Enhanced support for ECDSA.

Along with the latest libksba it is now possible for gpgsm to import
an ECC certificate.

6 files changed, 119 insertions, 88 deletions

diff --git a/src/ChangeLog b/src/ChangeLog
index 194a941e..47e5bb25 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,12 @@
+2007-04-18  Werner Koch  <wk@g10code.com>
+
+	* gcrypt.h.in (gcry_sexp_nth_string): New.
+
+	* sexp.c (gcry_sexp_nth_data): Factored code out to ...
+	(sexp_nth_data): ... new.
+	(gcry_sexp_nth_string): New.
+	(gcry_sexp_nth_mpi): Reimplemented in terms of sexp_ntd_data.
+
 2007-04-16  Werner Koch  <wk@g10code.com>
 
 	* secmem.c (init_pool): Use sysconf() if available to determine
diff --git a/src/cipher.h b/src/cipher.h
index bd0cd747..2c505f78 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -57,6 +57,8 @@ void _gcry_register_pk_ecc_progress (gcry_handler_progress_t cbc,
 gcry_err_code_t _gcry_ecc_generate (int algo, unsigned int nbits,
                                     const char *curve,
                                     gcry_mpi_t *skey, gcry_mpi_t **retfactors);
+gcry_err_code_t _gcry_ecc_get_param (const char *name, gcry_mpi_t *pkey);
+
 
 /*-- primegen.c --*/
 void _gcry_register_primegen_progress (gcry_handler_progress_t cb,
diff --git a/src/g10lib.h b/src/g10lib.h
index db6b307e..2844533e 100644
--- a/src/g10lib.h
+++ b/src/g10lib.h
@@ -243,4 +243,9 @@ gcry_err_code_t _gcry_malloc (size_t n, unsigned int flags, void **mem);
 
 #define GCRY_ALLOC_FLAG_SECURE (1 << 0)
 
+
+/*-- sexp.c --*/
+char *_gcry_sexp_nth_string (const gcry_sexp_t list, int number);
+
+
 #endif /* G10LIB_H */
diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
index feda73aa..a95fa332 100644
--- a/src/gcrypt.h.in
+++ b/src/gcrypt.h.in
@@ -472,6 +472,13 @@ gcry_sexp_t gcry_sexp_cadr (const gcry_sexp_t list);
 const char *gcry_sexp_nth_data (const gcry_sexp_t list, int number,
                                 size_t *datalen);
 
+/* This function is used to get and convert data from a LIST.  The
+   data is assumed to be a Nul terminated string.  The caller must
+   release the returned value using `gcry_free'.  If there is no data
+   at the given index, the index represents a list or the value can't
+   be converted to a string, `NULL' is returned.  */
+char *gcry_sexp_nth_string (gcry_sexp_t list, int number);
+
 /* This function is used to get and convert data from a LIST. This
    data is assumed to be an MPI stored in the format described by
    MPIFMT and returned as a standard Libgcrypt MPI.  The caller must
diff --git a/src/libgcrypt.vers b/src/libgcrypt.vers
index 11639524..227f669d 100644
--- a/src/libgcrypt.vers
+++ b/src/libgcrypt.vers
@@ -82,6 +82,7 @@ GCRYPT_1.2 {
     gcry_sexp_new; gcry_sexp_nth; gcry_sexp_nth_data;
     gcry_sexp_nth_mpi; gcry_sexp_prepend; gcry_sexp_release;
     gcry_sexp_sprint; gcry_sexp_sscan; gcry_sexp_vlist;
+    gcry_sexp_nth_string;
     
     gcry_mpi_add; gcry_mpi_add_ui; gcry_mpi_addm; gcry_mpi_aprint;
     gcry_mpi_clear_bit; gcry_mpi_clear_flag; gcry_mpi_clear_highbit;
diff --git a/src/sexp.c b/src/sexp.c
index dab2b548..e88d12c1 100644
--- a/src/sexp.c
+++ b/src/sexp.c
@@ -1,6 +1,6 @@
 /* sexp.c  -  S-Expression handling
  * Copyright (C) 1999, 2000, 2001, 2002, 2003,
- *               2004, 2006 Free Software Foundation, Inc.
+ *               2004, 2006, 2007 Free Software Foundation, Inc.
  *
  * This file is part of Libgcrypt.
  *
@@ -582,116 +582,123 @@ gcry_sexp_car( const gcry_sexp_t list )
     return gcry_sexp_nth ( list, 0 );
 }
 
-/****************
- * Get data from the car.  The returned value is valid as long as the list
- * is not modified.
- */
-const char *
-gcry_sexp_nth_data( const gcry_sexp_t list, int number, size_t *datalen )
+
+/* Helper to get data from the car.  The returned value is valid as
+   long as the list is not modified. */
+static const char *
+sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen)
 {
-    const byte *p;
-    DATALEN n;
-    int level = 0;
+  const byte *p;
+  DATALEN n;
+  int level = 0;
+  
+  *datalen = 0;
+  if ( !list ) 
+    return NULL;
 
-    *datalen = 0;
-    if ( !list ) {
-	return NULL;
-    }
-    p = list->d;
-    if ( *p == ST_OPEN )
-	p++;	     /* yep, a list */
-    else if (number )
-	return NULL; /* not a list but an n > 0 element requested */
+  p = list->d;
+  if ( *p == ST_OPEN )
+    p++;	     /* Yep, a list. */
+  else if (number)
+    return NULL;     /* Not a list but N > 0 requested. */
 
-    /* skip n elements */
-    while ( number > 0 ) {
-	if ( *p == ST_DATA ) {
-	    memcpy ( &n, ++p, sizeof n );
-	    p += sizeof n + n;
-	    p--;
-	    if ( !level )
-		number--;
+  /* Skip over N elements. */
+  while ( number > 0 ) 
+    {
+      if ( *p == ST_DATA ) 
+        {
+          memcpy ( &n, ++p, sizeof n );
+          p += sizeof n + n;
+          p--;
+          if ( !level )
+            number--;
 	}
-	else if ( *p == ST_OPEN ) {
-	    level++;
+      else if ( *p == ST_OPEN ) 
+        {
+          level++;
 	}
-	else if ( *p == ST_CLOSE ) {
-	    level--;
-	    if ( !level )
-		number--;
+      else if ( *p == ST_CLOSE ) 
+        {
+          level--;
+          if ( !level )
+            number--;
 	}
-	else if ( *p == ST_STOP ) {
-	    return NULL;
+      else if ( *p == ST_STOP ) 
+        {
+          return NULL;
 	}
-	p++;
+      p++;
     }
 
-
-    if ( *p == ST_DATA ) {
-	memcpy ( &n, ++p, sizeof n );
-	*datalen = n;
-	return (const char*)p + sizeof n;
+  /* If this is data, return it.  */
+  if ( *p == ST_DATA )
+    {
+      memcpy ( &n, ++p, sizeof n );
+      *datalen = n;
+      return (const char*)p + sizeof n;
     }
+  
+  return NULL;
+}
+
 
+/* Get data from the car.  The returned value is valid as long as the
+   list is not modified.  */
+const char *
+gcry_sexp_nth_data (const gcry_sexp_t list, int number, size_t *datalen )
+{
+  return sexp_nth_data (list, number, datalen);
+}
+
+
+/* Get a string from the car.  The returned value is a malloced string
+   and needs to be freed by the caller.  */
+char *
+_gcry_sexp_nth_string (const gcry_sexp_t list, int number)
+{
+  const char *s;
+  size_t n;
+  char *buf;
+
+  s = sexp_nth_data (list, number, &n);
+  if (!s || n < 1 || (n+1) < 1)
+    return NULL;
+  buf = gcry_malloc (n+1);
+  if (!buf)
     return NULL;
+  memcpy (buf, s, n);
+  buf[n] = 0;
+  return buf;
 }
 
-/****************
+/* Public version of _gcry_sexp_nth_string. */
+char *
+gcry_sexp_nth_string (const gcry_sexp_t list, int number)
+{
+  return _gcry_sexp_nth_string (list, number);
+}
+
+/*
  * Get a MPI from the car
  */
 gcry_mpi_t
 gcry_sexp_nth_mpi( gcry_sexp_t list, int number, int mpifmt )
 {
-    const byte *p;
-    DATALEN n;
-    int level = 0;
-
-    if ( !list )
-	return NULL;
-    if ( !mpifmt )
-	mpifmt = GCRYMPI_FMT_STD;
+  const char *s;
+  size_t n;
+  gcry_mpi_t a;
 
-    p = list->d;
-    if ( *p == ST_OPEN )
-	p++;	     /* yep, a list */
-    else if (number )
-	return NULL; /* not a list but an n > 0 element requested */
+  if ( !mpifmt )
+    mpifmt = GCRYMPI_FMT_STD;
 
-    /* skip n elements */
-    while ( number > 0 ) {
-	if ( *p == ST_DATA ) {
-	    memcpy ( &n, ++p, sizeof n );
-	    p += sizeof n + n;
-	    p--;
-	    if ( !level )
-		number--;
-	}
-	else if ( *p == ST_OPEN ) {
-	    level++;
-	}
-	else if ( *p == ST_CLOSE ) {
-	    level--;
-	    if ( !level )
-		number--;
-	}
-	else if ( *p == ST_STOP ) {
-	    return NULL;
-	}
-	p++;
-    }
-
-    if ( *p == ST_DATA ) {
-	gcry_mpi_t a;
-	size_t nbytes;
-
-	memcpy ( &n, ++p, sizeof n );
-	p += sizeof n;
-	nbytes = n;
-	if( !gcry_mpi_scan( &a, mpifmt, p, n, &nbytes ) )
-	    return a;
-    }
+  s = sexp_nth_data (list, number, &n);
+  if (!s)
+    return NULL;
 
+  if ( gcry_mpi_scan ( &a, mpifmt, s, n, NULL ) )
     return NULL;
+
+  return a;
 }