[Gnuk-users] Ed25519 SSH key not working for gnupg > 2.1.6

NIIBE Yutaka gniibe at fsij.org
Mon May 9 01:14:08 UTC 2016 

On 05/07/2016 09:32 PM, Jonathan Schleifer wrote:
> Here's the diff between the output of gpg --card-status between 2.1.6
> and 2.1.12:
> 
> --- 216	2016-05-07 14:21:05.000000000 +0200
> +++ 2112	2016-05-07 14:24:58.000000000 +0200
> @@ -1,3 +1,4 @@
> +Reader ...........: Free Software Initiative of Japan Gnuk
>  Application ID ...: <Is this my Gnuk's unique identifier? Removed just in case>
>  Version ..........: 2.0
>  Manufacturer .....: unmanaged S/N range
> @@ -8,7 +9,7 @@
>  URL of public key : [not set]
>  Login data .......: [not set]
>  Signature PIN ....: forced
> -Key attributes ...: 255? 4096R 255?
> +Key attributes ...: ed25519 rsa4096 ed25519
>  Max. PIN lengths .: 127 127 127
>  PIN retry counter : 3 3 3

Looks good.  "Application ID" is the term of smartcard.  It is
recorded in Gnuk Token.  In the ID, it is encoded: Country,
Organization, Manufacturer, and serial number.

Mine goes like this.

Please compare yours.  I use 'hd' to print out in hexadecimal.  It's
same as "od -x".

=========================
    $ gpg2 --card-status

    Reader ...........: 234B:0000:FSIJ-1.1.9-87193059:0
    Application ID ...: D276000124010200FFFE871930590000
    Version ..........: 2.0
    Manufacturer .....: unmanaged S/N range
    Serial number ....: 87193059
    Name of cardholder: Yutaka Niibe
    Language prefs ...: ja
    Sex ..............: male
    URL of public key : http://www.gniibe.org/gniibe.asc
    Login data .......: gniibe
    Signature PIN ....: not forced
    Key attributes ...: ed25519 cv25519 ed25519
    Max. PIN lengths .: 127 127 127
    PIN retry counter : 3 3 3
    Signature counter : 0
    Signature key ....: 249C B377 1750 745D 5CDD  323C E267 B052 364F 028D
          created ....: 2015-08-12 07:10:48
    Encryption key....: E228 AB42 0F73 3B1D 712D  E50C 850A F040 D619 F240
          created ....: 2015-08-12 07:10:48
    Authentication key: E63F 31E6 F203 20B5 D796  D266 5F91 0521 FAA8 05B1
          created ....: 2015-08-12 07:16:14
    General key info..: pub  ed25519/364F028D 2015-08-12 NIIBE Yutaka
<gniibe at fsij.org>
    sec>  ed25519/364F028D  created: 2015-08-12  expires: never
                            card-no: FFFE 87193059
    ssb>  ed25519/FAA805B1  created: 2015-08-12  expires: never
                            card-no: FFFE 87193059
    ssb>  cv25519/D619F240  created: 2015-08-12  expires: never
                            card-no: FFFE 87193059

Since I'm using internal CCID driver, "Reader" is somehow cryptic.  It
is composed by USB IDs, USB serial string and card number.

All three keys are identified by gpg frontend correctly.  Those data
get through:  Gnuk Token -> scdaemon -> gpg-agent -> gpg

I have public key data by gpg frontend:

    $ gpg2 --list-secret-key --with-keygrip 364F028D
    sec>  ed25519/364F028D 2015-08-12 [SC]
          Keygrip = EB51C6F2AE531C6EF01EE0B7F3D5D4BC97455CE9
          Card serial no. = FFFE 87193059
    uid         [  full  ] NIIBE Yutaka <gniibe at fsij.org>
    uid         [  full  ] NIIBE Yutaka <gniibe at debian.org>
    ssb>  ed25519/FAA805B1 2015-08-12 [A]
          Keygrip = 279D2DD3B00D6189EFEFB558850D434F44C9AFC8
    ssb>  cv25519/D619F240 2015-08-12 [E]
          Keygrip = 48245603DF3AE20A3088D7D010E77FAD2D464277

When I ask gpg-agent to get public-key of auth key in libgcrypt S-exp,
it works.  The parameter 'q' is the public key and 33 is the length
of byte of the public key.  The length is 33 because it starts by the
prefix of @ (=0x40).

    $ gpg-connect-agent "readkey
279D2DD3B00D6189EFEFB558850D434F44C9AFC8" /bye | hd
    00000000  44 20 28 31 30 3a 70 75  62 6c 69 63 2d 6b 65 79  |D
(10:public-key|
    00000010  28 33 3a 65 63 63 28 35  3a 63 75 72 76 65 37 3a
|(3:ecc(5:curve7:|
    00000020  45 64 32 35 35 31 39 29  28 35 3a 66 6c 61 67 73
|Ed25519)(5:flags|
    00000030  35 3a 65 64 64 73 61 29  28 31 3a 71 33 33 3a 40
|5:eddsa)(1:q33:@|
    00000040  ec 67 8f 79 9a e3 7d fe  fa fc 20 9e ec 54 f7 b8
|.g.y..}... ..T..|
    00000050  9f 7c 3a 8c 44 77 6c 82  af ee d9 07 58 f4 17 4c
|.|:.Dwl.....X..L|
    00000060  29 29 29 0a 4f 4b 0a                              |))).OK.|
    00000067

I can also get same answer when I ask the public-key to scdaemon
(through gpg-agent).

    $ gpg-connect-agent "scd readkey OPENPGP.3" /bye | hd
    00000000  44 20 28 31 30 3a 70 75  62 6c 69 63 2d 6b 65 79  |D
(10:public-key|
    00000010  28 33 3a 65 63 63 28 35  3a 63 75 72 76 65 37 3a
|(3:ecc(5:curve7:|
    00000020  45 64 32 35 35 31 39 29  28 35 3a 66 6c 61 67 73
|Ed25519)(5:flags|
    00000030  35 3a 65 64 64 73 61 29  28 31 3a 71 33 33 3a 40
|5:eddsa)(1:q33:@|
    00000040  ec 67 8f 79 9a e3 7d fe  fa fc 20 9e ec 54 f7 b8
|.g.y..}... ..T..|
    00000050  9f 7c 3a 8c 44 77 6c 82  af ee d9 07 58 f4 17 4c
|.|:.Dwl.....X..L|
    00000060  29 29 29 0a 4f 4b 0a                              |))).OK.|
    00000067

I ask gpg-agent to get the public key of auth key in the format of SSH
through ssh's socket:

    $ ssh-add -L
    ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIOxnj3ma433++vwgnuxU97iffDqMRHdsgq/u2QdY9BdM
cardno:FFFE87193059

Same data (except comment) can be gotten by gpg front end (of 2.1.12,
new feature).

    $ gpg2 --export-ssh-key FAA805B1
    ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIOxnj3ma433++vwgnuxU97iffDqMRHdsgq/u2QdY9BdM
openpgp:0xFAA805B1
-- 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/gnuk-users/attachments/20160509/668e0a2f/attachment.sig>

More information about the gnuk-users mailing list