diff options
author | Werner Koch <wk@gnupg.org> | 2013-09-07 10:06:46 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-09-23 22:25:05 +0200 |
commit | d5f91466695c5736f441c9bf1998436184a4bf61 (patch) | |
tree | de889addb62c305ddbd1ba5d7cf077dda88ebd35 | |
parent | 4552437bb3c5ff96a889fd31e4bc504b2a12fac7 (diff) | |
download | libgcrypt-d5f91466695c5736f441c9bf1998436184a4bf61.tar.gz |
pk: Add algo id GCRY_PK_ECC and deprecate ECDSA and ECDH.
* src/gcrypt.h.in (GCRY_PK_ECC): New.
* cipher/pubkey.c (map_algo): New.
(spec_from_algo, gcry_pk_get_param, _gcry_pk_selftest): Use it.
* cipher/ecc.c (selftests_ecdsa): Report using GCRY_PK_ECC.
(run_selftests): Simplify.
(ecdh_names, ecdsa_names): Merge into a new ecc_names.
(_gcry_pubkey_spec_ecdh, _gcry_pubkey_spec_ecdsa): Merge into new
_gcry_pubkey_spec_ecc.
--
The algo ids are actually a relict from Libgcrypt's former life as
GnuPG's crypto code. They don't make much sense anymore and are often
not needed.
This patch requires some changes to the GnuPG 2.1 code (which has
still not been released). For example the secret key transfer between
gpg and gpg-agent (gpg --export and gpg --import). Fortunately this
will also require to add usage flags to the secret key storage of
gpg-agent which is is something we should have done a long time ago.
Signed-off-by: Werner Koch <wk@gnupg.org>
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | cipher/ecc.c | 62 | ||||
-rw-r--r-- | cipher/pubkey.c | 30 | ||||
-rw-r--r-- | doc/gcrypt.texi | 19 | ||||
-rw-r--r-- | src/cipher.h | 3 | ||||
-rw-r--r-- | src/fips.c | 2 | ||||
-rw-r--r-- | src/gcrypt.h.in | 5 |
7 files changed, 61 insertions, 64 deletions
@@ -36,6 +36,9 @@ Noteworthy changes in version 1.6.0 (unreleased) * Added support for negative numbers to gcry_mpi_print, gcry_mpi_aprint and gcry_mpi_scan. + * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now + deprecated. Use GCRY_PK_ECC instead. + * Interface changes relative to the 1.5.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gcry_ac_* REMOVED. @@ -103,6 +106,7 @@ Noteworthy changes in version 1.6.0 (unreleased) GCRY_MD_STRIBOG256 NEW. GCRY_MD_STRIBOG512 NEW. GCRYCTL_DISABLE_ALGO CHANGED: Not anymore thread-safe. + GCRY_PK_ECC NEW. Noteworthy changes in version 1.5.0 (2011-06-29) diff --git a/cipher/ecc.c b/cipher/ecc.c index 2161b649..d31b4be0 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -1965,7 +1965,7 @@ selftests_ecdsa (selftest_report_func_t report) failed: if (report) - report ("pubkey", GCRY_PK_ECDSA, what, errtxt); + report ("pubkey", GCRY_PK_ECC, what, errtxt); return GPG_ERR_SELFTEST_FAILED; } @@ -1974,72 +1974,38 @@ selftests_ecdsa (selftest_report_func_t report) static gpg_err_code_t run_selftests (int algo, int extended, selftest_report_func_t report) { - gpg_err_code_t ec; - (void)extended; - switch (algo) - { - case GCRY_PK_ECDSA: - ec = selftests_ecdsa (report); - break; - default: - ec = GPG_ERR_PUBKEY_ALGO; - break; + if (algo != GCRY_PK_ECC) + return GPG_ERR_PUBKEY_ALGO; - } - return ec; + return selftests_ecdsa (report); } -static const char *ecdsa_names[] = +static const char *ecc_names[] = { - "ecdsa", - "eddsa", "ecc", - NULL, - }; -static const char *ecdh_names[] = - { + "ecdsa", "ecdh", - "ecc", - NULL, - }; - -gcry_pk_spec_t _gcry_pubkey_spec_ecdsa = - { - GCRY_PK_ECDSA, { 0, 0 }, - GCRY_PK_USAGE_SIGN, - "ECDSA", ecdsa_names, - "pabgnq", "pabgnqd", "", "rs", "pabgnq", - ecc_generate, - ecc_check_secret_key, - NULL, + "eddsa", NULL, - ecc_sign, - ecc_verify, - ecc_get_nbits, - run_selftests, - compute_keygrip, - _gcry_ecc_get_param, - _gcry_ecc_get_curve, - _gcry_ecc_get_param_sexp }; -gcry_pk_spec_t _gcry_pubkey_spec_ecdh = +gcry_pk_spec_t _gcry_pubkey_spec_ecc = { - GCRY_PK_ECDH, { 0, 0 }, - GCRY_PK_USAGE_ENCR, - "ECDH", ecdh_names, - "pabgnq", "pabgnqd", "se", "", "pabgnq", + GCRY_PK_ECC, { 0, 0 }, + (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR), + "ECC", ecc_names, + "pabgnq", "pabgnqd", "sw", "rs", "pabgnq", ecc_generate, ecc_check_secret_key, ecc_encrypt_raw, ecc_decrypt_raw, - NULL, - NULL, + ecc_sign, + ecc_verify, ecc_get_nbits, run_selftests, compute_keygrip, diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 99b9ba8a..4738c29b 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -38,8 +38,7 @@ static gcry_pk_spec_t *pubkey_list[] = { #if USE_ECC - &_gcry_pubkey_spec_ecdsa, - &_gcry_pubkey_spec_ecdh, + &_gcry_pubkey_spec_ecc, #endif #if USE_RSA &_gcry_pubkey_spec_rsa, @@ -55,6 +54,21 @@ static gcry_pk_spec_t *pubkey_list[] = }; +static int +map_algo (int algo) +{ + switch (algo) + { + case GCRY_PK_ECDSA: + case GCRY_PK_ECDH: + return GCRY_PK_ECC; + default: + return algo; + } +} + + + /* Return the spec structure for the public key algorithm ALGO. For an unknown algorithm NULL is returned. */ static gcry_pk_spec_t * @@ -63,6 +77,8 @@ spec_from_algo (int algo) int idx; gcry_pk_spec_t *spec; + algo = map_algo (algo); + for (idx = 0; (spec = pubkey_list[idx]); idx++) if (algo == spec->algo) return spec; @@ -2156,7 +2172,9 @@ gcry_pk_get_param (int algo, const char *name) gcry_sexp_t result = NULL; gcry_pk_spec_t *spec = NULL; - if (algo != GCRY_PK_ECDSA && algo != GCRY_PK_ECDH) + algo = map_algo (algo); + + if (algo != GCRY_PK_ECC) return NULL; spec = spec_from_name ("ecc"); @@ -2334,13 +2352,17 @@ gpg_error_t _gcry_pk_selftest (int algo, int extended, selftest_report_func_t report) { gcry_err_code_t ec; - gcry_pk_spec_t *spec = spec_from_algo (algo); + gcry_pk_spec_t *spec; + algo = map_algo (algo); + spec = spec_from_algo (algo); if (spec && spec->selftest) ec = spec->selftest (algo, extended, report); else { ec = GPG_ERR_PUBKEY_ALGO; + /* Fixme: We need to change the report fucntion to allow passing + of an encryption mode (e.g. pkcs1, ecdsa, or ecdh). */ if (report) report ("pubkey", algo, "module", spec && !spec->flags.disabled? diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 4c1485c5..5d1be8dd 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2124,9 +2124,10 @@ The point representing the public key @math{Q = dG}. The private key @math{d} @end table -All point values are encoded in standard format; Libgcrypt does -currently only support uncompressed points, thus the first byte needs to -be @code{0x04}. +All point values are encoded in standard format; Libgcrypt does in +general only support uncompressed points, thus the first byte needs to +be @code{0x04}. However ``EdDSA'' describes its own compression +scheme which is used by default. The public key is similar with "private-key" replaced by "public-key" and no @var{d-mpi}. @@ -2200,6 +2201,10 @@ for signing. Use RSA-OAEP padding for encryption. @item pss Use RSA-PSS padding for signing. +@item eddsa +Use the EdDSA scheme instead of ECDSA. +@item rfc6979 +For DSA and ECDSA use a deterministic scheme for the k parameter. @item no-blinding Do not use a technique called `blinding', which is used by default in order to prevent leaking of secret information. Blinding is only @@ -2680,11 +2685,11 @@ are allowed. When specifying Q all values of N in the range 512 to 15680 are valid as long as they are multiples of 8. @item transient-key -This is only meaningful for RSA, DSA, ECDSA, and ECDH keys. This is a flag +This is only meaningful for RSA, DSA, and ECC keys. This is a flag with no value. If given the key is created using a faster and a -somewhat less secure random number generator. This flag may be used for -keys which are only used for a short time or per-message and do not require full -cryptographic strength. +somewhat less secure random number generator. This flag may be used +for keys which are only used for a short time or per-message and do +not require full cryptographic strength. @item domain This is only meaningful for DLP algorithms. If specified keys are diff --git a/src/cipher.h b/src/cipher.h index e3a2fe0c..ea7a141a 100644 --- a/src/cipher.h +++ b/src/cipher.h @@ -240,8 +240,7 @@ extern gcry_pk_spec_t _gcry_pubkey_spec_rsa; extern gcry_pk_spec_t _gcry_pubkey_spec_elg; extern gcry_pk_spec_t _gcry_pubkey_spec_elg_e; extern gcry_pk_spec_t _gcry_pubkey_spec_dsa; -extern gcry_pk_spec_t _gcry_pubkey_spec_ecdsa; -extern gcry_pk_spec_t _gcry_pubkey_spec_ecdh; +extern gcry_pk_spec_t _gcry_pubkey_spec_ecc; #endif /*G10_CIPHER_H*/ @@ -546,7 +546,7 @@ run_pubkey_selftests (int extended) { GCRY_PK_RSA, GCRY_PK_DSA, - /* GCRY_PK_ECDSA is not enabled in fips mode. */ + /* GCRY_PK_ECC is not enabled in fips mode. */ 0 }; int idx; diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 3634c249..62c97217 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -978,9 +978,10 @@ enum gcry_pk_algos GCRY_PK_RSA_S = 3, /* (deprecated) */ GCRY_PK_ELG_E = 16, GCRY_PK_DSA = 17, + GCRY_PK_ECC = 18, /* Generic ECC. */ GCRY_PK_ELG = 20, - GCRY_PK_ECDSA = 301, - GCRY_PK_ECDH = 302 + GCRY_PK_ECDSA = 301, /* (deprecated: use 18). */ + GCRY_PK_ECDH = 302 /* (deprecated: use 18). */ }; /* Flags describing usage capabilities of a PK algorithm. */ |