Re: [PATCH 2/3] pki_gcrypt: Handle ECDSA keys and signatures

[Andreas Schneider <asn@xxxxxxxxxxxxxx>]

On Wednesday, March 30, 2016 11:53:25 AM you wrote:
> * ConfigureChecks.cmake: Set 'HAVE_ECC' and 'HAVE_GCRYPT_ECC' if
> applicable.
> * include/libssh/libgcrypt.h (EVPCTX): Fix type.
> (NID_gcrypt_nistp{256,384,521}): New constants.
> * include/libssh/pki.h (struct ssh_key_struct): Fix type of field
> 'ecdsa'.
> (struct ssh_signature_struct): Likewise for 'ecdsa_sig'.
> * src/curve25519.c (ssh_client_curve25519_init): Make use of the
> gcrypt-variant of 'bignum_bin2bn'.
> * src/libgcrypt.c (nid_to_md_algo): New function mapping curves to
> digest algorithms.
> (evp{,_init,_update,_final}): New functions mimicking the OpenSSL API.
> * src/pki.c (ssh_pki_key_ecdsa_name): Relax guard now that the used
> function is also provided by the gcrypt backend.
> (ssh_signature_free): Free ecdsa signature.
> * src/pki_gcrypt.c (ECDSA_HEADER_{BEGIN,END}): New macros.
> (ASN1_OCTET_{STRING,OBJECT_IDENTIFIER}): Likewise.
> (asn1_check_tag): New function.
> (privatekey_string_to_buffer): Handle ECDSA keys.
> (pki_key_ecdsa_to_nid): New function.
> (pki_key_ecdsa_nid_to_gcrypt_name): Likewise.
> (pki_key_ecdsa_nid_to_name): Likewise.
> (pki_key_ecdsa_nid_to_char): Likewise.
> (pki_key_ecdsa_nid_from_name): Implement.
> (make_ecpoint_string): New function.
> (asn1_oi_to_nid): Likewise.
> (b64decode_ecdsa_privatekey): Likewise.
> (pki_private_key_from_base64): Handle ECDSA keys.
> (pki_pubkey_build_ecdsa): Implement.
> (pki_key_dup): Handle ECDSA keys.
> (pki_key_generate): Likewise.
> (pki_key_generate_ecdsa): Implement.
> (pki_key_compare): Handle ECDSA keys.
> (pki_publickey_to_blob): Likewise.
> (pki_signature_from_blob): Likewise.
> (pki_signature_verify): Likewise.
> (pki_do_sign): Likewise.
> (pki_do_sign_sessionid): Likewise.
> 

Wow. could you please split this in much smaller commits, so it is easier to 
review?

I've pushed your other patches ...


Thanks,


	-- andreas