OpenPGP card specification enhancement for ECDSA support

NIIBE Yutaka gniibe at fsij.org
Mon Mar 4 04:03:51 CET 2013


Hello Achim,
 
Thank you very much for your comments and references.

On 2013-03-02 at 14:30 +0100, Achim Pietig wrote:
> BSI defines the following for PubKeys:
> 
> The conversion of Elliptic Curve Points to octet strings is
> specified in [3]. The uncompressed format SHALL be used.
[...]
> Data Object 		Abbrev. Tag 	Type			Certificate
> Object Identifier 		0x06	Object Identifier	m (mandatory)
> Prime modulus		p	0x81	Unsigned Integer	c (conditional)
> First coefficient	a	0x82	Unsigned Integer	c
> Second coefficient	b	0x83	Unsigned Integer	c
> Base point		G	0x84	Elliptic Curve Point	c
> Order of the base point	r	0x85	Unsigned Integer	c
> Public point		Y	0x86	Elliptic Curve Point	m
> Cofactor		f	0x87	Unsigned Integer	c

Thank you for the reference.

> German eGK (e. g.) uses Tag 06 and 86 only, I prefere this for the
> Open PGP card also.

I see.

> The response of GENERATE ASYMMETRIC KEY PAIR will be:
> 7F49 xx
> 	06 xx OID
> 	86 xx Elliptic Curve Point

With this format, I will update my work of GnuPG experimental patch
and Gnuk experimental implementation.

> For key import we have to check if this information is enough or if
> we should use additional parameters (see conditional information in
> BSI table).

I think that OID is enough and Public point is optional for key
import.  Private key data (scalar value) is needed.
-- 





More information about the Gnupg-devel mailing list