GNU bug report logs - #57599
[PATCH] openpgp: Add support for ECDSA with NIST curves.

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: Ludovic Courtès <ludo@HIDDEN>; Keywords: wontfix patch; Done: Ludovic Courtès <ludo@HIDDEN>; Maintainer for guix-patches is guix-patches@HIDDEN.
Added tag(s) wontfix. Request was from Ludovic Courtès <ludo@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at 57599-done <at> debbugs.gnu.org:


Received: (at 57599-done) by debbugs.gnu.org; 24 Sep 2022 09:53:43 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Sep 24 05:53:43 2022
Received: from localhost ([127.0.0.1]:42359 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oc1qx-0004Im-4r
	for submit <at> debbugs.gnu.org; Sat, 24 Sep 2022 05:53:43 -0400
Received: from eggs.gnu.org ([209.51.188.92]:49390)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1oc1qv-0004IV-Mn; Sat, 24 Sep 2022 05:53:42 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:47690)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oc1qo-0003DK-OD; Sat, 24 Sep 2022 05:53:34 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=IPJLLxlP0kX9AfSf34u/PF0n+tQUOf4wBcIPuJPSoow=; b=UdYhl3Sn/Kntxf3+Tt1v
 8txiNgad+M9zScd3r9NlWPDiEeDGxDqgO9zPuOPeDsLDed3RQ21X/qnRHv/FPag0gREBhftUML+BR
 XfMwD47/X0CVQZo82lsrTmkblwQxlrQMkGpxQI+rIF4GR2zBFaOtWfofe3O907Gc6W4SIUOmfYkz8
 +3O1nbdsN5yf3OAzmfaqtMFH4RTjLLZG0/dkI0cY0YepLjYyS34uBPV94GO3B1EV4hHLlR79+O0Vo
 LA1ps1++6MTB9U/4Yr/vbSCJmevXOT61oHTX3+xOyNungKhjrY2t9/0OhiUaSR9vFBY9XvgEzvbI8
 R7p0qH7NZ+b3LQ==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:49396
 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oc1qo-0004Om-AL; Sat, 24 Sep 2022 05:53:34 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: 57599-done <at> debbugs.gnu.org
Subject: Re: bug#57599: [PATCH] openpgp: Add support for ECDSA with NIST
 curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
 <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
 <YxiIXYVwrstSQqNL@jurong> <87bkrrs5yq.fsf@HIDDEN>
Date: Sat, 24 Sep 2022 11:53:32 +0200
In-Reply-To: <87bkrrs5yq.fsf@HIDDEN> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?=
 =?utf-8?Q?s?= message of "Wed, 07 Sep 2022 14:51:25 +0200")
Message-ID: <877d1tcd43.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 57599-done
Cc: 57576 <at> debbugs.gnu.org, Andreas Enge <andreas@HIDDEN>,
 Maxime Devos <maximedevos@HIDDEN>, Zhu Zihao <all_but_last@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi!

All things considered, I prefer to drop this patch.  In the unlikely
event that we=E2=80=99ll get more requests to support these curves, we can
always revisit the issue.

What we should do, though, is improve error reporting in case an
unsupported curve or algorithm is encountered.

Thanks,
Ludo=E2=80=99.




Notification sent to Ludovic Courtès <ludo@HIDDEN>:
bug acknowledged by developer. Full text available.
Reply sent to Ludovic Courtès <ludo@HIDDEN>:
You have taken responsibility. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 7 Sep 2022 15:31:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Sep 07 11:31:49 2022
Received: from localhost ([127.0.0.1]:55856 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVx1p-00039C-0c
	for submit <at> debbugs.gnu.org; Wed, 07 Sep 2022 11:31:49 -0400
Received: from mail-wm1-f43.google.com ([209.85.128.43]:42522)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <zimon.toutoune@HIDDEN>)
 id 1oVx1m-00038q-DJ; Wed, 07 Sep 2022 11:31:46 -0400
Received: by mail-wm1-f43.google.com with SMTP id
 d12-20020a05600c34cc00b003a83d20812fso9776371wmq.1; 
 Wed, 07 Sep 2022 08:31:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:from:to:cc:subject:date;
 bh=q+hGDS2Z/j1bUf8GuCxpqFvln/Jtngbf2L4KtHD8erM=;
 b=VMc69XK0ivO2GxDJeFXlnzSDgxRjVTX3P0bG+XejvBP3pICN1cj85D+jqOpoCkaGCP
 R/rqRZzrofo2tPfwqc8W9F7Fn0ViSbAR32eN39xzsFCutCAVCbMmykpo8b+Y5XFhXWtI
 44iaZm5HZmcONK+xL29pHncGlZ+f65gJ5W1nVTJ2UQZ2TPRupQTar+bSwPNhfOmyyXYz
 3GWO7MA4G6GTqSqsTrE45YwSO24GQdaW/drn+lUYzx++4VesHcTuSSMm0fw1Fphkrf38
 xGYTHxwb4DHPweDsTDZNmuKCUacwFk9sOVA53DHjfJBGDvEJgmnosCTDB3RJK8W09KIW
 UsSw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=content-transfer-encoding:mime-version:message-id:date:references
 :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date;
 bh=q+hGDS2Z/j1bUf8GuCxpqFvln/Jtngbf2L4KtHD8erM=;
 b=qbjtTvsdRivRB0aaIK6ejbpfH7gOx9SDm7/nC5yXv98CbVFUFbL2QVZIBIlFdh+W4E
 N44ZCFru/Y0JSrxl+oCLh6kpEGwJ5NiunnDAYYSSE9516C+DVS+aT4+r1R31UC+9ANM/
 XrXx6Ks5Vf/+/GCiMkCyOvsJTrzCJEkQAMflWsUmdL/dIxLtRAumV+zNfmdhH0ntjalY
 uSoZN0xkWCzs36f2nAato+xTAvn+lSqBDwYrDRdEiEcvuQYnGJ4PpVcD+7L9ZWfLsYuI
 BjCVa0X1qGK2D62BWliNMepUdaMJj5hKaJEk8BgpWm0sU/aIHI4YPKVqUwbEWNXeepOv
 EmRg==
X-Gm-Message-State: ACgBeo0ZBohXOhPG51ntYub2C3nqdaeYnGT4tgaAS3d4CtQMER2MDPpg
 tS9r7iP3W8YqfvnoUIUbdFtvGlJeP74=
X-Google-Smtp-Source: AA6agR6hJRHSEQGrWU9UKWZUsTzY23GIIfMUcE2aJEBh67qFbPbBTqBxiRQh2uDsFj5Z4zOLF5xudw==
X-Received: by 2002:a05:600c:3d93:b0:3a5:eb9b:b495 with SMTP id
 bi19-20020a05600c3d9300b003a5eb9bb495mr16797715wmb.91.1662564700355; 
 Wed, 07 Sep 2022 08:31:40 -0700 (PDT)
Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e])
 by smtp.gmail.com with ESMTPSA id
 i18-20020a5d5592000000b0022878c0cc5esm12495778wrv.69.2022.09.07.08.31.39
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 07 Sep 2022 08:31:39 -0700 (PDT)
From: zimoun <zimon.toutoune@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>, Andreas Enge
 <andreas@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA
 with NIST curves.
In-Reply-To: <87bkrrs5yq.fsf@HIDDEN>
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN> <87sfl4tgnk.fsf@HIDDEN>
 <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
 <YxiIXYVwrstSQqNL@jurong> <87bkrrs5yq.fsf@HIDDEN>
Date: Wed, 07 Sep 2022 17:27:43 +0200
Message-ID: <86edwnyzkg.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 57599
Cc: Maxime Devos <maximedevos@HIDDEN>, 57599 <at> debbugs.gnu.org,
 Zhu Zihao <all_but_last@HIDDEN>, 57576 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hi,

On Wed, 07 Sep 2022 at 14:51, Ludovic Court=C3=A8s <ludo@HIDDEN> wrote:

> I=E2=80=99d like to see what other free software OpenPGP implementors dec=
ided
> (primarily Sequoia; GnuPG/Libgcrypt implement them).

Maybe related <https://sequoia-pgp.org/status/>.


Cheers,
simon




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 7 Sep 2022 12:51:36 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Sep 07 08:51:36 2022
Received: from localhost ([127.0.0.1]:53929 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVuWl-0002eW-OL
	for submit <at> debbugs.gnu.org; Wed, 07 Sep 2022 08:51:35 -0400
Received: from eggs.gnu.org ([209.51.188.92]:53400)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1oVuWk-0002eA-GN; Wed, 07 Sep 2022 08:51:34 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:54310)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVuWe-0007kg-F6; Wed, 07 Sep 2022 08:51:28 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=jTcG5OrLi3uuo6aMRrRSmeGvvdON/wwQzNujj73VViU=; b=mFDBNhJmGQ/AwBqHiv5Z
 /eYw8K+/bWoCzr092QVZQPWmHaJASvrg9O23LZfyFCVecVEYAVmzjnfEXVBUzqf0GjO5zXCU8cVIT
 WvuHZx1/KkTIJHjC5tb9NMoAJ60VH8LkZfWhFHoF3ZHsJzSdB9/i0mgz2aMBmnIukn9wQR8dNLnlk
 z6bO843wAcbIX8K+lbxv9plNkVhddF/7Fnla8tG673EWE3qr5EOkBQh7UeiIXlTtlJUZu/vZ0eimW
 deHS/W3M0IvaEet4fiioP0rasO+dC5wBUU4acGVynRprTW7AceMjfPV6759+S6wyMqpHLd+0By8Ta
 bh/yb31+hGd0Hw==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:56722
 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVuWd-0003Mh-OP; Wed, 07 Sep 2022 08:51:27 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Andreas Enge <andreas@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA
 with NIST curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
 <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
 <YxiIXYVwrstSQqNL@jurong>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: Primidi 21 Fructidor an 230 de la =?utf-8?Q?R=C3=A9v?=
 =?utf-8?Q?olution=2C?= jour de
 =?utf-8?Q?l'=C3=89glantier?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Wed, 07 Sep 2022 14:51:25 +0200
In-Reply-To: <YxiIXYVwrstSQqNL@jurong> (Andreas Enge's message of "Wed, 7 Sep
 2022 14:02:37 +0200")
Message-ID: <87bkrrs5yq.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 57599
Cc: 57599 <at> debbugs.gnu.org, Maxime Devos <maximedevos@HIDDEN>,
 Zhu Zihao <all_but_last@HIDDEN>, 57576 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

Thanks a lot for the explanations, Andreas!

