[PATCH] Curve25519 for ECDH

[Werner Koch]

On Wed, 23 Apr 2014 14:19, wk at gnupg.org said:

> the name most people know about.  With the addition of ECDH we will use
> the appropriate appropriate curve depending on the use (Ed25519 for a
> signing key and Curve25519 for an encryption key)

Meanwhile I implemented full support for EdDSA and for that I changed
ask_curve to 

    #if GPG_USE_EDDSA
        { "Curve25519",      0, 0, 1, "Curve 25519" },
    #endif
[...]
          /* If the user selected a signing algorithm and Curve25519
             we need to update the algo and and the curve name.  */
          if ((*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
              && curves[idx].fix_curve)
            {
              *algo = PUBKEY_ALGO_EDDSA;
              result = xstrdup ("Ed25519");
            }
          else
            result = xstrdup (curves[idx].name);
          break;

This seems to be the easiest way to support it.  As soon as
Curve25519+ECDH works the selection code should be able to create an
Ed25519 primary key and a Curve25519 encryption subkey.  As of now
selecting "(9) ECC" does not work; you will get an "Unknown elliptic
curve" error during the generation.  Use "(10) ECC (sign only)" to test
Ed25519.

My change also changes the ECC import protocol between gpg and
gpg-agent.  gpg does not any longer passes the curve parameters but
merely the name of the curve.  That makes the code much easier to
understand.

Maybe you want to adjust and commit your Curve25519/ECDH patch from
2014-04-23.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.