Generating NIST/Brainpool subkeys with GPGME

Fri, 29 Jun 2018 13:09:25 -0700 

It appears that one cannot currently generate NIST or Brainpool subkeys
with GPGME. Using GPG itself works fine with --expert, so am I missing
an option or is this simply not possible yet?

I've attached a simple test program and the output I get on my machine
is below:

./eccsubkeys rsa1024
GPGME Version: 1.11.1
GPG Version: 2.2.8
Master: 2D14FBF15919954E4334D451C67CB3237C3CFFF4
Signing: A8B50168D9051846A570445A5DD5249F5CD0825F
Encryption: F8D8B9A453E5A7E98F44CC029F8450A1638414BE
Authentication: 866E75EDC8BDEB4B5A4DBD62865FAF7AB6DE6367

./eccsubkeys nistp384


GPGME Version: 1.11.1
GPG Version: 2.2.8
Master: 27A05F867C37442B675CFC1B9C647EA952B0D156
GPGME: General error

./eccsubkeys brainpoolP384r1


GPGME Version: 1.11.1
GPG Version: 2.2.8
Master: 26B2C8D94AD12A160262C82FED06C709E119D584
GPGME: General error


Thanks,
Jacob

#define  _POSIX_C_SOURCE 200809L
#include <gpgme.h>
#include <stdio.h>
#include <stdlib.h>

int main(int argc, char **argv)
{
	if (argc < 2)
	{
		puts("Need algorithm!");
		return 1;
	}
	const char *version = gpgme_check_version(NULL);
	printf("GPGME Version: %s\n", version);
	gpgme_ctx_t ctx;
	gpgme_error_t err = gpgme_new(&ctx);
	if (!err)
	{
		char template[] = "/tmp/gnupg.XXXXXX";
		char *homedir = mkdtemp(template);
		gpgme_engine_info_t eng = gpgme_ctx_get_engine_info(ctx);
		printf("GPG Version: %s\n", eng->version);
		err = gpgme_ctx_set_engine_info(ctx, GPGME_PROTOCOL_OPENPGP,
				eng->file_name, homedir);
		if (!err)
		{
			gpgme_genkey_result_t result;
			err = gpgme_op_createkey(ctx, "test <t...@example.com>", argv[1],
					0, 0, NULL, GPGME_CREATE_CERT);
			if (!err)
			{
				result = gpgme_op_genkey_result(ctx);
				printf("Master: %s\n", result->fpr);
				err = gpgme_op_keylist_start(ctx, "", 1);
				if (!err)
				{
					gpgme_key_t key;
					err = gpgme_op_keylist_next(ctx, &key);
					if (!err)
					{
						err = gpgme_op_createsubkey(ctx, key, argv[1], 0, 0,
								GPGME_CREATE_SIGN);
						if (!err)
						{
							result = gpgme_op_genkey_result(ctx);
							printf("Signing: %s\n", result->fpr);
							err = gpgme_op_createsubkey(ctx, key, argv[1], 0,
									0, GPGME_CREATE_ENCR);
							if (!err)
							{
								result = gpgme_op_genkey_result(ctx);
								printf("Encryption: %s\n", result->fpr);
								err = gpgme_op_createsubkey(ctx, key, argv[1],
										0, 0, GPGME_CREATE_AUTH);
								if (!err)
								{
									result = gpgme_op_genkey_result(ctx);
									printf("Authentication: %s\n", result->fpr);
								}
							}
						}
					}
				}
			}
		}
	}

	if (err)
	{
		const char *strerror = gpgme_strerror(err);
		const char *strsource = gpgme_strsource(err);
		fprintf(stderr, "%s: %s\n", strsource, strerror);
		return 2;
	}
	return 0;
}

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to