pk: Add algo id GCRY_PK_ECC and deprecate ECDSA and ECDH.

* src/gcrypt.h.in (GCRY_PK_ECC): New. * cipher/pubkey.c (map_algo): New. (spec_from_algo, gcry_pk_get_param, _gcry_pk_selftest): Use it. * cipher/ecc.c (selftests_ecdsa): Report using GCRY_PK_ECC. (run_selftests): Simplify. (ecdh_names, ecdsa_names): Merge into a new ecc_names. (_gcry_pubkey_spec_ecdh, _gcry_pubkey_spec_ecdsa): Merge into new _gcry_pubkey_spec_ecc. -- The algo ids are actually a relict from Libgcrypt's former life as GnuPG's crypto code. They don't make much sense anymore and are often not needed. This patch requires some changes to the GnuPG 2.1 code (which has still not been released). For example the secret key transfer between gpg and gpg-agent (gpg --export and gpg --import). Fortunately this will also require to add usage flags to the secret key storage of gpg-agent which is is something we should have done a long time ago. Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2013-09-07 10:06:46 +0200
committer: Werner Koch <wk@gnupg.org> 2013-09-23 22:25:05 +0200
commit: d5f91466695c5736f441c9bf1998436184a4bf61 (patch)
tree: de889addb62c305ddbd1ba5d7cf077dda88ebd35
parent: 4552437bb3c5ff96a889fd31e4bc504b2a12fac7 (diff)
download: libgcrypt-d5f91466695c5736f441c9bf1998436184a4bf61.tar.gz
7 files changed, 61 insertions, 64 deletions
diff --git a/NEWS b/NEWS
index 678805d8..1e84cbe5 100644
--- a/NEWS
+++ b/NEWS
@@ -36,6 +36,9 @@ Noteworthy changes in version 1.6.0 (unreleased)
  * Added support for negative numbers to gcry_mpi_print,
    gcry_mpi_aprint and gcry_mpi_scan.
 
+ * The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now
+   deprecated.  Use GCRY_PK_ECC instead.
+
  * Interface changes relative to the 1.5.0 release:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  gcry_ac_*              REMOVED.
@@ -103,6 +106,7 @@ Noteworthy changes in version 1.6.0 (unreleased)
  GCRY_MD_STRIBOG256              NEW.
  GCRY_MD_STRIBOG512              NEW.
  GCRYCTL_DISABLE_ALGO            CHANGED: Not anymore thread-safe.
+ GCRY_PK_ECC                     NEW.
 
 
 Noteworthy changes in version 1.5.0 (2011-06-29)
diff --git a/cipher/ecc.c b/cipher/ecc.c
index 2161b649..d31b4be0 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -1965,7 +1965,7 @@ selftests_ecdsa (selftest_report_func_t report)
 
  failed:
   if (report)
-    report ("pubkey", GCRY_PK_ECDSA, what, errtxt);
+    report ("pubkey", GCRY_PK_ECC, what, errtxt);
   return GPG_ERR_SELFTEST_FAILED;
 }
 
@@ -1974,72 +1974,38 @@ selftests_ecdsa (selftest_report_func_t report)
 static gpg_err_code_t
 run_selftests (int algo, int extended, selftest_report_func_t report)
 {
-  gpg_err_code_t ec;
-
   (void)extended;
 
-  switch (algo)
-    {
-    case GCRY_PK_ECDSA:
-      ec = selftests_ecdsa (report);
-      break;
-    default:
-      ec = GPG_ERR_PUBKEY_ALGO;
-      break;
+  if (algo != GCRY_PK_ECC)
+    return GPG_ERR_PUBKEY_ALGO;
 
-    }
-  return ec;
+  return selftests_ecdsa (report);
 }
 
 
 
 
-static const char *ecdsa_names[] =
+static const char *ecc_names[] =
   {
-    "ecdsa",
-    "eddsa",
     "ecc",
-    NULL,
-  };
-static const char *ecdh_names[] =
-  {
+    "ecdsa",
     "ecdh",
-    "ecc",
-    NULL,
-  };
-
-gcry_pk_spec_t _gcry_pubkey_spec_ecdsa =
-  {
-    GCRY_PK_ECDSA, { 0, 0 },
-    GCRY_PK_USAGE_SIGN,
-    "ECDSA", ecdsa_names,
-    "pabgnq", "pabgnqd", "", "rs", "pabgnq",
-    ecc_generate,
-    ecc_check_secret_key,
-    NULL,
+    "eddsa",
     NULL,
-    ecc_sign,
-    ecc_verify,
-    ecc_get_nbits,
-    run_selftests,
-    compute_keygrip,
-    _gcry_ecc_get_param,
-    _gcry_ecc_get_curve,
-    _gcry_ecc_get_param_sexp
   };
 
-gcry_pk_spec_t _gcry_pubkey_spec_ecdh =
+gcry_pk_spec_t _gcry_pubkey_spec_ecc =
   {
-    GCRY_PK_ECDH, { 0, 0 },
-    GCRY_PK_USAGE_ENCR,
-    "ECDH", ecdh_names,
-    "pabgnq", "pabgnqd", "se", "", "pabgnq",
+    GCRY_PK_ECC, { 0, 0 },
+    (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR),
+    "ECC", ecc_names,
+    "pabgnq", "pabgnqd", "sw", "rs", "pabgnq",
     ecc_generate,
     ecc_check_secret_key,
     ecc_encrypt_raw,
     ecc_decrypt_raw,
-    NULL,
-    NULL,
+    ecc_sign,
+    ecc_verify,
     ecc_get_nbits,
     run_selftests,
     compute_keygrip,
diff --git a/cipher/pubkey.c b/cipher/pubkey.c
index 99b9ba8a..4738c29b 100644
--- a/cipher/pubkey.c
+++ b/cipher/pubkey.c
@@ -38,8 +38,7 @@
 static gcry_pk_spec_t *pubkey_list[] =
   {
 #if USE_ECC
-    &_gcry_pubkey_spec_ecdsa,
-    &_gcry_pubkey_spec_ecdh,
+    &_gcry_pubkey_spec_ecc,
 #endif
 #if USE_RSA
     &_gcry_pubkey_spec_rsa,
@@ -55,6 +54,21 @@ static gcry_pk_spec_t *pubkey_list[] =
   };
 
 
+static int
+map_algo (int algo)
+{
+ switch (algo)
+   {
+   case GCRY_PK_ECDSA:
+   case GCRY_PK_ECDH:
+     return GCRY_PK_ECC;
+   default:
+     return algo;
+   }
+}
+
+
+
 /* Return the spec structure for the public key algorithm ALGO.  For
    an unknown algorithm NULL is returned.  */
 static gcry_pk_spec_t *
@@ -63,6 +77,8 @@ spec_from_algo (int algo)
   int idx;
   gcry_pk_spec_t *spec;
 
+  algo = map_algo (algo);
+
   for (idx = 0; (spec = pubkey_list[idx]); idx++)
     if (algo == spec->algo)
       return spec;
@@ -2156,7 +2172,9 @@ gcry_pk_get_param (int algo, const char *name)
   gcry_sexp_t result = NULL;
   gcry_pk_spec_t *spec = NULL;
 
-  if (algo != GCRY_PK_ECDSA && algo != GCRY_PK_ECDH)
+  algo = map_algo (algo);
+
+  if (algo != GCRY_PK_ECC)
     return NULL;
 
   spec = spec_from_name ("ecc");
@@ -2334,13 +2352,17 @@ gpg_error_t
 _gcry_pk_selftest (int algo, int extended, selftest_report_func_t report)
 {
   gcry_err_code_t ec;
-  gcry_pk_spec_t *spec = spec_from_algo (algo);
+  gcry_pk_spec_t *spec;
 
+  algo = map_algo (algo);
+  spec = spec_from_algo (algo);
   if (spec && spec->selftest)
     ec = spec->selftest (algo, extended, report);
   else
     {
       ec = GPG_ERR_PUBKEY_ALGO;
+      /* Fixme: We need to change the report fucntion to allow passing
+         of an encryption mode (e.g. pkcs1, ecdsa, or ecdh).  */
       if (report)
         report ("pubkey", algo, "module",
                 spec && !spec->flags.disabled?
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 4c1485c5..5d1be8dd 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -2124,9 +2124,10 @@ The point representing the public key @math{Q = dG}.
 The private key @math{d}
 @end table
 
-All point values are encoded in standard format; Libgcrypt does
-currently only support uncompressed points, thus the first byte needs to
-be @code{0x04}.
+All point values are encoded in standard format; Libgcrypt does in
+general only support uncompressed points, thus the first byte needs to
+be @code{0x04}.  However ``EdDSA'' describes its own compression
+scheme which is used by default.
 
 The public key is similar with "private-key" replaced by "public-key"
 and no @var{d-mpi}.
@@ -2200,6 +2201,10 @@ for signing.
 Use RSA-OAEP padding for encryption.
 @item pss
 Use RSA-PSS padding for signing.
+@item eddsa
+Use the EdDSA scheme instead of ECDSA.
+@item rfc6979
+For DSA and ECDSA use a deterministic scheme for the k parameter.
 @item no-blinding
 Do not use a technique called `blinding', which is used by default in
 order to prevent leaking of secret information.  Blinding is only
@@ -2680,11 +2685,11 @@ are allowed.  When specifying Q all values of N in the range 512 to
 15680 are valid as long as they are multiples of 8.
 
 @item transient-key
-This is only meaningful for RSA, DSA, ECDSA, and ECDH keys.  This is a flag
+This is only meaningful for RSA, DSA, and ECC keys.  This is a flag
 with no value.  If given the key is created using a faster and a
-somewhat less secure random number generator.  This flag may be used for
-keys which are only used for a short time or per-message and do not require full
-cryptographic strength.
+somewhat less secure random number generator.  This flag may be used
+for keys which are only used for a short time or per-message and do
+not require full cryptographic strength.
 
 @item domain
 This is only meaningful for DLP algorithms.  If specified keys are
diff --git a/src/cipher.h b/src/cipher.h
index e3a2fe0c..ea7a141a 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -240,8 +240,7 @@ extern gcry_pk_spec_t _gcry_pubkey_spec_rsa;
 extern gcry_pk_spec_t _gcry_pubkey_spec_elg;
 extern gcry_pk_spec_t _gcry_pubkey_spec_elg_e;
 extern gcry_pk_spec_t _gcry_pubkey_spec_dsa;
-extern gcry_pk_spec_t _gcry_pubkey_spec_ecdsa;
-extern gcry_pk_spec_t _gcry_pubkey_spec_ecdh;
+extern gcry_pk_spec_t _gcry_pubkey_spec_ecc;
 
 
 #endif /*G10_CIPHER_H*/
diff --git a/src/fips.c b/src/fips.c
index e45baba6..11b2caa8 100644
--- a/src/fips.c
+++ b/src/fips.c
@@ -546,7 +546,7 @@ run_pubkey_selftests (int extended)
     {
       GCRY_PK_RSA,
       GCRY_PK_DSA,
-      /* GCRY_PK_ECDSA is not enabled in fips mode.  */
+      /* GCRY_PK_ECC is not enabled in fips mode.  */
       0
     };
   int idx;
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index 3634c249..62c97217 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -978,9 +978,10 @@ enum gcry_pk_algos
     GCRY_PK_RSA_S = 3,      /* (deprecated) */
     GCRY_PK_ELG_E = 16,
     GCRY_PK_DSA   = 17,
+    GCRY_PK_ECC   = 18,     /* Generic ECC.  */
     GCRY_PK_ELG   = 20,
-    GCRY_PK_ECDSA = 301,
-    GCRY_PK_ECDH  = 302
+    GCRY_PK_ECDSA = 301,    /* (deprecated: use 18).  */
+    GCRY_PK_ECDH  = 302     /* (deprecated: use 18).  */
   };
 
 /* Flags describing usage capabilities of a PK algorithm. */
author	Werner Koch <wk@gnupg.org>	2013-09-07 10:06:46 +0200
committer	Werner Koch <wk@gnupg.org>	2013-09-23 22:25:05 +0200
commit	d5f91466695c5736f441c9bf1998436184a4bf61 (patch)
tree	de889addb62c305ddbd1ba5d7cf077dda88ebd35
parent	4552437bb3c5ff96a889fd31e4bc504b2a12fac7 (diff)
download	libgcrypt-d5f91466695c5736f441c9bf1998436184a4bf61.tar.gz