Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
OpenPGP smartcard and P-256 in non expert mode
gnupg-users at gnupg
Aug 11, 2022, 12:39 AM
Post #1 of 7 (495 views)
Permalink
Hi!

I don't understand why generating a key on a smartcard only offers Curve25519 and P-384 for ECC cryptography unless the --expert flag is used.
P-384 is offered even when the hardware key doesn't support it and other curves which the hardware supports are not offered which is confusing.
Why is the P-256 curve disabled by default? It seems deliberate in https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=402aa0f94854bb00475c934be5ca6043a4632126
but I can't find any documentation on why that choice was made.

Thanks,
Sosthène

--
Sosthène Guédon
Intern

Nitrokey GmbH
https://www.nitrokey.com
Email: sosthene@nitrokey.com

Rheinstr. 10 C, 14513 Teltow, Germany
CEO / CEO: Jan Suhr
Register: AG Potsdam, HRB 32882 P
VAT ID / VAT ID: DE300136599


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
gnupg-users at gnupg
Aug 11, 2022, 3:32 AM
Post #2 of 7 (495 views)
Permalink
Hi!

Please share your GnUPG version and the type of smartcard you are using
with us. A 9 year old commit is not very helpful.


Shalom-Salam,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

Attached Files:

Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
gnupg-users at gnupg
Aug 11, 2022, 5:58 AM
Post #3 of 7 (495 views)
Permalink
Hi!

> Please share your GnUPG version and the type of smartcard you are using
> with us. A 9 year old commit is not very helpful.

I'm using gpg 2.2.36 and a OpenPGP smart card implementation we are currently developing.

You're right the commit itself isn't very helpful, here are is the code that is relevant in the 2.2 branch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keygen.c;h=fee752376d28d7c7704336d681da8be92c4f22bc;hb=491645b50ec97db12520483d347291d660db209c#l2393
See the `expert_only` flag set to 1 for P-256. This was introduced in the commit I mentioned.

Regards,
Sosthène

--
Sosthène Guédon
Intern

Nitrokey GmbH
https://www.nitrokey.com
Email: sosthene@nitrokey.com

Rheinstr. 10 C, 14513 Teltow, Germany
CEO / CEO: Jan Suhr
Register: AG Potsdam, HRB 32882 P
VAT ID / VAT ID: DE300136599


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
kloecker at kde
Aug 11, 2022, 6:30 AM
Post #4 of 7 (495 views)
Permalink
On Donnerstag, 11. August 2022 09:39:24 CEST Sosth?ne Gu?don | Nitrokey via
Gnupg-users wrote:
> I don't understand why generating a key on a smartcard only offers
> Curve25519 and P-384 for ECC cryptography unless the --expert flag is used.

You are asking the question the wrong way. Why should P-256 be offered without
the --expert flag? It's not as if gpg wouldn't allow you to create a P-256 key.

Only experts will be able to make an educated decision between P-256 and
P-384. It's good to give "normal" people less choice by default because more
choice will just confuse them even more. Even having to choose between
Curve25519 and P-384 will be too much already for people who just have been
told that they should generate an ECC key.

Regards,
Ingo

Attached Files:

Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
gnupg-users at gnupg
Aug 11, 2022, 8:25 AM
Post #5 of 7 (495 views)
Permalink
n 8/11/22 15:30, Ingo Klöcker wrote
> Only experts will be able to make an educated decision between P-256 and
> P-384. It's good to give "normal" people less choice by default because more
> choice will just confuse them even more. Even having to choose between
> Curve25519 and P-384 will be too much already for people who just have been
> told that they should generate an ECC key.

That makes sense to me. However why offer curves not supported by the hardware?

Regards,
Sosthène

--
Sosthène Guédon
Intern

Nitrokey GmbH
https://www.nitrokey.com
Email: sosthene@nitrokey.com

Rheinstr. 10 C, 14513 Teltow, Germany
CEO / CEO: Jan Suhr
Register: AG Potsdam, HRB 32882 P
VAT ID / VAT ID: DE300136599


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
gnupg-users at gnupg
Aug 12, 2022, 12:21 AM
Post #6 of 7 (495 views)
Permalink
On Thu, 11 Aug 2022 17:25, Sosthène Guédon | Nitrokey said:

> That makes sense to me. However why offer curves not supported by the hardware?

Because we can't now what curves a certain smartcard supports. The
announcement of the car capabilities is a relative new and optional
OpenPGP card feature and GnuPG shall still work with older cards.


Salam-Shalom,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

Attached Files:

Re: OpenPGP smartcard and P-256 in non expert mode [ In reply to ]
gnupg-users at gnupg
Aug 12, 2022, 12:21 AM
Post #7 of 7 (495 views)
Permalink
On Thu, 11 Aug 2022 14:58, Sosthène Guédon | Nitrokey said:

> I'm using gpg 2.2.36 and a OpenPGP smart card implementation we are
> currently developing.

You should better use the stable branch (2.3) instead of the LTS.


Shalom-Salam,

Werner

--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal