Re: Choice of ECC curve on usb token
On 2018-06-29 at 18:07 +0200, Damien Cassou wrote: > NIIBE Yutaka writes: > > Why not Curve25519, if you use ECC? > > I'm not sure I want ECC after reading this: > https://crypto.stackexchange.com/a/60394/60027 Curve25519 is not NIST ECC. It is ECC. "ECC" = "Elliptic Curve Cryptography", it covers an entire class of "how public/private pairs are related and calculated". There are various different algorithms within ECC. Some of those are published by NIST, with input from various agencies, and there is reasonable concern as to the provenance of the specifications, as that page notes. The IETF, amongst other groups, has been moving towards Curve25519 for public key cryptography because it is ECC and it's not NIST. It currently looks, with a wet finger in the air and an array of chicken entrails before us, from every known species of chicken, as though Curve25519 is likely to be good for a while to come; up until the much heralded practical quantum computers one day arrive and possibly change everything. So for new deployments today, where interoperability with ancient OpenPGP implementations (such as GnuPG v1) is not a concern, you're probably looking at Curve25519 and, if eager, keeping half an eye on the news about post-quantum cryptography for the next step after that. If you need more specific guidance than that, pay a professional cryptographer to analyse your requirements and make a recommendation. -Phil ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Pinentry: Inappropriate ioctl for device when getting smartcard PIN
On 06/27/2018 04:50 PM, Jacob Adams wrote: > I've got another pinentry problem unfortunately. > The tty is owned by the correct user this time and $GPG_TTY is set > correctly. > > I have two gpgme contexts, one for openpgp and another for assuan > commands to the smartcard. Pinentry triggered by the openpgp context > works perfectly, but any pinentry launched in service of the assuan > context fails with the error in the subject. They're both using the same > gpg-agent launched shortly after the creation of the openpgp context > with gpgconf --launch gpg-agent. > > The relevant logs are available at: > https://salsa.debian.org/tookmund-guest/pgpcr/issues/10 > I've now done a bit of poking around into this. Attached is the patch I used to try and get some information out of pinentry-curses. It appears that tty_name is not being set, despite the fact that GPG_TTY is set and thus gpg-agent has this information from the previous Context. > I'm really not sure what's going wrong here and any insight would be > much appreciated. The above is still definitely true. Thanks, Jacob --- a/pinentry/pinentry-curses.c +++ b/pinentry/pinentry-curses.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -820,6 +821,16 @@ dialog_run (pinentry_t pinentry, const char *tty_name, const char *tty_type) { int confirm_mode = !pinentry->pin; + FILE *log = fopen("/tmp/pinentry-curses.log", "a"); + if (log == NULL) + { +pinentry->specific_err = gpg_error_from_syserror (); +pinentry->specific_err_loc = "log_setup"; +return confirm_mode? 0 : -1; + } + fputs("Pinentry\n", log); + fprintf(log, "TTY Name: %s\nTTY Type: %s\n", tty_name, tty_type); + fprintf(log, "Title: %s\nDescription: %s\n", pinentry->title, pinentry->description); struct dialog diag; FILE *ttyfi = NULL; FILE *ttyfo = NULL; @@ -853,6 +864,7 @@ pinentry->specific_err_loc = "open_tty_for_read"; return confirm_mode? 0 : -1; } + fputs("Open TTY for reading\n", log); ttyfo = fopen (tty_name, "w"); if (!ttyfo) { @@ -863,15 +875,19 @@ pinentry->specific_err_loc = "open_tty_for_write"; return confirm_mode? 0 : -1; } + fputs("Open TTY for writing\n", log); screen = newterm (tty_type, ttyfo, ttyfi); set_term (screen); + fputs("Setup screen\n", log); } else { if (!init_screen) { + fputs("No init screen\n", log); if (!