Re: [openpgp] sample v5 secret key material

[Daniel Huigens <d.huigens@protonmail.com>]

Hey dkg & all,

Here's an updated key pair:


-----BEGIN PGP PUBLIC KEY BLOCK-----

xjcFY4d/4xYAAAAtCSsGAQQB2kcPAQEHQPlNp7tI1gph5WdwamWH0DMZmbud
iRoIJC6thFQ9+JWjwqQFHxYKAAAAHwUCY4d/4wMLCQcFFQoOCAwCFgACGwMC
HgkFJwkCBwIAAAAjIiEFF7z4Nm2UNvevN+raFWxklGVuWpdpzy1cs0X4uDQ2
9lJ5xSazswKsjQ5+nWIpXpDAYUQBAOd3furFHev97PBcR9ZR3rg0qwfLzyjd
QbdBqyuBH15LAQCYI8kezQu+hTzUgWxiERhpmiT24LQOF2c7aXBhRsJMBc48
BWOHf+MSAAAAMgorBgEEAZdVAQUBAQdA/Pf8KarOAUj0Pq2/Og+WkdCjIqJD
YlYngO2SXahOcVsDAQgHwo4FGBYKAAAACQUCY4d/4wIbDAAAACMiIQUXvPg2
bZQ296836toVbGSUZW5al2nPLVyzRfi4NDb2Uu/EunWWplIOSvrF31Pzdbps
EwD/SYz1a7Zx47b2E2s2ZnWYQJ/GkS1LRhtaMLZixsAkoesA/2za1huJx31Z
P2hBxmeHI2hZWqRa+bdUEqbC+5xMveIL
=sVUI
-----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP PRIVATE KEY BLOCK-----

xVwFY4d/4xYAAAAtCSsGAQQB2kcPAQEHQPlNp7tI1gph5WdwamWH0DMZmbud
iRoIJC6thFQ9+JWjAAD9GXKBexK+cH6NX1hs5hNhIB00TrJmosgv3mg1ditl
sLcOpMKkBR8WCgAAAB8FAmOHf+MDCwkHBRUKDggMAhYAAhsDAh4JBScJAgcC
AAAAIyIhBRe8+DZtlDb3rzfq2hVsZJRlblqXac8tXLNF+Lg0NvZSecUms7MC
rI0Ofp1iKV6QwGFEAQDnd37qxR3r/ezwXEfWUd64NKsHy88o3UG3QasrgR9e
SwEAmCPJHs0LvoU81IFsYhEYaZok9uC0DhdnO2lwYUbCTAXHYQVjh3/jEgAA
ADIKKwYBBAGXVQEFAQEHQPz3/CmqzgFI9D6tvzoPlpHQoyKiQ2JWJ4Dtkl2o
TnFbAwEIBwAA/01gCk95TUR3XFeibg/u/tVY6a//1q0NWC1X+yui3O24Eb3C
jgUYFgoAAAAJBQJjh3/jAhsMAAAAIyIhBRe8+DZtlDb3rzfq2hVsZJRlblqX
ac8tXLNF+Lg0NvZS78S6dZamUg5K+sXfU/N1umwTAP9JjPVrtnHjtvYTazZm
dZhAn8aRLUtGG1owtmLGwCSh6wD/bNrWG4nHfVk/aEHGZ4cjaFlapFr5t1QS
psL7nEy94gs=
=5xrR
-----END PGP PRIVATE KEY BLOCK-----


This removes the superfluous octet count of the optional fields in the
secret key packets, changes the algorithm preferences as per dkg's
suggestions, and uses SHA-512 for both signatures.

Btw, apparently that octet count was removed for unencrypted secret keys
in -06, after the example keys were generated, so that at least explains
why they were broken :P But it's indeed not needed for unencrypted keys,
so I agree with this change.

We're close to done with implementing Argon2 so I hope to be able to
provide an encrypted example key soon. Curve448 might take a bit longer.

I also didn't bump the version to 6 yet, but that would be quite easy to
do once that change is made in the spec, of course.

Best,
Daniel


------- Original Message -------
On Monday, November 28th, 2022 at 17:29, Daniel Huigens wrote:

> Hi dkg,
> 
> Yeah, you're right. It seems there's a missing if statement or condition
> in OpenPGP.js.
> 
> Apologies for the broken example key! I'll make a new one, if you don't
> beat me to it :)
> 
> Best,
> Daniel