Fingerprint mismatch for 384-bit ECDH keys generated on SmartCards

Werner Koch wk at gnupg.org
Wed Mar 13 12:35:37 CET 2019


On Wed, 13 Mar 2019 09:27, gniibe at fsij.org said:

> use of CIPHER_ALGO_AES256 was not 100% wrong, and is considered OK (if
> it matches the behavior on smartcard).

It is actually done on purpose to limit the set of required algorithms.
AES-192 has no real purpose and thus it should be avoided.

I would prefer to change this in app-openpgp.c instead.  In any case we
should use a shared code for the OpenPGP fingerprint computation.  I am
currently working on v5 keys and this will require more changes anyway.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190313/769ec5c8/attachment.sig>


More information about the Gnupg-devel mailing list