As you write, the decision will be =E2=80=9Cpolitical=E2=80=9D as there=E2=
=80=99s no scientific
evidence to guide us.

I=E2=80=99d like to see what other free software OpenPGP implementors decid=
ed
(primarily Sequoia; GnuPG/Libgcrypt implement them).

Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 7 Sep 2022 12:02:49 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Sep 07 08:02:48 2022
Received: from localhost ([127.0.0.1]:53733 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVtlY-0001I7-FS
	for submit <at> debbugs.gnu.org; Wed, 07 Sep 2022 08:02:48 -0400
Received: from hera.aquilenet.fr ([185.233.100.1]:60714)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <andreas@HIDDEN>)
 id 1oVtlV-0001Ho-W7; Wed, 07 Sep 2022 08:02:46 -0400
Received: from localhost (localhost [127.0.0.1])
 by hera.aquilenet.fr (Postfix) with ESMTP id 272501A11;
 Wed,  7 Sep 2022 14:02:40 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
 by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id vcl_HYrs2wpP; Wed,  7 Sep 2022 14:02:39 +0200 (CEST)
Received: from jurong (unknown [IPv6:2001:861:c4:f2f0:1ce9:67cd:7487:edd5])
 by hera.aquilenet.fr (Postfix) with ESMTPSA id 285F9DF3;
 Wed,  7 Sep 2022 14:02:39 +0200 (CEST)
Date: Wed, 7 Sep 2022 14:02:37 +0200
From: Andreas Enge <andreas@HIDDEN>
To: Maxime Devos <maximedevos@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA
 with NIST curves.
Message-ID: <YxiIXYVwrstSQqNL@jurong>
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
 <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, Ludovic =?iso-8859-15?Q?Court=E8s?= <ludo@HIDDEN>,
 57599 <at> debbugs.gnu.org, Zhu Zihao <all_but_last@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Am Wed, Sep 07, 2022 at 01:13:25PM +0200 schrieb Maxime Devos:
> Also, we _do_ have concrete evidence that the curves are flawed -- the website
> on the link mentions many issues in the process

The website (you mean the blog by D. Bernstein?) also mentions the use of
a hash function to arrive at the parameters. Maybe I overlooked something,
but I did not find other mentions of the curves (but I did not read the
page from A to Z).

> past that the NSA is in the habit of subverting communications.

But this is not concrete evidence that these curves are flawed.
As far as is publicly known, there are a few weak (and sparse) classes
of insecure elliptic curves, and the NIST curves do not belong to them.

So the only way these curves could be flawed is that there is an unknown
class of insecure curves, where the insecurity is known by the NSA.
Then if this class is sufficiently dense, one could start with a random
seed, hash the seed, and repeat until one obtains a weak instance;
see this link by a well-known cryptologist
   https://miracl.com/blog/backdoors-in-nist-elliptic-curves/
and the link given there (to another post by Bernstein).

This is possible, but speculation instead of evidence.

Newer constructions are better, but not perfect; optimally one would want
a process of "generation of public random numbers" as described here:
   https://eprint.iacr.org/2015/366

> Channels are for sharing things between multiple people. The keys are for
> authenticating channels. As multiple people are involved for a channel, this
> seems be be a non-personal decision by definition.

I said "political", which fits well the setting of multiple people involved.
And I meant this in opposition to "scientific", given the lack of evidence
against the NIST curves.

Andreas





Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 7 Sep 2022 11:13:34 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Sep 07 07:13:34 2022
Received: from localhost ([127.0.0.1]:53686 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVszt-0006MF-Hz
	for submit <at> debbugs.gnu.org; Wed, 07 Sep 2022 07:13:34 -0400
Received: from xavier.telenet-ops.be ([195.130.132.52]:42224)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@HIDDEN>) id 1oVszq-0006Ly-CF
 for 57599 <at> debbugs.gnu.org; Wed, 07 Sep 2022 07:13:31 -0400
Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]
 ([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16])
 by xavier.telenet-ops.be with bizsmtp
 id GzDS2800120ykKC01zDSZM; Wed, 07 Sep 2022 13:13:27 +0200
Message-ID: <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
Date: Wed, 7 Sep 2022 13:13:25 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.12.0
Content-Language: en-US
To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN> <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
From: Maxime Devos <maximedevos@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA with
 NIST curves.
In-Reply-To: <87sfl4tgnk.fsf@HIDDEN>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------vxO2IOjRaMvGCrzwO0kqEgv7"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22;
 t=1662549207; bh=Wa7i7fBraxuc3QcIo7arPe6tkLRd8hbxJtbBcApRfSU=;
 h=Date:To:Cc:References:From:Subject:In-Reply-To;
 b=SV/xqw+pDNpFUFydU56U9tYBPbod+EqQrVy52YbrGIS+5Ug/YMqsc+kuf1cBLV9Ny
 05AyU12kEMGdnCbNNb58KoehPm8xl9ITb6ueLwX1tcQ02vJLApOtu3WiFf2PO6vRCT
 ZxFOcn5M92yBme2Gh9heHVlAfBVCGk5HsUGKu7d0USDZePZhqwBW7YFZ5HG2WHxMku
 Ue2EqoCpvWAdKYtFRZ5QtfpeqH5UYDS/BVCjalMQAalgH9qfsqIQgxLf2C730hbJRH
 wZAVgGQAl8iIiAcGxQ7HA0kV3pICS/EyMS1Tb5GyVERp1+9GLn/cgOaQnDEJaKJgMJ
 1kc7ao029RRKA==
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, 57599 <at> debbugs.gnu.org,
 Zhu Zihao <all_but_last@HIDDEN>, Andreas Enge <andreas.enge@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------vxO2IOjRaMvGCrzwO0kqEgv7
Content-Type: multipart/mixed; boundary="------------cFDrxenYhXsh0LHA4GXSeMAr";
 protected-headers="v1"
From: Maxime Devos <maximedevos@HIDDEN>
To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>
Cc: 57599 <at> debbugs.gnu.org, 57576 <at> debbugs.gnu.org,
 Zhu Zihao <all_but_last@HIDDEN>, Andreas Enge <andreas.enge@HIDDEN>
Message-ID: <86368af7-152b-f943-4ee6-e1471d3cb20c@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA with
 NIST curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN> <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
In-Reply-To: <87sfl4tgnk.fsf@HIDDEN>

--------------cFDrxenYhXsh0LHA4GXSeMAr
Content-Type: multipart/mixed; boundary="------------jjuonHBb79lnUhTXlLB4ePyw"

--------------jjuonHBb79lnUhTXlLB4ePyw
Content-Type: multipart/alternative;
 boundary="------------kOafE7zO0Z0RGT7i08RXYr0L"

--------------kOafE7zO0Z0RGT7i08RXYr0L
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

