[PATCH] ECC sign & verify
NIIBE Yutaka
gniibe at fsij.org
Fri Apr 25 02:39:20 CEST 2014
Hello,
I'm currently testing GnuPG development version with ECC.
When I tested existing ecc.test of GnuPG (with secret key import),
I found this problem. While decryption works, signing doesn't.
In the test, ecc_sign is called with no curve name but explicit curve
parameters, and fails as (ctx.flags & PUBKEY_FLAG_PARAM) == 0.
In ecc_sign, it tries to extract paramerters from KEYPARMS, only when
(ctx.flags & PUBKEY_FLAG_PARAM) is on. However, there is it makes no
sense to check ctx.flags here, since it is not dependent on the key
(but data to be signed).
On the other hand, ecc_decrypt_raw, it tries to extract paramerters
from KEYPARMS, and then tries curve name (with no checking
of (ctx.flags & PUBKEY_FLAG_PARAM)).
If it's really needed, we could add something like:
l1 = sexp_find_token (keyparms, "flags", 0);
if (l1)
{
rc = _gcry_pk_util_parse_flaglist (l1, &ctx.flags, NULL);
sexp_release (l1);
l1 = NULL;
if (rc)
goto leave;
}
But, I think that "(flags param)" only makes sense for key generation.
Here's a patch to show the problem. It works for me.
diff --git a/cipher/ecc.c b/cipher/ecc.c
index 6a60785..f7a16ec 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -810,13 +810,9 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
/*
* Extract the key.
*/
- if ((ctx.flags & PUBKEY_FLAG_PARAM))
- rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
- &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
- &mpi_q, &sk.d, NULL);
- else
- rc = sexp_extract_param (keyparms, NULL, "/q?+d",
- &mpi_q, &sk.d, NULL);
+ rc = sexp_extract_param (keyparms, NULL, "-p?a?b?g?n?/q?+d",
+ &sk.E.p, &sk.E.a, &sk.E.b, &mpi_g, &sk.E.n,
+ &mpi_q, &sk.d, NULL);
if (rc)
goto leave;
if (mpi_g)
--
More information about the Gcrypt-devel
mailing list