EEC issue when using NIST P-521

[fbboisclair]

It seem the curve P-521 is having a bug in KBPGP. I tried to generate a keypair using this curve in kbpgp and it is rejected by GPG 2.1.1 and by Keybase.io. If I Generate the key using GPG 2.1.1 with the same specification, it rejected by Keybase.io as with invalid self signature. But if it generated using P-384 in KBPGP it accepted with no problem.

There two generated key as test the Key A work but the key B don't same script used just changed the 384 for 521 for B.

Key A NIST P-384 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: Keybase OpenPGP v2.0.0 Comment: https://keybase.io/crypto

xm8EVJRytxMFK4EEACIDAwRGkujNqSBNL2FIuCAMaKbwuqgFy5Ehpwt3HyV0djDI wLQoqxop5zjd7eqr3hQSbkOdtUPh0i6iFtXGYjCJ/IMZaRlp+UHv0sHnrrmKSZ8Q v8hNvp0IqJlI6C1c2wOjX9PNF3Rlc3QgPHVzZXJAZXhhbXBsZS5jb20+wpIEExMK ABoFAlSUcrcCGy8DCwkHAxUKCAIeAQIXgAIZAQAKCRA6xQ8UVsZ6EiwCAX9tCPGK seu9fCoPMv0u214iwRqYht240WCH5uxgMIsjw7QdDKbv6gzCuuSrijsFf9kBfjgL iBZBGw2KiU130pdpyixOnNmRzUQ8JC3CeRNh8477u+T5W85Lz4cB1kHQXIGBAs5v BFSUcrcTBSuBBAAiAwMEgUa1b1bT/sKTUoEB5YifTVhrBfCziXHbGfynth2XNhnV raKE3YWzAr8WWBIlpzeXwYvvTOaN1psA1jH3vVtQjpV5sGpUaO9P244nKcLWhOkR NZ/eTlXz6aEECXnj4CFswsBHBBgTCgAPBQJUlHK3BQkPCZwAAhsuAIoJEDrFDxRW xnoSfyAEGRMKAAYFAlSUcrcACgkQ/fgEYNjTLwWKxAF/bH0R8JvzPQLCCW/QEuwY 3EBHgHSYKIFRY+Sl9ngJxGVFmoMxBK7w2RqrV/U6IhgQAX91bYu5p4JwdXo3Hc8y PVirwRTC7x2lLHS0TvqyHXWiFICVl8a8h1oDZLzkp9KFQIyKAQF/U60N3TnWQliK kTsG8KEbc6I8QACNGHust6pIYag/luGLXmlLaXFoJdfA/GITPRpNAYCII+xrIo7M AEo+TpsP5mC1UhgJzkfYmPj3h3CRVBIab48z2W5eLDVVmnWlKrnPgXnObwRUlHK3 EwUrgQQAIgMDBPw2dacV+gWNyDeXo3i5U1OB0X7+AFnQB+tPxNKRrJBd/uOodOhO OPqx1jBxUrJM6BeqBqqI6GH2usryLfgjSL32S1YlI0+F6oa4/Q4y0keNDsQka/xU au0XPptLjy7uSMLARwQYEwoADwUCVJRytwUJDwmcAAIbLgCKCRA6xQ8UVsZ6En8g BBkTCgAGBQJUlHK3AAoJEPgCslLWlNaXAFcBgOlOUhY1I+HMjDT1fx5SEpNhRbwq CZ4UYzWrPHmws71HE+zqEWNhCRYJfeypfnFCAQGAhqpVM7TJH8RpYOD/vIfQnVrW rNLnbpicDNWN9ZOotfZ1s+2Rh1BZFWwMm+uugslAyn8BgNmqhfDKhH92z2L89RcA Jx4lGD5dT1SiW2t0UwEmUuCXANfXaEE3Jn/Z9bE5/XC0bQF/bfZLQ/zGtNYRC4bc EURDVFJ/1frt6yaPkLtABBv1FhIaEV3KfMq/DEL7wxMTiUeG =7uOv -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP PRIVATE KEY BLOCK----- Version: Keybase OpenPGP v2.0.0 Comment: https://keybase.io/crypto

xcASBFSUcrcTBSuBBAAiAwMERpLozakgTS9hSLggDGim8LqoBcuRIacLdx8ldHYw yMC0KKsaKec43e3qq94UEm5DnbVD4dIuohbVxmIwifyDGWkZaflB79LB5665ikmf EL/ITb6dCKiZSOgtXNsDo1/T/gkDCCHjKYCEmc8XYMRBoWgAaV3YIV6f5YWV0FEO k2nLErIbmMONTAcr3NWfo31Pb+jX0vfzmBJosqX2MdkqJ75nJ4SVWMtqlDsrazwt u1D3PmodOLnOwLWj+3ZV7M7ONCBGzRd0ZXN0IDx1c2VyQGV4YW1wbGUuY29tPsKS BBMTCgAaBQJUlHK3AhsvAwsJBwMVCggCHgECF4ACGQEACgkQOsUPFFbGehIsAgF/ bQjxirHrvXwqDzL9LtteIsEamIbduNFgh+bsYDCLI8O0HQym7+oMwrrkq4o7BX/Z AX44C4gWQRsNiolNd9KXacosTpzZkc1EPCQtwnkTYfOO+7vk+VvOS8+HAdZB0FyB gQLHwBIEVJRytxMFK4EEACIDAwSBRrVvVtP+wpNSgQHliJ9NWGsF8LOJcdsZ/Ke2 HZc2GdWtooTdhbMCvxZYEiWnN5fBi+9M5o3WmwDWMfe9W1COlXmwalRo70/bjicp wtaE6RE1n95OVfPpoQQJeePgIWz+CQMIIziLjYHjF5tgfLUgP8JBRBgV2hLHZqJC 560FF1TmTKZHHTGxSXJ/+ZDEuii+byeMw6Nx3YNTJglBXhM4hlVWBKB6aZsZjCFp /Oy0NAagI8hEKLL/Zc+CaBQOcpuPtvXCwEcEGBMKAA8FAlSUcrcFCQ8JnAACGy4A igkQOsUPFFbGehJ/IAQZEwoABgUCVJRytwAKCRD9+ARg2NMvBYrEAX9sfRHwm/M9 AsIJb9AS7BjcQEeAdJgogVFj5KX2eAnEZUWagzEErvDZGqtX9ToiGBABf3Vti7mn gnB1ejcdzzI9WKvBFMLvHaUsdLRO+rIddaIUgJWXxryHWgNkvOSn0oVAjIoBAX9T rQ3dOdZCWIqROwbwoRtzojxAAI0Ye6y3qkhhqD+W4YteaUtpcWgl18D8YhM9Gk0B gIgj7GsijswASj5Omw/mYLVSGAnOR9iY+PeHcJFUEhpvjzPZbl4sNVWadaUquc+B ecfAEgRUlHK3EwUrgQQAIgMDBPw2dacV+gWNyDeXo3i5U1OB0X7+AFnQB+tPxNKR rJBd/uOodOhOOPqx1jBxUrJM6BeqBqqI6GH2usryLfgjSL32S1YlI0+F6oa4/Q4y 0keNDsQka/xUau0XPptLjy7uSP4JAwg+o0I5tXZ5Q2CvLTlWWjoc3HyDWa/ygUx3 AESTI8E9jEPh7CI6szTqL4HVbLdyR3gu7CK8ly1XhLbvb9bTjOhlm6xIRIhlroPf j+rsRRo6TElDMRXco7jsRv3d1JJ5LMLARwQYEwoADwUCVJRytwUJDwmcAAIbLgCK CRA6xQ8UVsZ6En8gBBkTCgAGBQJUlHK3AAoJEPgCslLWlNaXAFcBgOlOUhY1I+HM jDT1fx5SEpNhRbwqCZ4UYzWrPHmws71HE+zqEWNhCRYJfeypfnFCAQGAhqpVM7TJ H8RpYOD/vIfQnVrWrNLnbpicDNWN9ZOotfZ1s+2Rh1BZFWwMm+uugslAyn8BgNmq hfDKhH92z2L89RcAJx4lGD5dT1SiW2t0UwEmUuCXANfXaEE3Jn/Z9bE5/XC0bQF/ bfZLQ/zGtNYRC4bcEURDVFJ/1frt6yaPkLtABBv1FhIaEV3KfMq/DEL7wxMTiUeG =Qcjd -----END PGP PRIVATE KEY BLOCK-----

