TransWikia.com

Computing PGP ed25519 and curve25519 keygrips?

Cryptography Asked by skaht on December 21, 2021

There are public key algorithmic differences for how PGP computes fingerprints and keygrips. For the v4 protocol, fingerprints are not exclusively computed from public keys while keygrips are. RFC 4880 makes no mention about keygrips.

After digging into code at 10 different places in the the libgcrypt from https://github.com/gpg/libgcrypt/blob/master/tests/keygrip.c, it is still a mystery as to how PGP keygrips are computed for ed25519 and curve25519.

Fortunately, the keygrip.c provides the two normative example test vectors:

 1. ed25519: 
    publicKey = 773E72848C1FD5F9652B29E2E7AF79571A04990E96F2016BF4E0EC1890C2B7DB,
    keygrip   = 9DB6C64A38830F4960701789475520BE8C821F47

 2. cv25519: 
    publicKey = 918C1733127F6BF2646FAE3D081A18AE77111C903B906310B077505EFFF12740,
    keygrip   = 0F89A565D3EA187CEA39332398F5D480677DF49C

Can someone provide the operations on the public keys prior to the sha1 hash that creates that creates the keygrip output? (Thanks in advance.)

keyspgppublic key

2 Answers

Needed to stay out of libgcrypt repository and instead remain focused within the higher level gnupg repository, specifically gnupg/g10/keyid.c. The keygrip_from_pk() function is what makes the public key algo specific calls to build the S expressions that feeds the lower level gcry_pk_get_keygrip() function used to calculate the binary keygrip array that is turned into a hex keygrip by the calling function hexkeygrip_from_pk().

An analysis of the code just described above plus code at keygrip_ed25519(vk) and keygrip_curve25519(vk) should facilitate a programming language means for constructing ed25519 and cv25519 keygrips.

Answered by skaht on December 21, 2021

Keygrips are not part of PGP at all, they're just an implementation detail of GnuPG's key storage architecture specifically (which uses a common key store for PGP, S/MIME, and SSH).

As you saw, GnuPG uses libgcrypt for cryptographic operations, and the keygrip calculation can be found in cipher/pubkey.c where it's just a SHA-1 hash of the public key's parameters.

Answered by user1686 on December 21, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Answers

Recent Questions

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP