[Gnuk-users] Ed25519 for signing broken?
Jonathan Schleifer
js-gnuk-users at webkeks.org
Mon Feb 9 08:19:11 UTC 2015
Am 09.02.2015 um 05:27 schrieb NIIBE Yutaka <gniibe at fsij.org>
> On 02/09/2015 05:03 AM, Jonathan Schleifer wrote:
>> So, even when not changing the PIN and keeping it at 123456, I still
>> get the bad signature error. It seems the problem happens only with
>> Ed25519. Is it possible the Ed25519 code on the Gnuk is not working
>> correctly as it is quite new?
>
> It was pretty embarrassing bug of Gnuk.
Nothing to be embarrassed about. It's always these small bugs ;). And sometimes one looks for hours for a bug and then it's just a single character being wrong! :)
> * src/openpgp.c (cmd_pso): Fix eddsa. Use GPG_KEY_FOR_SIGNING.
>
> diff --git a/src/openpgp.c b/src/openpgp.c
> index e1d1203..5976255 100644
> --- a/src/openpgp.c
> +++ b/src/openpgp.c
> @@ -900,9 +900,9 @@ cmd_pso (void)
>
> res_APDU_size = EDDSA_SIGNATURE_LENGTH;
> r = eddsa_sign_25519 (apdu.cmd_apdu_data, len, output,
> - kd[GPG_KEY_FOR_AUTHENTICATION].data,
> - kd[GPG_KEY_FOR_AUTHENTICATION].data+32,
> - kd[GPG_KEY_FOR_AUTHENTICATION].pubkey);
> + kd[GPG_KEY_FOR_SIGNING].data,
> + kd[GPG_KEY_FOR_SIGNING].data+32,
> + kd[GPG_KEY_FOR_SIGNING].pubkey);
> memcpy (res_APDU, output, EDDSA_SIGNATURE_LENGTH);
> }
> }
Thanks, I will try that later :).
In any case, would you be so kind to explain how exactly the keys are stored on the Gnuk? Having to store it with a secret derived from 123456, even if only temporary, worries me. Wouldn't it be possible to specify a PIN for the key when importing it? It currently asks for the admin PIN there, why not ask for a new PIN there, too?
Thanks,
Jonathan
More information about the gnuk-users
mailing list