Status of ECDSA in GPGSM/SCDAEMON

Andreas Schwier andreas.schwier.ml at cardcontact.de
Thu Jul 17 12:39:53 CEST 2014


Sorry, pressed the send button too early.

Hi list,

we are working on an integration of the SmartCard-HSM in scdaemon. We
have the code working for RSA, but have trouble getting it to work with
320 bit and SHA-256.

Signature generation works fine, but during verification gpgsm claims

"a 256 bit hash is not valid for a 320 bit ECC key"

What's the reason for GPGSM to reject a 256 bit hash with a 320 bit key.
Usually hash input is just padded to the full bit size for verification.

We also have an issue with gpgsm if the keyid starts with 0xFFFF.. In
that case gpgsm does not find the key, even though it's shown in gpgsm
--list-secret-keys.

We are working on master from the gpg git repo.

Andreas



More information about the Gnupg-users mailing list