Re: [openpgp] v5 sample key

Heiko Stamer <HeikoStamer@gmx.net> Mon, 22 April 2019 06:55 UTC

To: openpgp@ietf.org
References: <87sgvh1ugy.fsf@wheatstone.g10code.de>
From: Heiko Stamer <HeikoStamer@gmx.net>
Openpgp: preference=signencrypt
Autocrypt: addr=HeikoStamer@gmx.net; prefer-encrypt=mutual; keydata= mQGiBDdYKNkRBACRdsFzaQn0HChOX38WHXlIYcNZAAxBQxa7gdmPXTUK+tgwQuwAr/XViQxn ExKwyOteRhwHZNSYdoKPlCOJ3c3FWCKAdflINr53NvN/qnnaF+3M1HaluiwVdfHD9a0+k7fd NFZMq2bTpzSCQBsPGipSK0K8ET8UPrXm54pXhqYL2wCgsuMBOv64bmg2zjg6vHSTKADGykcD /Agjoa7y7Cpifk4WEKDKu8nlrE9OFOJppjZ9bdJedrmZq5A/jHr35UOgbZItTmgBiz7bfMLq 7HD05ZQ3BplBmmiE0412f55GadCjN4vvnCdTqZ/ewzWdz/rzQGaJm9IvW6rupuFgrTx0GJhf we7cr6GQQo0nqA0LMCyhGHQASC56A/9NOroBzLM6wl9QlE9lybxd3cxI2UnrfHIu63tklFKF vL1XnjyJ4YR0sDs6/f56JbtEGUKTCI7ZAw+241Va4MrbDVmmsGJjQBcKxNbHDfkkjoJ9NBwr pUo2nMT3BWyKHCfnMqoyT+nN04b0Em1ffbhptKiLJSeY1mcPxvA1h7PrKbQlSGVpa28gU3Rh bWVyIDxoZWlrby5zdGFtZXJAcG9zdGVvLmRlPohiBBMRAgAiAhsDAh4BAheABQJTnH9pBgsJ CAcDAgYVCAIJCgsEFgIDAQAKCRBPWE64+yvhT4n9AJwNsUcN5bx9/gtUs4LMmqBcePkQKwCf Y4FmM1D4rmTWsHQ1NRgsiqQhc265Aw0EN1gq2RAMAK4ZTZJZeaOmjIYhf9QfN7rQ6iXEF20r OG8NkeHLVLPw02t2QjejO5g4zGQplktPD+JCKBU1B/DL7l8BTDopofw4+fAierJ6C4jo/AbS pArZxaVJNkOVNbwHYPdCmO3yxieeMYQgYoZvtkBSA4OZZh2xLfmi3IRBPRSf+REiqPJBy9aA 0f7634vKldTG7R4PR2UP+THjpM/2SpNiyv/y9ZaEPYn3zHRkWsUw3xAMIiE73Hen6o/J9KIB 2e4jiI3VFiwq0LaKRv5whzltjKydGi2zVqcDLc93lDxsW2OXPE89GH3S/9irlEz/ciBuxtLT MMjSV3OeV34Mid7Muz8RE6whOaZteuEgAcLxONxe3FZHeG2cUuciCZDdFqDRtB6w0XhjltdI ZzD8zHBZyboRfBxubtRzriTxjFcxjI3L5df9uLWjuvkl0fSYpQV5dMX1Yus2kXiMHKUeTVE0 NtHqSnozzu88l6D+dCHX0i1BDFgkZi70oGEEaEW0NQgDItOdNwADBQv/a0d7nasV4JW9mjtF nlJDL9pyXHuGc+y9vfJNdy+DlzuHB44vtl+yH9ecTdpxE7RgB8ZvQvEwUmV+keBw+5NkR3ms +AnPrwZxwAIE/DxnwyBAQETkf9SIBH8cz0BCYQ37B+N4OW/pkYSWadjn2Bgi4IZRWyrDmnAI KwsGzfGUxPIKI3AMcRFFqjdhMaFo3L2GwJ2o0dBxd1LN0Xo6298ydcjrtAbKI1xuNXBfBAeU YCzGjg7cUw6XXfyjU5rTQkxKTu13xsKUwCnse7jOvDnfdNnYC+n7o4WNQBDhTiF0QMZ482ba FtCKcqdQJ3fQ9uioh1kOZirhJJ40xtYrDLcS3H9rQZff0X+CeOa94EdJYYYH7BIpysrfJ9c1 cxrg5brzeb9ofWaxLQvRIXBubbDtd0AunQMJXTfXHUmgYCdzSZVyy1tUzso1QacI4D0PhRIo euP8ihlWhqnHRv5tY8Ue18uFybaVIOWrsXXjQOVBUvXFmYCc9ykvJcyYSadLYkJliEYEGBEC AAYFAjdYKtkACgkQT1hOuPsr4U9xEwCeKB7jHvmUrWnuxsqx2Flvq2/gIk8AoKkOpGf2jud+ 8uWi5c1ohHWeuLtz
Message-ID: <aef8c02b-b672-83ce-57d3-1203179cc209@gmx.net>
Date: Mon, 22 Apr 2019 08:55:20 +0200
MIME-Version: 1.0
In-Reply-To: <87sgvh1ugy.fsf@wheatstone.g10code.de>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/sSUB6YkwlTUj1D9uMGsjQJwu-Xo>
Subject: Re: [openpgp] v5 sample key
Precedence: list

