summaryrefslogtreecommitdiffstats
path: root/openpgp/src/crypto/backend/botan/asymmetric.rs
diff options
context:
space:
mode:
Diffstat (limited to 'openpgp/src/crypto/backend/botan/asymmetric.rs')
-rw-r--r--openpgp/src/crypto/backend/botan/asymmetric.rs72
1 files changed, 14 insertions, 58 deletions
diff --git a/openpgp/src/crypto/backend/botan/asymmetric.rs b/openpgp/src/crypto/backend/botan/asymmetric.rs
index 5abd1c09..90be41c2 100644
--- a/openpgp/src/crypto/backend/botan/asymmetric.rs
+++ b/openpgp/src/crypto/backend/botan/asymmetric.rs
@@ -504,9 +504,11 @@ impl<R> Key4<SecretParts, R>
/// EdDSA or ECDSA key is generated. Giving `for_signing == true` and
/// `curve == Cv25519` will produce an error. Likewise
/// `for_signing == false` and `curve == Ed25519` will produce an error.
- pub fn generate_ecc(for_signing: bool, curve: Curve) -> Result<Self> {
- use crate::PublicKeyAlgorithm::*;
-
+ pub(crate) fn generate_ecc_backend(for_signing: bool, curve: Curve)
+ -> Result<(PublicKeyAlgorithm,
+ mpi::PublicKey,
+ mpi::SecretKeyMaterial)>
+ {
let mut rng = RandomNumberGenerator::new_userspace()?;
let hash = crate::crypto::ecdh::default_ecdh_kdf_hash(&curve);
let sym = crate::crypto::ecdh::default_ecdh_kek_cipher(&curve);
@@ -520,50 +522,12 @@ impl<R> Key4<SecretParts, R>
Err(Error::UnsupportedEllipticCurve(curve).into()),
};
- let (mpis, secret, pk_algo) = match (curve.clone(), for_signing) {
- (Curve::Ed25519, true) => {
- let secret = Privkey::create("Ed25519", "", &mut rng)?;
- let (public, secret) = secret.get_ed25519_key()?;
-
- let public_mpis = PublicKey::EdDSA {
- curve: Curve::Ed25519,
- q: MPI::new_compressed_point(&public),
- };
- let private_mpis = mpi::SecretKeyMaterial::EdDSA {
- scalar: secret.into(),
- };
-
- (public_mpis, private_mpis.into(), EdDSA)
- },
-
- (Curve::Cv25519, false) => {
- let secret = Privkey::create("Curve25519", "", &mut rng)?;
- let public = secret.pubkey()?.get_x25519_key()?;
- let mut secret: Protected = secret.get_x25519_key()?.into();
-
- // Clamp the scalar. X25519 does the clamping
- // implicitly, but OpenPGP's ECDH over Curve25519
- // requires the secret to be clamped.
- secret[0] &= 0b1111_1000;
- secret[31] &= !0b1000_0000;
- secret[31] |= 0b0100_0000;
-
- // Reverse the scalar. See
- // https://lists.gnupg.org/pipermail/gnupg-devel/2018-February/033437.html.
- secret.reverse();
-
- let public_mpis = PublicKey::ECDH {
- curve: Curve::Cv25519,
- q: MPI::new_compressed_point(&public),
- hash,
- sym,
- };
- let private_mpis = mpi::SecretKeyMaterial::ECDH {
- scalar: secret.into(),
- };
+ match (curve.clone(), for_signing) {
+ (Curve::Ed25519, true) =>
+ unreachable!("handled in Key4::generate_ecc"),
- (public_mpis, private_mpis.into(), ECDH)
- },
+ (Curve::Cv25519, false) =>
+ unreachable!("handled in Key4::generate_ecc"),
(Curve::NistP256, true) |
(Curve::NistP384, true) |
@@ -582,7 +546,7 @@ impl<R> Key4<SecretParts, R>
scalar: secret.get_field("x")?.try_into()?,
};
- (public_mpis, private_mpis.into(), ECDSA)
+ Ok((PublicKeyAlgorithm::ECDSA, public_mpis, private_mpis))
},
(Curve::NistP256, false) |
@@ -604,19 +568,11 @@ impl<R> Key4<SecretParts, R>
scalar: secret.get_field("x")?.try_into()?,
};
- (public_mpis, private_mpis.into(), ECDH)
+ Ok((PublicKeyAlgorithm::ECDH, public_mpis, private_mpis))
},
- (cv, _) => {
- return Err(Error::UnsupportedEllipticCurve(cv).into());
- }
- };
-
- Self::with_secret(
- crate::now(),
- pk_algo,
- mpis,
- secret)
+ _ => Err(Error::UnsupportedEllipticCurve(curve).into()),
+ }
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 19:51:53 +0000