#include "pgen.h"
#include "ptab.h"
#include "rsa.h"
+#include "x25519.h"
+#include "ed25519.h"
#include "cc.h"
#include "sha-mgf.h"
/* --- @copyparam@ --- *
*
* Arguments: @keyopts *k@ = pointer to key options
- * @const char **pp@ = checklist of parameters
+ * @const char **pp@ = checklist of parameters, or null
*
* Returns: Nonzero if parameters copied; zero if you have to generate
* them.
key_attriter i;
key_data *kd;
const char *n, *v;
+ dstr t = DSTR_INIT;
kf.f = KCAT_SHARE;
kf.m = KF_CATMASK;
if (!k->p)
return (0);
- /* --- Run through the checklist --- */
+ /* --- Copy the key data if there's anything we want --- */
- while (*pp) {
- key_data *kd = key_structfind(k->p->k, *pp);
- if (!kd)
- die(EXIT_FAILURE, "bad parameter key: parameter `%s' not found", *pp);
- if (!KEY_MATCH(kd, &kf))
- die(EXIT_FAILURE, "bad parameter key: subkey `%s' is not shared", *pp);
- pp++;
- }
+ if (pp) {
- /* --- Copy over the parameters --- */
+ /* --- Run through the checklist --- */
- kd = key_copydata(k->p->k, &kf);
- assert(kd);
- key_setkeydata(k->kf, k->k, kd);
- key_drop(kd);
+ key_fulltag(k->p, &t);
+ if ((k->p->k->e & KF_ENCMASK) != KENC_STRUCT)
+ die(EXIT_FAILURE, "parameter key `%s' is not structured", t.buf);
+ while (*pp) {
+ key_data *kd = key_structfind(k->p->k, *pp);
+ if (!kd) {
+ die(EXIT_FAILURE,
+ "bad parameter key `%s': parameter `%s' not found", t.buf, *pp);
+ }
+ if (!KEY_MATCH(kd, &kf)) {
+ die(EXIT_FAILURE,
+ "bad parameter key `%s': subkey `%s' is not shared", t.buf, *pp);
+ }
+ pp++;
+ }
+
+ /* --- Copy over the parameters --- */
+
+ kd = key_copydata(k->p->k, &kf);
+ assert(kd);
+ key_setkeydata(k->kf, k->k, kd);
+ key_drop(kd);
+ }
/* --- Copy over attributes --- */
/* --- Done --- */
+ dstr_destroy(&t);
return (1);
}
/* --- Key generation algorithms --- */
+static void alg_empty(keyopts *k)
+{
+ copyparam(k, 0);
+ key_setkeydata(k->kf, k->k,
+ key_newstring(KCAT_SHARE, k->curve ? k->curve : "."));
+}
+
static void alg_binary(keyopts *k)
{
unsigned sz;
if (!k->bits)
k->bits = 128;
- if (k->p)
- die(EXIT_FAILURE, "no shared parameters for binary keys");
+ copyparam(k, 0);
sz = (k->bits + 7) >> 3;
p = sub_alloc(sz);
if (!k->bits)
k->bits = 168;
- if (k->p)
- die(EXIT_FAILURE, "no shared parameters for DES keys");
+ copyparam(k, 0);
if (k->bits % 56 || k->bits > 168)
die(EXIT_FAILURE, "DES keys must be 56, 112 or 168 bits long");
/* --- Sanity checking --- */
- if (k->p)
- die(EXIT_FAILURE, "no shared parameters for RSA keys");
+ copyparam(k, 0);
if (!k->bits)
k->bits = 1024;
/* --- Sanity checking --- */
- if (k->p)
- die(EXIT_FAILURE, "no shared parameters for Blum-Blum-Shub keys");
+ copyparam(k, 0);
if (!k->bits)
k->bits = 1024;
mp_drop(x);
}
+static void alg_x25519(keyopts *k)
+{
+ key_data *kd, *kkd;
+ octet priv[X25519_KEYSZ], pub[X25519_PUBSZ];
+
+ copyparam(k, 0);
+ k->r->ops->fill(k->r, priv, sizeof(priv));
+ x25519(pub, priv, x25519_base);
+ kkd = key_newstruct();
+ key_structsteal(kkd, "priv",
+ key_newbinary(KCAT_PRIV | KF_BURN, priv, sizeof(priv)));
+ kd = key_newstruct();
+ key_structsteal(kd, "private", kkd);
+ key_structsteal(kd, "pub", key_newbinary(KCAT_PUB, pub, sizeof(pub)));
+
+ key_setkeydata(k->kf, k->k, kd);
+}
+
+static void alg_ed25519(keyopts *k)
+{
+ key_data *kd, *kkd;
+ octet priv[ED25519_KEYSZ], pub[ED25519_PUBSZ];
+
+ copyparam(k, 0);
+ k->r->ops->fill(k->r, priv, sizeof(priv));
+ ed25519_pubkey(pub, priv, sizeof(priv));
+ kkd = key_newstruct();
+ key_structsteal(kkd, "priv",
+ key_newbinary(KCAT_PRIV | KF_BURN, priv, sizeof(priv)));
+ kd = key_newstruct();
+ key_structsteal(kd, "private", kkd);
+ key_structsteal(kd, "pub", key_newbinary(KCAT_PUB, pub, sizeof(pub)));
+
+ key_setkeydata(k->kf, k->k, kd);
+}
+
/* --- The algorithm tables --- */
typedef struct keyalg {
{ "bindh-param", alg_binparam, "Binary-field DH parameters" },
{ "ec-param", alg_ecparam, "Elliptic curve parameters" },
{ "ec", alg_ec, "Elliptic curve crypto" },
+ { "x25519", alg_x25519, "X25519 key exchange" },
+ { "ed25519", alg_ed25519, "Ed25519 digital signatures" },
+ { "empty", alg_empty, "Empty parametrs-only key" },
{ 0, 0 }
};
/* --- Find the parameter key --- */
- if (ptag) {
- if ((k.p = key_bytag(&f, ptag)) == 0)
- die(EXIT_FAILURE, "parameter key `%s' not found", ptag);
- if ((k.p->k->e & KF_ENCMASK) != KENC_STRUCT)
- die(EXIT_FAILURE, "parameter key `%s' is not structured", ptag);
- }
+ if (ptag && (k.p = key_bytag(&f, ptag)) == 0)
+ die(EXIT_FAILURE, "parameter key `%s' not found", ptag);
/* --- Now generate the actual key data --- */