diff options
author | Daiki Ueno <dueno@redhat.com> | 2019-04-22 08:27:43 +0200 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2020-01-23 07:07:22 +0100 |
commit | 07596231f2e4b3c28d1587907ce51fe15c2d990a (patch) | |
tree | bc1b94b9ad3c1fe5548510580d05ca00b280b30d /src | |
parent | af5e42aba4294ce09a263573febe840e804cf1ed (diff) | |
download | gnutls-07596231f2e4b3c28d1587907ce51fe15c2d990a.tar.gz |
algorithms: implement X448 key exchange and Ed448 signature scheme
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/certtool-args.def | 2 | ||||
-rw-r--r-- | src/certtool-common.c | 6 | ||||
-rw-r--r-- | src/certtool-common.h | 2 | ||||
-rw-r--r-- | src/certtool.c | 1 |
4 files changed, 8 insertions, 3 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def index f10f57bdbb..645dc563cc 100644 --- a/src/certtool-args.def +++ b/src/certtool-args.def @@ -200,7 +200,7 @@ flag = { arg-type = string; descrip = "Specify the key type to use on key generation"; doc = "This option can be combined with --generate-privkey, to specify -the key type to be generated. Valid options are, 'rsa', 'rsa-pss', 'dsa', 'ecdsa', and 'ed25519'. +the key type to be generated. Valid options are, 'rsa', 'rsa-pss', 'dsa', 'ecdsa', 'ed25519, and 'ed448'.'. When combined with certificate generation it can be used to specify an RSA-PSS certificate when an RSA key is given."; }; diff --git a/src/certtool-common.c b/src/certtool-common.c index 3fafa5977c..c76352c9d8 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -1287,7 +1287,9 @@ static void privkey_info_int(FILE *outfile, common_info_st * cinfo, gnutls_free(q.data); gnutls_free(g.data); } - } else if (key_type == GNUTLS_PK_ECDSA || key_type == GNUTLS_PK_EDDSA_ED25519) { + } else if (key_type == GNUTLS_PK_ECDSA || + key_type == GNUTLS_PK_EDDSA_ED25519 || + key_type == GNUTLS_PK_EDDSA_ED448) { gnutls_datum_t y, x, k; gnutls_ecc_curve_t curve; @@ -1641,6 +1643,8 @@ gnutls_pk_algorithm_t figure_key_type(const char *key_type) return GNUTLS_PK_RSA_PSS; else if (strcasecmp(key_type, "ed25519") == 0 || strcasecmp(key_type, "eddsa") == 0) return GNUTLS_PK_EDDSA_ED25519; + else if (strcasecmp(key_type, "ed448") == 0) + return GNUTLS_PK_EDDSA_ED448; else if (strcasecmp(key_type, "dsa") == 0) return GNUTLS_PK_DSA; else if (strcasecmp(key_type, "ecdsa") == 0 || strcasecmp(key_type, "ecc") == 0) diff --git a/src/certtool-common.h b/src/certtool-common.h index bfeb66b2da..04c7a3e91a 100644 --- a/src/certtool-common.h +++ b/src/certtool-common.h @@ -90,7 +90,7 @@ void switch_to_pkcs8_when_needed(common_info_st *cinfo, gnutls_x509_privkey_t ke if (cinfo->pkcs8) return; - if (key_type == GNUTLS_PK_RSA_PSS || key_type == GNUTLS_PK_EDDSA_ED25519 || + if (key_type == GNUTLS_PK_RSA_PSS || key_type == GNUTLS_PK_EDDSA_ED25519 || key_type == GNUTLS_PK_EDDSA_ED448 || key_type == GNUTLS_PK_GOST_01 || key_type == GNUTLS_PK_GOST_12_256 || key_type == GNUTLS_PK_GOST_12_512) { if (cinfo->verbose) diff --git a/src/certtool.c b/src/certtool.c index 35438daafa..b65359c27c 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -168,6 +168,7 @@ generate_private_key_int(common_info_st * cinfo) if (key_type == GNUTLS_PK_ECDSA || key_type == GNUTLS_PK_EDDSA_ED25519 || + key_type == GNUTLS_PK_EDDSA_ED448 || key_type == GNUTLS_PK_GOST_01 || key_type == GNUTLS_PK_GOST_12_256 || key_type == GNUTLS_PK_GOST_12_512) { |