1 From: Werner Koch <wk@gnupg.org>
2 Date: Wed, 1 Mar 2017 13:36:01 +0100
3 Subject: gpg: Allow creating keys using an existing ECC key.
5 * common/sexputil.c (get_pk_algo_from_canon_sexp): Remove arg R_ALGO.
6 Change to return the algo id. Reimplement using get_pk_algo_from_key.
7 * g10/keygen.c (check_keygrip): Adjust for change.
8 * sm/certreqgen-ui.c (check_keygrip): Ditto.
12 Signed-off-by: Werner Koch <wk@gnupg.org>
13 (cherry picked from commit 2bbdeb8ee87a6c7ec211be16391a11b7c6030bed)
15 common/sexputil.c | 65 +++++++++++++++---------------------------------------
16 common/util.h | 6 ++---
17 g10/keygen.c | 22 +++---------------
18 sm/certreqgen-ui.c | 24 +++++++++-----------
19 4 files changed, 34 insertions(+), 83 deletions(-)
21 diff --git a/common/sexputil.c b/common/sexputil.c
22 index 0c5c730..a8dc1a5 100644
23 --- a/common/sexputil.c
24 +++ b/common/sexputil.c
25 @@ -512,53 +512,6 @@ get_rsa_pk_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
29 -/* Return the algo of a public RSA expressed as an canonical encoded
30 - S-expression. The return value is a statically allocated
31 - string. On error that string is set to NULL. */
33 -get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen,
34 - const char **r_algo)
37 - const unsigned char *buf, *tok;
38 - size_t buflen, toklen;
44 - buflen = keydatalen;
46 - if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
48 - if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
50 - if (!tok || toklen != 10 || memcmp ("public-key", tok, toklen))
51 - return gpg_error (GPG_ERR_BAD_PUBKEY);
52 - if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
54 - if ((err = parse_sexp (&buf, &buflen, &depth, &tok, &toklen)))
57 - return gpg_error (GPG_ERR_BAD_PUBKEY);
59 - if (toklen == 3 && !memcmp ("rsa", tok, toklen))
61 - else if (toklen == 3 && !memcmp ("dsa", tok, toklen))
63 - else if (toklen == 3 && !memcmp ("elg", tok, toklen))
65 - else if (toklen == 5 && !memcmp ("ecdsa", tok, toklen))
67 - else if (toklen == 5 && !memcmp ("eddsa", tok, toklen))
70 - return gpg_error (GPG_ERR_PUBKEY_ALGO);
76 /* Return the algo of a public KEY of SEXP. */
78 get_pk_algo_from_key (gcry_sexp_t key)
79 @@ -606,3 +559,21 @@ get_pk_algo_from_key (gcry_sexp_t key)
85 +/* This is a variant of get_pk_algo_from_key but takes an canonical
86 + * encoded S-expression as input. Returns a GCRYPT public key
87 + * identiier or 0 on error. */
89 +get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen)
94 + if (gcry_sexp_sscan (&sexp, NULL, keydata, keydatalen))
97 + algo = get_pk_algo_from_key (sexp);
98 + gcry_sexp_release (sexp);
101 diff --git a/common/util.h b/common/util.h
102 index f7a53e1..b6d7156 100644
105 @@ -195,10 +195,10 @@ gpg_error_t get_rsa_pk_from_canon_sexp (const unsigned char *keydata,
107 unsigned char const **r_e,
109 -gpg_error_t get_pk_algo_from_canon_sexp (const unsigned char *keydata,
111 - const char **r_algo);
113 int get_pk_algo_from_key (gcry_sexp_t key);
114 +int get_pk_algo_from_canon_sexp (const unsigned char *keydata,
115 + size_t keydatalen);
118 int hex2bin (const char *string, void *buffer, size_t length);
119 diff --git a/g10/keygen.c b/g10/keygen.c
120 index 98ef29e..0180581 100644
123 @@ -1838,7 +1838,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
125 unsigned char *public;
127 - const char *algostr;
130 if (hexgrip[0] == '&')
132 @@ -1848,26 +1848,10 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
134 publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL);
136 - get_pk_algo_from_canon_sexp (public, publiclen, &algostr);
137 + algo = get_pk_algo_from_canon_sexp (public, publiclen);
140 - /* FIXME: Mapping of ECC algorithms is probably not correct. */
143 - else if (!strcmp (algostr, "rsa"))
144 - return PUBKEY_ALGO_RSA;
145 - else if (!strcmp (algostr, "dsa"))
146 - return PUBKEY_ALGO_DSA;
147 - else if (!strcmp (algostr, "elg"))
148 - return PUBKEY_ALGO_ELGAMAL_E;
149 - else if (!strcmp (algostr, "ecc"))
150 - return PUBKEY_ALGO_ECDH;
151 - else if (!strcmp (algostr, "ecdsa"))
152 - return PUBKEY_ALGO_ECDSA;
153 - else if (!strcmp (algostr, "eddsa"))
154 - return PUBKEY_ALGO_EDDSA;
157 + return map_pk_gcry_to_openpgp (algo);
161 diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c
162 index ece8668..b50d338 100644
163 --- a/sm/certreqgen-ui.c
164 +++ b/sm/certreqgen-ui.c
165 @@ -95,7 +95,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
169 - const char *algostr;
172 if (hexgrip[0] == '&')
174 @@ -105,21 +105,17 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip)
176 publiclen = gcry_sexp_canon_len (public, 0, NULL, NULL);
178 - get_pk_algo_from_canon_sexp (public, publiclen, &algostr);
179 + algo = get_pk_algo_from_canon_sexp (public, publiclen);
184 - else if (!strcmp (algostr, "rsa"))
186 - else if (!strcmp (algostr, "dsa"))
188 - else if (!strcmp (algostr, "elg"))
190 - else if (!strcmp (algostr, "ecdsa"))
196 + case GCRY_PK_RSA: return "RSA";
197 + case GCRY_PK_DSA: return "DSA";
198 + case GCRY_PK_ELG: return "ELG";
199 + case GCRY_PK_EDDSA: return "ECDSA";
200 + default: return NULL;