diff options
author | Werner Koch <wk@gnupg.org> | 2013-10-25 15:44:03 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-10-29 14:38:53 +0100 |
commit | ba892a0a874c8b2a83dbf0940608cd7e2911ce01 (patch) | |
tree | 05d693e86d52f336aa9142c8176fb5a88a3b59cb /cipher/ecc.c | |
parent | 1faa61845f180bd47e037e400dde2d864ee83c89 (diff) | |
download | libgcrypt-ba892a0a874c8b2a83dbf0940608cd7e2911ce01.tar.gz |
ecc: Add flags "noparam" and "comp".
* src/cipher.h (PUBKEY_FLAG_NOPARAM, PUBKEY_FLAG_COMP): New.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Parse new flags
and change code for possible faster parsing.
* cipher/ecc.c (ecc_generate): Implement the "noparam" flag.
(ecc_sign): Ditto.
(ecc_verify): Ditto.
* tests/keygen.c (check_ecc_keys): Use the "noparam" flag.
* cipher/ecc.c (ecc_generate): Fix parsing of the deprecated
transient-flag parameter.
(ecc_verify): Do not make Q optional in the extract-param call.
--
Note that the "comp" flag has not yet any effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/ecc.c')
-rw-r--r-- | cipher/ecc.c | 81 |
1 files changed, 54 insertions, 27 deletions
diff --git a/cipher/ecc.c b/cipher/ecc.c index dca04234..5a528298 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -423,14 +423,6 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) return GPG_ERR_INV_OBJ; /* No curve name or value too large. */ } - /* Parse the optional transient-key flag. */ - l1 = gcry_sexp_find_token (genparms, "transient-key", 0); - if (l1) - { - flags |= PUBKEY_FLAG_TRANSIENT_KEY; - gcry_sexp_release (l1); - } - /* Parse the optional flags list. */ l1 = gcry_sexp_find_token (genparms, "flags", 0); if (l1) @@ -441,6 +433,14 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } + /* Parse the deprecated optional transient-key flag. */ + l1 = gcry_sexp_find_token (genparms, "transient-key", 0); + if (l1) + { + flags |= PUBKEY_FLAG_TRANSIENT_KEY; + gcry_sexp_release (l1); + } + /* NBITS is required if no curve name has been given. */ if (!nbits && !curve_name) return GPG_ERR_NO_OBJ; /* No NBITS parameter. */ @@ -524,24 +524,43 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } - if (ed25519_with_ecdsa) + if ((flags & PUBKEY_FLAG_NOPARAM) || ed25519_with_ecdsa) { - rc = gcry_sexp_build (&curve_flags, NULL, "(flags ecdsa)"); + rc = gcry_sexp_build + (&curve_flags, NULL, + ((flags & PUBKEY_FLAG_NOPARAM) && ed25519_with_ecdsa)? + "(flags noparam ecdsa)" : + ((flags & PUBKEY_FLAG_NOPARAM))? + "(flags noparam)" : + "(flags ecdsa)"); if (rc) goto leave; } - rc = gcry_sexp_build (r_skey, NULL, - "(key-data" - " (public-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" - " (private-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" - " )", - curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, - curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); + if ((flags & PUBKEY_FLAG_NOPARAM) && E.name) + rc = gcry_sexp_build (r_skey, NULL, + "(key-data" + " (public-key" + " (ecc%S%S(q%m)))" + " (private-key" + " (ecc%S%S(q%m)(d%m)))" + " )", + curve_info, curve_flags, + public, + curve_info, curve_flags, + public, secret); + else + rc = gcry_sexp_build (r_skey, NULL, + "(key-data" + " (public-key" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" + " (private-key" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" + " )", + curve_info, curve_flags, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, + curve_info, curve_flags, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); if (rc) goto leave; @@ -709,9 +728,13 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* * Extract the key. */ - rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", - &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, - &mpi_q, &sk.d, NULL); + if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) + rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d", + &mpi_q, &sk.d, NULL); + else + rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", + &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, + &mpi_q, &sk.d, NULL); if (rc) goto leave; if (mpi_g) @@ -871,9 +894,13 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) /* * Extract the key. */ - rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q?", - &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, - &mpi_q, NULL); + if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) + rc = _gcry_sexp_extract_param (s_keyparms, NULL, "/q", + &mpi_q, NULL); + else + rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q", + &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, + &mpi_q, NULL); if (rc) goto leave; if (mpi_g) |