[Gnuk-users] Ed25519 for signing broken?
NIIBE Yutaka
gniibe at fsij.org
Mon Feb 9 11:27:23 UTC 2015
Gnuk has a test suite, but I haven't written tests for ECC, yet.
Note that I tested the patch and it worked for me.
On 02/09/2015 05:19 PM, Jonathan Schleifer wrote:
> In any case, would you be so kind to explain how exactly the keys
> are stored on the Gnuk?
I wrote a message last month. Please refer:
http://lists.gnupg.org/pipermail/gnupg-users/2015-January/052333.html
Private key is encrypted by DEK (data encryption key) with AES. DEK
is generated by random number generator.
DEK is encrypted by a keystring, and this encrypted DEK is stored in
flash ROM. Keystring is derived with s2k function (by salt and pass
phrase).
No keystring is stored in flash ROM (in Gnuk 1.1.x). Gnuk 1.0.x
stores keystring in flash ROM temporarily.
Well, I found a bug today in the function gpg_do_delete_prvkey in
openogp-do.c (999-1011). It's possible keystring is stored in flash
ROM there. I will fix soon.
> Having to store it with a secret derived from 123456, even if only
> temporary, worries me. Wouldn't it be possible to specify a PIN for
> the key when importing it? It currently asks for the admin PIN
> there, why not ask for a new PIN there, too?
If scdaemon were for Gnuk only, it could do so... But, Gnuk follows
the OpenPGPcard specification, and the interaction is defined by the
specification.
I'd understand your concern. It would be good if importing a key and
changing PIN is a kind of atomic operation. This can make sure to
access somehow unprotected private key. Let me consider.
--
More information about the gnuk-users
mailing list