(isatty(fileno(stdin)) && isatty(fileno(stdout { + fputs("ENOTTY\n", log); errno = ENOTTY; pinentry->specific_err = gpg_error_from_syserror (); pinentry->specific_err_loc = "isatty"; @@ -879,6 +895,7 @@ } init_screen = 1; initscr (); + fputs("Setup ncurses\n", log); } else clear (); @@ -921,10 +938,11 @@ } } refresh (); - +fputs("Create dialog\n", log); /* Create the dialog. */ if (dialog_create (pinentry, )) { + fputs("Failed to create dialog\n", log); /* Note: pinentry->specific_err has already been set. */ endwin (); if (screen) @@ -951,6 +969,7 @@ do { + fputs("Made it to event loop\n", log); int c; c = wgetch (stdscr); /* Refresh, accept single keystroke of input. */ --- a/curses/pinentry-curses.c +++ b/curses/pinentry-curses.c @@ -34,8 +34,17 @@ int main (int argc, char *argv[]) { + FILE *log = fopen("/tmp/pinentry-args.log", "a"); + if (log == NULL) + { + return 1; + } + fputs("Begin Pinentry\n", log); pinentry_init ("pinentry-curses"); - + for (int i = 0; i < argc; i++) + { + fprintf(log, "%d: %s\n", i, argv[i]); + } pinentry_parse_opts (argc, argv); if (pinentry_loop ()) signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Generating NIST/Brainpool subkeys with GPGME
It appears that one cannot currently generate NIST or Brainpool subkeys with GPGME. Using GPG itself works fine with --expert, so am I missing an option or is this simply not possible yet? I've attached a simple test program and the output I get on my machine is below: ./eccsubkeys rsa1024 GPGME Version: 1.11.1 GPG Version: 2.2.8 Master: 2D14FBF15919954E4334D451C67CB3237C3CFFF4 Signing: A8B50168D9051846A570445A5DD5249F5CD0825F Encryption: F8D8B9A453E5A7E98F44CC029F8450A1638414BE Authentication: 866E75EDC8BDEB4B5A4DBD62865FAF7AB6DE6367 ./eccsubkeys nistp384 GPGME Version: 1.11.1 GPG Version: 2.2.8 Master: 27A05F867C37442B675CFC1B9C647EA952B0D156 GPGME: General error ./eccsubkeys brainpoolP384r1 GPGME Version: 1.11.1 GPG Version: 2.2.8 Master: 26B2C8D94AD12A160262C82FED06C709E119D584 GPGME: General error Thanks, Jacob #define _POSIX_C_SOURCE 200809L #include #include #include int main(int argc, char **argv) { if (argc < 2) { puts("Need algorithm!"); return 1; } const char *version = gpgme_check_version(NULL); printf("GPGME Version: %s\n", version); gpgme_ctx_t ctx; gpgme_error_t err = gpgme_new(); if (!err) { char template[] = "/tmp/gnupg.XX"; char *homedir = mkdtemp(template); gpgme_engine_info_t eng = gpgme_ctx_get_engine_info(ctx); printf("GPG Version: %s\n", eng->version); err = gpgme_ctx_set_engine_info(ctx, GPGME_PROTOCOL_OPENPGP, eng->file_name, homedir); if (!err) { gpgme_genkey_result_t result; err = gpgme_op_createkey(ctx, "test ", argv[1], 0, 0, NULL, GPGME_CREATE_CERT); if (!err) { result = gpgme_op_genkey_result(ctx); printf("Master: %s\n", result->fpr); err = gpgme_op_keylist_start(ctx, "", 1); if (!err) { gpgme_key_t key; err = gpgme_op_keylist_next(ctx, ); if (!err) { err = gpgme_op_createsubkey(ctx, key, argv[1], 0, 0, GPGME_CREATE_SIGN); if (!err) { result = gpgme_op_genkey_result(ctx); printf("Signing: %s\n", result->fpr); err = gpgme_op_createsubkey(ctx, key, argv[1], 0, 0, GPGME_CREATE_ENCR); if (!err) { result = gpgme_op_genkey_result(ctx); printf("Encryption: %s\n", result->fpr); err = gpgme_op_createsubkey(ctx, key, argv[1], 0, 0, GPGME_CREATE_AUTH); if (!err) { result = gpgme_op_genkey_result(ctx); printf("Authentication: %s\n", result->fpr); } } } } } } } } if (err) { const char *strerror = gpgme_strerror(err); const char *strsource = gpgme_strsource(err); fprintf(stderr, "%s: %s\n", strsource, strerror); return 2; } return 0; } signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
On 6/29/2018 6:40 PM, john doe wrote: On 6/29/2018 4:24 PM, Werner Koch wrote: On Thu, 28 Jun 2018 17:05, johndoe65...@mail.com said: dirmngr.conf: use-tor http-proxy socks5://localhost:9150 Nobody said that you should configure a proxy ;-) Dirmngr has integrated Tor support which will be used automatically when Tor or the Tor Browser is up and running. --use-tor merely enforces the use of Tor and inhibits any network access without going over Tor. Ok, "proxy" is a red herring -- I used the option '--use-tor' to be sure tor will be used to furder isolate the issue. In an earlier sent e-mail: https://lists.gnupg.org/pipermail/gnupg-users/2018-June/060740.html As you can see no command proxy option is being used. Some how I'm stuck at DNS name resolving if I'm not mistaking? Any help is welcome. Ok -- I think I got it: If I start Tor Browser as usual by clicking on "Start Tor Browser" it does not work. But if I start "Browser\TorBrowser\Tor\tor.exe" it works like a charm. How can I socks5 dirmngr connections to "Tor Browser"? -- John Doe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Choice of ECC curve on usb token
Hello Damien, Am 2018-06-29 um 18:07 schrieb Damien Cassou: > Moreover, Nitrokey Storage only supports NIST and Brainpool, nothing > else. Im not fully sure but i guess for your purposes you would need Nitrokey Pro[1] best regards Juergen [1] https://shop.nitrokey.com/de_DE/shop/product/nitrokey-pro-3 -- Juergen M. Bruckner juer...@bruckner.tk smime.p7s Description: S/MIME Cryptographic Signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
On 6/29/2018 4:24 PM, Werner Koch wrote: On Thu, 28 Jun 2018 17:05, johndoe65...@mail.com said: dirmngr.conf: use-tor http-proxy socks5://localhost:9150 Nobody said that you should configure a proxy ;-) Dirmngr has integrated Tor support which will be used automatically when Tor or the Tor Browser is up and running. --use-tor merely enforces the use of Tor and inhibits any network access without going over Tor. Ok, "proxy" is a red herring -- I used the option '--use-tor' to be sure tor will be used to furder isolate the issue. In an earlier sent e-mail: https://lists.gnupg.org/pipermail/gnupg-users/2018-June/060740.html As you can see no command proxy option is being used. Some how I'm stuck at DNS name resolving if I'm not mistaking? Any help is welcome. -- John Doe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
On Thu, 28 Jun 2018 17:05, johndoe65...@mail.com said: > dirmngr.conf: > > use-tor > http-proxy socks5://localhost:9150 Nobody said that you should configure a proxy ;-) Dirmngr has integrated Tor support which will be used automatically when Tor or the Tor Browser is up and running. --use-tor merely enforces the use of Tor and inhibits any network access without going over Tor. Shalom-Salam, Werner -- # Please read: Daniel Ellsberg - The Doomsday Machine # Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpDwj4uiGCFB.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Choice of ECC curve on usb token
NIIBE Yutaka writes: > Why not Curve25519, if you use ECC? I'm not sure I want ECC after reading this: https://crypto.stackexchange.com/a/60394/60027 Moreover, Nitrokey Storage only supports NIST and Brainpool, nothing else. > Quite interesting opinion. [...] thank you for the information. -- Damien Cassou http://damiencassou.seasidehosting.st "Success is the ability to go from one failure to another without losing enthusiasm." --Winston Churchill ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
gpg2 --refresh-keys does not talk to dirmngr?
Hello. I have set up a local proxy server with a squid/privoxy/TOR chain and set it up in dirmngr.conf. Now, after deleting the keyserver line from gpg.conf, I found out that gpg2 seems not to talk to dirmngr when using gpg2 --refresh keys. Is there something I have to set up in one of the configs, especially gpg.conf and gpg-agent.conf? All the docs tell that dirmngr should be used automatically, if I read them right. Thanks vor your Patience. Regards, Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen Tel.: +49 1573 1152350 signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
Hello. Am Freitag, den 29.06.2018, 16:30 +0900 schrieb NIIBE Yutaka: > john doe wrote: > > Now, the next step is to configure dirmngr to do the same!: > > > > dirmngr.conf: > > > > use-tor > > http-proxy socks5://localhost:9150 > > Only "use-tor" is needed, then, dirmngr connects to localhost:9150 > for Tor. I'm running a local server with a Squid/privoxy/TOR chain. This works fine for keyserver and crl queries, but only for this. Is there any way to tell dirmngr on my workstation to use the socks port of TOR on my server, which I configured to listen also on the NIC. Regards, Dirk -- Dirk Gottschalk Paulusstrasse 6-8 52064 Aachen Tel.: +49 1573 1152350 signature.asc Description: This is a digitally signed message part ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
