diff options
| author | Werner Koch <wk@gnupg.org> | 2013-09-07 10:06:46 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2013-09-23 22:25:05 +0200 |
| commit | d5f91466695c5736f441c9bf1998436184a4bf61 (patch) | |
| tree | de889addb62c305ddbd1ba5d7cf077dda88ebd35 /cipher/pubkey.c | |
| parent | 4552437bb3c5ff96a889fd31e4bc504b2a12fac7 (diff) | |
| download | libgcrypt-d5f91466695c5736f441c9bf1998436184a4bf61.tar.gz | |
pk: Add algo id GCRY_PK_ECC and deprecate ECDSA and ECDH.
* src/gcrypt.h.in (GCRY_PK_ECC): New.
* cipher/pubkey.c (map_algo): New.
(spec_from_algo, gcry_pk_get_param, _gcry_pk_selftest): Use it.
* cipher/ecc.c (selftests_ecdsa): Report using GCRY_PK_ECC.
(run_selftests): Simplify.
(ecdh_names, ecdsa_names): Merge into a new ecc_names.
(_gcry_pubkey_spec_ecdh, _gcry_pubkey_spec_ecdsa): Merge into new
_gcry_pubkey_spec_ecc.
--
The algo ids are actually a relict from Libgcrypt's former life as
GnuPG's crypto code. They don't make much sense anymore and are often
not needed.
This patch requires some changes to the GnuPG 2.1 code (which has
still not been released). For example the secret key transfer between
gpg and gpg-agent (gpg --export and gpg --import). Fortunately this
will also require to add usage flags to the secret key storage of
gpg-agent which is is something we should have done a long time ago.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher/pubkey.c')
| -rw-r--r-- | cipher/pubkey.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/cipher/pubkey.c b/cipher/pubkey.c index 99b9ba8a..4738c29b 100644 --- a/cipher/pubkey.c +++ b/cipher/pubkey.c @@ -38,8 +38,7 @@ static gcry_pk_spec_t *pubkey_list[] = { #if USE_ECC - &_gcry_pubkey_spec_ecdsa, - &_gcry_pubkey_spec_ecdh, + &_gcry_pubkey_spec_ecc, #endif #if USE_RSA &_gcry_pubkey_spec_rsa, @@ -55,6 +54,21 @@ static gcry_pk_spec_t *pubkey_list[] = }; +static int +map_algo (int algo) +{ + switch (algo) + { + case GCRY_PK_ECDSA: + case GCRY_PK_ECDH: + return GCRY_PK_ECC; + default: + return algo; + } +} + + + /* Return the spec structure for the public key algorithm ALGO. For an unknown algorithm NULL is returned. */ static gcry_pk_spec_t * @@ -63,6 +77,8 @@ spec_from_algo (int algo) int idx; gcry_pk_spec_t *spec; + algo = map_algo (algo); + for (idx = 0; (spec = pubkey_list[idx]); idx++) if (algo == spec->algo) return spec; @@ -2156,7 +2172,9 @@ gcry_pk_get_param (int algo, const char *name) gcry_sexp_t result = NULL; gcry_pk_spec_t *spec = NULL; - if (algo != GCRY_PK_ECDSA && algo != GCRY_PK_ECDH) + algo = map_algo (algo); + + if (algo != GCRY_PK_ECC) return NULL; spec = spec_from_name ("ecc"); @@ -2334,13 +2352,17 @@ gpg_error_t _gcry_pk_selftest (int algo, int extended, selftest_report_func_t report) { gcry_err_code_t ec; - gcry_pk_spec_t *spec = spec_from_algo (algo); + gcry_pk_spec_t *spec; + algo = map_algo (algo); + spec = spec_from_algo (algo); if (spec && spec->selftest) ec = spec->selftest (algo, extended, report); else { ec = GPG_ERR_PUBKEY_ALGO; + /* Fixme: We need to change the report fucntion to allow passing + of an encryption mode (e.g. pkcs1, ecdsa, or ecdh). */ if (report) report ("pubkey", algo, "module", spec && !spec->flags.disabled? |