Page MenuHome GnuPG

"Invalid elliptic curve" when specifying wrong algo for gpg --quick-gen-key
Closed, ResolvedPublic

Description

Using gpg (GnuPG) 2.1.15 and libgcrypt 1.7.3:

$ gpg --quick-gen-key user@example.com user@example.com
gpg: Key generation failed: Invalid elliptic curve

"user@example.com" (duplicate email address due to a copy&paste error) is
interpreted as "algo", but the error message sounds more like an internal error
in gnupg's EC algorithm.

Details

Version
2.1.15

Event Timeline

okay, changed to

Unknown elliptic curve
werner added a project: Unreleased.
werner set Version to 2.1.15.

A little bit better, but that would still confuse me, as I did not intentionally
specify an elliptic curve.
What could help here is:

  1. talking about algo/algorithm (that is shown in the man page as parameter for

--quick-gen-key)

  1. saying which algorithm gpg saw.

If the error message had been "Unkown algo 'user@example.com'" I would
immediately know that I provided an email address where an algorithm was expected.

That is a bit complicated and would require new strings. I do not think that is
justified.

The string "Unknown algorithm" already exists. Because it is less specific, it
does not indicate that there is a problem regarding support for elliptic curves
here.

The --quick-gen-key command with the additional option is for use by scripts and
they should be able to read the manual.

If you look at the code you should see why it is a lot of work for a bit more
specific error message - we already have way to many messages. I could easily
find dozens of other places where we - in theory - could primt more specific
error messages. That would turn into a neverending story.

To be clear: I want the

  • less specific and
  • already existing

error message "Unknown algorithm" (instead of "Unknown elliptic curve", which is
not correct in too many situations)

The algorithm parser works by checking the known "classic" algorithm and then
assumes that anything else is an ellptic curve. You see that all over the place
where you can enter an algorithm name. Thus there is no way to change this.

OK, I don't care enough to warrant more discussion/work on this.
"Unknown elliptic curve" is already better than "Invalid elliptic curve".