PK_ECDSA:
+      /* We only support the 3 standard curves for now.  It is just a
+         quick hack.  */
+      elems = "q";
+      gcry_md_write (md, "\0\0\0\x13" "ecdsa-sha2-nistp", 20);
+      l2 = gcry_sexp_find_token (list, "curve", 0);
+      if (!l2)
+        elems = "";
+      else
+        {
+          gcry_free (name);
+          name = gcry_sexp_nth_string (l2, 1);
+          gcry_sexp_release (l2);
+          l2 = NULL;
+          if (!name)
+            elems = "";
+          else if (!strcmp (name, "NIST P-256") || !strcmp (name, "nistp256"))
+            gcry_md_write (md, "256\0\0\0\x08nistp256", 15);
+          else if (!strcmp (name, "NIST P-384") || !strcmp (name, "nistp384"))
+            gcry_md_write (md, "384\0\0\0\x08nistp521", 15);
+          else if (!strcmp (name, "NIST P-521") || !strcmp (name, "nistp521"))
+            gcry_md_write (md, "521\0\0\0\x08nistp521", 15);
+          else
+            elems = "";
+        }
+      if (!*elems)
+        err = gpg_err_make (default_errsource, GPG_ERR_UNKNOWN_CURVE);
+      break;
     default:
       elems = "";
       err = gpg_err_make (default_errsource, GPG_ERR_PUBKEY_ALGO);
-- 
cgit v1.2.3