[git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.12-16-g5e5f3ca
by Werner Koch
cvs at cvs.gnupg.org
Tue Jan 29 20:23:42 CET 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 5e5f3ca0c2e08185a236b4d04b318f81004e3223 (commit)
via b78f293cf06f447d1d0a5c416ac129a4e1cf9f8c (commit)
via dddbb26155f292fde2909ecc84b62b693b6dea49 (commit)
from 9fd6ba268f1fdf77cc5baa6e8fd3ab28e432e49b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5e5f3ca0c2e08185a236b4d04b318f81004e3223
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 29 19:52:08 2019 +0100
gpg: Implement searching keys via keygrip.
* kbx/keybox-defs.h (struct _keybox_openpgp_key_info): Add field grip.
* kbx/keybox-openpgp.c (struct keyparm_s): New.
(keygrip_from_keyparm): New.
(parse_key): Compute keygrip.
* kbx/keybox-search.c (blob_openpgp_has_grip): New.
(has_keygrip): Call it.
--
This has been marked for too long as not yet working. However, it is
a pretty useful feature and will come pretty handy when looking for
all keys matching one keygrip.
Can be optimized a lot by storing the keygrip in the meta data. This
will be done along with the upgrade of KBX for v5 fingerprints.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit c128667b3cba749dd14262e032d4c260a2b0acd3)
diff --git a/doc/specify-user-id.texi b/doc/specify-user-id.texi
index b363c2a..64e354b 100644
--- a/doc/specify-user-id.texi
+++ b/doc/specify-user-id.texi
@@ -135,7 +135,7 @@ RFC-2253 encoded DN of the issuer. See note above.
@item By keygrip.
This is indicated by an ampersand followed by the 40 hex digits of a
keygrip. @command{gpgsm} prints the keygrip when using the command
- at option{--dump-cert}. It does not yet work for OpenPGP keys.
+ at option{--dump-cert}.
@cartouche
@example
@@ -171,6 +171,3 @@ Using the RFC-2253 format of DNs has the drawback that it is not
possible to map them back to the original encoding, however we don't
have to do this because our key database stores this encoding as meta
data.
-
-
-
diff --git a/kbx/kbxutil.c b/kbx/kbxutil.c
index 07774f2..f156122 100644
--- a/kbx/kbxutil.c
+++ b/kbx/kbxutil.c
@@ -330,6 +330,18 @@ dump_fpr (const unsigned char *buffer, size_t len)
static void
+dump_grip (const unsigned char *buffer, size_t len)
+{
+ int i;
+
+ for (i=0; i < len; i++, buffer++)
+ {
+ printf ("%02X", buffer[0]);
+ }
+}
+
+
+static void
dump_openpgp_key (keybox_openpgp_info_t info, const unsigned char *image)
{
printf ("pub %2d %02X%02X%02X%02X",
@@ -338,6 +350,9 @@ dump_openpgp_key (keybox_openpgp_info_t info, const unsigned char *image)
info->primary.keyid[6], info->primary.keyid[7] );
dump_fpr (info->primary.fpr, info->primary.fprlen);
putchar ('\n');
+ fputs ("grp ", stdout);
+ dump_grip (info->primary.grip, 20);
+ putchar ('\n');
if (info->nsubkeys)
