[git] GCRYPT - branch, master, updated. libgcrypt-1.5.0-354-gb9fd398

by Werner Koch cvs at cvs.gnupg.org
Tue Nov 5 19:10:03 CET 2013


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  b9fd3988b54b50109f4e7179e7fe0739bb1d97c5 (commit)
      from  f09ffe8a4802af65a116e79eceeb1cb4ed4fa2f4 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit b9fd3988b54b50109f4e7179e7fe0739bb1d97c5
Author: Werner Koch <wk at gnupg.org>
Date:   Tue Nov 5 19:00:09 2013 +0100

    ecc: Require "eddsa" flag for curve Ed25519.
    
    * src/cipher.h (PUBKEY_FLAG_ECDSA): Remove.
    * cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Remove "ecdsa".
    * cipher/ecc.c (ecc_generate, ecc_sign, ecc_verify): Require "eddsa" flag.
    * cipher/ecc-misc.c (_gcry_ecc_compute_public): Depend "eddsa" flag.
    * tests/benchmark.c, tests/keygen.c, tests/pubkey.c
    * tests/t-ed25519.c, tests/t-mpi-point.c: Adjust for changed flags.
    --
    
    This changes make using ECDSA signatures the default for all curves.
    If another signing algorithm is to be used, the corresponding flag
    needs to be given.  In particular the flags "eddsa" is now always
    required with curve Ed25519 to comply with the specs.  This change
    makes the code better readable by not assuming a certain signature
    algorithm depending on the curve.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 6c75e75..0eb3391 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -265,7 +265,7 @@ _gcry_ecc_compute_public (mpi_point_t Q, mpi_ec_t ec)
     return NULL;
 
   if (ec->dialect == ECC_DIALECT_ED25519
-      && !(ec->flags & PUBKEY_FLAG_ECDSA))
+      && (ec->flags & PUBKEY_FLAG_EDDSA))
     {
       gcry_mpi_t a;
       unsigned char *rawmpi = NULL;
diff --git a/cipher/ecc.c b/cipher/ecc.c
index 8bc8ea6..5578e05 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -404,7 +404,6 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
   gcry_mpi_t public = NULL;
   gcry_mpi_t secret = NULL;
   int flags = 0;
-  int ed25519_with_ecdsa = 0;
 
   memset (&E, 0, sizeof E);
   memset (&sk, 0, sizeof sk);
@@ -473,24 +472,10 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
   x = mpi_new (0);
   y = mpi_new (0);
 
-  switch (E.dialect)
-    {
-    case ECC_DIALECT_STANDARD:
-      rc = nist_generate_key (&sk, &E, ctx, random_level, nbits);
-      break;
-    case ECC_DIALECT_ED25519:
-      if ((flags & PUBKEY_FLAG_ECDSA))
-        {
-          ed25519_with_ecdsa = 1;
-          rc = nist_generate_key (&sk, &E, ctx, random_level, nbits);
-        }
-      else
-        rc = _gcry_ecc_eddsa_genkey (&sk, &E, ctx, random_level);
-      break;
-    default:
-      rc = GPG_ERR_INTERNAL;
-      break;
-    }
+  if ((flags & PUBKEY_FLAG_EDDSA))
+    rc = _gcry_ecc_eddsa_genkey (&sk, &E, ctx, random_level);
+  else
+    rc = nist_generate_key (&sk, &E, ctx, random_level, nbits);
   if (rc)
     goto leave;
 
@@ -524,15 +509,15 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
         goto leave;
     }
 
