scd: ECDH Support

NIIBE Yutaka gniibe at
Mon Dec 22 01:50:13 CET 2014

On 12/09/2014 04:27 PM, NIIBE Yutaka wrote:
> Here are changes to support ECDH by scdaemon.

Since there is no conflict and no build issue, I pushed the changes
today.  If any problem, please let me know.

That's done, I have a concern about in this specific gpg-agent
protocol of ECDH,

Currently, in the function get_it in g10/pubkey-enc.c, gpg frontend
asks gpg-agent to decode.  The format is:


Here, "s" is "secret" and "e" is ephemeral public key (let's call it
Qe).  Then, gpg-agent computes shared secret by [ds]Qe (ds: static
private key) and replies back to gpg frontend.  And it's gpg frontend
to computes secret key using "secret" and shared secret by AESWrap

It's not needed to send "secret" to gpg-agent.  I wonder if it's good
to send this data to gpg-agent.

Well, in the change of agent/divert-scd.c, it supports both formats of
(enc-val(ecdh(s%m)(e%m))) and (enc-val(ecdh(e%m))), just in case
gpg frontend will be changed.

More information about the Gnupg-devel mailing list