[PATCH] scd: support any curves defined by libgcrypt.

NIIBE Yutaka gniibe at fsij.org
Mon Aug 17 06:47:03 CEST 2015


Hello,

Thank you for the detailed report.

On 08/17/2015 09:10 AM, Bertrand Jacquin wrote:
> This patch introduce as issue with OpenGPG Card FTS-01. I've run a
> git bisect to be able to point that particular commit.
> 
> I have a FTS-01 OpenGPG card with a EdDSA sign key and a EdDSA auth
> key and using gpg-agent as a ssh agent. Since that particular
> commit, info given by gpg-agent to ssh-add are not conform for ssh:
>
> Is there a need to use a particular libgcrypt version ?

No, it's not required for EdDSA.  If you use encryption (ECDH with
Curve25519), you need to use the development version of libgcrypt,
though.

I also noticed the failure on my side, and I posted:

    SSH with ed25519:
    https://lists.gnupg.org/pipermail/gnupg-devel/2015-August/030224.html

If I understand correctly, the problem is in the code of general EdDSA
with SSH (I mean, including the private key in a host, as well as the
one in smartcard).  My change for scdaemon unveiled this issue.

EdDSA with FST-01 just worked before, because of the public key
representation from scdaemon didn't include the prefix of 0x40.

My change of scdaemon for the support of more curves "fix"-ed to be
proper representation between scdaemon<->gpg-agent and it now include
the prefix of 0x40.

I think that correct fix should be to the code in general EdDSA with
SSH (not reverting a part of my change of scdaemon).

The change in the post of mine works, but it's not good fix.  This is
basically to point out the issue.  We need to confirm that gpg-agent
handles EdDSA key with the representation of the prefix 0x40, and
it is correct for its SSH handling to remove the prefix.

Sorry, for your inconvenience.
-- 



More information about the Gnupg-devel mailing list