{
struct _keybox_openpgp_key_info *k;
@@ -351,6 +366,9 @@ dump_openpgp_key (keybox_openpgp_info_t info, const unsigned char *image)
k->keyid[6], k->keyid[7] );
dump_fpr (k->fpr, k->fprlen);
putchar ('\n');
+ fputs ("grp ", stdout);
+ dump_grip (k->grip, 20);
+ putchar ('\n');
k = k->next;
}
while (k);
diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h
index be2dd72..d2b79ba 100644
--- a/kbx/keybox-defs.h
+++ b/kbx/keybox-defs.h
@@ -94,11 +94,12 @@ struct keybox_handle {
};
-/* Openpgp helper structures. */
+/* OpenPGP helper structures. */
struct _keybox_openpgp_key_info
{
struct _keybox_openpgp_key_info *next;
int algo;
+ unsigned char grip[20];
unsigned char keyid[8];
int fprlen; /* Either 16 or 20 */
unsigned char fpr[20];
diff --git a/kbx/keybox-openpgp.c b/kbx/keybox-openpgp.c
index 0ba0b9a..6d6ed77 100644
--- a/kbx/keybox-openpgp.c
+++ b/kbx/keybox-openpgp.c
@@ -38,6 +38,13 @@
#include "../common/openpgpdefs.h"
#include "../common/host2net.h"
+struct keyparm_s
+{
+ const char *mpi;
+ int len; /* int to avoid a cast in gcry_sexp_build. */
+};
+
+
/* Assume a valid OpenPGP packet at the address pointed to by BUFBTR
which has a maximum length as stored at BUFLEN. Return the header
information of that packet and advance the pointer stored at BUFPTR
@@ -165,6 +172,86 @@ next_packet (unsigned char const **bufptr, size_t *buflen,
}
+/* Take a list of key parameters KP for the OpenPGP ALGO and compute
+ * the keygrip which will be stored at GRIP. GRIP needs to be a
+ * buffer of 20 bytes. */
+static gpg_error_t
+keygrip_from_keyparm (int algo, struct keyparm_s *kp, unsigned char *grip)
+{
+ gpg_error_t err;
+ gcry_sexp_t s_pkey = NULL;
+
+ switch (algo)
+ {
+ case PUBKEY_ALGO_DSA:
+ err = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(dsa(p%b)(q%b)(g%b)(y%b)))",
+ kp[0].len, kp[0].mpi,
+ kp[1].len, kp[1].mpi,
+ kp[2].len, kp[2].mpi,
+ kp[3].len, kp[3].mpi);
+ break;
+
+ case PUBKEY_ALGO_ELGAMAL:
+ case PUBKEY_ALGO_ELGAMAL_E:
+ err = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(elg(p%b)(g%b)(y%b)))",
+ kp[0].len, kp[0].mpi,
+ kp[1].len, kp[1].mpi,
+ kp[2].len, kp[2].mpi);
+ break;
+
+ case PUBKEY_ALGO_RSA:
+ case PUBKEY_ALGO_RSA_S:
+ case PUBKEY_ALGO_RSA_E:
+ err = gcry_sexp_build (&s_pkey, NULL,
+ "(public-key(rsa(n%b)(e%b)))",
+ kp[0].len, kp[0].mpi,
+ kp[1].len, kp[1].mpi);
+ break;
+
+ case PUBKEY_ALGO_EDDSA:
+ case PUBKEY_ALGO_ECDSA:
+ case PUBKEY_ALGO_ECDH:
+ {
+ char *curve = openpgp_oidbuf_to_str (kp[0].mpi, kp[0].len);
+ if (!curve)
+ err = gpg_error_from_syserror ();
+ else
+ {
+ err = gcry_sexp_build
+ (&s_pkey, NULL,
+ (algo == PUBKEY_ALGO_EDDSA)?
+ "(public-key(ecc(curve%s)(flags eddsa)(q%b)))":
+ (algo == PUBKEY_ALGO_ECDH
+ && openpgp_oidbuf_is_cv25519 (kp[0].mpi, kp[0].len))?