Hi Werner,

during implementation of V5 keys and signatures in LibTMCG I discovered
a minor issue with RFC 4880bis. Section 5.2.4 says at third paragraph:

  "When a signature is made over a key, the hash data starts with the
   octet 0x99, followed by a two-octet length of the key, and then body
   of the key packet."

There is no distinction between V3, V4, and V5 signatures resp. keys.
However, GnuPG computes the hash in function hash_public_key() for V5
keys in a different way: starting with octet 0x9a and a four-octet
length is given before the body of key packet is hashed.

Thus, either this part should be specified in RFC 4880bis with more
detail or GnuPG has to change its hash computation for signatures.
Best regards,
Heiko.

PS. Taking the above issue into account the given V5 sample key is
recognized by LibTMCG as required:

PrivateKeyBlockParse(emma_armored, 3, "", emma)
INFO: PacketDecode() = 5 version = 5
INFO: encdatalen = 0
INFO: skalgo = 0
INFO: aeadalgo = 0
INFO: s2kconv = 0
INFO: s2k_type = 0 s2k_hashalgo = 0 s2k_count = 0
INFO: key ID of private primary key: 19 34 7b c9 87 24 64 2
INFO: PacketDecode() = 13 version = 0
INFO: signature subpacket type = 33 found
INFO: signature subpacket type = 2 found
INFO: signature subpacket type = 27 found
INFO: signature subpacket type = 11 found
INFO: signature subpacket type = 34 found
INFO: signature subpacket type = 21 found
INFO: signature subpacket type = 22 found
INFO: signature subpacket type = 30 found
INFO: signature subpacket type = 23 found
INFO: PacketDecode() = 2 version = 5
INFO: EdDSA rbits = 254 sbits = 255
INFO: PacketDecode() = 7 version = 5
INFO: encdatalen = 0
INFO: skalgo = 0
INFO: aeadalgo = 0
INFO: s2kconv = 0
INFO: s2k_type = 0 s2k_hashalgo = 0 s2k_count = 0
INFO: key ID of private subkey: e4 55 7c 2b 2 ff bf 4b
INFO: signature subpacket type = 33 found
INFO: signature subpacket type = 2 found
INFO: signature subpacket type = 27 found
INFO: PacketDecode() = 2 version = 5
INFO: EdDSA rbits = 256 sbits = 256
CheckSelfSignatures()
INFO: key ID of primary key: 19 34 7b c9 87 24 64 2
INFO: fingerprint of primary key: 19 34 7b c9 87 24 64 2 5f 99 df 3e c2
e0 0 e d9 88 48 92 e1 f7 b3 ea 4c 94 0 91 59 56 9b 54
INFO: number of selfsigs = 0
INFO: number of keyrevsigs = 0
INFO: number of certrevsigs = 0
INFO: number of userids = 1
INFO: number of userattributes = 0
INFO: number of subkeys = 1
INFO: number of revkeys = 0
INFO: userid = "emma.goldman@example.net"
INFO: number of selfsigs = 1
INFO: number of revsigs = 0
INFO: number of certsigs = 0
INFO: sig type = 0x13 pkalgo = 22 hashalgo = 8 revocable = true
exportable = true version = 5 creationtime = 1553069284 expirationtime =
0 keyexpirationtime = 0 revcode = 0 packet.size() = 152 hspd.size() = 72
issuer = 19 34 7b c9 87 24 64 2  issuerfpr = 19 34 7b c9 87 24 64 2 5f
99 df 3e c2 e0 0 e d9 88 48 92 e1 f7 b3 ea 4c 94 0 91 59 56 9b 54
keyflags = 3  revkeys.size() = 0
INFO: left = f5 c0
INFO: user ID is valid
INFO: primary key update expirationtime to 0
INFO: primary key update flags to 3
INFO: primary key update features to 7
INFO: primary key update psa to 9 8 7 2
INFO: primary key update pha to 10 9 8 11 2
INFO: primary key update pca to 2 3 1
INFO: primary key update paa to 2 1
INFO: primary key update revkeys with added
INFO: key flags on primary key are CS
CheckSubkeys()
INFO: key ID of subkey: e4 55 7c 2b 2 ff bf 4b
INFO: fingerprint of subkey: e4 55 7c 2b 2 ff bf 4b 4 f8 74 1 ec 33 6a
f7 13 3d f 85 be 7f d0 9b ae fd 9c ae b8 c9 39 65
INFO: number of selfsigs = 0
INFO: number of bindsigs = 1
INFO: number of pbindsigs = 0
INFO: number of keyrevsigs = 0
INFO: number of certrevsigs = 0
INFO: number of revkeys = 0
INFO: sig type = 0x18 pkalgo = 22 hashalgo = 8 revocable = true
exportable = true version = 5 creationtime = 1553069284 expirationtime =
0 keyexpirationtime = 0 revcode = 0 packet.size() = 124 hspd.size() = 44
issuer = 19 34 7b c9 87 24 64 2  issuerfpr = 19 34 7b c9 87 24 64 2 5f
99 df 3e c2 e0 0 e d9 88 48 92 e1 f7 b3 ea 4c 94 0 91 59 56 9b 54
keyflags = c  revkeys.size() = 0
INFO: left = 39 24
INFO: subkey update expirationtime to 0
INFO: subkey update flags to c
INFO: subkey update features to
INFO: subkey update psa to
INFO: subkey update pha to
INFO: subkey update pca to
INFO: subkey update paa to
INFO: subkey update revkeys with added
INFO: subkey is valid
INFO: key flags on subkey are Ee
!primary->Weak()
INFO: EdDSA with curve "Ed25519" and 256 bits

[openpgp] v5 sample key Werner Koch
Re: [openpgp] v5 sample key Heiko Stamer
Re: [openpgp] v5 sample key Werner Koch
Re: [openpgp] v5 sample key Heiko Stamer
Re: [openpgp] v5 sample key Jonathan McDowell
Re: [openpgp] v5 sample key Heiko Stamer
Re: [openpgp] v5 sample key Daniel Kahn Gillmor
Re: [openpgp] v5 sample key Werner Koch
Re: [openpgp] v5 sample key Daniel Huigens
Re: [openpgp] v5 sample key Heiko Stamer