search

Nitrokey / opcard-rs

OpenPGP card implementation
50 stars 1 forks source link

cv25519 encryption key doesn't show as moved to card #84

Closed runcom closed 1 year ago

runcom commented 2 years ago

Sent all subkeys to the card with keytocard but gpg --card-status gives me this:

sub  ed25519/4581665975B9EFDC 2022-09-29 Antonio Murdaca <antoniomurdaca@gmail.com>
sec#  ed25519/4A51A50353E8131B  created: 2022-09-29  expires: 2024-09-28
ssb>  ed25519/4581665975B9EFDC  created: 2022-09-29  expires: 2023-09-29
                                card-no: 0000 A0103125
ssb   cv25519/2213607CC8C5F771  created: 2022-09-29  expires: 2023-09-29
ssb>  ed25519/4C25A83CB3E806C1  created: 2022-09-29  expires: 2023-09-29
                                card-no: 0000 A0103125

basically the encryption key seems to be still on the system (verified with gpg -K too) but if I try to resend the enc key to the card gpg tells me it's alrady there

sosthene-nitrokey commented 2 years ago

Thanks for the report!

It seems indeed that GnuPGP's format for X25519 does not exactly follow X25519 as specified by RFC 7748 and uses another endianness. This breaks key import.

This will be fixed in the next release.