Verified Commit a3d6a7be authored by Ingo Klöcker's avatar Ingo Klöcker Committed by Ingo Klöcker
Browse files

Defer mapping the generic algorithm IDs to specific ones

This also adds support for the curves secp256k1 and Curve448.

GnuPG-bug-id: 4429
parent 311a8679
......@@ -136,7 +136,7 @@ void OpenPGPGenerateCardKeyCommand::Private::generateKey()
command << "--force";
}
if (!algorithm.empty()) {
command << "--algo=" + QByteArray::fromStdString(algorithm);
command << "--algo=" + QByteArray::fromStdString(OpenPGPCard::getAlgorithmName(algorithm, keyRef));
}
command << "--" << QByteArray::fromStdString(keyRef);
ReaderStatus::mutableInstance()->startSimpleTransaction(pgpCard, command.join(' '), q, [this](const GpgME::Error &err) {
......@@ -188,7 +188,7 @@ void OpenPGPGenerateCardKeyCommand::doStart()
d->ensureDialogCreated();
Q_ASSERT(d->dialog);
d->dialog->setSupportedAlgorithms(pgpCard->supportedAlgorithms(d->keyRef), "rsa2048");
d->dialog->setSupportedAlgorithms(pgpCard->supportedAlgorithms(), "rsa2048");
d->dialog->show();
}
......
......@@ -108,6 +108,31 @@ QString OpenPGPCard::keyDisplayName(const std::string &keyRef)
return displayNames.value(keyRef);
}
// static
std::string OpenPGPCard::getAlgorithmName(const std::string &algorithm, const std::string &keyRef)
{
static const std::map<std::string, std::string> ecdhAlgorithmMapping = {
{ "curve25519", "cv25519" },
{ "curve448", "cv448" },
};
static const std::map<std::string, std::string> eddsaAlgorithmMapping = {
{ "curve25519", "ed25519" },
{ "curve448", "ed448" },
};
if (keyRef == OpenPGPCard::pgpEncKeyRef()) {
const auto it = ecdhAlgorithmMapping.find(algorithm);
if (it != ecdhAlgorithmMapping.end()) {
return it->second;
}
} else {
const auto it = eddsaAlgorithmMapping.find(algorithm);
if (it != eddsaAlgorithmMapping.end()) {
return it->second;
}
}
return algorithm;
}
void OpenPGPCard::setSupportedAlgorithms(const std::vector<std::string> &algorithms)
{
static const std::vector<std::string> allowedAlgorithms = {
......@@ -115,12 +140,14 @@ void OpenPGPCard::setSupportedAlgorithms(const std::vector<std::string> &algorit
"brainpoolP384r1",
"brainpoolP512r1",
"curve25519",
"curve448",
"nistp256",
"nistp384",
"nistp521",
"rsa2048",
"rsa3072",
"rsa4096",
"secp256k1",
};
mAlgorithms.clear();
std::copy_if(algorithms.begin(), algorithms.end(), std::back_inserter(mAlgorithms), [](const auto &algo) {
......@@ -137,26 +164,24 @@ std::string OpenPGPCard::pubkeyUrl() const
return cardInfo("PUBKEY-URL");
}
std::vector<AlgorithmInfo> OpenPGPCard::supportedAlgorithms(const std::string &keyRef)
std::vector<AlgorithmInfo> OpenPGPCard::supportedAlgorithms()
{
static const std::map<std::string, QString> displayNames = {
{ "brainpoolP256r1", i18nc("@info", "ECC (Brainpool P-256)") },
{ "brainpoolP384r1", i18nc("@info", "ECC (Brainpool P-384)") },
{ "brainpoolP512r1", i18nc("@info", "ECC (Brainpool P-512)") },
{ "curve25519", i18nc("@info", "ECC (Curve25519)") },
{ "curve448", i18nc("@info", "ECC (Curve448)") },
{ "nistp256", i18nc("@info", "ECC (NIST P-256)") },
{ "nistp384", i18nc("@info", "ECC (NIST P-384)") },
{ "nistp521", i18nc("@info", "ECC (NIST P-521)") },
{ "rsa2048", i18nc("@info", "RSA 2048") },
{ "rsa3072", i18nc("@info", "RSA 3072") },
{ "rsa4096", i18nc("@info", "RSA 4096") },
{ "secp256k1", i18nc("@info", "secp256k1") },
};
const std::string curve25519Algo = keyRef == OpenPGPCard::pgpEncKeyRef() ? "cv25519" : "ed25519";
std::vector<AlgorithmInfo> algos;
std::transform(mAlgorithms.cbegin(), mAlgorithms.cend(), std::back_inserter(algos), [curve25519Algo](const auto &algo) {
if (algo == "curve25519") {
return AlgorithmInfo{curve25519Algo, displayNames.at(algo)};
}
std::transform(mAlgorithms.cbegin(), mAlgorithms.cend(), std::back_inserter(algos), [](const auto &algo) {
return AlgorithmInfo{algo, displayNames.at(algo)};
});
return algos;
......
......@@ -38,6 +38,14 @@ public:
static const std::vector<KeyPairInfo> & supportedKeys();
static QString keyDisplayName(const std::string &keyRef);
/**
* Returns an algorithm name for the algorithm \p algorithm that is suitable
* for passing to scdaemon for the card slot specified by \p keyRef.
*
* For example, it maps "curve25519" to either "ed25519" or "cv25519".
*/
static std::string getAlgorithmName(const std::string &algorithm, const std::string &keyRef);
/**
* Sets the algorithms supported by this smart card to \p algorithms.
* The following values for algorithms are allowed:
......@@ -51,13 +59,12 @@ public:
std::string pubkeyUrl() const;
/**
* Returns a list of algorithm names and corresponding display names suitable
* for the card slot specified by \p keyRef.
* Returns a list of algorithm IDs and corresponding display names.
*
* \note For Curve25519, depending on the given card slot, either "ed25519"
* or "cv25519" is returned as algorithm ID.
* \note: You have to use getAlgorithmName to map the algorithm ID to
* an algorithm name suitable for a certain card slot.
*/
std::vector<AlgorithmInfo> supportedAlgorithms(const std::string &keyRef);
std::vector<AlgorithmInfo> supportedAlgorithms();
private:
std::vector<std::string> mAlgorithms;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment