Page MenuHome GnuPG
Create Task
Maniphest T7649

gnupg: Use KEM interface for encryption/decryption
Testing, HighPublic
Actions

Description

T7014: agent: Enhancement of PKDECRYPT for KEM interface introduced use of KEM API (of libgcrypt) to gpg-agent.
It is good (for industrial certification(s) and auditors) to use KEM API in gpg frontend.

Revisions and Commits

rG GnuPG
rG5e623b71d5ce common:kem: Factor out a function to retrieve ECC parameters.
rG49a9171f63ac gpg: Do not show the secp256k1 curve in --full-gen-key.
rG681d75404300 gpg,agent: Clean up around using ECC KEM.
rG07e8ca2a9b54 gpg: Use ECC KEM interface for decryption.
rG04782e7fd629 agent: Add support for TPM2 for ECC KEM.
rGb956f47e2ab0 agent: Finish ECC KEM, adding support for NIST curves.
rG57a3d2392539 agent: Support ECC KEM by PKDECRYPT --kem.
rGeb9c39ac5bb5 agent: Refactor ECC KEM decap operation.
rGd1c3bfda2a8c gpg: Use the KEM API for ECC encryption.
rG40cfa71281db common: Add KEM constants for NIST curves.

Related Objects
Search...

Event Timeline

gniibe claimed this task.May 13 2025, 2:01 AM
gniibe triaged this task as High priority.
gniibe created this task.
gniibe added a comment.May 13 2025, 2:18 AM

NIST has an initial public draft for KEM: https://csrc.nist.gov/pubs/sp/800/227/ipd

werner added a project: gnupg26.May 13 2025, 3:24 PM
gniibe added a commit: rG40cfa71281db: common: Add KEM constants for NIST curves..May 16 2025, 7:08 AM
gniibe renamed this task from gnupg: Use KEM interface for decryption to gnupg: Use KEM interface for encryption/decryption.May 19 2025, 2:35 AM
gniibe added a commit: rGd1c3bfda2a8c: gpg: Use the KEM API for ECC encryption..May 19 2025, 8:01 AM
gniibe added a commit: rGeb9c39ac5bb5: agent: Refactor ECC KEM decap operation..May 20 2025, 9:33 AM
gniibe added a commit: rG57a3d2392539: agent: Support ECC KEM by PKDECRYPT --kem..May 21 2025, 7:58 AM
gniibe added a commit: rGb956f47e2ab0: agent: Finish ECC KEM, adding support for NIST curves..May 22 2025, 7:46 AM
gniibe added a commit: rG04782e7fd629: agent: Add support for TPM2 for ECC KEM..
gniibe added a commit: rG07e8ca2a9b54: gpg: Use ECC KEM interface for decryption..
gniibe changed the task status from Open to Testing.May 22 2025, 8:05 AM

Pushed all changes needed. Actually, agent side too.
Clean up will be done.

werner added a subscriber: werner.May 22 2025, 10:35 AM

FYI: I'd like to get a new release out after these changes.

gniibe added a commit: rG681d75404300: gpg,agent: Clean up around using ECC KEM..May 23 2025, 10:21 AM
gniibe added a comment.May 23 2025, 10:27 AM

Clean up finished by rG681d75404300: gpg,agent: Clean up around using ECC KEM.
Tested by make check and decrypting tests/openpgp/samplemsgs/pqc-sample-*.enc.asc.

collinfunk added a subscriber: collinfunk.May 24 2025, 9:13 PM

@werner I think these changes caused an ASAN failure that I reported in T7664. I think it would be good to get that sorted before a release.

gniibe mentioned this in T5964: gnupg should use the KDFs implemented in libgcrypt.May 26 2025, 6:32 AM
gniibe added a subtask: T7014: agent: Enhancement of PKDECRYPT for KEM interface.
gniibe added a subtask: T5964: gnupg should use the KDFs implemented in libgcrypt.May 26 2025, 6:34 AM
gniibe added a comment.May 27 2025, 3:38 AM

Another possible change will be use of KEM interface for gpgsm.
Not high priority, but for long term code maintenance.

werner mentioned this in T7671: Release GnuPG 2.5.7.Jun 2 2025, 5:57 PM
gniibe closed subtask T5964: gnupg should use the KDFs implemented in libgcrypt as Resolved.Jun 17 2025, 2:38 AM
werner closed subtask T7014: agent: Enhancement of PKDECRYPT for KEM interface as Resolved.Wed, Jun 18, 9:29 AM
gniibe added a comment.Tue, Jun 24, 8:07 AM

secp256k1 failure:
https://lists.gnupg.org/pipermail/gnupg-users/2025-June/067731.html

It should be supported as well.

werner added a comment.Tue, Jun 24, 8:20 AM

secp256k1 is an --expert option and not supported by other *PGP
implementations. We should actually hide this thing even more and not
even display it with --expert. Thus do no expect an immediate 2.5.9
release to fix this issue.

werner added a commit: rG49a9171f63ac: gpg: Do not show the secp256k1 curve in --full-gen-key..Tue, Jun 24, 8:49 AM
gniibe changed the status of subtask T7698: Add support of secp256k1 for KEM API from Open to Testing.Thu, Jun 26, 6:49 AM
gniibe added a commit: rG5e623b71d5ce: common:kem: Factor out a function to retrieve ECC parameters..Thu, Jul 3, 9:22 AM
werner closed subtask T7698: Add support of secp256k1 for KEM API as Resolved.Wed, Jul 16, 11:58 AM
werner moved this task from Backlog to WIP on the gnupg26 board.
gniibe added a subtask: T7709: Decryption with ECC smartcard keys broken.Thu, Jul 17, 4:24 AM
werner changed the status of subtask T7709: Decryption with ECC smartcard keys broken from Open to Testing.Thu, Jul 17, 9:12 AM