-  if ((flags & PUBKEY_FLAG_NOPARAM) || ed25519_with_ecdsa)
+  if ((flags & PUBKEY_FLAG_NOPARAM) || (flags & PUBKEY_FLAG_EDDSA))
     {
       rc = gcry_sexp_build
         (&curve_flags, NULL,
-         ((flags & PUBKEY_FLAG_NOPARAM) && ed25519_with_ecdsa)?
-         "(flags noparam ecdsa)" :
+         ((flags & PUBKEY_FLAG_NOPARAM) && (flags & PUBKEY_FLAG_EDDSA))?
+         "(flags noparam eddsa)" :
          ((flags & PUBKEY_FLAG_NOPARAM))?
          "(flags noparam)" :
-         "(flags ecdsa)");
+         "(flags eddsa)");
       if (rc)
         goto leave;
     }
@@ -573,8 +558,8 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
       log_printmpi ("ecgen result  n", sk.E.n);
       log_printmpi ("ecgen result  Q", public);
       log_printmpi ("ecgen result  d", secret);
-      if (ed25519_with_ecdsa)
-        log_debug ("ecgen result  using Ed25519/ECDSA\n");
+      if ((flags & PUBKEY_FLAG_EDDSA))
+        log_debug ("ecgen result  using Ed25519+EdDSA\n");
     }
 
  leave:
@@ -773,8 +758,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
       log_debug ("ecc_sign   info: %s/%s%s\n",
                  _gcry_ecc_model2str (sk.E.model),
                  _gcry_ecc_dialect2str (sk.E.dialect),
-                 (sk.E.dialect == ECC_DIALECT_ED25519
-                  && (ctx.flags & PUBKEY_FLAG_ECDSA))? "ECDSA":"");
+                 (ctx.flags & PUBKEY_FLAG_EDDSA)? "+EdDSA":"");
       if (sk.E.name)
         log_debug  ("ecc_sign   name: %s\n", sk.E.name);
       log_printmpi ("ecc_sign      p", sk.E.p);
@@ -940,8 +924,7 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
       log_debug ("ecc_verify info: %s/%s%s\n",
                  _gcry_ecc_model2str (pk.E.model),
                  _gcry_ecc_dialect2str (pk.E.dialect),
-                 (pk.E.dialect == ECC_DIALECT_ED25519
-                  && !(sigflags & PUBKEY_FLAG_EDDSA))? "/ECDSA":"");
+                 (sigflags & PUBKEY_FLAG_EDDSA)? "+EdDSA":"");
       if (pk.E.name)
         log_debug  ("ecc_verify name: %s\n", pk.E.name);
       log_printmpi ("ecc_verify    p", pk.E.p);
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
index 88d6bb6..a91e66f 100644
--- a/cipher/pubkey-util.c
+++ b/cipher/pubkey-util.c
@@ -107,10 +107,6 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list,
               encoding = PUBKEY_ENC_RAW;
               flags |= PUBKEY_FLAG_EDDSA;
             }
-          else if (!memcmp (s, "ecdsa", 5))
-            {
-              flags |= PUBKEY_FLAG_ECDSA;
-            }
           else if (!memcmp (s, "pkcs1", 5) && encoding == PUBKEY_ENC_UNKNOWN)
             {
               encoding = PUBKEY_ENC_PKCS1;
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
index 9c695e0..03ace83 100644
--- a/doc/gcrypt.texi
+++ b/doc/gcrypt.texi
@@ -2251,15 +2251,10 @@ Use RSA-OAEP padding for encryption.
 @cindex PSS
 Use RSA-PSS padding for signing.
 
- at item ecdsa
- at cindex ECDSA
-Create an ECDSA public key instead of using the default key generation
-of the specified curve.
-
 @item eddsa
 @cindex EdDSA
-Use the EdDSA scheme instead of the default signature algorithm of the
-used curve.
+Use the EdDSA scheme signing instead of the default ECDSA algorithm.
+Note that the EdDSA uses a special form of the public key.
 