Key B NIST P-521 -----BEGIN PGP PUBLIC KEY BLOCK----- Version: Keybase OpenPGP v2.0.0 Comment: https://keybase.io/crypto

xpIEVJRzlxMFK4EEACMEIwTFRPXvSKekXc+cq26KGFWd7H3Ck5lofmFqglnpBMg6 SwFIjcgABPAoxqaz/o5sJdYY9c5401AoT7OGzEVug6yN6wGV7Zt27fYLF+gRfz+p GNG89SzpKPwe4Uiq+Eg4nFfJjJnDbrWr7PkxyGl3qUAiW/VD8RBGBLcDGc0wKr4z wqRvq80XdGVzdCA8dXNlckBleGFtcGxlLmNvbT7CtQQTEwoAGgUCVJRzlwIbLwML CQcDFQoIAh4BAheAAhkBAAoJEOt0hXNxKMZMI40CAQH/gumR+LivMg5w/ozB1m3T XNE5ksg5uU1SRdrRwlVRzWXdZv/nJRlhofCfWezu8Yi5On0OQtgVC4W3MVgtzOL3 AgkB5H+scX52zK5A/2BvXslO/f74AJyWZRpYBmdAMU5t4am61UfVEHGdMcmTX3GJ ZXkEcN8vX8ND8xxWhtoaQQ2c4KjOkwRUlHOXEwUrgQQAIwQjBAHDOtcRvmOA7xjA aQEYb1VFIIT+WK5znqE/+aa1G8UPhRtJ3xHHsLXzBUvq57eHdHOR6t+zjHdSSAO+ ZTuRVPSWLAG9wPzeZa9OORtenDgCsx+wuHQ9e9BHv6sbR8WRG1VUFzD/vDmzRKF3 DOZuLqQgfJ0Fpdt6AoxE+0MwEsfaTbKX+8LAjAQYEwoADwUCVJRzlwUJDwmcAAIb LgCtCRDrdIVzcSjGTKIgBBkTCgAGBQJUlHOXAAoJEIKOZVmggvPUHZICCOeZm9Dd G2a91sHg3a9PuxHkjLMHRwLlO954zcjbqIaAmRE63di0e3zhwXOFEseywjeLQOEU NhxLzuCCStNDp2cxAgkBLfY+Sn3IbfLAHQbU0bvXtmr7u9e+bf2t93v5wXkjMa81 ophKKvl2gGQKCCjEsXClKdlAI0WG8mxYa3oJosFhOsABLgIIvZobV6w3hPdyFvzh fjd5s+aMAaA3WGtZfj8an2pulw9PZZGk6h8Gzoxs51VOYEIZxMMOJ6ZRoEnNwgcF aiLzlmQCCMJS25op6UARnMr/jUrIcPeyPdHHUfku8VI82FX1BObGTRp4KRpLnd2P zKuc7b8kvVsZ32HPWBJ4I434gjeTueHDzpIEVJRzlxMFK4EEACMEIwQBlgjtePaZ WsIuUlZ1nDBG1CbRkP0pwj1bPAI/DkcjbB1rf1RvkJogzhZBTPCzevVlppsNGIqd eEScRPbHRSdvnkwVKhmFq5w0xsa2YXi/NkUqEDjeJchQbjXj/Nw3EEqFU0bKyN79 m09zpe+7YXozAvbwGywuhH7twFzsPf6THKBhRcLAjQQYEwoADwUCVJRzlwUJDwmc AAIbLgCtCRDrdIVzcSjGTKIgBBkTCgAGBQJUlHOXAAoJEN19R4bIQoPZgaoCCN97 rYAhlcPagwwb1iZE0pcdTvamLn8eJ8eqBFv1KsfwXpryY9vwD4Zo8qMM3lJyz3aF 9r0FUwU5HG3Zcg97DGt8AgkBiSlOyPWjIHmZdA8hb9HoQq/A/6824jsd2Th89a57 SNimmqAhcSNrbqlvT/jW+6QwVnAnOl6rd5zFUw6gaJ2PkTkRZAIIiNjRGOfKmz5j C2NZa2LuyPiARy70AgfdvlxyWkiz6kpWtzf9jNaOwmONfiff3mFZbjM1Edchr035 ZhykZXyGU2MCCQEXSetqCzuhYkNDc+j14M3LlY3vL8Y+3n5T+9K4QZZZi4zSXa7Q uRIMfcW4EPfO5PBAOIrh9o/X/LFLVRXgaMCyDQ== =0Vu6 -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP PRIVATE KEY BLOCK----- Version: Keybase OpenPGP v2.0.0 Comment: https://keybase.io/crypto