+ "(public-key(ecc(curve%s)(flags djb-tweak)(q%b)))":
+ "(public-key(ecc(curve%s)(q%b)))",
+ curve, kp[1].len, kp[1].mpi);
+ xfree (curve);
+ }
+ }
+ break;
+
+ default:
+ err = gpg_error (GPG_ERR_PUBKEY_ALGO);
+ break;
+ }
+
+ if (!err && !gcry_pk_get_keygrip (s_pkey, grip))
+ {
+ log_info ("kbx: error computing keygrip\n");
+ err = gpg_error (GPG_ERR_GENERAL);
+ }
+
+ gcry_sexp_release (s_pkey);
+
+ if (err)
+ memset (grip, 0, 20);
+ return err;
+}
+
+
/* Parse a key packet and store the information in KI. */
static gpg_error_t
parse_key (const unsigned char *data, size_t datalen,
@@ -176,10 +263,10 @@ parse_key (const unsigned char *data, size_t datalen,
size_t n;
int npkey;
unsigned char hashbuffer[768];
- const unsigned char *mpi_n = NULL;
- size_t mpi_n_len = 0, mpi_e_len = 0;
gcry_md_hd_t md;
int is_ecc = 0;
+ struct keyparm_s keyparm[OPENPGP_MAX_NPKEY];
+ unsigned char *helpmpibuf[OPENPGP_MAX_NPKEY] = { NULL };
if (datalen < 5)
return gpg_error (GPG_ERR_INV_PACKET);
@@ -245,6 +332,9 @@ parse_key (const unsigned char *data, size_t datalen,
nbytes++; /* The size byte itself. */
if (datalen < nbytes)
return gpg_error (GPG_ERR_INV_PACKET);
+
+ keyparm[i].mpi = data;
+ keyparm[i].len = nbytes;
}
else
{
@@ -254,21 +344,40 @@ parse_key (const unsigned char *data, size_t datalen,
nbytes = (nbits+7) / 8;
if (datalen < nbytes)
return gpg_error (GPG_ERR_INV_PACKET);
- /* For use by v3 fingerprint calculation we need to know the RSA
- modulus and exponent. */
- if (i==0)
- {
- mpi_n = data;
- mpi_n_len = nbytes;
- }
- else if (i==1)
- mpi_e_len = nbytes;
+
+ keyparm[i].mpi = data;
+ keyparm[i].len = nbytes;
}
data += nbytes; datalen -= nbytes;
}
n = data - data_start;
+
+ /* Note: Starting here we need to jump to leave on error. */
+
+ /* Make sure the MPIs are unsigned. */
+ for (i=0; i < npkey; i++)
+ {
+ if (!keyparm[i].len || (keyparm[i].mpi[0] & 0x80))
+ {
+ helpmpibuf[i] = xtrymalloc (1+keyparm[i].len);
+ if (!helpmpibuf[i])
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ helpmpibuf[i][0] = 0;
+ memcpy (helpmpibuf[i]+1, keyparm[i].mpi, keyparm[i].len);
+ keyparm[i].mpi = helpmpibuf[i];
+ keyparm[i].len++;
+ }
+ }
+
+ err = keygrip_from_keyparm (algorithm, keyparm, ki->grip);
+ if (err)
+ goto leave;
+
if (version < 4)
{
/* We do not support any other algorithm than RSA in v3
@@ -279,20 +388,20 @@ parse_key (const unsigned char *data, size_t datalen,
err = gcry_md_open (&md, GCRY_MD_MD5, 0);
if (err)
return err; /* Oops */
- gcry_md_write (md, mpi_n, mpi_n_len);
- gcry_md_write (md, mpi_n+mpi_n_len+2, mpi_e_len);
+ gcry_md_write (md, keyparm[0].mpi, keyparm[0].len);
+ gcry_md_write (md, keyparm[1].mpi, keyparm[1].len);
memcpy (ki->fpr, gcry_md_read (md, 0), 16);
gcry_md_close (md);
ki->fprlen = 16;
- if (mpi_n_len < 8)
+ if (keyparm[0].len < 8)
{
/* Moduli less than 64 bit are out of the specs scope. Zero
them out because this is what gpg does too. */
memset (ki->keyid, 0, 8);
}
else
- memcpy (ki->keyid, mpi_n + mpi_n_len - 8, 8);
+ memcpy (ki->keyid, keyparm[0].mpi + keyparm[0].len - 8, 8);
}
else
{
@@ -327,7 +436,11 @@ parse_key (const unsigned char *data, size_t datalen,
memcpy (ki->keyid, ki->fpr+12, 8);
}
- return 0;
+ leave:
+ for (i=0; i < npkey; i++)
+ xfree (helpmpibuf[i]);
+
+ return err;
}
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index e309cce..1f5dbdf 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -497,6 +497,58 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
}
+/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
