Broken ECDSA in gnupg 2.0.23

Anatol Pomozov anatol.pomozov at
Sat Jun 21 15:14:55 CEST 2014


On Sat, Jun 21, 2014 at 2:32 AM, Werner Koch <wk at> wrote:
> On Sat, 21 Jun 2014 06:22, anatol.pomozov at said:
>> Our users claim that this stated since libgcrypt 1.6.0 update. With
>> libgcrypt 1.5+ gpg-agent worked without a problem. Some people tried
> Which Libgcrypt version is that? 1.6.0 or 1.6.1 ?

The latest stable i.e. 1.6.1.

I looked at list of API changes for libgcrypt 1.6.0
and see "The algorithm ids GCRY_PK_ECDSA and GCRY_PK_ECDH are now
deprecated. Use GCRY_PK_ECC if you need an algorithm id.".

The libgcrypt functions such as gcry_pk_map_name() return GCRY_PK_ECC
instead of GCRY_PK_ECDSA. So I modified gnupg 2.0.23 sources with this

diff --git a/common/ssh-utils.c b/common/ssh-utils.c
index d8f057d..987966f 100644
--- a/common/ssh-utils.c
+++ b/common/ssh-utils.c
@@ -89,7 +89,7 @@ get_fingerprint (gcry_sexp_t key, void **r_fpr, size_t *r_len,
elems = "pqgy";
gcry_md_write (md, "\0\0\0\x07ssh-dss", 11);
+ case GCRY_PK_ECC:
/* We only support the 3 standard curves for now. It is just a
quick hack. */
elems = "q";

Now I am able to add a ECDSA via ssh-add:

[anatol at foo gnupg]$ ps ax | grep agent
8921 ? Ss 0:00 gpg-agent --daemon --enable-ssh-support
[anatol at foo gnupg]$ echo $SSH_AUTH_SOCK
[anatol at foo gnupg]$ echo $SSH_AGENT_PID
[anatol at foo gnupg]$ ssh-add -l
2048 f4:a7:bd:43:fc:aa:ab:f2:f2:ff:6b:f3:9b:37:96:be
/home/anatol/.ssh/id_rsa (RSA)
521 87:e8:e1:f6:1b:64:aa:58:ff:97:1a:20:5d:91:46:d7
/home/anatol/.ssh/id_ecdsa (ECDSA)

I do not know if there are other libgcrypt 1.6 related problems. But
at least I can 'ssh' into my machine without typing the passphrase

>> that fixes ECC for libgcrypt 1.6. gnupg developers, do you think that
> That is not releated.  The ssh-agent support is implemented in gpg-agent
> and thus not affected by this patch.
> Salam-Shalom,
>    Werner
> --
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list