[TESTING] Curve25519 encryption support (update-2)

NIIBE Yutaka gniibe at fsij.org
Mon Aug 10 12:19:42 CEST 2015


On 08/06/2015 05:29 PM, NIIBE Yutaka wrote:
> I pushed the patches by two commits.   "make check" works fine
> with libgcrypt 1.6.3 and patched libgcrypt.

I committed following fix.  I was confused that GnuPG frontend
use curve OID when sending to gpg-agent, but it is curve name.

    agent: fix ECC key handling.

    * agent/cvt-openpgp.c (get_keygrip, convert_secret_key)
    (convert_transfer_key): CURVE is the name of curve.

diff --git a/agent/cvt-openpgp.c b/agent/cvt-openpgp.c
index 39ccba2..8bf5873 100644
--- a/agent/cvt-openpgp.c
+++ b/agent/cvt-openpgp.c
@@ -87,16 +87,10 @@ get_keygrip (int pubkey_algo, const char *curve, gcry_mpi_t *pkey,
         {
           const char *format;

-          if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
-            {
-              format = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
-              curve = "Ed25519";
-            }
-          else if (!strcmp (curve, openpgp_curve_to_oid ("Curve25519", NULL)))
-            {
-              format = "(public-key(ecc(curve %s)(flags djb-tweak)(q%m)))";
-              curve = "Curve25519";
-            }
+          if (!strcmp (curve, "Ed25519"))
+            format = "(public-key(ecc(curve %s)(flags eddsa)(q%m)))";
+          else if (!strcmp (curve, "Curve25519"))
+            format = "(public-key(ecc(curve %s)(flags djb-tweak)(q%m)))";
           else
             format = "(public-key(ecc(curve %s)(q%m)))";

@@ -161,18 +155,12 @@ convert_secret_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey,
         {
           const char *format;

-          if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
-            {
-              /* Do not store the OID as name but the real name and the
-                 EdDSA flag.  */
-              format = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
-              curve = "Ed25519";
-            }
-          else if (!strcmp (curve, openpgp_curve_to_oid ("Curve25519", NULL)))
-            {
-              format = "(private-key(ecc(curve %s)(flags djb-tweak)(q%m)(d%m)))";
-              curve = "Curve25519";
-            }
+          if (!strcmp (curve, "Ed25519"))
+            /* Do not store the OID as name but the real name and the
+               EdDSA flag.  */
+            format = "(private-key(ecc(curve %s)(flags eddsa)(q%m)(d%m)))";
+          else if (!strcmp (curve, "Curve25519"))
+            format = "(private-key(ecc(curve %s)(flags djb-tweak)(q%m)(d%m)))";
           else
             format = "(private-key(ecc(curve %s)(q%m)(d%m)))";

@@ -239,23 +227,17 @@ convert_transfer_key (gcry_sexp_t *r_key, int pubkey_algo, gcry_mpi_t *skey,
         {
           const char *format;

-          if (!strcmp (curve, openpgp_curve_to_oid ("Ed25519", NULL)))
-            {
-              /* Do not store the OID as name but the real name and the
-                 EdDSA flag.  */
-              format = "(protected-private-key(ecc(curve %s)(flags eddsa)(q%m)"
-                "(protected openpgp-native%S)))";
-              curve = "Ed25519";
-            }
-          else if (!strcmp (curve, openpgp_curve_to_oid ("Curve25519", NULL)))
-            {
-              format = "(protected-private-key(ecc(curve %s)(flags djb-tweak)(q%m)"
-                "(protected openpgp-native%S)))";
-              curve = "Curve25519";
-            }
+          if (!strcmp (curve, "Ed25519"))
+            /* Do not store the OID as name but the real name and the
+               EdDSA flag.  */
+            format = "(protected-private-key(ecc(curve %s)(flags eddsa)(q%m)"
+              "(protected openpgp-native%S)))";
+          else if (!strcmp (curve, "Curve25519"))
+            format = "(protected-private-key(ecc(curve %s)(flags djb-tweak)(q%m)"
+              "(protected openpgp-native%S)))";
           else
-              format = "(protected-private-key(ecc(curve %s)(q%m)"
-                "(protected openpgp-native%S)))";
+            format = "(protected-private-key(ecc(curve %s)(q%m)"
+              "(protected openpgp-native%S)))";

           err = gcry_sexp_build (&s_skey, NULL, format, curve, skey[0], transfer_key);
         }
--



More information about the Gnupg-devel mailing list