Re: Curve25519 key generation on GnuPG card or import key to the card failures
Thanks Werner! So it is simply a compatibility issue with Zeitcontrol ! Do you have any info on the future Zeitcontrol 3.5 version and the potential compatibility with Curve25519 ? On Wed, Dec 22, 2021 at 04:46:52PM +0100, Werner Koch wrote: On Wed, 22 Dec 2021 14:47, Benoît said: I got 3x OpenPGP Smart Card v3.3 and I am unable to generate Curve25519 on the card nor importing a cv/ev25519 to it. Whether this is supported depends on the type of the card. The Gnuk and newer Yubikeys support curve25519 but the Zeitcontrol card does not yet. With the Zeitcontrol cards of version 3.3 you may use the NIST and with 3.4 also Brainpool curves. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. -- Benoît ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Curve25519 key generation on GnuPG card or import key to the card failures
On Wed, 22 Dec 2021 14:47, Benoît said: > I got 3x OpenPGP Smart Card v3.3 and I am unable to generate Curve25519 > on the card nor importing a cv/ev25519 to it. Whether this is supported depends on the type of the card. The Gnuk and newer Yubikeys support curve25519 but the Zeitcontrol card does not yet. With the Zeitcontrol cards of version 3.3 you may use the NIST and with 3.4 also Brainpool curves. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Curve25519 key generation on GnuPG card or import key to the card failures
I got 3x OpenPGP Smart Card v3.3 and I am unable to generate Curve25519 on the card nor importing a cv/ev25519 to it. When importing a cv/ev25519, I got gpg : KEYTOCARD failed : Invalid value. When I try to use key-attr option from gpg --card-edit, I got two options : Curve25519 and nsit-384. nsit-384 is fine for both generation or import but nor generation or import are working with Curve25519. I can see on the release note that v3.3.1 fixes "Error correction of Algorithm IDs for ECDSA and ECDH" but I don't have more details so I have a doubt that this would solve my issue. Any idea where this could come from ? I am also surprised to only have two options for key-attr from gpg --card-edit as Curve25519 should only be available for E, (ed25519 for A,S,C). OpenPGP Smart Card v3.3 gnupg 2.2.31 Thanks -- blt ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: fingerprint associated public key does not match displayed public key
> Don't do that. Seriously. This is like saying "I want to learn how to > farm like my grandparents did!" Farming is hard enough: voluntarily > doing without, you know, *electricity* is just crazy. (In the United > States, many farms were without electricity until the 1940s!) > These easy-to-use tools exist for a reason: to make GnuPG easy to use. > If you insist on doing things the hard way you have only yourself to > blame. First learn how to use GnuPG, and then figure out how to use > GnuPG like you would if it was 1992 after you've got your basic skills down. Haha. You're good with these. I don't want to be farming without electricity. You may want to check out a mailing list like PGPNET, which exists specifically to give people experience in sending/receiving encrypted mail. :) > I immediately did it. I saw you there. Using Thunderbird. Figuring it out. > Thank you all for all the good advice. S.B. On Mon, Dec 20, 2021 at 4:50 PM Robert J. Hansen wrote: > > > seems as though my entry into this realm was clearly... bad. I wanted > > to learn the system without using separate encryption software like > > kleopatra. I wanted to know how to do it with just gpg and any email > > provider. It's difficult, and I have a lot to learn. > > Don't do that. Seriously. This is like saying "I want to learn how to > farm like my grandparents did!" Farming is hard enough: voluntarily > doing without, you know, *electricity* is just crazy. (In the United > States, many farms were without electricity until the 1940s!) > > These easy-to-use tools exist for a reason: to make GnuPG easy to use. > If you insist on doing things the hard way you have only yourself to > blame. First learn how to use GnuPG, and then figure out how to use > GnuPG like you would if it was 1992 after you've got your basic skills down. > > > and... I was hoping that, since I have your email, key ID, and fingerprint > > ;) > > I could write an encrypted message to your sixdemonbag email. I'd > > completely understand if you'd rather not. I just have now found > > myself luring friends and relatives into learning this with me and > > exchanging encrypted emails and... it's not going well. > > You may want to check out a mailing list like PGPNET, which exists > specifically to give people experience in sending/receiving encrypted > mail. :) ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users