diff options
| author | Werner Koch <wk@gnupg.org> | 2024-06-11 15:39:00 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2024-06-11 15:39:00 +0200 |
| commit | 12ac129a709c24ec661a9dec02f2c25c1b6e9450 (patch) | |
| tree | fe0f6b446f2d75772b9bf7a11e97381aa7dec161 /g10/keygen.c | |
| parent | gpg: Do not bail out on secret keys with an unknown algo (diff) | |
| download | gnupg2-12ac129a709c24ec661a9dec02f2c25c1b6e9450.tar.xz gnupg2-12ac129a709c24ec661a9dec02f2c25c1b6e9450.zip | |
gpg: Allow shortcut algo string "pqc" for --quick-gen-key.
* g10/keygen.c (PQC_STD_KEY_PARAM): New.
(quickgen_set_para): Always store the provided NBITS.
(parse_key_parameter_string): Detect the special value "pqc".
(quick_generate_keypair): Ditto.
--
With this change we can finally do a
gpg --quick-gen-key --batch --passphrase='' foo@example.org pqc
and get a full key. Currently with a brainpoolp386r1 primary key and
a Kyber768_brainpoolp256 subkey.
Diffstat (limited to 'g10/keygen.c')
| -rw-r--r-- | g10/keygen.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/g10/keygen.c b/g10/keygen.c index 66fe681de..ff14032c0 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -53,6 +53,7 @@ default answer in ask_algo also needs to be adjusted. */ #define DEFAULT_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" #define FUTURE_STD_KEY_PARAM "ed25519/cert,sign+cv25519/encr" +#define PQC_STD_KEY_PARAM "bp384/cert,sign+kyber768_bp256/encr" /* When generating keys using the streamlined key generation dialog, use this as a default expiration interval. */ @@ -4292,6 +4293,8 @@ parse_key_parameter_string (ctrl_t ctrl, else if (!ascii_strcasecmp (string, "future-default") || !ascii_strcasecmp (string, "futuredefault")) string = FUTURE_STD_KEY_PARAM; + else if (!ascii_strcasecmp (string, "pqc")) + string = PQC_STD_KEY_PARAM; else if (!ascii_strcasecmp (string, "card")) string = "card/cert,sign+card/encr"; @@ -5281,14 +5284,14 @@ quickgen_set_para (struct para_data_s *para, int for_subkey, r->next = para; para = r; } - else - { - r = xmalloc_clear (sizeof *r + 20); - r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH; - sprintf (r->u.value, "%u", nbits); - r->next = para; - para = r; - } + + /* Always store the size - although not required for ECC it is + * required for compiste algos. Should not harm anyway. */ + r = xmalloc_clear (sizeof *r + 20); + r->key = for_subkey? pSUBKEYLENGTH : pKEYLENGTH; + sprintf (r->u.value, "%u", nbits); + r->next = para; + para = r; r = xmalloc_clear (sizeof *r + 20); r->key = for_subkey? pSUBVERSION : pVERSION; @@ -5394,6 +5397,7 @@ quick_generate_keypair (ctrl_t ctrl, const char *uid, const char *algostr, if ((!*algostr || !ascii_strcasecmp (algostr, "default") || !ascii_strcasecmp (algostr, "future-default") || !ascii_strcasecmp (algostr, "futuredefault") + || !ascii_strcasecmp (algostr, "pqc") || !ascii_strcasecmp (algostr, "card")) && (!*usagestr || !ascii_strcasecmp (usagestr, "default") || !strcmp (usagestr, "-"))) |