OpenPGP card specification enhancement for ECDSA support: key import

NIIBE Yutaka gniibe at
Sat Mar 9 01:58:22 CET 2013


For ECDSA/ECDH key import support, we need to update OpenPGP card
specification.  The section, Private Key Template, is needed
to modify.  Currently, it defines RSA format.  It will be something

	9x xx   ECDSA/ECDH secret key

We could also include OID (and KDF parameters: hash function ID and
algorithm ID for ECDS), but those are redundant.

The first byte is 91?  Or what value we use?

The format of secret key is MPI of an integer representing the secret

For your reference, in the section of "9. Encoding of Public and
Private Keys" of RFC6637, it is described as:

   The following algorithm-specific packets are added to Section 5.5.3.
   of [RFC4880], "Secret-Key Packet Formats", to support ECDH and ECDSA.

     Algorithm-Specific Fields for ECDH or ECDSA secret keys:

      o  an MPI of an integer representing the secret key, which is a
         scalar of the public EC point

More information about the Gnupg-devel mailing list