About support of RFC 2437, 4056 and 6979

Werner Koch wk at gnupg.org
Sun Aug 4 11:43:31 CEST 2019

On Sat, 20 Jul 2019 10:07, persmule at hardenedlinux.org said:

> Does GnuPG support OAEP for RSA (PKCS#1 v2 and RFC 2437), RSA-PSS (RFC

gpg does not support this because OpenPGP requires pkcs-1.5.  There are
no plans to change this because there is not real world issue with
pcsc-15. when using in the way OpenPGP uses it.

> 4056?), or deterministic usage of (EC)DSA (RFC 6979)?

That is an implementation detail: gpg uses rfc-6979 since version 2.0.23
when it requires the use of Libgcrypt 1.6 implements this feature.

> And if GnuPG does support RFC 6979, would it also work with (EC)DSA
> private keys stored on OpenPGP cards which support (EC)DSA algorithms?

Yes for on-disk keys.  For cards it depends on the specific card.  Note
that we suggest the use of EdDSA with Curve25519 instead of ECDSA.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20190804/32fe6a78/attachment.sig>

More information about the Gnupg-users mailing list