+ * We don't have the keygrips as meta data, thus we need to parse the
+ * certificate. Fixme: We might want to return proper error codes
+ * instead of failing a search for invalid certificates etc. */
+static int
+blob_openpgp_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
+{
+ int rc = 0;
+ const unsigned char *buffer;
+ size_t length;
+ size_t cert_off, cert_len;
+ struct _keybox_openpgp_info info;
+ struct _keybox_openpgp_key_info *k;
+
+ buffer = _keybox_get_blob_image (blob, &length);
+ if (length < 40)
+ return 0; /* Too short. */
+ cert_off = get32 (buffer+8);
+ cert_len = get32 (buffer+12);
+ if ((uint64_t)cert_off+(uint64_t)cert_len > (uint64_t)length)
+ return 0; /* Too short. */
+
+ if (_keybox_parse_openpgp (buffer + cert_off, cert_len, NULL, &info))
+ return 0; /* Parse error. */
+
+ if (!memcmp (info.primary.grip, grip, 20))
+ {
+ rc = 1;
+ goto leave;
+ }
+
+ if (info.nsubkeys)
+ {
+ k = &info.subkeys;
+ do
+ {
+ if (!memcmp (k->grip, grip, 20))
+ {
+ rc = 1;
+ goto leave;
+ }
+ k = k->next;
+ }
+ while (k);
+ }
+
+ leave:
+ _keybox_destroy_openpgp_info (&info);
+ return rc;
+}
+
+
#ifdef KEYBOX_WITH_X509
/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
We don't have the keygrips as meta data, thus we need to parse the
@@ -606,12 +658,11 @@ has_fingerprint (KEYBOXBLOB blob, const unsigned char *fpr)
static inline int
has_keygrip (KEYBOXBLOB blob, const unsigned char *grip)
{
+ if (blob_get_type (blob) == KEYBOX_BLOBTYPE_PGP)
+ return blob_openpgp_has_grip (blob, grip);
#ifdef KEYBOX_WITH_X509
if (blob_get_type (blob) == KEYBOX_BLOBTYPE_X509)
return blob_x509_has_grip (blob, grip);
-#else
- (void)blob;
- (void)grip;
#endif
return 0;
}
commit b78f293cf06f447d1d0a5c416ac129a4e1cf9f8c
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 29 18:20:34 2019 +0100
common: Provide some convenient OpenPGP related constants.
* common/openpgpdefs.h (OPENPGP_MAX_NPKEY): New.
(OPENPGP_MAX_NSKEY): New.
(OPENPGP_MAX_NSIG): New.
(OPENPGP_MAX_NENC): New.
* g10/packet.h: Define PUBKEY_MAX using the new consts.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit f382984966a31a4cbe572bce5370590c5490ed1e)
diff --git a/common/openpgpdefs.h b/common/openpgpdefs.h
index 85a4251..73776b3 100644
--- a/common/openpgpdefs.h
+++ b/common/openpgpdefs.h
@@ -184,5 +184,11 @@ typedef enum
}
compress_algo_t;
+/* Limits to be used for static arrays. */
+#define OPENPGP_MAX_NPKEY 5 /* Maximum number of public key parameters. */
+#define OPENPGP_MAX_NSKEY 7 /* Maximum number of secret key parameters. */
+#define OPENPGP_MAX_NSIG 2 /* Maximum number of signature parameters. */
+#define OPENPGP_MAX_NENC 2 /* Maximum number of encryption parameters. */
+
#endif /*GNUPG_COMMON_OPENPGPDEFS_H*/
diff --git a/g10/packet.h b/g10/packet.h
index 6d01b10..d273bb3 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -34,11 +34,11 @@
#define DEBUG_PARSE_PACKET 1
-/* Constants to allocate static MPI arrays. */
-#define PUBKEY_MAX_NPKEY 5
-#define PUBKEY_MAX_NSKEY 7
-#define PUBKEY_MAX_NSIG 2
-#define PUBKEY_MAX_NENC 2
+/* Constants to allocate static MPI arrays. */
+#define PUBKEY_MAX_NPKEY OPENPGP_MAX_NPKEY
+#define PUBKEY_MAX_NSKEY OPENPGP_MAX_NSKEY
+#define PUBKEY_MAX_NSIG OPENPGP_MAX_NSIG
+#define PUBKEY_MAX_NENC OPENPGP_MAX_NENC
/* Usage flags */
#define PUBKEY_USAGE_SIG GCRY_PK_USAGE_SIGN /* Good for signatures. */
commit dddbb26155f292fde2909ecc84b62b693b6dea49
Author: Werner Koch <wk at gnupg.org>
Date: Tue Jan 29 18:19:05 2019 +0100
common: New helper functions for OpenPGP curve OIDs.
* common/openpgp-oid.c (openpgp_oidbuf_to_str): Factor most code out
to ...
(openpgp_oidbuf_to_str): new.
(openpgp_oidbuf_is_ed25519): New.
(openpgp_oidbuf_is_cv25519): New.
--
At some places it is more convenient (and faster) to directly work on
buffers and avoid the way via opaque MPIs. These 3 new functions
allow for that.
Signed-off-by: Werner Koch <wk at gnupg.org>
(cherry picked from commit 4a1558d0c7190cf13d35385e47291a7aa121be3e)
diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c
index d800e7d..18c5710 100644
--- a/common/openpgp-oid.c
+++ b/common/openpgp-oid.c
@@ -184,48 +184,36 @@ openpgp_oid_from_str (const char *string, gcry_mpi_t *r_mpi)
}
-/* Return a malloced string represenation of the OID in the opaque MPI
- A. In case of an error NULL is returned and ERRNO is set. */
+/* Return a malloced string representation of the OID in the buffer
+ * (BUF,LEN). In case of an error NULL is returned and ERRNO is set.
+ * As per OpenPGP spec the first byte of the buffer is the length of
+ * the rest; the function performs a consistency check. */
char *
-openpgp_oid_to_str (gcry_mpi_t a)
+openpgp_oidbuf_to_str (const unsigned char *buf, size_t len)
{
- const unsigned char *buf;
- size_t length;
- unsigned int lengthi;
char *string, *p;
int n = 0;
unsigned long val, valmask;
valmask = (unsigned long)0xfe << (8 * (sizeof (valmask) - 1));
-
- if (!a
- || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)
- || !(buf = gcry_mpi_get_opaque (a, &lengthi)))
- {
- gpg_err_set_errno (EINVAL);
- return NULL;
- }
-
- buf = gcry_mpi_get_opaque (a, &lengthi);
- length = (lengthi+7)/8;
-
/* The first bytes gives the length; check consistency. */
- if (!length || buf[0] != length -1)
+
+ if (!len || buf[0] != len -1)
{
gpg_err_set_errno (EINVAL);
return NULL;
}
/* Skip length byte. */
- length--;
+ len--;
buf++;
/* To calculate the length of the string we can safely assume an
upper limit of 3 decimal characters per byte. Two extra bytes
account for the special first octect */
- string = p = xtrymalloc (length*(1+3)+2+1);
+ string = p = xtrymalloc (len*(1+3)+2+1);
if (!string)
return NULL;
- if (!length)
+ if (!len)
{
*p = 0;
return string;
@@ -237,7 +225,7 @@ openpgp_oid_to_str (gcry_mpi_t a)
p += sprintf (p, "1.%d", buf[n]-40);
else {
val = buf[n] & 0x7f;
- while ( (buf[n]&0x80) && ++n < length )
+ while ( (buf[n]&0x80) && ++n < len )
{
if ( (val & valmask) )
goto badoid; /* Overflow. */
@@ -250,10 +238,10 @@ openpgp_oid_to_str (gcry_mpi_t a)
sprintf (p, "2.%lu", val);
p += strlen (p);
}
- for (n++; n < length; n++)
+ for (n++; n < len; n++)
{
val = buf[n] & 0x7f;
- while ( (buf[n]&0x80) && ++n < length )
+ while ( (buf[n]&0x80) && ++n < len )
{
if ( (val & valmask) )
goto badoid; /* Overflow. */
@@ -278,6 +266,35 @@ openpgp_oid_to_str (gcry_mpi_t a)
}
+/* Return a malloced string representation of the OID in the opaque
+ * MPI A. In case of an error NULL is returned and ERRNO is set. */
+char *
+openpgp_oid_to_str (gcry_mpi_t a)
+{
+ const unsigned char *buf;
+ unsigned int lengthi;
+
+ if (!a
+ || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE)
+ || !(buf = gcry_mpi_get_opaque (a, &lengthi)))
+ {
+ gpg_err_set_errno (EINVAL);
+ return NULL;
+ }
+
+ buf = gcry_mpi_get_opaque (a, &lengthi);
