ecc: Add an API for X25519 function as gcry_ecc_mul_point.

* configure.ac: Add ecc-ecdh.lo.
* cipher/Makefile.am: Add ecc-ecdh.c.
* cipher/ecc-common.h (reverse_buffer): Expose.
* cipher/ecc-eddsa.c (reverse_buffer): Expose.
* cipher/ecc-curves.c (domain_parms): Fix as the errata of RFC.
* cipher/ecc-ecdh.c: New.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix for other curves
than Curve25519.
* src/gcrypt-int.h (_gcry_ecc_mul_point): New.
* src/gcrypt.h.in (enum gcry_ecc_curves): New.
(gcry_ecc_mul_point): new.
* src/libgcrypt.def (gcry_ecc_mul_point): New.
* src/libgcrypt.vers (gcry_ecc_mul_point): New.
* src/visibility.h (gcry_ecc_mul_point): New.
* src/visibility.c (gcry_ecc_mul_point): New.
* tests/t-cv25519.c (test_cv_hl): Rename from test_cv.
(test_cv_x25519): New.
(test_cv): Call both of test_cv_hl and test_cv_x25519.

--

Add new API gcry_ecc_mul_point for direct use of X25519 function.
"Direct use" means, its inputs and output are binary octet in native
format, while no lengths check inside.  It's a responsibility of
caller.

We can use gcry_pk_encrypt for implementing X25519, but the API of
gcry_pk_encrypt uses SEXP format, which is a bit cumbersome.

GnuPG-bug-id: 4293
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

1 files changed, 3 insertions, 0 deletions

diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h
index 7934f148..30249bba 100644
--- a/src/gcrypt-int.h
+++ b/src/gcrypt-int.h
@@ -109,6 +109,9 @@ const char *_gcry_pk_get_curve (gcry_sexp_t key, int iterator,
 gcry_sexp_t _gcry_pk_get_param (int algo, const char *name);
 gpg_err_code_t _gcry_pubkey_get_sexp (gcry_sexp_t *r_sexp,
                                       int mode, gcry_ctx_t ctx);
+gpg_error_t _gcry_ecc_mul_point (int algo, unsigned char **r_result,
+                                 const unsigned char *scalar,
+                                 const unsigned char *point);
 
 
 gpg_err_code_t _gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags);