Re: [openpgp] ECC point encoding and "flag byte"
NIIBE Yutaka <gniibe@fsij.org> Wed, 03 March 2021 08:02 UTC
Return-Path: <gniibe@fsij.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA3263A1C85 for <openpgp@ietfa.amsl.com>; Wed, 3 Mar 2021 00:02:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fsij.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id apoM4uEvuyYv for <openpgp@ietfa.amsl.com>; Wed, 3 Mar 2021 00:02:24 -0800 (PST)
Received: from akagi.fsij.org (akagi.fsij.org [217.70.189.144]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A6433A1C84 for <openpgp@ietf.org>; Wed, 3 Mar 2021 00:02:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=fsij.org; s=main; h=Content-Type:MIME-Version:Message-ID:Date:In-reply-to:Subject:Cc: To:From:References:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=sxRFibkfySGqC0OVmKxXurbH+T+pnXynBQ/s7ev4EDs=; b=swPJrzypXdNV7KH/zs5HDC0SYV N2bq6aSROfqVPt1xS/F6NK8KsN3xLlPIg9SatsQrbzSZTMNvBouo4xL3SMKVDUcAHJlLCHr36tmaG pp7onEUK4FVA97LAa/DZq4JcaiflsmFUpw2UQmf/nq5Lb5+ZKqN24uQlICu1LM8LxBuYQe/qlO4LQ TeCoj+SwHiYHWoRizXxn5575b3ENC3AKxh7CO/KC451fQHHJ8D+Gf4cza0iiZ9VyMcX1CfoZFTTVV 7AhPYn8AMdEDM/xafgwL4EYwawg4nktognmLs1M7Fhs1Spu1Ar72WmdBuFZ+pgIJTPUO3a1n58tzT 5+EYYuPw==;
Received: from i201193.dynamic.ppp.asahi-net.or.jp ([61.125.201.193] helo=localhost) by akagi.fsij.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <gniibe@fsij.org>) id 1lHMSY-00030j-So; Wed, 03 Mar 2021 09:02:19 +0100
References: <87h7lyccns.fsf@fifthhorseman.net> <87czwj8d3b.fsf@wheatstone.g10code.de> <87v9a829z7.fsf@iwagami.gniibe.org>
User-agent: mu4e 1.0; emacs 27.1
From: NIIBE Yutaka <gniibe@fsij.org>
To: Werner Koch <wk@gnupg.org>, Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: openpgp@ietf.org
In-reply-to: <87v9a829z7.fsf@iwagami.gniibe.org>
Date: Wed, 03 Mar 2021 17:02:15 +0900
Message-ID: <8735xcmzqw.fsf@jumper.gniibe.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/-8xzKLqiVbIVb21mSMt-2DhU3s0>
Subject: Re: [openpgp] ECC point encoding and "flag byte"
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2021 08:02:27 -0000
NIIBE Yutaka wrote: > 4: Ed25519 interoperability issue in GnuPG 2.3-beta (currently being fixed) > =========================================================================== > > In GnuPG 2.3-beta, it is handled as SOS, so, we have an issue for Ed25519. > > See: > > - Key: https://dev.gnupg.org/T5120 > > - Signature: https://dev.gnupg.org/T5331 Here are two example files which were produced by GnuPG 2.3-beta. Those include Ed25519 signatures. 0110.asc includes signature with S part having zero at the start. 0354.asc includes signature with R part having zero at the start. Here are dumps of these files: ========= 0110.asc ========== # off=0 ctb=88 tag=2 hlen=2 plen=117 :signature packet: algo 22, keyid E267B052364F028D version 4, created 1614755507, md5len 0, sigclass 0x01 digest algo 10, begin of digest 4f 78 hashed subpkt 33 len 21 (issuer fpr v4 249CB3771750745D5CDD323CE267B052364F028D) hashed subpkt 2 len 4 (sig created 2021-03-03) subpkt 16 len 8 (issuer key ID E267B052364F028D) data: ADEE890B755C3B52D46FB0105097F23B5905B472C626222ACB4E441D8EB40001 data: 007119FF80C34DA152BDB07E1EF5D968CB9F2773002A0CF57911670BE248CF06 ========= 0354.asc ========== # off=0 ctb=88 tag=2 hlen=2 plen=117 :signature packet: algo 22, keyid E267B052364F028D version 4, created 1614755520, md5len 0, sigclass 0x01 digest algo 10, begin of digest 28 19 hashed subpkt 33 len 21 (issuer fpr v4 249CB3771750745D5CDD323CE267B052364F028D) hashed subpkt 2 len 4 (sig created 2021-03-03) subpkt 16 len 8 (issuer key ID E267B052364F028D) data: 001DB3839E3FD8D4CB81357EE5E42F4AF652C252A03A0FB21768621B1025C08C data: AF5A0910EF1D4D6BDD07EA0AA6D69049CB7BA7ED42427E14B8B72CF2C2231704 I wonder if other implementations can handle these files correctly. Specifically, it is malformed MPI in terms of current OpenPGP specification. --
- [openpgp] ECC point encoding and "flag byte" Daniel Kahn Gillmor
- Re: [openpgp] ECC point encoding and "flag byte" Andrey Jivsov
- Re: [openpgp] ECC point encoding and "flag byte" Werner Koch
- Re: [openpgp] ECC point encoding and "flag byte" NIIBE Yutaka
- Re: [openpgp] ECC point encoding and "flag byte" NIIBE Yutaka
- Re: [openpgp] ECC point encoding and "flag byte" Wiktor Kwapisiewicz
- Re: [openpgp] ECC point encoding and "flag byte" Florian Weimer
- Re: [openpgp] ECC point encoding and "flag byte" Ángel
- Re: [openpgp] ECC point encoding and "flag byte" Werner Koch
- Re: [openpgp] ECC point encoding and "flag byte" Ángel