Page MenuHome GnuPG
Create Task
Maniphest T6942

Differing fingerprint length with curve 448
Closed, ResolvedPublic
Actions

Description

There is some inconsistency when creating Curve448 keypairs.

  • My setup:
❯ export GNUPGHOME="$(mktemp -d)"

❯ gpg --version
gpg (GnuPG) 2.4.3
libgcrypt 1.10.3-unknown
Copyright (C) 2023 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /tmp/tmp.tjuX0n8z0l
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

❯ head -n999 /etc/*release*
==> /etc/gentoo-release <==
Gentoo Base System release 2.14

==> /etc/lsb-release <==
DISTRIB_ID="Gentoo"

==> /etc/os-release <==
NAME=Gentoo
ID=gentoo
PRETTY_NAME="Gentoo Linux"
ANSI_COLOR="1;32"
HOME_URL="https://www.gentoo.org/"
SUPPORT_URL="https://www.gentoo.org/support/"
BUG_REPORT_URL="https://bugs.gentoo.org/"
VERSION_ID="2.14"

❯ emerge -pv app-crypt/gnupg dev-libs/libgcrypt

These are the packages that would be merged, in order:

Calculating dependencies... done!
Dependency resolution took 4.74 s (backtrack: 0/20).

[ebuild   R   ~] dev-libs/libgcrypt-1.10.3-r1:0/20::gentoo  USE="asm getentropy verify-sig -doc -static-libs" ABI_X86="(64) -32 (-x32)" CPU_FLAGS_X86="aes avx avx2 sse4_1 -padlock -sha" 0 KiB
[ebuild   R   ~] app-crypt/gnupg-2.4.3-r1::gentoo  USE="bzip2 nls readline smartcard ssl usb verify-sig -doc -ldap (-selinux) -test -tofu -tools -tpm -user-socket -wks-server" 0 KiB

Total: 2 packages (2 reinstalls), Size of downloads: 0 KiB
  • Keypair generation following "Unattended key generation" in "man gpg":
❯ gpg --batch --generate-key <<EOF
    Key-Type: EDDSA
    Key-Curve: ed448
    Key-Usage: cert
    Name-Real: Meh Muh
    Name-Email: unattended@example.org
    Expire-Date: 2025-01-01
    Passphrase: mehmuh
EOF
gpg: keybox '/tmp/tmp.tjuX0n8z0l/pubring.kbx' created
gpg: /tmp/tmp.tjuX0n8z0l/trustdb.gpg: trustdb created
gpg: directory '/tmp/tmp.tjuX0n8z0l/openpgp-revocs.d' created
gpg: revocation certificate stored as '/tmp/tmp.tjuX0n8z0l/openpgp-revocs.d/A7A8D1642E4662230E14366EFD16E59EBBE47E91.rev'
  • Keypair generation using batch mode:
❯ echo "mehmuh" | \
    gpg --batch \
        --passphrase-fd 0 \
        --pinentry-mode loopback \
        --quick-generate-key "Meh Muh <batch@example.org>" \
        ed448 cert 2025-01-01
gpg: revocation certificate stored as '/tmp/tmp.tjuX0n8z0l/openpgp-revocs.d/E197E257BA819FA8C0B33548E8F1B3D708B9EE83B1428AA9E2937B462186E2FC.rev'

As you can see, this results in fingerprints of different length:

❯ gpg --list-keys --with-fingerprint
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2025-01-01
/tmp/tmp.tjuX0n8z0l/pubring.kbx
-------------------------------
pub   ed448 2024-01-16 [C] [expires: 2025-01-01]
      A7A8 D164 2E46 6223 0E14  366E FD16 E59E BBE4 7E91
uid           [ultimate] Meh Muh <unattended@example.org>

pub   ed448 2024-01-16 [C] [expires: 2025-01-01]
      E197E 257BA 819FA 8C0B3 3548E 8F1B3 D708B 9EE83 B1428 AA9E2
uid           [ultimate] Meh Muh <batch@example.org>

Revisions and Commits

rG GnuPG
rG5402e6fb936d gpg: For v5 key generation for X448 also in parm file mode.

Event Timeline

duxsco created this task.Jan 16 2024, 8:47 AM
werner claimed this task.Jan 16 2024, 10:35 AM
werner triaged this task as Unbreak Now! priority.
werner added a project: gnupg24.
werner added a subscriber: werner.

Thanks for the report. This is the fun with different code pathes. Obviously the v5 fingerprint needs to be used for the pre-made revocation.

werner lowered the priority of this task from Unbreak Now! to Normal.Jan 16 2024, 11:13 AM

Tested with 2.4.4 beta and the problem shows only up with the parameter file but not when using --expert-full-gen-key or --quick-gen-key. The problem seems to be that the v5 flag is not enforced when using the parameter file. Thus the key is created as v4 key despite that we want to use v5 for the new x448 keys. It is not a severe bug becuase the key will work anyway using software supporting X448. Will of course be fixed for 2.4.4.

werner added a commit: rG5402e6fb936d: gpg: For v5 key generation for X448 also in parm file mode..Jan 16 2024, 3:12 PM
werner changed the task status from Open to Testing.Jan 16 2024, 3:14 PM
werner moved this task from Backlog to WiP on the gnupg24 board.
werner closed this task as Resolved.Jan 24 2024, 11:33 AM
werner moved this task from WiP to QA on the gnupg24 board.
werner moved this task from QA to gnupg-2.4.4 on the gnupg24 board.
werner edited projects, added gnupg24 (gnupg-2.4.4); removed gnupg24.

I did a couple of test on the command line which should be sufficient.