Re: [openpgp] sample v5 secret key material
Daniel Huigens <d.huigens@protonmail.com> Wed, 30 November 2022 16:31 UTC
Return-Path: <d.huigens@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D94DC14F745 for <openpgp@ietfa.amsl.com>; Wed, 30 Nov 2022 08:31:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pPUorxgCwy3v for <openpgp@ietfa.amsl.com>; Wed, 30 Nov 2022 08:31:34 -0800 (PST)
Received: from mail-4316.protonmail.ch (mail-4316.protonmail.ch [185.70.43.16]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08DE0C14F720 for <openpgp@ietf.org>; Wed, 30 Nov 2022 08:31:33 -0800 (PST)
Date: Wed, 30 Nov 2022 16:31:23 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1669825891; x=1670085091; bh=PigtSU3tfG0bfu6wPGvZ9w+H3KL1ZBNqVweWO581OHk=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=sKzDGxdA2/sSe4lIZQuw/2QXc+E8ei8xEbyKu2TYOPY1srtjTDLpcWB5lGhxjh2Ao ZXJb4oKwyPk3IVIhruFbWG0dnFflck5oYUyVLL0pMfqXQoVyGYP81RnE9uOjMa7ih+ 4LmLUBxnv4WszIAC/vYSL7CYKD8JdlRoTVZtqA6yHU8SveBHr/RP6H9rdZr2rycGfK amfZgJpWyZw2UjkZVnPjdeXwmGncApIU3tel7CqOk0EPI/bzsdphbG0TJrCneJEyOQ Z8FhjzpgCj6yBbOXEyqtfrstlRs+rBdjyBuGOqxU09AMFemCXwY3dA1SqL+cjysm8N 6QtCqr2CSsbqg==
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
From: Daniel Huigens <d.huigens@protonmail.com>
Cc: openpgp@ietf.org
Message-ID: <vqLkGjU9bVLkzxVuVP4q6eLMYsIsCAEticXH9YQZ3y40uQfrNBpSicOP464RkqJCbqPsUFcOl9hKTBMQdD6KKLKejxown9g84ZBepeW5zK0=@protonmail.com>
In-Reply-To: <mH2Q8Hy8GJFYnn3PtaOC9S7BnWq1HOPX95MS1VAD8fO7vaJP6ZFTuB0GmkDKg0L7i_3fsBk59QZbbq01LtTpXRdJ8FIb70PAWOBpwcSwVHY=@protonmail.com>
References: <87v8n2u512.fsf@fifthhorseman.net> <mH2Q8Hy8GJFYnn3PtaOC9S7BnWq1HOPX95MS1VAD8fO7vaJP6ZFTuB0GmkDKg0L7i_3fsBk59QZbbq01LtTpXRdJ8FIb70PAWOBpwcSwVHY=@protonmail.com>
Feedback-ID: 2934448:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Z2Mkq9TfvgY5jUJzlNRwgDsDSUk>
Subject: Re: [openpgp] sample v5 secret key material
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2022 16:31:38 -0000
Hey dkg & all, Here's an updated key pair: -----BEGIN PGP PUBLIC KEY BLOCK----- xjcFY4d/4xYAAAAtCSsGAQQB2kcPAQEHQPlNp7tI1gph5WdwamWH0DMZmbud iRoIJC6thFQ9+JWjwqQFHxYKAAAAHwUCY4d/4wMLCQcFFQoOCAwCFgACGwMC HgkFJwkCBwIAAAAjIiEFF7z4Nm2UNvevN+raFWxklGVuWpdpzy1cs0X4uDQ2 9lJ5xSazswKsjQ5+nWIpXpDAYUQBAOd3furFHev97PBcR9ZR3rg0qwfLzyjd QbdBqyuBH15LAQCYI8kezQu+hTzUgWxiERhpmiT24LQOF2c7aXBhRsJMBc48 BWOHf+MSAAAAMgorBgEEAZdVAQUBAQdA/Pf8KarOAUj0Pq2/Og+WkdCjIqJD YlYngO2SXahOcVsDAQgHwo4FGBYKAAAACQUCY4d/4wIbDAAAACMiIQUXvPg2 bZQ296836toVbGSUZW5al2nPLVyzRfi4NDb2Uu/EunWWplIOSvrF31Pzdbps EwD/SYz1a7Zx47b2E2s2ZnWYQJ/GkS1LRhtaMLZixsAkoesA/2za1huJx31Z P2hBxmeHI2hZWqRa+bdUEqbC+5xMveIL =sVUI -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP PRIVATE KEY BLOCK----- xVwFY4d/4xYAAAAtCSsGAQQB2kcPAQEHQPlNp7tI1gph5WdwamWH0DMZmbud iRoIJC6thFQ9+JWjAAD9GXKBexK+cH6NX1hs5hNhIB00TrJmosgv3mg1ditl sLcOpMKkBR8WCgAAAB8FAmOHf+MDCwkHBRUKDggMAhYAAhsDAh4JBScJAgcC AAAAIyIhBRe8+DZtlDb3rzfq2hVsZJRlblqXac8tXLNF+Lg0NvZSecUms7MC rI0Ofp1iKV6QwGFEAQDnd37qxR3r/ezwXEfWUd64NKsHy88o3UG3QasrgR9e SwEAmCPJHs0LvoU81IFsYhEYaZok9uC0DhdnO2lwYUbCTAXHYQVjh3/jEgAA ADIKKwYBBAGXVQEFAQEHQPz3/CmqzgFI9D6tvzoPlpHQoyKiQ2JWJ4Dtkl2o TnFbAwEIBwAA/01gCk95TUR3XFeibg/u/tVY6a//1q0NWC1X+yui3O24Eb3C jgUYFgoAAAAJBQJjh3/jAhsMAAAAIyIhBRe8+DZtlDb3rzfq2hVsZJRlblqX ac8tXLNF+Lg0NvZS78S6dZamUg5K+sXfU/N1umwTAP9JjPVrtnHjtvYTazZm dZhAn8aRLUtGG1owtmLGwCSh6wD/bNrWG4nHfVk/aEHGZ4cjaFlapFr5t1QS psL7nEy94gs= =5xrR -----END PGP PRIVATE KEY BLOCK----- This removes the superfluous octet count of the optional fields in the secret key packets, changes the algorithm preferences as per dkg's suggestions, and uses SHA-512 for both signatures. Btw, apparently that octet count was removed for unencrypted secret keys in -06, after the example keys were generated, so that at least explains why they were broken :P But it's indeed not needed for unencrypted keys, so I agree with this change. We're close to done with implementing Argon2 so I hope to be able to provide an encrypted example key soon. Curve448 might take a bit longer. I also didn't bump the version to 6 yet, but that would be quite easy to do once that change is made in the spec, of course. Best, Daniel ------- Original Message ------- On Monday, November 28th, 2022 at 17:29, Daniel Huigens wrote: > Hi dkg, > > Yeah, you're right. It seems there's a missing if statement or condition > in OpenPGP.js. > > Apologies for the broken example key! I'll make a new one, if you don't > beat me to it :) > > Best, > Daniel
- [openpgp] sample v5 secret key material Daniel Kahn Gillmor
- Re: [openpgp] sample v5 secret key material Daniel Huigens
- Re: [openpgp] sample v5 secret key material Daniel Huigens
- Re: [openpgp] sample v5 secret key material Daniel Huigens