Re: How to batch generate ECC key
On Fri, 29 Dec 2017 21:55, d...@fifthhorseman.net said: >gpg --quick-gen-key 'alice ' ed25519 I was about to suggest that as well but realized that there seems to be no well specified way to set a creation time with that method. I'll look after the other bug. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpoGU3w0VkH6.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
On Fri 2017-12-29 01:18:27 +0100, Rezart Qelibari für GnuPG wrote: > I want to batch generate a key using an ECC algorithm using the following > command: > > $ cat config.txt | gpg —-batch —generate-key for modern gnupg, i think what you want is: gpg --quick-gen-key 'alice ' ed25519 and then, taking the generated fingerprint as $FPR, do: gpg --quick-add-key $FPR cv25519 encrypt this is documented in the gpg(1) man page. Normally, i'd just have suggested to use just quick-gen-key's "futuredefault", but i just ran into: https://dev.gnupg.org/T3655 while testing, so i'm giving you the more complicated version here.. hth, --dkg signature.asc Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
Thank you Kristian for explaining and thank you Werner for implementing that so fast. You guys are awesome! On 29. December 2017 at 20:29:56, Werner Koch (w...@gnupg.org(mailto:w...@gnupg.org)) wrote: > Thus with the next release (2.2.5) "ed25519" and "cv25519" should work. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
On Fri, 29 Dec 2017 16:53, gnupg-kont...@rezart.qelibari.de said: > Thank you so much! This did the trick! I am very impressed. I just added a mapping from the displayed names to the canonical names. Thus with the next release (2.2.5) "ed25519" and "cv25519" should work. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. pgpaU2wQeH_OE.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
Thank you so much! This did the trick! I am very impressed. I don’t want to bother you too much, but maybe you can answer me the two follow-up questions: - How did you find out the protocol names, especially the upper case „E“ of „Ed25519“ and that „cv25519“ is actually named „Curve25519“? Although „gpg --expert --full-generate-key“ correctly states „Curve 25519“, „gpg -k“ still yields „cv25519“. I find this behaviour very strange and unwisely. - Why do the algorithm ids (22 for „Ed25519“ and 18 for „Curve25519“) not work? In both cases I looked up both gpg and libgcrypt documentations and found no hint on that behaviour at all. On 29. December 2017 at 15:16:07, Kristian Fiskerstrand (kristian.fiskerstr...@sumptuouscapital.com) wrote: try: $ cat config.txt Key-Type: eddsa ...___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
On 12/29/2017 04:53 PM, Rezart Qelibari für GnuPG wrote: > - How did you find out the protocol names, especially the upper case „E“ > of „Ed25519“ and that „cv25519“ is actually named „Curve25519“? Although > „gpg --expert --full-generate-key“ correctly states „Curve 25519“, „gpg > -k“ still yields „cv25519“. I find this behaviour very strange and unwisely. The short answer is libgcrypt's cipher/ecc-curves.c , see line 45/46 for mapping of shortnames to OIDs. Now, I agree this should at least be case-insensitive, but there might be a feature request open for that already :) > > - Why do the algorithm ids (22 for „Ed25519“ and 18 for „Curve25519“) > not work? Algorithm IDs are not directly tied to curves, so that would be more related to Key-Type than Key-Curve (and corresponding subkey), not the OIDs. -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 "If you are successful, you may win false friends and true enemies. Succeed anyway." (Mother Teresa) signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: How to batch generate ECC key
On 12/29/2017 01:18 AM, Rezart Qelibari für GnuPG wrote: > Does anyone know what exactly goes wrong here? try: $ cat config.txt Key-Type: eddsa Key-Curve: Ed25519 Key-Usage: sign Subkey-Type: ecdh Subkey-Curve: Curve25519 Subkey-Usage: encrypt Passphrase: somepassword Name-Real: Some Real Name Name-Email: m...@example.com Creation-Date: 20170801T18 Expire-Date: 0 %commit -- Kristian Fiskerstrand Blog: https://blog.sumptuouscapital.com Twitter: @krifisk Public OpenPGP keyblock at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 Cogito ergo sum I think, therefore I am signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users