[PATCH] agent: EdDSA support for SSH
NIIBE Yutaka
gniibe at fsij.org
Fri Apr 4 10:00:03 CEST 2014
Thank you for your review.
The patch was applied, committed, and pushed.
On 2014-04-04 at 08:08 +0200, Werner Koch wrote:
> I should have used opaque MPI (binary buffer stored in an MPI
> object) here. The EdDSA code in Libgcrypt allows for that.
I learned the code in Libgcrypt, a bit. IIUC, we can handle opaque
binary data by MPI with GCRYMPI_FLAG_OPAQUE. Here, I think that we
need to use GCRYMPI_FMT_USG format for gcry_mpi_print, and we need to
use "%M" expression for gcry_sexp_build.
For the latter, I think that following patch should be applied.
I put conditionally adding "(flags eddsa)" for keygrip_from_pk in
g10/keyid.c, too.
diff --git a/agent/command-ssh.c b/agent/command-ssh.c
index 364a8cc..4407382 100644
--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@@ -1721,7 +1721,7 @@ sexp_key_construct (gcry_sexp_t *r_sexp,
else if (secret)
err = gcry_sexp_build (&sexp_new, NULL,
"(private-key(ecc(curve %s)"
- "(flags eddsa)(q %m)(d %m))"
+ "(flags eddsa)(q %M)(d %M))"
"(comment%s))",
curve_name,
mpis[0], mpis[1],
@@ -1729,7 +1729,7 @@ sexp_key_construct (gcry_sexp_t *r_sexp,
else
err = gcry_sexp_build (&sexp_new, NULL,
"(public-key(ecc(curve %s)"
- "(flags eddsa)(q %m))"
+ "(flags eddsa)(q %M))"
"(comment%s))",
curve_name,
mpis[0],
@@ -2257,7 +2257,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
{
err = gcry_sexp_build (&key, NULL,
"(private-key(ecc(curve \"Ed25519\")"
- "(flags eddsa)(q %m)(d %m))"
+ "(flags eddsa)(q %M)(d %M))"
"(comment%s))",
mpi_list[0], mpi_list[1],
comment? comment:"");
@@ -2266,7 +2266,7 @@ ssh_receive_key (estream_t stream, gcry_sexp_t *key_new, int secret,
{
err = gcry_sexp_build (&key, NULL,
"(public-key(ecc(curve \"Ed25519\")"
- "(flags eddsa)(q %m))"
+ "(flags eddsa)(q %M))"
"(comment%s))",
mpi_list[0],
comment? comment:"");
diff --git a/g10/keyid.c b/g10/keyid.c
index 9ed64a4..a63ee97 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -813,7 +813,9 @@ keygrip_from_pk (PKT_public_key *pk, unsigned char *array)
else
{
err = gcry_sexp_build (&s_pkey, NULL,
- "(public-key(ecc(curve%s)(q%m)))",
+ pk->pubkey_algo == PUBKEY_ALGO_EDDSA ?
+ "(public-key(ecc(curve%s)(flags eddsa)(q%M)))"
+ : "(public-key(ecc(curve%s)(q%m)))",
curve, pk->pkey[1]);
xfree (curve);
}
diff --git a/g10/pkglue.c b/g10/pkglue.c
index 67d2efd..3dcb8c5 100644
--- a/g10/pkglue.c
+++ b/g10/pkglue.c
@@ -100,7 +100,7 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
{
rc = gcry_sexp_build (&s_pkey, NULL,
"(public-key(ecc(curve %s)"
- "(flags eddsa)(q%m)))",
+ "(flags eddsa)(q%M)))",
curve, pkey[1]);
xfree (curve);
}
@@ -115,7 +115,7 @@ pk_verify (pubkey_algo_t pkalgo, gcry_mpi_t hash,
if (pkalgo == PUBKEY_ALGO_EDDSA)
{
if (gcry_sexp_build (&s_hash, NULL,
- "(data(flags eddsa)(hash-algo sha512)(value %m))",
+ "(data(flags eddsa)(hash-algo sha512)(value %M))",
hash))
BUG (); /* gcry_sexp_build should never fail. */
}
@@ -347,7 +347,7 @@ pk_check_secret_key (pubkey_algo_t pkalgo, gcry_mpi_t *skey)
{
rc = gcry_sexp_build (&s_skey, NULL,
"(private-key(ecc(curve %s)"
- "(flags eddsa)(q%m)(d%m)))",
+ "(flags eddsa)(q%M)(d%M)))",
curve, skey[1], skey[2]);
xfree (curve);
}
--
More information about the Gnupg-devel
mailing list