Page MenuHome GnuPG
Create Task
Maniphest T6050

GnuPG fails to import back generated and exported ed448 secret key.
Closed, ResolvedPublic
Actions

Description

Hi! I was encountering a possible bug in GnuPG 2.3.6.

When I create a fresh ed448 master private key, export it, delete it and import it back I get a "Bad secret key" error. I have tried the same procedure using other fresh keys like a 25519 one and everything works as expected, so I do believe this is a problem with the ed448 implementation.

Could anyone confirm they are getting the same problem on their machine? Many thanks:)

P.S. I attach an example ed448 secret key that fails to import on my machine (like all other ed448 keys)

testing.key386 BDownload

Details

Version
2.3.6

Event Timeline

Baitinq created this task.Jun 29 2022, 9:47 PM
gniibe claimed this task.Jun 30 2022, 3:03 AM
gniibe triaged this task as Normal priority.
gniibe added a comment.Jun 30 2022, 3:47 AM

Thank you for your report.

V5 key (which is used by Ed448) is not implemented yet. See the function convert_from_openpgp_main in gnupg/agent/cvt-openpgp.c, where it parses the version of the key; Only version 3 and version 4 are implemented.

Please note that the implementation is buggy and not for use, because the OpenPGP v5 spec has been changed since then.

Baitinq added a comment.Jun 30 2022, 11:26 AM
In T6050#159616, @gniibe wrote:

Thank you for your report.

V5 key (which is used by Ed448) is not implemented yet. See the function convert_from_openpgp_main in gnupg/agent/cvt-openpgp.c, where it parses the version of the key; Only version 3 and version 4 are implemented.

Please note that the implementation is buggy and not for use, because the OpenPGP v5 spec has been changed since then.

Thank you so much for the info, looking forward to being able to use ed448 keys :)

Baitinq closed this task as Resolved.Jun 30 2022, 11:27 AM
Baitinq added a comment.Jun 30 2022, 11:34 AM

@gniibe Sorry for bothering but I couldnt find any answers to this online, is there any ETA for the v5 specification being released?

Thank you again.