ecc: Fix regression in keygrip computation for cv25519.
authorWerner Koch <wk@gnupg.org>
Sat, 28 Sep 2019 09:07:02 +0000 (11:07 +0200)
committerWerner Koch <wk@gnupg.org>
Sat, 28 Sep 2019 09:07:02 +0000 (11:07 +0200)
* cipher/ecc-curves.c (domain_parms): Revert g_y for cv25519.
* tests/keygrip.c: Add test case for cv25519.
--

Note that the regression is only in master and not in 1.8.

Regression-due-to: c3f39b6b55db618f77e983125072081c15bfbdd6
GnuPG-bug-id: 4712
Signed-off-by: Werner Koch <wk@gnupg.org>
cipher/ecc-curves.c
tests/keygrip.c

index 85f14ef..3e206ed 100644 (file)
@@ -154,8 +154,12 @@ static const ecc_domain_parms_t domain_parms[] =
       "0x01",
       "0x1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED",
       "0x0000000000000000000000000000000000000000000000000000000000000009",
-      "0x5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14",
+      "0x20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9",
       "0x08"
+      /* Note: As per RFC-7748 errata eid4730 the g_y value should be
+       * "0x5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14"
+       * but that breaks the keygrip.
+       */
     },
 #if 0 /* No real specs yet found.  */
     {
index 6317150..56fbba8 100644 (file)
@@ -190,6 +190,17 @@ static struct
       "\x9D\xB6\xC6\x4A\x38\x83\x0F\x49\x60\x70"
       "\x17\x89\x47\x55\x20\xBE\x8C\x82\x1F\x47"
     },
+    { /* Cv25519 */
+      GCRY_PK_ECC,
+      "(public-key"
+      " (ecc"
+      " (curve Curve25519)(flags djb-tweak)"
+      " (q #40"
+      "     918C1733127F6BF2646FAE3D081A18AE77111C903B906310B077505EFFF12740#)"
+      " ))",
+      "\x0F\x89\xA5\x65\xD3\xEA\x18\x7C\xE8\x39"
+      "\x33\x23\x98\xF5\xD4\x80\x67\x7D\xF4\x9C"
+    },
     { /* Random key  */
       GCRY_PK_RSA,
       "(shadowed-private-key"