How to generate non-bad cv25519 encryption key?
theaetetos at tutanota.com
theaetetos at tutanota.com
Tue Aug 23 10:44:52 CEST 2022
Hi, Ingo.
Aug 22, 2022, 21:07 by kloecker at kde.org:
>> gpg2 --version
>> >
>> >gpg (GnuPG) 2.3.3
>> >libgcrypt 1.9.4
>>
>
> The solution is easy: Use gpg 2.3.7.
>
Are you sure this should suffice? I went back and rebuilt my libgcrypt and GnuPG to the latest stable versions and I still get this warning message whenever I import a generated cv25519 key into GnuPG.
$ gpg --version
gpg (GnuPG) 2.3.7
libgcrypt 1.10.1
A sample from a minute ago - importing a freshly-generated ed25519/cv25519 into a cleaned .gnupg directory:
$ gpg --import sec_key.asc
gpg: Die "Keybox" `/home/patriv/.gnupg/pubring.kbx' wurde erstellt
gpg: /home/patriv/.gnupg/trustdb.gpg: trust-db erzeugt
gpg: Schlüssel 0xA329C3915147EE22: Öffentlicher Schlüssel "a at a.a" importiert
gpg: warning: lower 3 bits of the secret key are not cleared
gpg: Schlüssel 0xA329C3915147EE22: geheimer Schlüssel importiert
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg: importiert: 1
gpg: gelesene geheime Schlüssel: 1
gpg: geheime Schlüssel importiert: 1
$ gpg --list-keys
/home/patriv/.gnupg/pubring.kbx
-----------------------------------------------------
pub ed25519/0xA329C3915147EE22 2022-08-23 [SC] [verfällt: 2023-08-23]
Schl.-Fingerabdruck = 7B3D 88CF 8496 94CF 76BF F0D6 A329 C391 5147 EE22
uid [ unbekannt ] a at a.a
sub cv25519/0xCD8D3BE3BC5604AA 2022-08-23 [E] [verfällt: 2023-08-23]
Best regards,
~Patrizio
More information about the Gnupg-users
mailing list