diff options
author | Werner Koch <wk@gnupg.org> | 2013-10-25 15:44:03 +0200 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2013-10-29 14:38:53 +0100 |
commit | ba892a0a874c8b2a83dbf0940608cd7e2911ce01 (patch) | |
tree | 05d693e86d52f336aa9142c8176fb5a88a3b59cb /cipher | |
parent | 1faa61845f180bd47e037e400dde2d864ee83c89 (diff) | |
download | libgcrypt-ba892a0a874c8b2a83dbf0940608cd7e2911ce01.tar.gz |
ecc: Add flags "noparam" and "comp".
* src/cipher.h (PUBKEY_FLAG_NOPARAM, PUBKEY_FLAG_COMP): New.
* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Parse new flags
and change code for possible faster parsing.
* cipher/ecc.c (ecc_generate): Implement the "noparam" flag.
(ecc_sign): Ditto.
(ecc_verify): Ditto.
* tests/keygen.c (check_ecc_keys): Use the "noparam" flag.
* cipher/ecc.c (ecc_generate): Fix parsing of the deprecated
transient-flag parameter.
(ecc_verify): Do not make Q optional in the extract-param call.
--
Note that the "comp" flag has not yet any effect.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'cipher')
-rw-r--r-- | cipher/ecc.c | 81 | ||||
-rw-r--r-- | cipher/pubkey-util.c | 146 |
2 files changed, 146 insertions, 81 deletions
diff --git a/cipher/ecc.c b/cipher/ecc.c index dca04234..5a528298 100644 --- a/cipher/ecc.c +++ b/cipher/ecc.c @@ -423,14 +423,6 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) return GPG_ERR_INV_OBJ; /* No curve name or value too large. */ } - /* Parse the optional transient-key flag. */ - l1 = gcry_sexp_find_token (genparms, "transient-key", 0); - if (l1) - { - flags |= PUBKEY_FLAG_TRANSIENT_KEY; - gcry_sexp_release (l1); - } - /* Parse the optional flags list. */ l1 = gcry_sexp_find_token (genparms, "flags", 0); if (l1) @@ -441,6 +433,14 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } + /* Parse the deprecated optional transient-key flag. */ + l1 = gcry_sexp_find_token (genparms, "transient-key", 0); + if (l1) + { + flags |= PUBKEY_FLAG_TRANSIENT_KEY; + gcry_sexp_release (l1); + } + /* NBITS is required if no curve name has been given. */ if (!nbits && !curve_name) return GPG_ERR_NO_OBJ; /* No NBITS parameter. */ @@ -524,24 +524,43 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey) goto leave; } - if (ed25519_with_ecdsa) + if ((flags & PUBKEY_FLAG_NOPARAM) || ed25519_with_ecdsa) { - rc = gcry_sexp_build (&curve_flags, NULL, "(flags ecdsa)"); + rc = gcry_sexp_build + (&curve_flags, NULL, + ((flags & PUBKEY_FLAG_NOPARAM) && ed25519_with_ecdsa)? + "(flags noparam ecdsa)" : + ((flags & PUBKEY_FLAG_NOPARAM))? + "(flags noparam)" : + "(flags ecdsa)"); if (rc) goto leave; } - rc = gcry_sexp_build (r_skey, NULL, - "(key-data" - " (public-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" - " (private-key" - " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" - " )", - curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, - curve_info, curve_flags, - sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); + if ((flags & PUBKEY_FLAG_NOPARAM) && E.name) + rc = gcry_sexp_build (r_skey, NULL, + "(key-data" + " (public-key" + " (ecc%S%S(q%m)))" + " (private-key" + " (ecc%S%S(q%m)(d%m)))" + " )", + curve_info, curve_flags, + public, + curve_info, curve_flags, + public, secret); + else + rc = gcry_sexp_build (r_skey, NULL, + "(key-data" + " (public-key" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)))" + " (private-key" + " (ecc%S%S(p%m)(a%m)(b%m)(g%m)(n%m)(q%m)(d%m)))" + " )", + curve_info, curve_flags, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, + curve_info, curve_flags, + sk.E.p, sk.E.a, sk.E.b, base, sk.E.n, public, secret); if (rc) goto leave; @@ -709,9 +728,13 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms) /* * Extract the key. */ - rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", - &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, - &mpi_q, &sk.d, NULL); + if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) + rc = _gcry_sexp_extract_param (keyparms, NULL, "/q?+d", + &mpi_q, &sk.d, NULL); + else + rc = _gcry_sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d", + &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n, + &mpi_q, &sk.d, NULL); if (rc) goto leave; if (mpi_g) @@ -871,9 +894,13 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms) /* * Extract the key. */ - rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q?", - &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, - &mpi_q, NULL); + if ((ctx.flags & PUBKEY_FLAG_NOPARAM)) + rc = _gcry_sexp_extract_param (s_keyparms, NULL, "/q", + &mpi_q, NULL); + else + rc = _gcry_sexp_extract_param (s_keyparms, NULL, "-p?a?b?g?n?/q", + &pk.E.p, &pk.E.a, &pk.E.b, &mpi_g, &pk.E.n, + &mpi_q, NULL); if (rc) goto leave; if (mpi_g) diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c index 0db5840b..88d6bb69 100644 --- a/cipher/pubkey-util.c +++ b/cipher/pubkey-util.c @@ -47,7 +47,7 @@ pss_verify_cmp (void *opaque, gcry_mpi_t tmp) /* Parser for a flag list. On return the encoding is stored at - R_ENCODING and the flags are stored at R_FLAGS. if any of them is + R_ENCODING and the flags are stored at R_FLAGS. If any of them is not needed, NULL may be passed. The function returns 0 on success or an error code. */ gpg_err_code_t @@ -65,61 +65,99 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list, { s = gcry_sexp_nth_data (list, i, &n); if (!s) - ; /* not a data element*/ - else if (n == 7 && !memcmp (s, "rfc6979", 7)) - { - flags |= PUBKEY_FLAG_RFC6979; - } - else if (n == 5 && !memcmp (s, "eddsa", 5)) - { - encoding = PUBKEY_ENC_RAW; - flags |= PUBKEY_FLAG_EDDSA; - } - else if (n == 5 && !memcmp (s, "ecdsa", 5)) - { - flags |= PUBKEY_FLAG_ECDSA; - } - else if (n == 4 && !memcmp (s, "gost", 4)) - { - encoding = PUBKEY_ENC_RAW; - flags |= PUBKEY_FLAG_GOST; - } - else if (n == 3 && !memcmp (s, "raw", 3) - && encoding == PUBKEY_ENC_UNKNOWN) - { - encoding = PUBKEY_ENC_RAW; - flags |= PUBKEY_FLAG_RAW_FLAG; /* Explicitly given. */ - } - else if (n == 5 && !memcmp (s, "pkcs1", 5) - && encoding == PUBKEY_ENC_UNKNOWN) - { - encoding = PUBKEY_ENC_PKCS1; - flags |= PUBKEY_FLAG_FIXEDLEN; - } - else if (n == 4 && !memcmp (s, "oaep", 4) - && encoding == PUBKEY_ENC_UNKNOWN) - { - encoding = PUBKEY_ENC_OAEP; - flags |= PUBKEY_FLAG_FIXEDLEN; - } - else if (n == 3 && !memcmp (s, "pss", 3) - && encoding == PUBKEY_ENC_UNKNOWN) + continue; /* Not a data element. */ + + switch (n) { - encoding = PUBKEY_ENC_PSS; - flags |= PUBKEY_FLAG_FIXEDLEN; + case 3: + if (!memcmp (s, "pss", 3) && encoding == PUBKEY_ENC_UNKNOWN) + { + encoding = PUBKEY_ENC_PSS; + flags |= PUBKEY_FLAG_FIXEDLEN; + } + else if (!memcmp (s, "raw", 3) && encoding == PUBKEY_ENC_UNKNOWN) + { + encoding = PUBKEY_ENC_RAW; + flags |= PUBKEY_FLAG_RAW_FLAG; /* Explicitly given. */ + } + else + rc = GPG_ERR_INV_FLAG; + break; + + case 4: + if (!memcmp (s, "comp", 4)) + flags |= PUBKEY_FLAG_COMP; + else if (!memcmp (s, "oaep", 4) && encoding == PUBKEY_ENC_UNKNOWN) + { + encoding = PUBKEY_ENC_OAEP; + flags |= PUBKEY_FLAG_FIXEDLEN; + } + else if (!memcmp (s, "gost", 4)) + { + encoding = PUBKEY_ENC_RAW; + flags |= PUBKEY_FLAG_GOST; + } + else + rc = GPG_ERR_INV_FLAG; + break; + + case 5: + if (!memcmp (s, "eddsa", 5)) + { + encoding = PUBKEY_ENC_RAW; + flags |= PUBKEY_FLAG_EDDSA; + } + else if (!memcmp (s, "ecdsa", 5)) + { + flags |= PUBKEY_FLAG_ECDSA; + } + else if (!memcmp (s, "pkcs1", 5) && encoding == PUBKEY_ENC_UNKNOWN) + { + encoding = PUBKEY_ENC_PKCS1; + flags |= PUBKEY_FLAG_FIXEDLEN; + } + else + rc = GPG_ERR_INV_FLAG; + break; + + case 7: + if (!memcmp (s, "rfc6979", 7)) + flags |= PUBKEY_FLAG_RFC6979; + else if (!memcmp (s, "noparam", 7)) + flags |= PUBKEY_FLAG_NOPARAM; + else + rc = GPG_ERR_INV_FLAG; + break; + + case 8: + if (!memcmp (s, "use-x931", 8)) + flags |= PUBKEY_FLAG_USE_X931; + else + rc = GPG_ERR_INV_FLAG; + break; + + case 11: + if (!memcmp (s, "no-blinding", 11)) + flags |= PUBKEY_FLAG_NO_BLINDING; + else if (!memcmp (s, "use-fips186", 11)) + flags |= PUBKEY_FLAG_USE_FIPS186; + else + rc = GPG_ERR_INV_FLAG; + break; + + case 13: + if (!memcmp (s, "use-fips186-2", 13)) + flags |= PUBKEY_FLAG_USE_FIPS186_2; + else if (!memcmp (s, "transient-key", 13)) + flags |= PUBKEY_FLAG_TRANSIENT_KEY; + else + rc = GPG_ERR_INV_FLAG; + break; + + default: + rc = GPG_ERR_INV_FLAG; + break; } - else if (n == 11 && ! memcmp (s, "no-blinding", 11)) - flags |= PUBKEY_FLAG_NO_BLINDING; - else if (n == 13 && ! memcmp (s, "transient-key", 13)) - flags |= PUBKEY_FLAG_TRANSIENT_KEY; - else if (n == 8 && ! memcmp (s, "use-x931", 8)) - flags |= PUBKEY_FLAG_USE_X931; - else if (n == 11 && ! memcmp (s, "use-fips186", 11)) - flags |= PUBKEY_FLAG_USE_FIPS186; - else if (n == 13 && ! memcmp (s, "use-fips186-2", 13)) - flags |= PUBKEY_FLAG_USE_FIPS186_2; - else - rc = GPG_ERR_INV_FLAG; } if (r_flags) |