gpg_do_write_prvkey for ed25519

2014-03-31 17:31:42 +09:00
parent c7a6370b74
commit f9ed79f644
4 changed files with 65 additions and 12 deletions
--- a/8
+++ b/8
@@ -1,3 +1,11 @@
+2014-04-01  Niibe Yutaka  <gniibe@fsij.org>
+
+	* src/ecc-edwards.c (eddsa_compute_public_25519): New.
+
+	* src/openpgp-do.c (algorithm_attr_ed25519): New.
+	(gpg_do_write_prvkey, proc_key_import, gpg_do_public_key): Add
+	EdDSA handling.
+
 2014-03-31  Niibe Yutaka  <gniibe@fsij.org>

 	* src/ecc-edwards.c (eddsa_sign_25519): Rename and API change.
--- a/src/ecc-edwards.c
+++ b/src/ecc-edwards.c
@@ -23,6 +23,7 @@
 */

 #include <stdint.h>
+#include <stdlib.h>
 #include <string.h>

 #include "bn.h"
@@ -815,6 +816,22 @@ eddsa_public_key_25519 (bn256 *pk, const bn256 *a)
  pk->word[7] ^= mod25519_is_neg (R->x) * 0x80000000;
 }

+
+uint8_t *
+eddsa_compute_public_25519 (const uint8_t *kd)
+{
+  uint8_t *p0;
+  const bn256 *a = (const bn256 *)kd;
+
+  p0 = (uint8_t *)malloc (sizeof (bn256));
+  if (p0 == NULL)
+    return NULL;
+
+  eddsa_public_key_25519 ((bn256 *)p0, a);
+  return p0;
+}
+
+
 #if 0
 /**
 * check if P is on the curve.
--- a/src/gnuk.h
+++ b/src/gnuk.h
@@ -248,19 +248,19 @@ extern int rsa_verify (const uint8_t *pubkey, const uint8_t *hash,
 		       const uint8_t *signature);
 extern uint8_t *rsa_genkey (void);

-extern int ecdsa_sign_p256r1  (const uint8_t *hash, uint8_t *output,
-			       const uint8_t *key_data);
+extern int ecdsa_sign_p256r1 (const uint8_t *hash, uint8_t *output,
+			      const uint8_t *key_data);
 extern uint8_t *ecdsa_compute_public_p256r1 (const uint8_t *key_data);

-extern int ecdsa_sign_p256k1  (const uint8_t *hash, uint8_t *output,
-			       const uint8_t *key_data);
+extern int ecdsa_sign_p256k1 (const uint8_t *hash, uint8_t *output,
+			      const uint8_t *key_data);
 extern uint8_t *ecdsa_compute_public_p256k1 (const uint8_t *key_data);

-
-extern int eddsa_sign_25519  (const uint8_t *input, size_t ilen,
-			      uint8_t *output,
-			      const uint8_t *sk_a, const uint8_t *seed,
-			      const uint8_t *pk);
+extern int eddsa_sign_25519 (const uint8_t *input, size_t ilen,
+			     uint8_t *output,
+			     const uint8_t *sk_a, const uint8_t *seed,
+			     const uint8_t *pk);
+extern uint8_t *eddsa_compute_public_25519 (const uint8_t *a);

 extern const uint8_t *gpg_do_read_simple (uint8_t);
 extern void gpg_do_write_simple (uint8_t, const uint8_t *, int);
--- a/src/openpgp-do.c
+++ b/src/openpgp-do.c
@@ -826,6 +826,7 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
 	return -1;
    }
 #elif !defined(RSA_AUTH) && defined(RSA_SIG)
+#if defined(ECDSA_AUTH)
  /* ECDSA with p256r1 for authentication */
  if (kk != GPG_KEY_FOR_AUTHENTICATION && key_len != KEY_CONTENT_LEN)
    return -1;
@@ -835,6 +836,17 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
      if (key_len != 32)
 	return -1;
    }
+#else
+  /* EdDSA with Ed25519 for authentication */
+  if (kk != GPG_KEY_FOR_AUTHENTICATION && key_len != KEY_CONTENT_LEN)
+    return -1;
+  if (kk == GPG_KEY_FOR_AUTHENTICATION)
+    {
+      pubkey_len = key_len / 2;
+      if (key_len != 64)
+	return -1;
+    }
+#endif
 #else
 #error "not supported."
 #endif
@@ -854,11 +866,19 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
      else
 	pubkey_allocated_here = modulus_calc (key_data, key_len);
 #elif !defined(RSA_AUTH) && defined(RSA_SIG)
+#if defined(ECDSA_AUTH)
      /* ECDSA with p256r1 for authentication */
      if (kk == GPG_KEY_FOR_AUTHENTICATION)
 	pubkey_allocated_here = ecdsa_compute_public_p256r1 (key_data);
      else
 	pubkey_allocated_here = modulus_calc (key_data, key_len);
+#else
+      /* EdDSA with Ed25519 for authentication */
+      if (kk == GPG_KEY_FOR_AUTHENTICATION)
+	pubkey_allocated_here = eddsa_compute_public_25519 (key_data);
+      else
+	pubkey_allocated_here = modulus_calc (key_data, key_len);
+#endif
 #else
 #error "not supported."
 #endif
@@ -900,7 +920,8 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
  else
    memcpy (kdi.data, key_data, KEY_CONTENT_LEN);
 #elif !defined(RSA_AUTH) && defined(RSA_SIG)
- /* ECDSA with p256r1 for authentication */
+  /* ECDSA with p256r1 for authentication */
+  /* EdDSA with Ed25519 for authentication */
  if (kk == GPG_KEY_FOR_AUTHENTICATION)
    {
      memcpy (kdi.data, key_data, key_len);
@@ -1083,14 +1104,21 @@ kkb_to_kk (uint8_t kk_byte)
 *   5f48, xx xx xx: cardholder private key
 * <E: 4-byte>, <P: 128-byte>, <Q: 128-byte>
 *
- * ECDSA / EdDSA:
+ * ECDSA:
 * 4d, xx:    Extended Header List
 *   a4 00 (AUT)
 *   7f48, xx: cardholder private key template
 *       9x LEN: 9x=tag of private key d,  LEN=length of d
 *   5f48, xx : cardholder private key
 * <d: 32-byte>
- * EdDSA 64-byte??? (a + seed, 32-byte each)
+ *
+ * EdDSA:
+ * 4d, xx:    Extended Header List
+ *   a4 00 (AUT)
+ *   7f48, xx: cardholder private key template
+ *       9x LEN: 9x=tag of private key d,  LEN=length of d
+ *   5f48, xx : cardholder private key
+ * <d: 64-byte>: (a + seed, 32-byte each)
 */
 static int
 proc_key_import (const uint8_t *data, int len)