 @item rfc6979
 @cindex RFC6979
@@ -2854,7 +2849,7 @@ is in general not recommended.
 @example
 (genkey
   (ecc
-    (flags noparam transient-key ecdsa)))
+    (flags noparam transient-key)))
 @end example
 
 @item transient-key
@@ -2899,12 +2894,12 @@ elliptic curve key generation:
   (public-key
     (ecc
       (curve Ed25519)
-      (flags noparam)
+      (flags noparam eddsa)
       (q @var{q-value})))
   (private-key
     (ecc
       (curve Ed25519)
-      (flags noparam)
+      (flags noparam eddsa)
       (q @var{q-value})
       (d @var{d-value}))))
 @end example
diff --git a/src/cipher.h b/src/cipher.h
index 551dc66..5ac891e 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -35,11 +35,10 @@
 #define PUBKEY_FLAG_USE_X931       (1 << 6)
 #define PUBKEY_FLAG_USE_FIPS186    (1 << 7)
 #define PUBKEY_FLAG_USE_FIPS186_2  (1 << 8)
-#define PUBKEY_FLAG_ECDSA          (1 << 9)
-#define PUBKEY_FLAG_EDDSA          (1 << 10)
-#define PUBKEY_FLAG_GOST           (1 << 11)
-#define PUBKEY_FLAG_NOPARAM        (1 << 12)
-#define PUBKEY_FLAG_COMP           (1 << 12)
+#define PUBKEY_FLAG_NOPARAM        (1 << 9)
+#define PUBKEY_FLAG_COMP           (1 << 10)
+#define PUBKEY_FLAG_EDDSA          (1 << 11)
+#define PUBKEY_FLAG_GOST           (1 << 12)
 
 
 enum pk_operation
diff --git a/tests/benchmark.c b/tests/benchmark.c
index 8326ab2..93874fa 100644
--- a/tests/benchmark.c
+++ b/tests/benchmark.c
@@ -997,7 +997,8 @@ ecc_bench (int iterations, int print_header)
 
       if (is_ed25519)
         err = gcry_sexp_build (&key_spec, NULL,
-                               "(genkey (ecdsa (curve \"Ed25519\")))");
+                               "(genkey (ecdsa (curve \"Ed25519\")"
+                               "(flags eddsa)))");
       else if (is_gost)
         err = gcry_sexp_build (&key_spec, NULL,
                                "(genkey (ecdsa (curve %s)))",
diff --git a/tests/keygen.c b/tests/keygen.c
index 18fe211..5879393 100644
--- a/tests/keygen.c
+++ b/tests/keygen.c
@@ -374,9 +374,14 @@ check_ecc_keys (void)
     {
       if (verbose)
         show ("creating ECC key using curve %s\n", curves[testno]);
-      rc = gcry_sexp_build (&keyparm, NULL,
-                            "(genkey(ecc(curve %s)(flags noparam)))",
-                            curves[testno]);
+      if (!strcmp (curves[testno], "Ed25519"))
+        rc = gcry_sexp_build (&keyparm, NULL,
+                              "(genkey(ecc(curve %s)(flags noparam eddsa)))",
+                              curves[testno]);
+      else
+        rc = gcry_sexp_build (&keyparm, NULL,
+                              "(genkey(ecc(curve %s)(flags noparam)))",
+                              curves[testno]);
       if (rc)
         die ("error creating S-expression: %s\n", gpg_strerror (rc));
       rc = gcry_pk_genkey (&key, keyparm);
@@ -398,8 +403,7 @@ check_ecc_keys (void)
 
   if (verbose)
     show ("creating ECC key using curve Ed25519 for ECDSA\n");
-  rc = gcry_sexp_build (&keyparm, NULL,
-                        "(genkey(ecc(curve Ed25519)(flags ecdsa)))");
+  rc = gcry_sexp_build (&keyparm, NULL, "(genkey(ecc(curve Ed25519)))");
   if (rc)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
   rc = gcry_pk_genkey (&key, keyparm);
@@ -414,7 +418,7 @@ check_ecc_keys (void)
   if (verbose)
     show ("creating ECC key using curve Ed25519 for ECDSA\n");
   rc = gcry_sexp_build (&keyparm, NULL,
-                        "(genkey(ecc(curve Ed25519)(flags noparam ecdsa)))");
+                        "(genkey(ecc(curve Ed25519)(flags noparam)))");
   if (rc)
     die ("error creating S-expression: %s\n", gpg_strerror (rc));
   rc = gcry_pk_genkey (&key, keyparm);
diff --git a/tests/pubkey.c b/tests/pubkey.c
index e41050c..4e12dfd 100644
--- a/tests/pubkey.c
+++ b/tests/pubkey.c
@@ -1057,7 +1057,7 @@ check_ed25519ecdsa_sample_key (void)
     "  (q #047b57c2c1d3ded93332b52d588dd45863478b658387413a718779c0dd1a6d95#)"
     "))";
   static const char hash_string[] =
-    "(data (flags ecdsa rfc6979)\n"
+    "(data (flags rfc6979)\n"
     " (hash sha256 #00112233445566778899AABBCCDDEEFF"
     /* */          "000102030405060708090A0B0C0D0E0F#))";
 
diff --git a/tests/t-ed25519.c b/tests/t-ed25519.c
index be200fa..465a217 100644
--- a/tests/t-ed25519.c
+++ b/tests/t-ed25519.c
@@ -288,6 +288,7 @@ one_test (int testno, const char *sk, const char *pk,
                            "(private-key"
                            " (ecc"
                            "  (curve \"Ed25519\")"
+                           "  (flags eddsa)"
                            "  (q %b)"
                            "  (d %b)))",
                            (int)buflen2, buffer2,
@@ -297,6 +298,7 @@ one_test (int testno, const char *sk, const char *pk,
                            "(private-key"
                            " (ecc"
                            "  (curve \"Ed25519\")"
+                           "  (flags eddsa)"
                            "  (d %b)))",
                            (int)buflen, buffer);
   if (err)
@@ -310,6 +312,7 @@ one_test (int testno, const char *sk, const char *pk,
                               "(public-key"
                               " (ecc"
                               "  (curve \"Ed25519\")"
+                              "  (flags eddsa)"
                               "  (q %b)))",  (int)buflen2, buffer2)))
     {
       fail ("error building s-exp for test %d, %s: %s",
diff --git a/tests/t-mpi-point.c b/tests/t-mpi-point.c
index a345cbc..ae52601 100644
--- a/tests/t-mpi-point.c
+++ b/tests/t-mpi-point.c
@@ -639,7 +639,7 @@ context_param (void)
   q = hex2mpi (sample_ed25519_q);
   gcry_sexp_release (keyparam);
   err = gcry_sexp_build (&keyparam, NULL,
-                        "(public-key(ecc(curve %s)(q %m)))",
+                        "(public-key(ecc(curve %s)(flags eddsa)(q %m)))",
                         "Ed25519", q);
   if (err)
     die ("gcry_sexp_build failed: %s\n", gpg_strerror (err));
@@ -666,7 +666,7 @@ context_param (void)
                          "Ed25519", ctx);
       get_and_cmp_mpi ("q at eddsa", sample_ed25519_q_eddsa, "Ed25519", ctx);
 
-      /* Set d tosee whether Q is correctly re-computed.  */
+      /* Set d to see whether Q is correctly re-computed.  */
       d = hex2mpi (sample_ed25519_d);
       err = gcry_mpi_ec_set_mpi ("d", d, ctx);
       if (err)

-----------------------------------------------------------------------

Summary of changes:
 cipher/ecc-misc.c    |    2 +-
 cipher/ecc.c         |   41 ++++++++++++-----------------------------
 cipher/pubkey-util.c |    4 ----
 doc/gcrypt.texi      |   15 +++++----------
 src/cipher.h         |    9 ++++-----
 tests/benchmark.c    |    3 ++-
 tests/keygen.c       |   16 ++++++++++------
 tests/pubkey.c       |    2 +-
 tests/t-ed25519.c    |    3 +++
 tests/t-mpi-point.c  |    4 ++--
 10 files changed, 40 insertions(+), 59 deletions(-)


hooks/post-receive
-- 
The GNU crypto library
http://git.gnupg.org




More information about the Gnupg-commits mailing list