xcBGBFSUc5cTBSuBBAAjBCMExUT170inpF3PnKtuihhVnex9wpOZaH5haoJZ6QTI OksBSI3IAATwKMams/6ObCXWGPXOeNNQKE+zhsxFboOsjesBle2bdu32CxfoEX8/ qRjRvPUs6Sj8HuFIqvhIOJxXyYyZw261q+z5Mchpd6lAIlv1Q/EQRgS3AxnNMCq+ M8Kkb6v+CQMIjVABG7Zx575g1V+psG15Lrsl05rW6LU8OtUq/BFWZDtAFYRKc+h+ fx2VdTrun4/EB8xZzFXy3j+md8UUTKEx/m3cPjvtKdhvWyec2MjkKRpwMIdU7QFl /vgpPzJnbOmerBdig1GZTpUS4dQSdEbO3s0XdGVzdCA8dXNlckBleGFtcGxlLmNv bT7CtQQTEwoAGgUCVJRzlwIbLwMLCQcDFQoIAh4BAheAAhkBAAoJEOt0hXNxKMZM I40CAQH/gumR+LivMg5w/ozB1m3TXNE5ksg5uU1SRdrRwlVRzWXdZv/nJRlhofCf Wezu8Yi5On0OQtgVC4W3MVgtzOL3AgkB5H+scX52zK5A/2BvXslO/f74AJyWZRpY BmdAMU5t4am61UfVEHGdMcmTX3GJZXkEcN8vX8ND8xxWhtoaQQ2c4KjHwEcEVJRz lxMFK4EEACMEIwQBwzrXEb5jgO8YwGkBGG9VRSCE/liuc56hP/mmtRvFD4UbSd8R x7C18wVL6ue3h3Rzkerfs4x3UkgDvmU7kVT0liwBvcD83mWvTjkbXpw4ArMfsLh0 PXvQR7+rG0fFkRtVVBcw/7w5s0Shdwzmbi6kIHydBaXbegKMRPtDMBLH2k2yl/v+ CQMI8k8rmbhHRoZgWVAKyZNbVPWp0YJ7AdSOy8QJqykfNLGFfvyNxn/wfV35kCeN gE+N5n6bA8vJ9DeisS1EMA6eOecJ6aEpGoFMgYUpw0q6VvjZaa+jvSBbuE0Ojsqs T6h+BmZwhbefhSfHaS7T2rrnJMLAjAQYEwoADwUCVJRzlwUJDwmcAAIbLgCtCRDr dIVzcSjGTKIgBBkTCgAGBQJUlHOXAAoJEIKOZVmggvPUHZICCOeZm9DdG2a91sHg 3a9PuxHkjLMHRwLlO954zcjbqIaAmRE63di0e3zhwXOFEseywjeLQOEUNhxLzuCC StNDp2cxAgkBLfY+Sn3IbfLAHQbU0bvXtmr7u9e+bf2t93v5wXkjMa81ophKKvl2 gGQKCCjEsXClKdlAI0WG8mxYa3oJosFhOsABLgIIvZobV6w3hPdyFvzhfjd5s+aM AaA3WGtZfj8an2pulw9PZZGk6h8Gzoxs51VOYEIZxMMOJ6ZRoEnNwgcFaiLzlmQC CMJS25op6UARnMr/jUrIcPeyPdHHUfku8VI82FX1BObGTRp4KRpLnd2PzKuc7b8k vVsZ32HPWBJ4I434gjeTueHDx8BHBFSUc5cTBSuBBAAjBCMEAZYI7Xj2mVrCLlJW dZwwRtQm0ZD9KcI9WzwCPw5HI2wda39Ub5CaIM4WQUzws3r1ZaabDRiKnXhEnET2 x0Unb55MFSoZhaucNMbGtmF4vzZFKhA43iXIUG414/zcNxBKhVNGysje/ZtPc6Xv