ED25519 GPG Keys - Githubissues

keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron

BSD 3-Clause "New" or "Revised" License

8.89k stars 1.23k forks source link

ED25519 GPG Keys #24989

Open damienbutt opened 2 years ago

damienbutt commented 2 years ago

Are these keys not supported by Keybase?

I only use ED25519 keys and have just started using Keybase. It throws an error when I try to import my keys.

▶ ERROR key generation error: Unknown signature subpacket: 34 (error 905)

I have tried from two different machines.

Keys were created with GnuPG on macOS.

Thanks, D

handsomexdd1024 commented 8 months ago

It seems that this issue is relevant with GnuPG version you use. Here's my test result importing keys generated with gpg v2.4.3 (on Arch Linux) and v2.2.40 (on Debian Sid) to Keybase:	Results	v2.4.3	v2.2.40
RSA	Error	Success
Ed25519	Error	Success

I guess GnuPG updates broke compatibility with OpenPGP libraries used by Keybase.

sgloutnikov commented 6 months ago

I'm a minor version ahead on MacOS and unfortunately getting the same error as OP: ▶ ERROR key generation error: Unknown signature subpacket: 34 (error 905)

gpg --version
gpg (GnuPG/MacGPG2) 2.2.41
libgcrypt 1.8.10

Also noticed when running keybase pgp select the Algo column displays 256? for the ed25519 key.

Possible solution in https://github.com/keybase/keybase-issues/issues/4025. Will try later.

handsomexdd1024 commented 3 months ago

The main cause seems to be not ED25519, but a new AEAD preference added on gnupg 2.4:

With gnupg 2.4, gpg generates keys, which advertise support for a GnuPG specific AEAD encryption mechanism (based on OCB). However, this flavor of AEAD is not supported by other OpenPGP implementations!

I tried solutions from archwiki and it works perfectly for me.