gpg: Some support to allow Kyber decryption.

* g10/call-agent.c (agent_pkdecrypt): Support dual keygrips and switch
to KEM mode.
* g10/ecdh.c (pk_ecdh_decrypt): Add an extra length check.
* g10/keyid.c (do_hash_public_key): Fix Kyber fingerprint computation.

* g10/mainproc.c (release_list): Free all 4 data elements.
(proc_pubkey_enc): Copy all 4 data elements.
* g10/misc.c (openpgp_pk_test_algo2): Map Kyber to KEM.

* g10/parse-packet.c (parse_pubkeyenc): Fix Kyber parser.
* g10/pubkey-enc.c (get_session_key): Allow Kyber.
(get_it): Support Kyber.
--

GnuPG-bug-id: 6815

1 files changed, 12 insertions, 5 deletions

diff --git a/g10/keyid.c b/g10/keyid.c
index 09940cbfe..08f684829 100644
--- a/g10/keyid.c
+++ b/g10/keyid.c
@@ -336,17 +336,24 @@ do_hash_public_key (gcry_md_hd_t md, PKT_public_key *pk, int use_v5)
             {
               /* Ugly: We need to re-construct the wire format of the
                * key parameter.  It would be easier to use a second
-               * second index for pp and nn which could bump
-               * independet of i.  */
+               * index for pp and nn which we could bump independet of
+               * i.  */
               const char *p;
 
               p = gcry_mpi_get_opaque (pk->pkey[i], &nbits);
-              pp[i] = xmalloc ((nbits+7)/8 + 1);
+              nn[i] = (nbits+7)/8;
+              pp[i] = xmalloc (4 + nn[i] + 1);
               if (p)
-                memcpy (pp[i], p, (nbits+7)/8);
+                {
+                  pp[i][0] = nn[i] >> 24;
+                  pp[i][1] = nn[i] >> 16;
+                  pp[i][2] = nn[i] >> 8;
+                  pp[i][3] = nn[i];
+                  memcpy (pp[i] + 4 , p, nn[i]);
+                  nn[i] += 4;
+                }
               else
                 pp[i] = NULL;
-              nn[i] = (nbits+7)/8;
               n += nn[i];
             }
           else if (gcry_mpi_get_flag (pk->pkey[i], GCRYMPI_FLAG_OPAQUE))