gpg: Use algorithm id 22 for EdDSA.

* common/openpgpdefs.h (PUBKEY_ALGO_EDDSA): Change to 22. * g10/keygen.c (ask_curve): Reword the Curve25519 warning note. -- In the hope that the IETF will eventually assign 22 for EdDSA using the draft-koch-eddsa-for-openpgp-01 specs we start using this number.
2014-09-12 11:31:49 +02:00 · 2014-09-12 11:31:49 +02:00 · 83c2d2396c
parent 3a896db26d
commit 83c2d2396c
7 changed files with 72 additions and 10 deletions
--- a/common/openpgpdefs.h
+++ b/common/openpgpdefs.h
@ -122,8 +122,8 @@ typedef enum
    PUBKEY_ALGO_ECDH        = 18, /* RFC-6637  */
    PUBKEY_ALGO_ECDSA       = 19, /* RFC-6637  */
    PUBKEY_ALGO_ELGAMAL     = 20, /* Elgamal encrypt+sign (legacy).  */
-
-    PUBKEY_ALGO_EDDSA      = 105  /* EdDSA (cf. Ed25519) (experimental). */
+    /*                        21     reserved by OpenPGP.            */
+    PUBKEY_ALGO_EDDSA       = 22  /* EdDSA (not yet assigned).       */
  }
 pubkey_algo_t;

--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -2198,12 +2198,8 @@ ask_curve (int *algo, int both)
        {
          if (curves[idx].fix_curve)
            {
-              log_info ("WARNING: Curve25519 is an experimental algorithm"
-                        " and not yet standardized.\n");
-              log_info ("         The key format will eventually change"
-                        " and render this key unusable!\n");
-              log_info ("         You also need a recent development version"
-                        " of Libgcrypt.\n");
+              log_info ("WARNING: Curve25519 is not yet part of the"
+                        " OpenPGP standard.\n");

              if (!cpr_get_answer_is_yes("experimental_curve.override",
                                         "Use this curve anyway? (y/N) ")  )
--- a/tests/openpgp/Makefile.am
+++ b/tests/openpgp/Makefile.am
@ -58,14 +58,17 @@ priv_keys = privkeys/50B2D4FA4122C212611048BC5FC31BD44393626E.asc \
            privkeys/0D6F6AD4C4C803B25470F9104E9F4E6A4CA64255.asc \
            privkeys/FD692BD59D6640A84C8422573D469F84F3B98E53.asc \
            privkeys/76F7E2B35832976B50A27A282D9B87E44577EB66.asc \
-            privkeys/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD.asc
+            privkeys/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD.asc \
+	    privkeys/0DD40284FF992CD24DC4AAC367037E066FCEE26A.asc

 sample_keys = samplekeys/ecc-sample-1-pub.asc \
              samplekeys/ecc-sample-2-pub.asc \
              samplekeys/ecc-sample-3-pub.asc \
              samplekeys/ecc-sample-1-sec.asc \
              samplekeys/ecc-sample-2-sec.asc \
-              samplekeys/ecc-sample-3-sec.asc
+              samplekeys/ecc-sample-3-sec.asc \
+	      samplekeys/eddsa-sample-1-pub.asc \
+	      samplekeys/eddsa-sample-1-sec.asc

 EXTRA_DIST = defs.inc pinentry.sh $(TESTS) $(TEST_FILES) ChangeLog-2011 \
 	     mkdemodirs signdemokey $(priv_keys) $(sample_keys)
--- a/tests/openpgp/privkeys/0DD40284FF992CD24DC4AAC367037E066FCEE26A.asc
+++ b/tests/openpgp/privkeys/0DD40284FF992CD24DC4AAC367037E066FCEE26A.asc
@ -0,0 +1,27 @@
+This is the unprotected private key for
+
+pub   ed25519/97965A9A 2014-08-19
+      Key fingerprint = C959 BDBA FA32 A2F8 9A15  3B67 8CFD E121 9796 5A9A
+      Keygrip = 0DD40284FF992CD24DC4AAC367037E066FCEE26A
+uid       [ unknown] EdDSA sample key 1 (draft-koch-eddsa-for-openpgp-00)
+
+The human readable version of the armored s-expression below is:
+
+(private-key
+ (ecc
+  (curve Ed25519)
+  (flags eddsa)
+  (q #403F098994BDD916ED4053197934E4A87C80733A1280D62F8010992E43EE3B2406#)
+  (d #1A8B1FF05DED48E18BF50166C664AB023EA70003D78D9E41F5758A91D850F8D2#)
+  )
+ )
+
+-----BEGIN PGP ARMORED FILE-----
+Version: GnuPG v2
+Comment: Use "gpg --dearmor" for unpacking
+
+KDExOnByaXZhdGUta2V5KDM6ZWNjKDU6Y3VydmU3OkVkMjU1MTkpKDU6ZmxhZ3M1
+OmVkZHNhKSgxOnEzMzpAPwmJlL3ZFu1AUxl5NOSofIBzOhKA1i+AEJkuQ+47JAYp
+KDE6ZDMyOhqLH/Bd7Ujhi/UBZsZkqwI+pwAD142eQfV1ipHYUPjSKSkp
+=SS8V
+-----END PGP ARMORED FILE-----
--- a/tests/openpgp/samplekeys/README
+++ b/tests/openpgp/samplekeys/README
@ -6,3 +6,5 @@ ecc-sample-2-pub.asc   A NIST P-384 ECC sample key.
 ecc-sample-2-sec.asc   Ditto, but the secret keyblock.
 ecc-sample-3-pub.asc   A NIST P-521 ECC sample key.
 ecc-sample-3-sec.asc   Ditto, but the secret keyblock.
+eddsa-sample-1-pub.asc An Ed25519 sample key.
+eddsa-sample-1-sec.asc Ditto, but as protected secret keyblock.
--- a/tests/openpgp/samplekeys/eddsa-sample-1-pub.asc
+++ b/tests/openpgp/samplekeys/eddsa-sample-1-pub.asc
@ -0,0 +1,15 @@
+pub   ed25519/97965A9A 2014-08-19
+      Key fingerprint = C959 BDBA FA32 A2F8 9A15  3B67 8CFD E121 9796 5A9A
+      Keygrip = 0DD40284FF992CD24DC4AAC367037E066FCEE26A
+uid       [ unknown] EdDSA sample key 1 (draft-koch-eddsa-for-openpgp-00)
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2
+
+mDMEU/NfCxYJKwYBBAHaRw8BAQdAPwmJlL3ZFu1AUxl5NOSofIBzOhKA1i+AEJku
+Q+47JAa0NEVkRFNBIHNhbXBsZSBrZXkgMSAoZHJhZnQta29jaC1lZGRzYS1mb3It
+b3BlbnBncC0wMCmIeQQTFggAIQUCU/NfCwIbAwULCQgHAgYVCAkKCwIEFgIDAQIe
+AQIXgAAKCRCM/eEhl5ZamnNOAP9pKn5wz3jPsgy9p65zxz1+xJEr/cczFQx/tYkk
+49tkeAD+P9jJE4SFD2lVofxn1e22H7YLvcVyHDOA9gpYWTNXiAU=
+=Jbi7
+-----END PGP PUBLIC KEY BLOCK-----
--- a/tests/openpgp/samplekeys/eddsa-sample-1-sec.asc
+++ b/tests/openpgp/samplekeys/eddsa-sample-1-sec.asc
@ -0,0 +1,19 @@
+sec   ed25519/97965A9A 2014-08-19
+      Key fingerprint = C959 BDBA FA32 A2F8 9A15  3B67 8CFD E121 9796 5A9A
+      Keygrip = 0DD40284FF992CD24DC4AAC367037E066FCEE26A
+uid       [ unknown] EdDSA sample key 1 (draft-koch-eddsa-for-openpgp-00)
+
+The passphrase is "abc".
+
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+Version: GnuPG v2
+
+lIYEU/NfCxYJKwYBBAHaRw8BAQdAPwmJlL3ZFu1AUxl5NOSofIBzOhKA1i+AEJku
+Q+47JAb+BwMCeZTNZ5R2udDknlhWE5VnJaHe+HFieLlfQA+nibymcJS5lTYL7NP+
+3CY63ylHwHoS7PuPLpdbEvROJ60u6+a/bSe86jRcJODR6rN2iG9v5LQ0RWREU0Eg
+c2FtcGxlIGtleSAxIChkcmFmdC1rb2NoLWVkZHNhLWZvci1vcGVucGdwLTAwKYh5
+BBMWCAAhBQJT818LAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEIz94SGX
+llqac04A/2kqfnDPeM+yDL2nrnPHPX7EkSv9xzMVDH+1iSTj22R4AP4/2MkThIUP
+aVWh/GfV7bYftgu9xXIcM4D2ClhZM1eIBQ==
+=+9EF
+-----END PGP PRIVATE KEY BLOCK-----