Hello, Sorry, my explanation was not accurate. In the Tor-mode of dirmngr, it uses the port 9050 at first. And there is some code to fallback to the port 9150. It's like: libdns_switch_port_p (gpg_error_t err) { if (tor_mode && gpg_err_code (err) == GPG_ERR_ECONNREFUSED && libdns_tor_port == TOR_PORT) { /* Switch port and try again. */ if (opt_debug) log_debug ("dns: switching from SOCKS port %d to %d\n", TOR_PORT, TOR_PORT2); libdns_tor_port = TOR_PORT2; libdns_reinit_pending = 1; return 1; } return 0; } I suspect the error detection is not working well. If it works, you should see the debug message of "dns: switching from SOCKS port...". I tested with the port 9050, my dirmngr works fine. -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Choice of ECC curve on usb token
Hello, Why not Curve25519, if you use ECC? Damien Cassou wrote: > curves and (2) Bernstein’s Curve 25519 is hard to protect against side > channel attacks when being implemented in embedded devices. Quite interesting opinion. I wonder what kinds of side channel attacks are discussed there. Well, it's the first time for me to hear such an opinion. Are there some confusions? Curve25519 is designed against side channel attacks in mind. Also, it comes with a reference implementation. Even if an implementation doesn't use the methodology directly, it is a bit harder to write weaker implementation (against side channel attack), if an implementer understands Curve25519 correctly. <-- this is my own opinion. I wrote Curve25519 implementation for libgcrypt. So far, libgcrypt doesn't have field specific methods, but libgcrypt 1.9.x will have those for Curve25519. If we compare curves in libgcrypt, I think that Curve25519 is good one. I also wrote Curve25519 implementation for Gnuk. Well, I also wrote ones of NIST P-256 and secp256k1 for Gnuk. I believe Curve25519 is the best among those (and RSA). Gnuk runs on STM32F103 @ 72MHz (or GD32F103 @ 96MHz). This is an embedded device, of my daily use. -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
On 6/29/2018 9:30 AM, NIIBE Yutaka wrote: john doe wrote: Now, the next step is to configure dirmngr to do the same!: dirmngr.conf: use-tor http-proxy socks5://localhost:9150 Only "use-tor" is needed, then, dirmngr connects to localhost:9150 for Tor. Looks like the issue isDNS name resolving: $ dirmngr --homedir ~/try --use-tor -v --debug-all --server OK Dirmngr 2.2.8-unknown at your service KS_GET -- 0x6C6ACD6417B3ACB1 dirmngr[6496.0]: DBG: chan_3 <- KS_GET -- 0x6C6ACD6417B3ACB1 dirmngr[6496.0]: DBG: dns: libdns initialized (tor mode) dirmngr[6496.0]: DBG: dns: getsrv(_pgpkey-https._tcp.hkps.pool.sks-keyservers.net): Server indicated a failure dirmngr[6496.0]: command 'KS_GET' failed: Server indicated a failure dirmngr[6496.0]: DBG: chan_3 -> ERR 219 Server indicated a failure ERR 219 Server indicated a failure I'm not sure how to go about it? Any hints/... is much appriciated. -- John Doe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Choice of ECC curve on usb token
Hi, I would like to get a usb token to secure my keys. My use case is protection of 3 GnuPG keys that I will be using 10 times per day at least. I plan to create a new key ring from scratch. Because ECC seems more future-oriented than RSA, this is what I chose to use. I'm wondering which usb token to choose as well as which curve. On https://www.gnupg.org/(it)/faq/whats-new-in-2.1.html 2 it is said that many people think NIST and Brainpool have a doubtful origin therefore they recommend the non-standardized Bernstein’s Curve 25519. On https://support.nitrokey.com/t/choice-of-curves-on-the-storage-2/1192/3, the author says that (1) he is not aware of profound critic on Brainpool curves and (2) Bernstein’s Curve 25519 is hard to protect against side channel attacks when being implemented in embedded devices. As a result, I'm a bit lost in what key/curve to choose. -- Damien Cassou http://damiencassou.seasidehosting.st "Success is the ability to go from one failure to another without losing enthusiasm." --Winston Churchill ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: dirmngr cygwin resolv.conf
john doe wrote: > Now, the next step is to configure dirmngr to do the same!: > > dirmngr.conf: > > use-tor > http-proxy socks5://localhost:9150 Only "use-tor" is needed, then, dirmngr connects to localhost:9150 for Tor. -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users