Issues with enabling new crypto (NTRU) for GnuPG

Zhenfei Zhang zzhang at
Thu Aug 13 17:28:39 CEST 2015

Hi all,

I am on a task of enabling NTRU for GnuPG.
The idea is to use NTRU as the public key encryption algorithm,
while still using DSA or ECC for signatures.

I was able to integrate NTRU to libgcrypt. Please see the linked email for
the commit.
In my libgcrypt modification, I was able to use NTRU functions by setting
an s-expression parameter such as (genkey(ntru(n439)))

My next task is to get GnuPG working with NTRU, and this is where I am
having trouble with.
I modified the key generation function in g10/keygen.c
I creates a gen_ntru() function which is an analogy to gen_rsa(),
except it allows me to pass "(genkey(ntru(n439)))" to the common_gen().
And I was expecting that libgcrypt will receive it.
However, I get "general errors" from gpg-agent.

Here is the debug information:
gpg: DBG: chan_4 -> RESET
gpg: DBG: chan_4 <- OK
gpg: DBG: chan_4 -> GENKEY 7C798651354C5E8DD8DE0874
gpg: DBG: chan_4 <- S INQUIRE_MAXLEN 1024
gpg: DBG: chan_4 <- INQUIRE KEYPARAM
gpg: DBG: chan_4 -> D (genkey(ntru(n439)))
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 -> END
gpg: DBG: chan_4 <- ERR 67108865 General error <GPG Agent>

>From what I understand, GnuPG calls the gpg-agent,
who passes the param to libassuan and then libassuan to libgcrypt.
But it appears that gpg-agent was never able to talk to libgcrypt.

I have done the following debugging:
*I checked that libassuan does receive the param.
The error seems to occur within a _assuan_read_from_server
call in assaun_transact()
*I tested that gpg-agent works fine with DSA/ECC/RSA key generation.
*I also tried to call gcry_pk_genkey(&ntru_keypair, ntru_parms) of libgcrypt
directly from my gen_ntru() function and it works fine.

So I would like to ask for your help.
Sorry that my presentation of the problem may not be clear.
I wish to put more info here, but I am not sure which are relevant.

Thanks in advance.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150813/0815d0d5/attachment.html>

More information about the Gnupg-devel mailing list