DQpPbiAwNi0wOS0yMDIyIDIyOjAyLCBMdWRvdmljIENvdXJ0w6hzIHdyb3RlOg0KPj4gSW4g
Y2FzZSBvZiB0aG9zZSBjdXJ2ZXMsIEknbSBub3QgYXdhcmUgb2YgYW55ICdjcnl0b3BncmFw
aGljIHByb29mJw0KPj4gKCopIHRoYXQgdGhlIGN1cnZlcyBhcmUgdnVsbmVyYWJsZSAodW5s
aWtlIGZvciBTSEEtMSksIGJ1dCBhcyBub3RlZCBpbg0KPj4gwrkgYW5kIGVsc2V3aGVyZSwg
dGhlcmUgYXJlIG90aGVyIGtpbmRzIG9mIGV2aWRlbmNlIHRoYXQgc29tZXRoaW5nIGlzDQo+
PiB3cm9uZy4NCj4gSXTigJlzIGRpZmZlcmVudCBmcm9tIFNIQS0xIHRob3VnaDogRUNEU0Eg
aXMgbm90IGtub3duIHRvIGJlIHZ1bG5lcmFibGUsDQo+IGFuZCBBSVVJIHdlIGNhbuKAmXQg
dGVsbCB0aGF0IHRoZXJl4oCZcyBhIHBvc3NpYmlsaXR5IE5JU1QvTlNBIGhhcyBhDQo+IGJh
Y2tkb29yIGFzIGlzIHRoZSBjYXNlIGZvciBEdWFsRUMuICBIb3dldmVyLCB0aGUgd2hvbGUg
TklTVCBkZXNpZ24NCj4gcHJvY2VzcyBpcyB0YWludGVkLiAgU28gbXkgdW5kZXJzdGFuZGlu
ZyBpcyB0aGF0IGl04oCZcyByZWFsbHkgYSBncmF5DQo+IGFyZWEuDQoNCkluIGNyeXB0b2dy
YXBoeSAoYW5kIHNlY3VyaXR5KSwgYmVpbmcgYSBncmV5IGFyZWEgYW5kIG5vdCBrbm93biB0
byBiZSANCnZ1bG5lcmFibGUgaXMgbm90IHN1ZmZpY2llbnQgLS0gcmF0aGVyLCB0aGVyZSBo
YXMgdG8gYmUgYSByZWFzb24gZm9yIA0KY29uZmlkZW5jZSB0aGF0IHRoYXQgdGhlIGNyeXB0
byBpcyBhY3R1YWxseSBnb29kIGFuZCBub3QtdnVsbmVyYWJsZSBmb3IgDQphIGRlY2VudCBh
bW91bnQgb2YgdGltZS4NCg0KT3IsIGluIG90aGVyIHdvcmRzLCBpbiBjcnlwdG9ncmFwaHkg
YW5kIHNlY3VyaXR5IHRoZXJlIGlzIG5vIGFzc3VtcHRpb24gDQpvZiBpbm5vY2VuY2UgLS0g
cmF0aGVyLCBpdCBzdGFydHMgd2l0aCB0aGUgYXNzdW1wdGlvbiB0aGF0IGFueW9uZSBtaWdo
dCANCmJlIGFuIGF0dGFja2VyIGFuZCB3aG9ldmVyIHByb3Bvc2VzIGEgY3J5cHRvIHRoaW5n
IGhhcyB0byBjb252aW5jZSANCm90aGVycyB0aGF0IHRoZWlyIGNyeXB0byBpcyBzZWN1cmUs
IGFuZCBhIGNvbW11bmljYXRpb24gcGFydHkgaGFzIHRvIA0KcHJvb2YgdG8gdGhlIG90aGVy
IHBhcnR5IHRoYXQgdGhleSBhcmVuJ3QgYW4gaW1wb3N0ZXIgKHB1YmxpYyBrZXkgDQpzaWdu
aW5nLCB3aXRoIGFuIHByZXZpb3VzbHkgYWdyZWVkIG9uIGtleSBhbmQgYWxnb3JpdGhtKS4N
Cg0KQW5kcmVhcyB3cm90ZToNCg0KPiB3ZWxsLCBJIGFncmVlIHdpdGggeW91ciBhbmFseXNp
cy4gVGhlcmUgaXMgbm8gY29uY3JldGUgZXZpZGVuY2UgdGhhdCB0aGUNCj4gTklTVCBjdXJ2
ZXMgbWF5IGJlIGZsYXdlZCwgYW5kIGEgZ2VuZXJhbCBiZWxpZWYgdGhhdCBub3QgYWxsIGNy
eXB0bw0KPiBzdGFuZGFyZHMgb2YgTklTVCBhcmUgZmxhd2VkIG9yIGJhY2tkb29yZWQuLi4g
U28gaXQgbWFrZXMgc2Vuc2UgdG8gYWNjZXB0DQo+IHRoZSBjdXJ2ZXMsIChhbmQgYSBwZXJz
b25hbCBkZWNpc2lvbiBhYm91dCB3aGljaCB0eXBlIG9mIGtleSBhIHVzZXIgY3JlYXRlcyku
DQpJIGZvbGxvd2VkIHlvdSByaWdodCB1bnRpbCB0aGUgY29uY2x1c2lvbiwgaXQgYXBwZWFy
cyB0aGF0IHlvdSBhcmUgDQpzdGFydGluZyBmcm9tIGFuIGFzc3VtcHRpb24gb2YgaW5ub2Nl
bmNlLCB3aGljaCBtaWdodCBleHBsYWluIG91ciANCmRpZmZlcmVudCBjb25jbHVzaW9ucz8N
Cg0KQWxzbywgd2UgX2RvXyBoYXZlIGNvbmNyZXRlIGV2aWRlbmNlIHRoYXQgdGhlIGN1cnZl
cyBhcmUgZmxhd2VkIC0tIHRoZSANCndlYnNpdGUgb24gdGhlIGxpbmsgbWVudGlvbnMgbWFu
eSBpc3N1ZXMgaW4gdGhlIHByb2Nlc3MgYW5kIGl0IGhhcyBiZWVuIA0Kc2hvd24gaW4gdGhl
IHBhc3QgdGhhdCB0aGUgTlNBIGlzIGluIHRoZSBoYWJpdCBvZiBzdWJ2ZXJ0aW5nIA0KY29t
bXVuaWNhdGlvbnMgKCopLg0KDQooKikgSSBjYW4gZ2l2ZSBzb21lIHNvdXJjZXMgaWYgeW91
IGRvbid0IGtub3cgb2YgdGhlbSBhbHJlYWR5Lg0KDQpDaGFubmVscyBhcmUgZm9yIHNoYXJp
bmcgdGhpbmdzIGJldHdlZW4gbXVsdGlwbGUgcGVvcGxlLsKgIFRoZSBrZXlzIGFyZSANCmZv
ciBhdXRoZW50aWNhdGluZyBjaGFubmVscy7CoCBBcyBtdWx0aXBsZSBwZW9wbGUgYXJlIGlu
dm9sdmVkIGZvciBhIA0KY2hhbm5lbCwgdGhpcyBzZWVtcyBiZSBiZSBhIG5vbi1wZXJzb25h
bCBkZWNpc2lvbiBieSBkZWZpbml0aW9uLg0KDQpHcmVldGluZ3MsDQpNYXhpbWUuDQoNCg==

--------------kOafE7zO0Z0RGT7i08RXYr0L
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<html>
  <head>
    <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DUTF=
-8">
  </head>
  <body>
    <p><br>
    </p>
    <div class=3D"moz-cite-prefix">On 06-09-2022 22:02, Ludovic Court=C3=A8=
s
      wrote:<br>
    </div>
    <blockquote type=3D"cite" cite=3D"mid:87sfl4tgnk.fsf@HIDDEN">
      <blockquote type=3D"cite" style=3D"color: #007cff;">
        <pre class=3D"moz-quote-pre" wrap=3D"">In case of those curves, I=
'm not aware of any 'crytopgraphic proof'
(*) that the curves are vulnerable (unlike for SHA-1), but as noted in
=C2=B9 and elsewhere, there are other kinds of evidence that something is=

wrong.
</pre>
      </blockquote>
      <pre class=3D"moz-quote-pre" wrap=3D"">It=E2=80=99s different from =
SHA-1 though: ECDSA is not known to be vulnerable,
and AIUI we can=E2=80=99t tell that there=E2=80=99s a possibility NIST/NS=
A has a
backdoor as is the case for DualEC.  However, the whole NIST design
process is tainted.  So my understanding is that it=E2=80=99s really a gr=
ay
area.
</pre>
    </blockquote>
    <p>In cryptography (and security), being a grey area and not known
      to be vulnerable is not sufficient -- rather, there has to be a
      reason for confidence that that the crypto is actually good and
      not-vulnerable for a decent amount of time.</p>
    <p>Or, in other words, in cryptography and security there is no
      assumption of innocence -- rather, it starts with the assumption
      that anyone might be an attacker and whoever proposes a crypto
      thing has to convince others that their crypto is secure, and a
      communication party has to proof to the other party that they
      aren't an imposter (public key signing, with an previously agreed
      on key and algorithm).</p>
    <p>Andreas wrote:<br>
    </p>
    <p>
      <blockquote type=3D"cite">
        <pre class=3D"moz-quote-pre" wrap=3D"">well, I agree with your an=
alysis. There is no concrete evidence that the
NIST curves may be flawed, and a general belief that not all crypto
standards of NIST are flawed or backdoored... So it makes sense to accept=

the curves, (and a personal decision about which type of key a user creat=
es).
</pre>
      </blockquote>
      I followed you right until the conclusion, it appears that you are
      starting from an assumption of innocence, which might explain our
      different conclusions?<br>
    </p>
    <p>Also, we _do_ have concrete evidence that the curves are flawed
      -- the website on the link mentions many issues in the process and
      it has been shown in the past that the NSA is in the habit of
      subverting communications (*).</p>
    <p>(*) I can give some sources if you don't know of them already.<br>=

    </p>
    <p>Channels are for sharing things between multiple people.=C2=A0 The=

      keys are for authenticating channels.=C2=A0 As multiple people are
      involved for a channel, this seems be be a non-personal decision
      by definition.</p>
    <p>Greetings,<br>
      Maxime.<br>
    </p>
  </body>
</html>

--------------kOafE7zO0Z0RGT7i08RXYr0L--

--------------jjuonHBb79lnUhTXlLB4ePyw
Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc"
Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc"
Content-Description: OpenPGP public key
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m
xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2
ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL
CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc
/gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4
LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C
kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK
CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W
ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ
Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0
k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo
AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE
fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D
=3DOVqp
-----END PGP PUBLIC KEY BLOCK-----

--------------jjuonHBb79lnUhTXlLB4ePyw--

--------------cFDrxenYhXsh0LHA4GXSeMAr--

--------------vxO2IOjRaMvGCrzwO0kqEgv7
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYxh81QUDAAAAAAAKCRBJ4+4iGRcl7rPJ
AP4xzgDD8QvWOgZucitONFTIc4HhSSLUsGTO4SmCDA5FIQD5AZ8BntUA5ld7RXYYYmdzySD2KI2N
aRBspP2wxwUcHgU=
=sbuj
-----END PGP SIGNATURE-----

--------------vxO2IOjRaMvGCrzwO0kqEgv7--




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 7 Sep 2022 10:34:12 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Sep 07 06:34:12 2022
Received: from localhost ([127.0.0.1]:53555 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVsNn-0005I7-N1
	for submit <at> debbugs.gnu.org; Wed, 07 Sep 2022 06:34:11 -0400
Received: from hera.aquilenet.fr ([185.233.100.1]:35202)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <andreas@HIDDEN>)
 id 1oVsNl-0005Ho-La; Wed, 07 Sep 2022 06:34:10 -0400
Received: from localhost (localhost [127.0.0.1])
 by hera.aquilenet.fr (Postfix) with ESMTP id 50AEB1861;
 Wed,  7 Sep 2022 12:34:03 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
 by localhost (hera.aquilenet.fr [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id UCs7ftoRkTry; Wed,  7 Sep 2022 12:34:02 +0200 (CEST)
Received: from jurong (unknown [IPv6:2001:861:c4:f2f0:5c3:4f65:ddfe:6444])
 by hera.aquilenet.fr (Postfix) with ESMTPSA id 9E0C7639;
 Wed,  7 Sep 2022 12:34:02 +0200 (CEST)
Date: Wed, 7 Sep 2022 12:34:01 +0200
From: Andreas Enge <andreas@HIDDEN>
To: Ludovic =?iso-8859-15?Q?Court=E8s?= <ludo@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA
 with NIST curves.
Message-ID: <YxhzmWPH8qxdqiFY@jurong>
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
 <87sfl4tgnk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <87sfl4tgnk.fsf@HIDDEN>
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 57599
Cc: 57599 <at> debbugs.gnu.org, Maxime Devos <maximedevos@HIDDEN>,
 Zhu Zihao <all_but_last@HIDDEN>, 57576 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Hello,

Am Tue, Sep 06, 2022 at 10:02:55PM +0200 schrieb Ludovic Courtès:
> (Cc’ing Andreas for extra advice.)

well, I agree with your analysis. There is no concrete evidence that the
NIST curves may be flawed, and a general belief that not all crypto
standards of NIST are flawed or backdoored... So it makes sense to accept
the curves, but ultimately this is a political decision (and a personal
decision about which type of key a user creates).

Andreas





Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 6 Sep 2022 20:03:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Sep 06 16:03:16 2022
Received: from localhost ([127.0.0.1]:52775 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVemx-0008Qu-Vp
	for submit <at> debbugs.gnu.org; Tue, 06 Sep 2022 16:03:16 -0400
Received: from eggs.gnu.org ([209.51.188.92]:37460)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1oVemt-0008QV-BE; Tue, 06 Sep 2022 16:03:14 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:34830)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVemi-000255-S8; Tue, 06 Sep 2022 16:03:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=FI/Hw+31raAZJzl9Vtvb4jXJ/pU4+vp6FW1MIMkBhDA=; b=ZW6WF9JNLx0S5sI/srNt
 UFSRb+n/ay+g1kAHRzUXsSOOaNpFZMdzdGVRCZ/2lS+NnQv3XWomC8e5+ko0SXVQVrhbNVHeZZQMk
 GBHNIIO2rmmYb8XFXPDX5Kpv4AYCXwsi+NyixRvMA4tpZdiCZYX5XSLbNfTPZD1k5+2+bFKu1x2Ih
 piJHZ63yfSxHrUNHuahfN5UJW1q1vdMv+5oV+UV03YZOVX2h+564zDd8apl8WxA45DCDKysgUZ8oT
 wU1hw9YMZlkjJ1D9VzYKcmbKymTBz4/8CYc1nEZKJUgAHYT9wYuAErJlUP7NteIUWq+grECZaaZFl
 rAUdqwmz6FMbsQ==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:59166
 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVemg-00077x-Cv; Tue, 06 Sep 2022 16:03:00 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Maxime Devos <maximedevos@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA
 with NIST curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
 <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: =?utf-8?Q?D=C3=A9cadi?= 20 Fructidor an 230 de la
 =?utf-8?Q?R=C3=A9volution=2C?= jour de la Hotte
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Tue, 06 Sep 2022 22:02:55 +0200
In-Reply-To: <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN> (Maxime Devos's
 message of "Tue, 6 Sep 2022 18:10:15 +0200")
Message-ID: <87sfl4tgnk.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, 57599 <at> debbugs.gnu.org,
 Zhu Zihao <all_but_last@HIDDEN>, Andreas Enge <andreas.enge@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

(Cc=E2=80=99ing Andreas for extra advice.)

Maxime Devos <maximedevos@HIDDEN> skribis:

> We disallow signing with SHA-1, because it is known to be vulnerable
> and as there are alternatives that are considered good, even if this
> limits what users can do with their OpenPGP keys.

Right, we know it=E2=80=99s affordable to break SHA-1 these days.

> In case of those curves, I'm not aware of any 'crytopgraphic proof'
> (*) that the curves are vulnerable (unlike for SHA-1), but as noted in
> =C2=B9 and elsewhere, there are other kinds of evidence that something is
> wrong.

It=E2=80=99s different from SHA-1 though: ECDSA is not known to be vulnerab=
le,
and AIUI we can=E2=80=99t tell that there=E2=80=99s a possibility NIST/NSA =
has a
backdoor as is the case for DualEC.  However, the whole NIST design
process is tainted.  So my understanding is that it=E2=80=99s really a gray
area.

> Except for the different nature of the evidence of vulnerability, it
> seems about the same situation to me. As such, I don't think we should
> support them (some nice error messages like 'This algorithm [...] is
> not supported yet=E2=80=99 or =E2=80=98This algorithm [...] is (likely/kn=
own to be)
> vulnerable=E2=80=99 would be good though!).

Yes, that we can improve.  :-)

> An alternative option would be to allow the channel
> .guix-authorization (of the previous commits, not the commit that is
> about to be verified!) to decide what's considered a 'good algorithm'
> (with some defaults) (with a field). Maybe we'll have to deprecate,
> say, RSA or SHA-3 eventually, it would be nice to have a migration
> method in place as early as possible, to minimise the risk of some
> people doing a "guix pull" from a Guix that does not support that
> field to a Guix or other channel that _does_ use that field.

It=E2=80=99s tempting, but I=E2=80=99d rather avoid introducing such mechan=
isms to keep
things as simple as possible.

Thanks,
Ludo=E2=80=99.




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 6 Sep 2022 16:10:21 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Sep 06 12:10:20 2022
Received: from localhost ([127.0.0.1]:52441 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVb9Y-00083Q-Ek
	for submit <at> debbugs.gnu.org; Tue, 06 Sep 2022 12:10:20 -0400
Received: from albert.telenet-ops.be ([195.130.137.90]:54058)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@HIDDEN>) id 1oVb9V-00082y-5r
 for 57599 <at> debbugs.gnu.org; Tue, 06 Sep 2022 12:10:18 -0400
Received: from [IPV6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16]
 ([IPv6:2a02:1811:8c09:9d00:5dba:d409:33f7:a16])
 by albert.telenet-ops.be with bizsmtp
 id GgAF2800520ykKC06gAFQB; Tue, 06 Sep 2022 18:10:15 +0200
Message-ID: <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
Date: Tue, 6 Sep 2022 18:10:15 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.12.0
Content-Language: en-US
To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>, 57599 <at> debbugs.gnu.org
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
From: Maxime Devos <maximedevos@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA with
 NIST curves.
In-Reply-To: <8735d4zpcf.fsf_-_@HIDDEN>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------m7iknZCG0iEaOGTxErBcZ11u"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22;
 t=1662480615; bh=CaZWk/HYRi1BwYI5GjANeDmUXPVQK9CFMDH2jWdEV5U=;
 h=Date:To:Cc:References:From:Subject:In-Reply-To;
 b=NtB/OWXc2U2EtuyLhUKdobA9fe/q7pPIhzIW6h7uNQj7CzFo7xZ5iKEXgepQJqbMG
 es0vwXlsWsfEeUbN1wDrVt0ai5g+HZZZcxpOKCtjS1H+2wh74CNnbj9jgtujjT5FQl
 pMaPM/VWedMtS75E8Kh54uR0I3m7jKskDxsH57BOpRrRpPqOJBNrxMzM63eKO0UbSf
 JVa61qJFKOHezODeNkitwvuAdw+HDcAMimsePPAMYQW7DzwoAgyPs78RDJaJ2EZ9F0
 9XvQv9IJnvV/xspSVnJ6nBYv4yR+ANsYQYovyfemtDReKg6do4nkNre42FPXsiqw6B
 GPN4mvIVNFCJQ==
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, Zhu Zihao <all_but_last@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------m7iknZCG0iEaOGTxErBcZ11u
Content-Type: multipart/mixed; boundary="------------NEfq3g0Bo00qhIowsFRlWi8e";
 protected-headers="v1"
From: Maxime Devos <maximedevos@HIDDEN>
To: =?UTF-8?Q?Ludovic_Court=c3=a8s?= <ludo@HIDDEN>, 57599 <at> debbugs.gnu.org
Cc: 57576 <at> debbugs.gnu.org, Zhu Zihao <all_but_last@HIDDEN>
Message-ID: <4b1f50af-9694-1439-2223-e9ef5ba7ecec@HIDDEN>
Subject: Re: bug#57576: bug#57599: [PATCH] openpgp: Add support for ECDSA with
 NIST curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
In-Reply-To: <8735d4zpcf.fsf_-_@HIDDEN>

--------------NEfq3g0Bo00qhIowsFRlWi8e
Content-Type: multipart/mixed; boundary="------------JKmmq2Pb50Rib7bxkzOiEn0W"

--------------JKmmq2Pb50Rib7bxkzOiEn0W
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

DQpPbiAwNi0wOS0yMDIyIDEzOjU4LCBMdWRvdmljIENvdXJ0w6hzIHdyb3RlOg0KPiBIaSwN
Cj4NCj4gRUNEU0EgYW5kIHRoZSBOSVNUIGN1cnZlcyAoYW5kIGluIGZhY3QgYSBsYXJnZSBw
YXJ0IG9mIE5JU1TigJlzIGNyeXB0bw0KPiBzdGFuZGFyZGl6YXRpb24gd29ya8K5KSBhcmUg
YWN0dWFsbHkgY29uc2lkZXJlZCB3aXRoIHNrZXB0aWNpc20gYnkgc29tZToNCj4NCj4gICAg
aHR0cHM6Ly9lbi53aWtpcGVkaWEub3JnL3dpa2kvRWxsaXB0aWNfQ3VydmVfRGlnaXRhbF9T
aWduYXR1cmVfQWxnb3JpdGhtI0NvbmNlcm5zDQo+DQo+IFRoYXQgbWFrZXMgbWUgd29uZGVy
IHdoZXRoZXIgc3VwcG9ydGluZyB0aGVtIGlzIGEgZ29vZCBpZGVhLCBhZnRlciBhbGwuDQo+
IEV2aWRlbnRseSB0aGV54oCZcmUgbm90IHdpZGVseSB1c2VkIGluIE9wZW5QR1AgYW5kIG5v
dCBzdXBwb3J0aW5nIHRoZW0NCj4gaGFzbuKAmXQgYmVlbiBtdWNoIG9mIGEgcHJvYmxlbSwg
aXQgc2VlbXMuICBPbiBvbmUgaGFuZCwgd2UgZG9u4oCZdCB3YW50DQo+IEd1aXjigJlzIE9w
ZW5QR1AgaW1wbGVtZW50YXRpb24gdG8gbGltaXQgd2hhdCB1c2VycyBkbyB3aXRoIHRoZWly
IE9wZW5QR1ANCj4ga2V5czsgb24gdGhlIG90aGVyIGhhbmQsIHdlIGRvbuKAmXQgd2FudCB0
byBlbmNvdXJhZ2UgYWxnb3JpdGhtcyB0aGF0DQo+IGJyaW5nIGxpdHRsZSB0byB0aGUgdGFi
bGUgYXQgYmVzdCBhbmQgYXJlIHN1c3BpY2lvdXMgYXQgd29yc3QuDQo+DQo+IFdoYXQgZG8g
cGVvcGxlIHRoaW5rPw0KDQpXZSBkaXNhbGxvdyBzaWduaW5nIHdpdGggU0hBLTEsIGJlY2F1
c2UgaXQgaXMga25vd24gdG8gYmUgdnVsbmVyYWJsZSBhbmQgDQphcyB0aGVyZSBhcmUgYWx0
ZXJuYXRpdmVzIHRoYXQgYXJlIGNvbnNpZGVyZWQgZ29vZCwgZXZlbiBpZiB0aGlzIGxpbWl0
cyANCndoYXQgdXNlcnMgY2FuIGRvIHdpdGggdGhlaXIgT3BlblBHUCBrZXlzLg0KDQpJbiBj
YXNlIG9mIHRob3NlIGN1cnZlcywgSSdtIG5vdCBhd2FyZSBvZiBhbnkgJ2NyeXRvcGdyYXBo
aWMgcHJvb2YnICgqKSANCnRoYXQgdGhlIGN1cnZlcyBhcmUgdnVsbmVyYWJsZSAodW5saWtl
IGZvciBTSEEtMSksIGJ1dCBhcyBub3RlZCBpbiDCuSBhbmQgDQplbHNld2hlcmUsIHRoZXJl
IGFyZSBvdGhlciBraW5kcyBvZiBldmlkZW5jZSB0aGF0IHNvbWV0aGluZyBpcyB3cm9uZy4N
Cg0KRXhjZXB0IGZvciB0aGUgZGlmZmVyZW50IG5hdHVyZSBvZiB0aGUgZXZpZGVuY2Ugb2Yg
dnVsbmVyYWJpbGl0eSwgaXQgDQpzZWVtcyBhYm91dCB0aGUgc2FtZSBzaXR1YXRpb24gdG8g
bWUuIEFzIHN1Y2gsIEkgZG9uJ3QgdGhpbmsgd2Ugc2hvdWxkIA0Kc3VwcG9ydCB0aGVtIChz
b21lIG5pY2UgZXJyb3IgbWVzc2FnZXMgbGlrZSAnVGhpcyBhbGdvcml0aG0gWy4uLl0gaXMg
bm90IA0Kc3VwcG9ydGVkIHlldOKAmSBvciDigJhUaGlzIGFsZ29yaXRobSBbLi4uXSBpcyAo
bGlrZWx5L2tub3duIHRvIGJlKSANCnZ1bG5lcmFibGXigJkgd291bGQgYmUgZ29vZCB0aG91
Z2ghKS4NCg0KKCopIEkgbWVhbiBwcm9vZiwgbGlrZSBpbiBtYXRoZW1hdGljYWwgcHJvb2Zz
LCBub3QgbWVyZWx5IGV2aWRlbmNlLg0KDQpBbiBhbHRlcm5hdGl2ZSBvcHRpb24gd291bGQg
YmUgdG8gYWxsb3cgdGhlIGNoYW5uZWwgLmd1aXgtYXV0aG9yaXphdGlvbiANCihvZiB0aGUg
cHJldmlvdXMgY29tbWl0cywgbm90IHRoZSBjb21taXQgdGhhdCBpcyBhYm91dCB0byBiZSB2
ZXJpZmllZCEpIA0KdG8gZGVjaWRlIHdoYXQncyBjb25zaWRlcmVkIGEgJ2dvb2QgYWxnb3Jp
dGhtJyAod2l0aCBzb21lIGRlZmF1bHRzKSANCih3aXRoIGEgZmllbGQpLiBNYXliZSB3ZSds
bCBoYXZlIHRvIGRlcHJlY2F0ZSwgc2F5LCBSU0Egb3IgU0hBLTMgDQpldmVudHVhbGx5LCBp
dCB3b3VsZCBiZSBuaWNlIHRvIGhhdmUgYSBtaWdyYXRpb24gbWV0aG9kIGluIHBsYWNlIGFz
IA0KZWFybHkgYXMgcG9zc2libGUsIHRvIG1pbmltaXNlIHRoZSByaXNrIG9mIHNvbWUgcGVv
cGxlIGRvaW5nIGEgImd1aXggDQpwdWxsIiBmcm9tIGEgR3VpeCB0aGF0IGRvZXMgbm90IHN1
cHBvcnQgdGhhdCBmaWVsZCB0byBhIEd1aXggb3Igb3RoZXIgDQpjaGFubmVsIHRoYXQgX2Rv
ZXNfIHVzZSB0aGF0IGZpZWxkLg0KDQpaaHUgWmloYW8gd3JvdGU6DQoNCj4gTXkgb3Bpbmlv
bjogTWF5YmUgTlNBIHJlY29tbWVuZCBOSVNUIGZhbWlseSBiZWNhdXNlIHRoZXkga25vdyBo
b3cgdG8gZ2V0DQo+IGFyb3VuZCBpdC4NCklmIHNvLCBJIGJlbGlldmUgdGhpcyBpcyBhbiBh
cmd1bWVudCBhZ2FpbnN0IGFsbG93aW5nIHRoZXNlIGN1cnZlcywgdG8gDQphdm9pZCBhIG1l
dGhvZCBOU0EgY291bGQgdXNlIGZvciBhdHRhY2tzLg0KPiBCdXQgdGhleSBhbHNvIGhhdmUg
dG8gYmVsaWV2ZSBmb3JlaWduIGdvdmVybm1lbnQgY2FuJ3QgYnJlYWsNCj4gaXQgZWFzaWx5
Lg0KRm9yIHBlb3BsZSBvdXRzaWRlIHRoZSBVUywgdGhlIFVTIChvZiB3aGljaCB0aGUgTlNB
IGlzIGFuIGFnZW5jeSkgX2lzXyBhIA0KZm9yZWlnbiBnb3Zlcm5tZW50LiBBcyBHdWl4IGlz
IG5vdCBhbiBVUy1zcGVjaWZpYyBwcm9qZWN0LCBJIGRvIG5vdCANCnRoaW5rIHRoaXMgaXMg
YW4gYXJndW1lbnQgZm9yIGFsbG93aW5nIHRoZSBjdXJ2ZXMuDQoNCkdyZWV0aW5ncywNCk1h
eGltZS4NCj4gTHVkb+KAmS4NCj4NCj4gwrkgaHR0cHM6Ly9ibG9nLmNyLnlwLnRvLzIwMjIw
ODA1LW5zYS5odG1sDQo+DQo+DQo=
--------------JKmmq2Pb50Rib7bxkzOiEn0W
Content-Type: application/pgp-keys; name="OpenPGP_0x49E3EE22191725EE.asc"
Content-Disposition: attachment; filename="OpenPGP_0x49E3EE22191725EE.asc"
Content-Description: OpenPGP public key
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEX4ch6BYJKwYBBAHaRw8BAQdANPb/d6MrGnGi5HyvODCkBUJPRjiFQcRU5V+m
xvMaAa/NL01heGltZSBEZXZvcyA8bWF4aW1lLmRldm9zQHN0dWRlbnQua3VsZXV2
ZW4uYmU+wpAEExYIADgWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCX4ch6AIbAwUL
CQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBJ4+4iGRcl7japAQC3opZ2KGWzWmRc
/gIWSu0AAcfMwyinFEEPa/QhUt2CogD/e2RdF4CYAgaRHJJmZ9WU7piKbLZ7llB4
LzgezVDHggzNJU1heGltZSBEZXZvcyA8bWF4aW1lZGV2b3NAdGVsZW5ldC5iZT7C
kAQTFggAOBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJf56ycAhsDBQsJCAcDBRUK
CQgLBRYCAwEAAh4BAheAAAoJEEnj7iIZFyXujpQBAKV1SwDDl4f24rXciDlB9L8W
ycZt30CgbewMSRQk4mvbAP9dFMbVVixYBd6C8cfhR+NsOBGiOJnQABlUmgNuqGFJ
Dc44BF+HIegSCisGAQQBl1UBBQEBB0BOlzIWiJzgobMF6/cqwLaLk7jIcFSZ++c0
k9cCNT6YXwMBCAfCeAQYFggAIBYhBMHzPuIMUo/bfdcBH0nj7iIZFyXuBQJfhyHo
AhsMAAoJEEnj7iIZFyXuMr0BAJc8cl5PGvVmVuSQVKjleNl4DK1/XAaPAYPe34AE
fZJPAP9IqLCQhH/FeJanHqBP8gNdGNI2qn8RnnLVfRJgUjZ1BA=3D=3D
=3DOVqp
-----END PGP PUBLIC KEY BLOCK-----

--------------JKmmq2Pb50Rib7bxkzOiEn0W--

--------------NEfq3g0Bo00qhIowsFRlWi8e--

--------------m7iknZCG0iEaOGTxErBcZ11u
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYxdw5wUDAAAAAAAKCRBJ4+4iGRcl7quU
AQDjT/hlPANBwisnsDrSyWWIlc7j8BlKsqEmrLZrBvNZ0AEAlEP04v72+RVoFpSiVX3tFFs+AtXO
T+O1kFl1bl8SQQ4=
=dLJH
-----END PGP SIGNATURE-----

--------------m7iknZCG0iEaOGTxErBcZ11u--




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 6 Sep 2022 15:29:14 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Sep 06 11:29:14 2022
Received: from localhost ([127.0.0.1]:52347 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVaVl-0006ac-SA
	for submit <at> debbugs.gnu.org; Tue, 06 Sep 2022 11:29:14 -0400
Received: from mail-m974.mail.163.com ([123.126.97.4]:1252)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <all_but_last@HIDDEN>)
 id 1oVaVg-0006Zv-No; Tue, 06 Sep 2022 11:29:12 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com;
 s=s110527; h=From:Subject:Date:Message-ID:MIME-Version; bh=Fyn3r
 DIjzP/OhzS8WpK4DqZ1UCdxft0XFgdRex8ac8s=; b=imHX3Nw45df3schALVJqi
 86b31I6LT8LcpcVFhV+KjfWZyK45gRqaKnCJewX9MghjwWM9NcXaUaJY813hXKXM
 Ob++ZQ73+zO+cgNHQ/X2ctWakx4P4tic8MMAkxpnIcvDFvoONOEu5rccBEqoXdPW
 cC1rd4bxqisq/Bp16WcvIU=
Received: from asus-laptop (unknown [27.46.84.97])
 by smtp4 (Coremail) with SMTP id HNxpCgBnDOw4ZxdjHzAhaw--.3788S2;
 Tue, 06 Sep 2022 23:28:57 +0800 (CST)
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
 <8735d4zpcf.fsf_-_@HIDDEN>
User-agent: mu4e 1.8.9; emacs 29.0.50
From: Zhu Zihao <all_but_last@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: bug#57599: [PATCH] openpgp: Add support for ECDSA with NIST
 curves.
Date: Tue, 06 Sep 2022 23:26:19 +0800
In-reply-to: <8735d4zpcf.fsf_-_@HIDDEN>
Message-ID: <86sfl434lo.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-CM-TRANSID: HNxpCgBnDOw4ZxdjHzAhaw--.3788S2
X-Coremail-Antispam: 1Uf129KBjDUn29KB7ZKAUJUUUUU529EdanIXcx71UUUUU7v73
 VFW2AGmfu7bjvjm3AaLaJ3UbIYCTnIWIevJa73UjIFyTuYvj4RYsjjUUUUU
X-Originating-IP: [27.46.84.97]
X-CM-SenderInfo: pdoosuxxwbztlvw6il2tof0z/xtbBoRl0r2I0UnTxRAAAsm
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, 57599 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

My opinion: Maybe NSA recommend NIST family because they know how to get
around it. But they also have to believe foreign government can't break
it easily.

-- 
Retrieve my PGP public key:

  gpg --recv-keys 481F5EEEBA425ADC13247C76A6E672D981B8E744

Zihao





Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at 57599 <at> debbugs.gnu.org:


Received: (at 57599) by debbugs.gnu.org; 6 Sep 2022 11:58:52 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Sep 06 07:58:52 2022
Received: from localhost ([127.0.0.1]:49949 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVXEB-0005xs-P4
	for submit <at> debbugs.gnu.org; Tue, 06 Sep 2022 07:58:52 -0400
Received: from eggs.gnu.org ([209.51.188.92]:50442)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>)
 id 1oVXEA-0005xZ-2s; Tue, 06 Sep 2022 07:58:50 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:39742)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVXE3-0007Dl-PV; Tue, 06 Sep 2022 07:58:44 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=xfzwpkeSOdAdAhf0VR9CTc0gCQCf2I/mpOHet9s52Ao=; b=ZZYtV9fVXo2LXYfxTY2U
 NRjMNkq8fcsR9iFHZggqD6nT321hqLGdM8qPmHYGAnKs0AK4GPmG0fVwTUDyZNl1IxZ3WObysGFgV
 ptzZONhLpah9pAJcs/qnobet/P9skt5FaqbRVJUxR+SZT0aBVL8WKKiM+Rk/dLyMY40ZesOvw9mPn
 gOGPa5+mxY3gRGI+uZ+j0K8ouZJ/a/84oNcxnvaSCEnpfLrv3ZlcN5RJcmjITuhOi7gsxhTHeCa+O
 uAUtFlPZQPm1fnfzJ4/pSPCDfddABCPSqLjIb0GbAiNRZYilVNHR9FypmfE6JLnKrc5ghP03hs46G
 4MllZ5zbTr+yXw==;
Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201]:64957
 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVXE3-0001bb-D2; Tue, 06 Sep 2022 07:58:43 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: 57599 <at> debbugs.gnu.org
Subject: Re: bug#57599: [PATCH] openpgp: Add support for ECDSA with NIST
 curves.
References: <87r10p3ixi.fsf@HIDDEN> <20220905160929.21742-1-ludo@HIDDEN>
Date: Tue, 06 Sep 2022 13:58:40 +0200
In-Reply-To: <20220905160929.21742-1-ludo@HIDDEN> ("Ludovic =?utf-8?Q?Cou?=
 =?utf-8?Q?rt=C3=A8s=22's?=
 message of "Mon, 5 Sep 2022 18:09:29 +0200")
Message-ID: <8735d4zpcf.fsf_-_@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 57599
Cc: 57576 <at> debbugs.gnu.org, Zhu Zihao <all_but_last@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Hi,

ECDSA and the NIST curves (and in fact a large part of NIST=E2=80=99s crypto
standardization work=C2=B9) are actually considered with skepticism by some:

  https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm#=
Concerns

That makes me wonder whether supporting them is a good idea, after all.
Evidently they=E2=80=99re not widely used in OpenPGP and not supporting them
hasn=E2=80=99t been much of a problem, it seems.  On one hand, we don=E2=80=
=99t want
Guix=E2=80=99s OpenPGP implementation to limit what users do with their Ope=
nPGP
keys; on the other hand, we don=E2=80=99t want to encourage algorithms that
bring little to the table at best and are suspicious at worst.

What do people think?

Ludo=E2=80=99.

=C2=B9 https://blog.cr.yp.to/20220805-nsa.html




Information forwarded to guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 5 Sep 2022 16:09:53 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Sep 05 12:09:53 2022
Received: from localhost ([127.0.0.1]:48697 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1oVEfY-0003Aq-8O
	for submit <at> debbugs.gnu.org; Mon, 05 Sep 2022 12:09:53 -0400
Received: from lists.gnu.org ([209.51.188.17]:57842)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@HIDDEN>) id 1oVEfV-0003Ai-6u
 for submit <at> debbugs.gnu.org; Mon, 05 Sep 2022 12:09:50 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:34958)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1oVEfU-0003LT-0P
 for guix-patches@HIDDEN; Mon, 05 Sep 2022 12:09:49 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:37970)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVEfS-00074N-Vq; Mon, 05 Sep 2022 12:09:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:References:In-Reply-To:Date:Subject:To:
 From; bh=/L/TgxwUNsBm4XRYBu8XamtMTV9hRGH1Yi5e/Hu79Pg=; b=D6KvrKh7aM2KuHLDjUiW
 YoByEpScjW8vIrmZrMAZ7R8fO/F/PH7MDhzyNzlkrNE/i/dAMIZqXQ4BCY8sIK0cBgvEe3NY1TJyQ
 5BuyGELyKyyttvEeZhz/oBf4DNNXpIKBCqRCLOYYDN01ocje6Ylba+wjOFRwLI9TCYWH4HB8tF3s0
 +BHEkDJjwcvbEgurbs78vxR4UlYrp+0Gv4nUourzLKsEyjPCtQBWWEnRGieoa4WXmtoFDufRInfu+
 ysX/GW9cNH0nyt7nd3vHP75s0+8FMI4Mh8+pTDFCjT3Xx+vSKQiQNcc8kRzahNBUYdlPS7EoCXveb
 /lvx3YvB6cd3BA==;
Received: from [2001:660:6102:320:e120:2c8f:8909:cdfe] (port=57364
 helo=gnu.org)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
 id 1oVEfR-00039A-UC; Mon, 05 Sep 2022 12:09:46 -0400
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@HIDDEN>
To: guix-patches@HIDDEN
Subject: [PATCH] openpgp: Add support for ECDSA with NIST curves.
Date: Mon,  5 Sep 2022 18:09:29 +0200
Message-Id: <20220905160929.21742-1-ludo@HIDDEN>
X-Mailer: git-send-email 2.37.2
In-Reply-To: <87r10p3ixi.fsf@HIDDEN>
References: <87r10p3ixi.fsf@HIDDEN>
MIME-Version: 1.0
X-Debbugs-Cc: Zhu Zihao <all_but_last@HIDDEN>, 57576 <at> debbugs.gnu.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.2 (--)
X-Debbugs-Envelope-To: submit
Cc: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.2 (---)

Fixes <https://issues.guix.gnu.org/57576>.
Reported by Zhu Zihao <all_but_last@HIDDEN>.

* guix/openpgp.scm (verify-openpgp-signature): Add case for ecdsa.
(get-signature): Likewise for PUBLIC-KEY-ECDSA.
(get-public-key): Likewise.
* tests/keys/secp384.pub, tests/keys/secp384.sec,
tests/keys/secp521.pub, tests/keys/secp521.sec: New files.
* Makefile.am (EXTRA_DIST): Add them.
* tests/openpgp.scm (%secp384-key-id, %secp384-key-fingerprint)
(%hello-signature/secp384/sha384)
(%secp521-key-id, %secp521-key-fingerprint)
(%hello-signature/secp521/sha521): New variables.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii")
("verify-openpgp-signature, good signatures")
("verify-openpgp-signature, bad signature"): Check with
the secp384 and secp521 curves.
---
 Makefile.am            |  4 +++
 guix/openpgp.scm       | 41 +++++++++++++++++++++-----
 tests/keys/secp384.pub | 11 +++++++
 tests/keys/secp384.sec | 12 ++++++++
 tests/keys/secp521.pub | 13 +++++++++
 tests/keys/secp521.sec | 14 +++++++++
 tests/openpgp.scm      | 66 +++++++++++++++++++++++++++++++++++-------
 7 files changed, 143 insertions(+), 18 deletions(-)
 create mode 100644 tests/keys/secp384.pub
 create mode 100644 tests/keys/secp384.sec
 create mode 100644 tests/keys/secp521.pub
 create mode 100644 tests/keys/secp521.sec

diff --git a/Makefile.am b/Makefile.am
index a0c4e941c1..71c3bd4a98 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -702,6 +702,10 @@ EXTRA_DIST +=						\
   tests/keys/ed25519-2.sec				\
   tests/keys/ed25519-3.pub				\
   tests/keys/ed25519-3.sec				\
+  tests/keys/secp384.pub				\
+  tests/keys/secp384.sec				\
+  tests/keys/secp521.pub				\
+  tests/keys/secp521.sec				\
   build-aux/config.rpath				\
   bootstrap						\
   doc/build.scm						\
diff --git a/guix/openpgp.scm b/guix/openpgp.scm
index 9de7feb644..b999c30474 100644
--- a/guix/openpgp.scm
+++ b/guix/openpgp.scm
@@ -1,6 +1,6 @@
 ;; -*- mode: scheme; coding: utf-8 -*-
 ;; Copyright © 2010, 2012 Göran Weinholt <goran@HIDDEN>
-;; Copyright © 2020 Ludovic Courtès <ludo@HIDDEN>
+;; Copyright © 2020, 2022 Ludovic Courtès <ludo@HIDDEN>
 
 ;; Permission is hereby granted, free of charge, to any person obtaining a
 ;; copy of this software and associated documentation files (the "Software"),
@@ -290,7 +290,7 @@ (define PUBLIC-KEY-RSA-SIGN-ONLY 3)
 (define PUBLIC-KEY-ELGAMAL-ENCRYPT-ONLY 16)
 (define PUBLIC-KEY-DSA 17)
 (define PUBLIC-KEY-ECDH 18)                       ;RFC-6637
-(define PUBLIC-KEY-ECDSA 19)                      ;RFC-6639
+(define PUBLIC-KEY-ECDSA 19)                      ;RFC-6637
 (define PUBLIC-KEY-ELGAMAL 20)                    ;encrypt + sign (legacy)
 (define PUBLIC-KEY-EDDSA 22)                      ;"not yet assigned" says GPG
 
@@ -298,6 +298,7 @@ (define (public-key-algorithm id)
   (cond ((= id PUBLIC-KEY-RSA) 'rsa)
         ((= id PUBLIC-KEY-DSA) 'dsa)
         ((= id PUBLIC-KEY-ELGAMAL-ENCRYPT-ONLY) 'elgamal)
+        ((= id PUBLIC-KEY-ECDSA) 'ecdsa)
         ((= id PUBLIC-KEY-EDDSA) 'eddsa)
         (else id)))
 
@@ -564,10 +565,16 @@ (define (check key sig)
               ;; See "(gcrypt) Cryptographic Functions".
               (sexp->canonical-sexp
                (if (eq? key-type 'ecc)
-                   `(data
-                     (flags eddsa)
-                     (hash-algo sha512)
-                     (value ,hash))
+                   (match (openpgp-signature-public-key-algorithm sig)
+                     ('eddsa
+                      `(data
+                        (flags eddsa)
+                        (hash-algo sha512)
+                        (value ,hash)))
+                     ('ecdsa
+                      `(data
+                        (hash-algo ,(openpgp-signature-hash-algorithm sig))
+                        (value ,hash))))
                    `(data
                      (flags ,(match key-type
                                ('rsa 'pkcs1)
@@ -615,7 +622,8 @@ (define (get-sig p pkalg)
              (string->canonical-sexp
               (format #f "(sig-val (dsa (r #~a#) (s #~a#)))"
                       (->hex r) (->hex s)))))
-          ((= pkalg PUBLIC-KEY-EDDSA)
+          ((or (= pkalg PUBLIC-KEY-EDDSA)
+               (= pkalg PUBLIC-KEY-ECDSA))
            (print "EdDSA signature")
            (let ((r (get-mpi/bytevector p))
                  (s (get-mpi/bytevector p)))
@@ -630,7 +638,8 @@ (define (bytevector->hex bv)
                      str)))
 
              (string->canonical-sexp
-              (format #f "(sig-val (eddsa (r #~a#) (s #~a#)))"
+              (format #f "(sig-val (~a (r #~a#) (s #~a#)))"
+                      (public-key-algorithm pkalg)
                       (bytevector->hex r) (bytevector->hex s)))))
           (else
            (list 'unsupported-algorithm
@@ -886,6 +895,22 @@ (define curve
                       curve
                       (if (eq? curve 'Curve25519) 'djb-tweak 'eddsa)
                       (->hex q)))))
+          ((= alg PUBLIC-KEY-ECDSA)
+           (print "Public ECDSA key")
+           (let* ((len     (get-u8 p))
+                  (oid     (bytevector->uint (get-bytevector-n p len)))
+                  (q (get-mpi p)))
+             (define curve
+               ;; RFC 6637, Section 11.
+               (match oid
+                 (#x2a8648ce3d030107   "NIST P-256")
+                 (#x2b81040022         "NIST P-384")
+                 (#x2b81040023         "NIST P-521")))
+
+             (string->canonical-sexp
+              (format #f "(public-key (ecc (curve \"~a\")(q #~a#)))"
+                      curve
+                      (->hex q)))))
           (else
            (list 'unsupported-algorithm           ;FIXME: throw
                  (public-key-algorithm alg)
diff --git a/tests/keys/secp384.pub b/tests/keys/secp384.pub
new file mode 100644
index 0000000000..b90cf504e2
--- /dev/null
+++ b/tests/keys/secp384.pub
@@ -0,0 +1,11 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mG8EYxYF9RMFK4EEACIDAwTHYxcyBiiPz4ZZIkmXnVu0Yv9DHGrnbdCR6U/RT1S4
+wszaHdsSEHlPwmy3WGgTubBDOuJODf5kV/HLL7QEPsOTkIsObK+prEJO3CGpRVim
+a7nfVk2AH6D/GMkNacSXdwy0FTxleGFtcGxlQGV4YW1wbGUuY29tPoiwBBMTCQA4
+AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEzLZ9Sx8EBzgp+PzwLydGMf8+
+bFsFAmMWB+sACgkQLydGMf8+bFuD3gF/SMEDQP3Bvu0yb8KxE6j8lhOiKT186wwG
+4hBsifRdEF+UHWEa7sx74tyc4R1B01FUAYC/4QqNup4EnPzQfSE3WyVvu+ja+xui
+3vppYCpUjkHzkATsLzsN98/nkZ3q3YA8/lo=
+=vIaC
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/keys/secp384.sec b/tests/keys/secp384.sec
new file mode 100644
index 0000000000..ae296dd9a1
--- /dev/null
+++ b/tests/keys/secp384.sec
@@ -0,0 +1,12 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lKQEYxYF9RMFK4EEACIDAwTHYxcyBiiPz4ZZIkmXnVu0Yv9DHGrnbdCR6U/RT1S4
+wszaHdsSEHlPwmy3WGgTubBDOuJODf5kV/HLL7QEPsOTkIsObK+prEJO3CGpRVim
+a7nfVk2AH6D/GMkNacSXdwwAAYC9iXZ9j+RWFB4rU103SCv6j68rS5Lmc7tHve9l
+B5nri/AR+OEJ61q+w6w0XO5GBBUYLrQVPGV4YW1wbGVAZXhhbXBsZS5jb20+iLAE
+ExMJADgCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQTMtn1LHwQHOCn4/PAv
+J0Yx/z5sWwUCYxYH6wAKCRAvJ0Yx/z5sW4PeAX9IwQNA/cG+7TJvwrETqPyWE6Ip
+PXzrDAbiEGyJ9F0QX5QdYRruzHvi3JzhHUHTUVQBgL/hCo26ngSc/NB9ITdbJW+7
+6Nr7G6Le+mlgKlSOQfOQBOwvOw33z+eRnerdgDz+Wg==
+=B1Nl
+-----END PGP PRIVATE KEY BLOCK-----
diff --git a/tests/keys/secp521.pub b/tests/keys/secp521.pub
new file mode 100644
index 0000000000..077e8e7df2
--- /dev/null
+++ b/tests/keys/secp521.pub
@@ -0,0 +1,13 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mJMEYxYamRMFK4EEACMEIwQB4EqA0zTAfhLeVjkNnzvTuSYs+TUlYdDaw9mYA7Gy
+AiNvxr2F1hJi88Wxxr3YNGKx9s0yJ2Vl0dHlCLmlQAFc9MMACZKWZN68mqbYfSVf
+qJxSG5F8qbF0+dGecwY+TjM4xdaUk4d0vD13/e+r/HLYNgwKrpO2SurNZX/isfkn
+rvNSHPi0HTxleGFtcGxlLXNlY3A1MjFAZXhhbXBsZS5jb20+iNoEExMKAD4WIQQ7
+r36YQGm2cfPDEWnoSxOgtOevGwUCYxYamQIbAwUJA8JnAAULCQgHAgYVCgkICwIE
+FgIDAQIeAQIXgAAKCRDoSxOgtOevG4GUAgkBN118FBDW896Iv+2U/29Fpfni4V6D
+Vp6HTE5qAqmJUtKOOSxmDAmiJ4sinybTP4YCLQT9fmMQqrJSSY0d/hVg4fYCCQGD
+Y6iRT8KPyxhlpsVVwdiUjOd4B5JUyJj0qOudY4yveyOl6c1bdxJALMbEHV4JREEE
+1+ylYN1KRfpaQh42Zoms9Q==
+=Nru3
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/keys/secp521.sec b/tests/keys/secp521.sec
new file mode 100644
index 0000000000..663dbeaa3c
--- /dev/null
+++ b/tests/keys/secp521.sec
@@ -0,0 +1,14 @@
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lNoEYxYamRMFK4EEACMEIwQB4EqA0zTAfhLeVjkNnzvTuSYs+TUlYdDaw9mYA7Gy
+AiNvxr2F1hJi88Wxxr3YNGKx9s0yJ2Vl0dHlCLmlQAFc9MMACZKWZN68mqbYfSVf
+qJxSG5F8qbF0+dGecwY+TjM4xdaUk4d0vD13/e+r/HLYNgwKrpO2SurNZX/isfkn
+rvNSHPgAAgkBRPFeWJ3ZROkkbV7/dF8Z4LN6hlrSHWWS2sZmKxZprQy/j48eqWZz
+6eY9IvDxfP9ATpfummdgrjexVqA3o3/wr00h/LQdPGV4YW1wbGUtc2VjcDUyMUBl
+eGFtcGxlLmNvbT6I0gQTEwoAOAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYh
+BDuvfphAabZx88MRaehLE6C0568bBQJjFhroAAoJEOhLE6C0568bQl0CCNYMV2uF
+6LA4GF8RchFQee4ZZo8aquEQ7t7a6NDBc1TbVkGLR+TWxkomEytp5EUoEEU2cNtg
+TWRvti3aZvTbEMvdAgijAGTSiO3q5kjprGu1C35oc2JWj0q66XzHEJ0aEiTMQNrz
+sJReJPQRmMnBTtzjJCmNPws/VYSEs26m36QCqePtwQ==
+=/mn1
+-----END PGP PRIVATE KEY BLOCK-----
diff --git a/tests/openpgp.scm b/tests/openpgp.scm
index 1f20466772..68439f7485 100644
--- a/tests/openpgp.scm
+++ b/tests/openpgp.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2020 Ludovic Courtès <ludo@HIDDEN>
+;;; Copyright © 2020, 2022 Ludovic Courtès <ludo@HIDDEN>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -63,7 +63,7 @@ (define %civodul-key-id #x090B11993D9AEBB5)       ;civodul.pub
 
 #|
 Test keys in ./tests/keys.  They were generated in a container along these lines:
-  guix environment -CP --ad-hoc gnupg pinentry coreutils
+  guix shell -CP-hoc gnupg pinentry coreutils
 then, within the container:
   mkdir ~/.gnupg && chmod -R og-rwx ~/.gnupg
   gpg --batch --passphrase '' --quick-gen-key '<example@HIDDEN>' ed25519
@@ -75,6 +75,8 @@ (define %civodul-key-id #x090B11993D9AEBB5)       ;civodul.pub
 (define %rsa-key-id      #xAE25DA2A70DEED59)      ;rsa.pub
 (define %dsa-key-id      #x587918047BE8BD2C)      ;dsa.pub
 (define %ed25519-key-id  #x771F49CBFAAE072D)      ;ed25519.pub
+(define %secp384-key-id  #x2F274631FF3E6C5B)      ;secp384.pub
+(define %secp521-key-id  #xE84B13A0B4E7AF1B)      ;secp521.pub
 
 (define %rsa-key-fingerprint
   (base16-string->bytevector
@@ -85,6 +87,12 @@ (define %dsa-key-fingerprint
 (define %ed25519-key-fingerprint
   (base16-string->bytevector
    (string-downcase "44D31E21AF7138F9B632280A771F49CBFAAE072D")))
+(define %secp384-key-fingerprint
+  (base16-string->bytevector
+   (string-downcase "CCB67D4B1F04073829F8FCF02F274631FF3E6C5B")))
+(define %secp521-key-fingerprint
+  (base16-string->bytevector
+   (string-downcase "3BAF7E984069B671F3C31169E84B13A0B4E7AF1B")))
 
 
 ;;; The following are detached signatures created commands like:
@@ -148,6 +156,28 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
 =AE4G
 -----END PGP SIGNATURE-----")
 
+(define %hello-signature/secp384/sha384           ;digest-algo: sha384
+  "\
+-----BEGIN PGP SIGNATURE-----
+
+iJUEABMJAB0WIQTMtn1LHwQHOCn4/PAvJ0Yx/z5sWwUCYxYIKAAKCRAvJ0Yx/z5s
+WxD2AX0QMeTHLJvJxRKTBP8O9kGMY9Nz0kzRBO0OJG2gYyxu9sZ+NAEQF01jAOXl
+ApL2zVkBgLUyyleJtR24LKxK73waLJb51TA29NXJJZ2fiRZ50u/lNfrFR3PYnK7/
+gvSkL3Ldzw==
+=+7h3
+-----END PGP SIGNATURE-----")
+
+(define %hello-signature/secp521/sha512
+  "\
+-----BEGIN PGP SIGNATURE-----
+
+iLcEABMKAB0WIQQ7r36YQGm2cfPDEWnoSxOgtOevGwUCYxYb+wAKCRDoSxOgtOev
+G+ByAgdwIBTnCtzo+lFuahhMMScXZZeTH055IOhTsXmptZaE3MaazTsUw3en8C9i
+EWiy/GDQKaJEZMP3dwN1+3tNTl/NUAIIiV/BFly9Ha/cYJG+p3LG24JoHVfJx04q
+LfSXejfMIvu33h8wjMA2tRQSlqdDylMWKThJgp6GH6svp+Zr4z+Smnw=
+=1zW0
+-----END PGP SIGNATURE-----")
+
 
 (test-begin "openpgp")
 
@@ -193,7 +223,9 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
         `(,%rsa-key-id ,%rsa-key-fingerprint rsa sha256)
         `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha256)
         `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha512)
-        `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha1))
+        `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha1)
+        `(,%secp384-key-id ,%secp384-key-fingerprint ecdsa sha384)
+        `(,%secp521-key-id ,%secp521-key-fingerprint ecdsa sha512))
   (map (lambda (str)
          (let ((signature (get-openpgp-detached-signature/ascii
                            (open-input-string str))))
@@ -205,7 +237,9 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
              %hello-signature/rsa
              %hello-signature/ed25519/sha256
              %hello-signature/ed25519/sha512
-             %hello-signature/ed25519/sha1)))
+             %hello-signature/ed25519/sha1
+             %hello-signature/secp384/sha384
+             %hello-signature/secp521/sha512)))
 
 (test-equal "verify-openpgp-signature, missing key"
   `(missing-key ,%rsa-key-fingerprint)
@@ -221,7 +255,9 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
     (good-signature ,%dsa-key-id)
     (good-signature ,%ed25519-key-id)
     (good-signature ,%ed25519-key-id)
-    (good-signature ,%ed25519-key-id))
+    (good-signature ,%ed25519-key-id)
+    (good-signature ,%secp384-key-id)
+    (good-signature ,%secp521-key-id))
   (map (lambda (key signature)
          (let* ((key       (search-path %load-path key))
                 (keyring   (get-openpgp-keyring
@@ -235,18 +271,24 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
        (list "tests/keys/rsa.pub" "tests/keys/dsa.pub"
              "tests/keys/ed25519.pub"
              "tests/keys/ed25519.pub"
-             "tests/keys/ed25519.pub")
+             "tests/keys/ed25519.pub"
+             "tests/keys/secp384.pub"
+             "tests/keys/secp521.pub")
        (list %hello-signature/rsa %hello-signature/dsa
              %hello-signature/ed25519/sha256
              %hello-signature/ed25519/sha512
-             %hello-signature/ed25519/sha1)))
+             %hello-signature/ed25519/sha1
+             %hello-signature/secp384/sha384
+             %hello-signature/secp521/sha512)))
 
 (test-equal "verify-openpgp-signature, bad signature"
   `((bad-signature ,%rsa-key-id)
     (bad-signature ,%dsa-key-id)
     (bad-signature ,%ed25519-key-id)
     (bad-signature ,%ed25519-key-id)
-    (bad-signature ,%ed25519-key-id))
+    (bad-signature ,%ed25519-key-id)
+    (bad-signature ,%secp384-key-id)
+    (bad-signature ,%secp521-key-id))
   (let ((keyring (fold (lambda (key keyring)
                          (let ((key (search-path %load-path key)))
                            (get-openpgp-keyring
@@ -256,7 +298,9 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
                        %empty-keyring
                        '("tests/keys/rsa.pub" "tests/keys/dsa.pub"
                          "tests/keys/ed25519.pub" "tests/keys/ed25519.pub"
-                         "tests/keys/ed25519.pub"))))
+                         "tests/keys/ed25519.pub"
+                         "tests/keys/secp384.pub"
+                         "tests/keys/secp521.pub"))))
     (map (lambda (signature)
            (let ((signature (string->openpgp-packet signature)))
              (let-values (((status key)
@@ -266,6 +310,8 @@ (define %hello-signature/ed25519/sha1             ;digest-algo: sha1
          (list %hello-signature/rsa %hello-signature/dsa
                %hello-signature/ed25519/sha256
                %hello-signature/ed25519/sha512
-               %hello-signature/ed25519/sha1))))
+               %hello-signature/ed25519/sha1
+               %hello-signature/secp384/sha384
+               %hello-signature/secp521/sha512))))
 
 (test-end "openpgp")

base-commit: aae98c297214f87eb45302863adb021078c41a6f
-- 
2.37.2





Acknowledgement sent to Ludovic Courtès <ludo@HIDDEN>:
New bug report received and forwarded. Copy sent to all_but_last@HIDDEN, 57576 <at> debbugs.gnu.org, guix-patches@HIDDEN. Full text available.
Report forwarded to all_but_last@HIDDEN, 57576 <at> debbugs.gnu.org, guix-patches@HIDDEN:
bug#57599; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Sat, 24 Sep 2022 13:15:02 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.