rpms / gnupg2

Clone
Source Code
GIT

Blame SOURCES/gnupg-2.3.1-revert-default-eddsa.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9
  2.   SOURCES
  3.   gnupg-2.3.1-revert-default-eddsa.patch
Blob History Raw
1f20c2 
From ff31dde456f32950f0df6c974b4c41f1d650d68f Mon Sep 17 00:00:00 2001
1f20c2 
From: Werner Koch <wk@gnupg.org>
1f20c2 
Date: Mon, 5 Oct 2020 14:21:31 +0200
1f20c2 
Subject: [PATCH GnuPG] gpg: Switch to ed25519+cv25519 as default algo.
1f20c2
1f20c2 
* g10/keygen.c (DEFAULT_STD_KEY_PARAM): Change to former future
1f20c2 
default ago.
1f20c2 
(ask_algo): Change default and also the way we indicate the default
1f20c2 
algo in the list of algos.
1f20c2 
(ask_curve): Indicate the default curve.
1f20c2
1f20c2 
Signed-off-by: Werner Koch <wk@gnupg.org>
1f20c2 
---
1f20c2 
 g10/keygen.c | 57 ++++++++++++++++++++++++++--------------------------
1f20c2 
 1 file changed, 29 insertions(+), 28 deletions(-)
1f20c2
1f20c2 
diff --git a/g10/keygen.c b/g10/keygen.c
1f20c2 
index 16e4e58ea..b510525e3 100644
1f20c2 
--- a/g10/keygen.c
1f20c2 
+++ b/g10/keygen.c
1f20c2 
@@ -47,10 +47,11 @@
1f20c2 
 #include "../common/mbox-util.h"
1f20c2
1f20c2
1f20c2 
-/* The default algorithms.  If you change them, you should ensure the value
1f20c2 
-   is inside the bounds enforced by ask_keysize and gen_xxx.  See also
1f20c2 
-   get_keysize_range which encodes the allowed ranges.  */
1f20c2 
-#define DEFAULT_STD_KEY_PARAM  "rsa3072/cert,sign+rsa3072/encr"
1f20c2 
+/* The default algorithms.  If you change them, you should ensure the
1f20c2 
+   value is inside the bounds enforced by ask_keysize and gen_xxx.
1f20c2 
+   See also get_keysize_range which encodes the allowed ranges.  The
1f20c2 
+   default answer in ask_algo also needs to be adjusted.  */
1f20c2 
+#define DEFAULT_STD_KEY_PARAM  "ed25519/cert,sign+cv25519/encr"
1f20c2 
 #define FUTURE_STD_KEY_PARAM   "ed25519/cert,sign+cv25519/encr"
1f20c2
1f20c2 
 /* When generating keys using the streamlined key generation dialog,
1f20c2 
@@ -2112,50 +2113,49 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
1f20c2
1f20c2 
 #if GPG_USE_RSA
1f20c2 
   if (!addmode)
1f20c2 
-    tty_printf (_("   (%d) RSA and RSA (default)\n"), 1 );
1f20c2 
+    tty_printf (_("   (%d) RSA and RSA%s\n"), 1, "");
1f20c2 
 #endif
1f20c2
1f20c2 
   if (!addmode && opt.compliance != CO_DE_VS)
1f20c2 
-    tty_printf (_("   (%d) DSA and Elgamal\n"), 2 );
1f20c2 
+    tty_printf (_("   (%d) DSA and Elgamal%s\n"), 2, "");
1f20c2
1f20c2 
   if (opt.compliance != CO_DE_VS)
1f20c2 
-    tty_printf (_("   (%d) DSA (sign only)\n"), 3 );
1f20c2 
+    tty_printf (_("   (%d) DSA (sign only)%s\n"), 3, "");
1f20c2 
 #if GPG_USE_RSA
1f20c2 
-  tty_printf (_("   (%d) RSA (sign only)\n"), 4 );
1f20c2 
+  tty_printf (_("   (%d) RSA (sign only)%s\n"), 4, "");
1f20c2 
 #endif
1f20c2
1f20c2 
   if (addmode)
1f20c2 
     {
1f20c2 
       if (opt.compliance != CO_DE_VS)
1f20c2 
-        tty_printf (_("   (%d) Elgamal (encrypt only)\n"), 5 );
1f20c2 
+        tty_printf (_("   (%d) Elgamal (encrypt only)%s\n"), 5, "");
1f20c2 
 #if GPG_USE_RSA
1f20c2 
-      tty_printf (_("   (%d) RSA (encrypt only)\n"), 6 );
1f20c2 
+      tty_printf (_("   (%d) RSA (encrypt only)%s\n"), 6, "");
1f20c2 
 #endif
1f20c2 
     }
1f20c2 
   if (opt.expert)
1f20c2 
     {
1f20c2 
       if (opt.compliance != CO_DE_VS)
1f20c2 
-        tty_printf (_("   (%d) DSA (set your own capabilities)\n"), 7 );
1f20c2 
+        tty_printf (_("   (%d) DSA (set your own capabilities)%s\n"), 7, "");
1f20c2 
 #if GPG_USE_RSA
1f20c2 
-      tty_printf (_("   (%d) RSA (set your own capabilities)\n"), 8 );
1f20c2 
+      tty_printf (_("   (%d) RSA (set your own capabilities)%s\n"), 8, "");
1f20c2 
 #endif
1f20c2 
     }
1f20c2
1f20c2 
 #if GPG_USE_ECDSA || GPG_USE_ECDH || GPG_USE_EDDSA
1f20c2 
-  if (opt.expert && !addmode)
1f20c2 
-    tty_printf (_("   (%d) ECC and ECC\n"), 9 );
1f20c2 
-  if (opt.expert)
1f20c2 
-    tty_printf (_("  (%d) ECC (sign only)\n"), 10 );