+ return openpgp_oidbuf_to_str (buf, (lengthi+7)/8);
+}
+
+
+/* Return true if (BUF,LEN) represents the OID for Ed25519. */
+int
+openpgp_oidbuf_is_ed25519 (const void *buf, size_t len)
+{
+ return (buf && len == DIM (oid_ed25519)
+ && !memcmp (buf, oid_ed25519, DIM (oid_ed25519)));
+}
+
/* Return true if A represents the OID for Ed25519. */
int
@@ -285,32 +302,36 @@ openpgp_oid_is_ed25519 (gcry_mpi_t a)
{
const unsigned char *buf;
unsigned int nbits;
- size_t n;
if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
return 0;
buf = gcry_mpi_get_opaque (a, &nbits);
- n = (nbits+7)/8;
- return (n == DIM (oid_ed25519)
- && !memcmp (buf, oid_ed25519, DIM (oid_ed25519)));
+ return openpgp_oidbuf_is_ed25519 (buf, (nbits+7)/8);
}
+/* Return true if (BUF,LEN) represents the OID for Curve25519. */
+int
+openpgp_oidbuf_is_cv25519 (const void *buf, size_t len)
+{
+ return (buf && len == DIM (oid_cv25519)
+ && !memcmp (buf, oid_cv25519, DIM (oid_cv25519)));
+}
+
+
+/* Return true if the MPI A represents the OID for Curve25519. */
int
openpgp_oid_is_cv25519 (gcry_mpi_t a)
{
const unsigned char *buf;
unsigned int nbits;
- size_t n;
if (!a || !gcry_mpi_get_flag (a, GCRYMPI_FLAG_OPAQUE))
return 0;
buf = gcry_mpi_get_opaque (a, &nbits);
- n = (nbits+7)/8;
- return (n == DIM (oid_cv25519)
- && !memcmp (buf, oid_cv25519, DIM (oid_cv25519)));
+ return openpgp_oidbuf_is_cv25519 (buf, (nbits+7)/8);
}
diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c
index cb5709d..fd9de5d 100644
--- a/common/t-openpgp-oid.c
+++ b/common/t-openpgp-oid.c
@@ -142,7 +142,15 @@ test_openpgp_oid_to_str (void)
fail (idx, 0);
xfree (string);
gcry_mpi_release (a);
- }
+
+ /* Again using the buffer variant. */
+ string = openpgp_oidbuf_to_str (samples[idx].der, samples[idx].der[0]+1);
+ if (!string)
+ fail (idx, gpg_error_from_syserror ());
+ if (strcmp (string, samples[idx].string))
+ fail (idx, 0);
+ xfree (string);
+}
}
diff --git a/common/util.h b/common/util.h
index c6d19c6..36f1b93 100644
--- a/common/util.h
+++ b/common/util.h
@@ -219,8 +219,11 @@ size_t percent_unescape_inplace (char *string, int nulrepl);
/*-- openpgp-oid.c --*/
gpg_error_t openpgp_oid_from_str (const char *string, gcry_mpi_t *r_mpi);
+char *openpgp_oidbuf_to_str (const unsigned char *buf, size_t len);
char *openpgp_oid_to_str (gcry_mpi_t a);
+int openpgp_oidbuf_is_ed25519 (const void *buf, size_t len);
int openpgp_oid_is_ed25519 (gcry_mpi_t a);
+int openpgp_oidbuf_is_cv25519 (const void *buf, size_t len);
int openpgp_oid_is_cv25519 (gcry_mpi_t a);
const char *openpgp_curve_to_oid (const char *name, unsigned int *r_nbits);
const char *openpgp_oid_to_curve (const char *oid, int canon);
-----------------------------------------------------------------------
Summary of changes:
common/openpgp-oid.c | 87 +++++++++++++++++-----------
common/openpgpdefs.h | 6 ++
common/t-openpgp-oid.c | 10 +++-
common/util.h | 3 +
doc/specify-user-id.texi | 5 +-
g10/packet.h | 10 ++--
kbx/kbxutil.c | 18 ++++++
kbx/keybox-defs.h | 3 +-
kbx/keybox-openpgp.c | 145 +++++++++++++++++++++++++++++++++++++++++------
kbx/keybox-search.c | 57 ++++++++++++++++++-
10 files changed, 281 insertions(+), 63 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list