Page MenuHome GnuPG

Provide list of supported/compliant key algorithms
Open, NormalPublic

Description

It would be great if gpg provided a list of the supported/compliant key algorithms/curves, e.g. via a pseudo option like default_pubkey_algo.

Currently, Kleopatra uses a hard-coded list of curves (3 brainpool and 3 NIST) and adds ed25519/cv25519. Moreover, there is a hack which removes the NIST and the 25519 curves in de-vs compliance mode. This is super ugly and prevents the usage of other curves supported by gpg.

Event Timeline

You may run

gpg --with-colons --list-config curve

or pubkeyname for the algos.

Hmm,

$ gpg --with-colons --list-config curve
cfg:curve:cv25519;ed25519;cv448;ed448;nistp256;nistp384;nistp521;brainpoolP256r1;brainpoolP384r1;brainpoolP512r1;secp256k1

How would Kleopatra know that cv* is for encryption, ed* is for signing, and all other curves are for both uses? Or are the cv/ed prefixes a (de facto) standard?

And does the output depend on the compliance option? If I set compliance to de-vs, then the output doesn't change (but my gpg is not really compliant).

$ gpgconf --list-options gpg | grep compliance
compliance:16:2::1:1::"gnupg::"de-vs
compliance_de_vs:144:3::2:2::0::

$ gpg --with-colons --list-config curve
cfg:curve:cv25519;ed25519;cv448;ed448;nistp256;nistp384;nistp521;brainpoolP256r1;brainpoolP384r1;brainpoolP512r1;secp256k1

No, these are simply the technically available algorithms. I'll see what I can do.

werner triaged this task as Normal priority.Thu, Jan 20, 8:37 PM