OpenPGP Card ECC status?
NIIBE Yutaka
gniibe at fsij.org
Wed Sep 10 04:06:37 CEST 2014
On 2014-09-09 at 16:01 +0200, Simon Josefsson wrote:
> NIIBE Yutaka <gniibe at fsij.org> writes:
> > For smartcard/tokon part, I implemented NIST P256 curve in Gnuk around
> > February 2013. IIRC, I submitted an experimental patch for SCDaemon
> > to support this, around March 2013. I tested, it worked well for me.
>
> Do you have a pointer to this patch? I suspect that's what I'd like to
> test to see if we can get it to work with the Yubikey NEO too. Any
> reason the patch hasn't been merged?
My memory is not that accurate. I checked the mail archive:
http://lists.gnupg.org/pipermail/gnupg-devel/2013-February/thread.html
http://lists.gnupg.org/pipermail/gnupg-devel/2013-March/thread.html
Discussions:
ECC and smartcards:
http://lists.gnupg.org/pipermail/gnupg-devel/2013-February/027373.html
OpenPGP card specification enhancement for ECDSA support:
http://lists.gnupg.org/pipermail/gnupg-devel/2013-March/027436.html
Patches:
[PATCH] scd: support ECDSA public key
http://lists.gnupg.org/pipermail/gnupg-devel/2013-February/027432.html
[PATCH] scd: support ECDSA public key
http://lists.gnupg.org/pipermail/gnupg-devel/2013-March/027485.html
Sorry, I misunderstood. Those patches for ECDSA have been merged to
2.1 already.
It is ECDH, which is not fully implemented by GnuPG. In
scd/app-openpgp.c, we have a function named ecdh_writekey, but it is
not implemented yet.
I created the page on wiki.gnupg.org:
http://wiki.gnupg.org/OpenPGPcardECC?highlight=%28ecc%29
Well, sorry, again. I'm not good at formatting in WiKi. I think
that for ECDSA, it's mostly settled. For ECDH, there are things
to be determined.
Once, we will have this enhancement of the specification, it's
not that hard to implement ecdh_writekey or patch functions
in scd/app-openpgp.c.
I think that you can try ECDSA with NIST P-256 with 2.1.x beta.
--
More information about the Gnupg-devel
mailing list