1f20c2 
+  if (!addmode)
1f20c2 
+    tty_printf (_("   (%d) ECC (sign and encrypt)%s\n"), 9, _(" *default*") );
1f20c2 
+  tty_printf (_("  (%d) ECC (sign only)\n"), 10 );
1f20c2 
   if (opt.expert)
1f20c2 
-    tty_printf (_("  (%d) ECC (set your own capabilities)\n"), 11 );
1f20c2 
-  if (opt.expert && addmode)
1f20c2 
-    tty_printf (_("  (%d) ECC (encrypt only)\n"), 12 );
1f20c2 
+    tty_printf (_("  (%d) ECC (set your own capabilities)%s\n"), 11, "");
1f20c2 
+  if (addmode)
1f20c2 
+    tty_printf (_("  (%d) ECC (encrypt only)%s\n"), 12, "");
1f20c2 
 #endif
1f20c2
1f20c2 
   if (opt.expert && r_keygrip)
1f20c2 
-    tty_printf (_("  (%d) Existing key\n"), 13 );
1f20c2 
+    tty_printf (_("  (%d) Existing key%s\n"), 13, "");
1f20c2 
   if (r_keygrip)
1f20c2 
-    tty_printf (_("  (%d) Existing key from card\n"), 14 );
1f20c2 
+    tty_printf (_("  (%d) Existing key from card%s\n"), 14, "");
1f20c2
1f20c2 
   for (;;)
1f20c2 
     {
1f20c2 
@@ -2164,7 +2164,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
1f20c2 
       xfree (answer);
1f20c2 
       answer = cpr_get ("keygen.algo", _("Your selection? "));
1f20c2 
       cpr_kill_prompt ();
1f20c2 
-      algo = *answer? atoi (answer) : 1;
1f20c2 
+      algo = *answer? atoi (answer) : 9;  /* Default algo is 9 */
1f20c2
1f20c2 
       if (opt.compliance == CO_DE_VS
1f20c2 
           && (algo == 2 || algo == 3 || algo == 5 || algo == 7))
1f20c2 
@@ -2220,13 +2220,13 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
1f20c2 
           break;
1f20c2 
 	}
1f20c2 
       else if ((algo == 9 || !strcmp (answer, "ecc+ecc"))
1f20c2 
-               && opt.expert && !addmode)
1f20c2 
+               && !addmode)
1f20c2 
         {
1f20c2 
           algo = PUBKEY_ALGO_ECDSA;
1f20c2 
           *r_subkey_algo = PUBKEY_ALGO_ECDH;
1f20c2 
           break;
1f20c2 
 	}
1f20c2 
-      else if ((algo == 10 || !strcmp (answer, "ecc/s")) && opt.expert)
1f20c2 
+      else if ((algo == 10 || !strcmp (answer, "ecc/s")))
1f20c2 
         {
1f20c2 
           algo = PUBKEY_ALGO_ECDSA;
1f20c2 
           *r_usage = PUBKEY_USAGE_SIG;
1f20c2 
@@ -2239,7 +2239,7 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
1f20c2 
           break;
1f20c2 
 	}
1f20c2 
       else if ((algo == 12 || !strcmp (answer, "ecc/e"))
1f20c2 
-               && opt.expert && addmode)
1f20c2 
+               && addmode)
1f20c2 
         {
1f20c2 
           algo = PUBKEY_ALGO_ECDH;
1f20c2 
           *r_usage = PUBKEY_USAGE_ENC;
1f20c2 
@@ -2616,7 +2616,7 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
1f20c2 
     { "NIST P-256",      NULL, NULL,               MY_USE_ECDSADH,  0, 1, 0 },
1f20c2 
     { "NIST P-384",      NULL, NULL,               MY_USE_ECDSADH,  0, 0, 0 },
1f20c2 
     { "NIST P-521",      NULL, NULL,               MY_USE_ECDSADH,  0, 1, 0 },
1f20c2 
-    { "brainpoolP256r1", NULL, "Brainpool P-256",  MY_USE_ECDSADH,  1, 1, 0 },
1f20c2 
+    { "brainpoolP256r1", NULL, "Brainpool P-256",  MY_USE_ECDSADH,  1, 0, 0 },
1f20c2 
     { "brainpoolP384r1", NULL, "Brainpool P-384",  MY_USE_ECDSADH,  1, 1, 0 },
1f20c2 
     { "brainpoolP512r1", NULL, "Brainpool P-512",  MY_USE_ECDSADH,  1, 1, 0 },
1f20c2 
     { "secp256k1",       NULL, NULL,               MY_USE_ECDSADH,  0, 1, 0 },
1f20c2 
@@ -2672,9 +2672,10 @@ ask_curve (int *algo, int *subkey_algo, const char *current)
1f20c2 
         }
1f20c2
1f20c2 
       curves[idx].available = 1;
1f20c2 
-      tty_printf ("   (%d) %s\n", idx + 1,
1f20c2 
+      tty_printf ("   (%d) %s%s\n", idx + 1,
1f20c2 
                   curves[idx].pretty_name?
1f20c2 
-                  curves[idx].pretty_name:curves[idx].name);
1f20c2 
+                  curves[idx].pretty_name:curves[idx].name,
1f20c2 
+                  idx == 0? _(" *default*"):"");
1f20c2 
     }
1f20c2 
   gcry_sexp_release (keyparms);
1f20c2
1f20c2 
--
1f20c2 
2.31.1
1f20c2

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation