Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generating Revocation Signatures for sign/auth ed25519 and encr cv25519 Subkeys #1

Open
skaht opened this issue Nov 8, 2020 · 0 comments
Open

Generating Revocation Signatures for sign/auth ed25519 and encr cv25519 Subkeys #1

skaht opened this issue Nov 8, 2020 · 0 comments

Comments

@skaht
Copy link

skaht commented Nov 8, 2020

In the process of methodically documenting how PGP keyblock packets can be synthesized from the ground up for primary and sign/encr/auth subkeys for ed25519 and cv25519 curves.

A test vector of data is documented at summitto/pgp-packet-library#58. Nine PGP packet in a keyblock (created using GPG) are contained in this armor output.

-----BEGIN PGP PRIVATE KEY BLOCK-----

lFgEXg6vuxYJKwYBBAHaRw8BAQdAn7BQFV/16k0/zgwhIZRaREcAQhjT5989AdWp
BFc9/dsAAQDwbhVpgFekgB/bjXAI+Xq6x7Uc4cLneaQD6ezwL2W7SxGltBtzYWxs
eSA8cHVtcGtpbkBwZWFudXRzLmNvbT6IkwQTFgoAOxYhBCRzVv7G3xDbuWLI2Wrw
u8wOaNmkBQJeDq+7AhsDBQkJZgGABAsJCAcEFQoJCAQWAgMBAh4BAheAAAoJEGrw
u8wOaNmknFABALV7dYOgqf+D0E7ulXyJGD0N2ht5R4XFi97oBcJTypBQAQDlNmZ5
jtSeWsyhAd5BC2aO8u2WIXOGNkg5XOXNpLnZAZxYBF4OsNsWCSsGAQQB2kcPAQEH
QH9NXrI0pOXgGFrz5v0gWEs4dOO9F2kosxl2uAmu4UAFAAD/USIkBcyYLYsfaGjW
EWcoQJ5qLMK0NSNpc0WycxUnFycMHoj1BBgWCgAmFiEEJHNW/sbfENu5YsjZavC7
zA5o2aQFAl4OsNsCGwIFCQHhM4AAgQkQavC7zA5o2aR2IAQZFgoAHRYhBBNOMMJv
NRug9mrC1Sxdo1SrmWLnBQJeDrDbAAoJECxdo1SrmWLnMa4BAKYqXIkPMqCwzzgJ
J+Fbeeq75SLbW5qca6Nm1bgonkL9AP4uaig+U4ukJT5LUhXDQ5z6zzU0IVdOdQKi
1GJoZLiBAiDGAPsGpDI85gnGjCk7Ak1OzrJE/05KALlClYeldMV8Y49W0AD+OeMe
Uc7RkJWafLgEOwdazXXRM6YSvEEFw3F5jXrG1AKcXQReDrEWEgorBgEEAZdVAQUB
AQdAhaQ3/6KI53mv3LBgu0BowIv1QE7q/kJy40AElbRQIUMDAQgHAAD/Rit0lIvz
18Dx6zX6Ias7YTj6ph1uDhKBqVg5SUlMSKAQBIh+BBgWCgAmFiEEJHNW/sbfENu5
YsjZavC7zA5o2aQFAl4OsRYCGwwFCQHhM4AACgkQavC7zA5o2aR54wEA3Zo8P+P9
/uNXc93il5HtmsmJd4sxr4ZLz/mqZ8eqTCYA/11gyVAwUulwrWN6ToCYfb/T/Uvu
LegSqUrZ0ksOz8EFnFgEXg6xRRYJKwYBBAHaRw8BAQdALEOqfYRAsEVSvD/SBuji
7ZtSepTB6Q4r9Z3rFgYOdJoAAP9VlpLSLnNK6NlOFC7O5FmxsCecwx6PGGPOq6vU
8hqWvRH7iH4EGBYKACYWIQQkc1b+xt8Q27liyNlq8LvMDmjZpAUCXg6xRQIbIAUJ
AeEzgAAKCRBq8LvMDmjZpAa5AQDyjLSvRx0v4+UkSuWIoM4hKoAMwE1vWjIHclfq
GkZP+AD/WzZy5hNUHx4AZ9+71D7+kXKT1/9YltuuGcDl75hvBww=
=FX9m
-----END PGP PRIVATE KEY BLOCK-----

After the master, and three subkeys above are succesfully imported into a gpg keychain, the gen-revoke script hangs for the sign, encr, auth subkeys.

$primarySecretKey          = 0xf06e15698057a4801fdb8d7008f97abac7b51ce1c2e779a403e9ecf02f65bb4b      

$primaryPublicKey          = 409FB050155FF5EA4D3FCE0C2121945A4447004218D3E7DF3D01D5A904573DFDDB
$signaturePublicKey        = 407F4D5EB234A4E5E0185AF3E6FD20584B3874E3BD176928B31976B809AEE14005
$encryptionPublicKey       = 4085A437FFA288E779AFDCB060BB4068C08BF5404EEAFE4272E3400495B4502143
$authenticationPublicKey   = 402C43AA7D8440B04552BC3FD206E8E2ED9B527A94C1E90E2BF59DEB16060E749A

$primaryFingerprint        = 247356FEC6DF10DBB962C8D96AF0BBCC0E68D9A4
$signatureFingerprint      = 134E30C26F351BA0F66AC2D52C5DA354AB9962E7
$encryptionFingerprint     = EBC8E84EDA8BFBCDE085C976C18DDC38AFE302CC
$authenticationFingerprint = F468A64BCADFE4FB31C3E9CBAE40CCE81E41A4CA

Not that this issue must be fixed, but it would be extremely useful if three subkey revocation certs can be created and shared that are signature packets of type 0x20.
@skaht skaht changed the title Generating Revocation Signatures for sign/auth ed25519 and encry cv25519 Subkeys Generating Revocation Signatures for sign/auth ed25519 and encr cv25519 Subkeys Nov 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@skaht