Package: gnupg2 / 2.2.12-1+deb10u1

from-2.2.16/gpg-Don-t-use-EdDSA-algo-ID-for-ECDSA-curves.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
From: Trevor Bentley <trevor@yubico.com>
Date: Mon, 25 Mar 2019 15:19:47 +0100
Subject: gpg: Don't use EdDSA algo ID for ECDSA curves.

* g10/keygen.c (ask_curve): Change algo ID to ECDSA if it changed from
an EdDSA curve.

--

(cherry picked from commit 4324560b2c0bb76a1769535c383424a042e505ae)

This change matters when it is called from ask_card_keyattr.

Some-comments-by: NIIBE Yutaka <gniibe@fsij.org>
(cherry picked from commit 2f455d18ab99a1d94029d3f607ae918bd5c9fecf)
---
 g10/keygen.c | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/g10/keygen.c b/g10/keygen.c
index a8333b0..9edbdff 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2355,14 +2355,25 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
       else
         {
           /* If the user selected a signing algorithm and Curve25519
-             we need to set the algo to EdDSA and update the curve name. */
-          if ((*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
-              && curves[idx].eddsa_curve)
+             we need to set the algo to EdDSA and update the curve name.
+             If switching away from EdDSA, we need to set the algo back
+             to ECDSA. */
+          if (*algo == PUBKEY_ALGO_ECDSA || *algo == PUBKEY_ALGO_EDDSA)
             {
-              if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
-                *subkey_algo = PUBKEY_ALGO_EDDSA;
-              *algo = PUBKEY_ALGO_EDDSA;
-              result = curves[idx].eddsa_curve;
+              if (curves[idx].eddsa_curve)
+                {
+                  if (subkey_algo && *subkey_algo == PUBKEY_ALGO_ECDSA)
+                    *subkey_algo = PUBKEY_ALGO_EDDSA;
+                  *algo = PUBKEY_ALGO_EDDSA;
+                  result = curves[idx].eddsa_curve;
+                }
+              else
+                {
+                  if (subkey_algo && *subkey_algo == PUBKEY_ALGO_EDDSA)
+                    *subkey_algo = PUBKEY_ALGO_ECDSA;
+                  *algo = PUBKEY_ALGO_ECDSA;
+                  result = curves[idx].name;
+                }
             }
           else
             result = curves[idx].name;