u2F6MwL28BssLoR+7cBc7D3+kxygYUX+CQMIU7yH78fkjV9gg7o4Hc0IHNVanQYT aLilppxOAS1mIqGyr8XJ0X+W7TrinYbAPfnX/Ue8h+NZDm49emDe9a6sE57G8CvT Wbk95ccLKtj38OcmlqwYEGhAUaG8TCNXVwNqGZ/XpsD21qdphkTcbUm0KqXCwI0E GBMKAA8FAlSUc5cFCQ8JnAACGy4ArQkQ63SFc3EoxkyiIAQZEwoABgUCVJRzlwAK CRDdfUeGyEKD2YGqAgjfe62AIZXD2oMMG9YmRNKXHU72pi5/HifHqgRb9SrH8F6a 8mPb8A+GaPKjDN5Scs92hfa9BVMFORxt2XIPewxrfAIJAYkpTsj1oyB5mXQPIW/R 6EKvwP+vNuI7Hdk4fPWue0jYppqgIXEja26pb0/41vukMFZwJzpeq3ecxVMOoGid j5E5EWQCCIjY0Rjnyps+YwtjWWti7sj4gEcu9AIH3b5cclpIs+pKVrc3/YzWjsJj jX4n395hWW4zNRHXIa9N+WYcpGV8hlNjAgkBF0nrags7oWJDQ3Po9eDNy5WN7y/G Pt5+U/vSuEGWWYuM0l2u0LkSDH3FuBD3zuTwQDiK4faP1/yxS1UV4GjAsg0= =LzZb -----END PGP PRIVATE KEY BLOCK-----

[maxtaco]

Thanks for the bug report, I'll take a look.

[maxtaco]

Can you post the public key that you generated with GPG 2.1.1 that kbpgp can't import? Thanks.

[fbboisclair]

Was for a test account I did for playing with curve.

[maxtaco]

There seems to be a disagreement between KBPGP and GnuPG 2.1.1 as to what the fingerprint of the primary key is. It's thinking fbfff56589233b17, but we're computing fb953dca4fada9f3. It's weird this would work for p384 but not for p521.

[fbboisclair]

I just generated a key using kbpgp for cruello using p521 and tried to import it. I got the error message from keybase.io "Whoa: Error: read off the end of the packet @141/140/null"

[maxtaco]

Thanks for the bug. That problem has been fixed, it was a case of improper padding in our export() function (no leading 00 byte for short coordinates). The other problem remains however (see keybase/kbpgp#62)