search

keybase / keybase-issues

A single repo for managing publicly recognized issues with the keybase client, installer, and website.
902 stars 37 forks source link

Unsupported Feature #2506

Open client4 opened 7 years ago

client4 commented 7 years ago

It appears my PGP key doesn't work....

$ keybase pgp select
#    Algo   Key Id             Created   UserId
=    ====   ======             =======   ======
1    256?   33F2A42ED0EA52FB             Client4 <eric@tsi.io>
Choose a key:  1
▶ ERROR ImportKey error: openpgp: unsupported feature: unsupported oid: 2b060104019755010501

$ gpg2 --list-public-keys
./gnupg/pubring.kbx
--------------------------------
pub   ed25519 2016-07-30 [SC] [expires: 2019-07-30]
      C8B78D3FD199164A2E7543E333F2A42ED0EA52FB
uid           [ultimate] Client4 <eric@tsi.io>
sub   cv25519 2016-07-30 [E] [expires: 2019-07-30]

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mDMEV50jrxYJKwYBBAHaRw8BAQdAq3AI4eJYCl9qx49n1wAD5Xy8X6PaOgq3ZePv
V2UTP/i0FUNsaWVudDQgPGVyaWNAdHNpLmlvPoh2BBMWCAAeAhsDBQkFo5qAAh4B
AheABQJXnTDZBAsNCQoDFQoJAAoJEDPypC7Q6lL7B3QA/1K1x8f6gU3lWxyap3dd
unDzgwvFoOinI26RQmrmRejQAP46U5CgtpBzK2H5TR15po5Mcw5NeUS+lsxJIwnK
odeyDLg4BFedI68SCisGAQQBl1UBBQEBB0DUTfDWX4DZep9tjXAJE2nca6fOhHDZ
FAyhtmGuvBcfJQMBCAeIZwQYFggADwUCV50jrwIbDAUJBaOagAAKCRAz8qQu0OpS
+13bAPsFxLGM6RLo8KSspTsi8UlTlzLeDV9XhHviV46euhY/+gD/bLpH6bYEYszQ
YkMZFuCuIAF8zd1hpSsuIM2bjelacAs=
=9bbP
-----END PGP PUBLIC KEY BLOCK-----
oconnor663 commented 7 years ago

You're right! I don't think we support cv25519 encryption keys.

client4 commented 7 years ago

Whomp whomp. Thanks for letting me know!

jbenet commented 7 years ago

Ack! I just rerolled my key to use ECC and then ran into this :( -- please support cv25519

maxtaco commented 7 years ago

It is in progress.

On Fri, Dec 16, 2016 at 8:11 AM Juan Benet notifications@github.com wrote:

Ack! I just rerolled my key to use ECC and then ran into this :( -- please support cv25519

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/keybase/keybase-issues/issues/2506#issuecomment-267591114, or mute the thread https://github.com/notifications/unsubscribe-auth/AA05_3SvBq4434ta-6QjhffN5HZLngl0ks5rIo4WgaJpZM4Jm-gr .

ghost commented 7 years ago

Are there any news about this issue? When do you plan to support cv25519?

maxtaco commented 7 years ago

We're close. We have code in that have to vendor and release. We've just been insanely busy working on features that are more popular, so it's a balancing act as you can imagine.

dmp1ce commented 6 years ago

I would also like to see this feature. Although I picked secp256k1 as my algorithm.

steinybot commented 4 years ago

@maxtaco Is this still close to being implemented?

plttn commented 4 years ago

@maxtaco Is this still close to being implemented?

I was able to add a ed25519 key as of relatively recently (October I believe). I don't think the client handles it properly (algo shows as that 256?), but it does get pushed to Keybase.

image

image

steinybot commented 4 years ago

I have also been able to import my key without any errors.

The situation I am running into is trying to use keybase to encrypt an AWS IAM Access Key Secret via terraform (https://www.terraform.io/docs/providers/aws/r/iam_access_key.html). It fails with:

Error: Error encrypting IAM Access Key Secret: error parsing given PGP key: openpgp: unsupported feature: unsupported oid: 2b060104019755010501

Hopefully this is just an issue with Terraform using an old client then that is cool but I was guessing that was not the case as this issue is still open. If this is indeed fixed I'd like to know in what version it was fixed so that I can add that information to any issue that I raise in the Terraform project.

plttn commented 4 years ago

To clarify, are you getting the key from Keybase into Terraform? It's very possible the version of GnuPG running may not support ECC keys.

steinybot commented 3 years ago

Woops just came back to this and realised I never answered the question.

@plttn Not sure I fully understand your question. I don't know how Terraform is doing it, I assume it is using the keybase client library.

This looks relevant for me at least https://github.com/hashicorp/terraform-provider-aws/issues/9769

steinybot commented 3 years ago

I'm assuming that ed25519 is supported in keybase now.

❯ keybase pgp encrypt -m "Hello"
-----BEGIN PGP MESSAGE-----
Comment: https://keybase.io/download
Version: Keybase Go 5.5.0 (darwin)

wU4DPRx9XI4v+K4SAQdAOh8oLdvUGeLCj06wPgNsmjvUV7hDRzom+9PB7yi/0ygg
lHs7Cup1aZZtm5saAsvjkiI5el6bTgz4A+oD0KDIJ2vS4AHkEj7R8jDf59K0ZuUB
dSeoHeGZSeDo4MDhmbLgyeJHL0KM4GHi8LtvKeDc4HzgM+QVFGfOHoVWAHz8WtyW
9MeV4oJkm9DhZiIA
=M35B
-----END PGP MESSAGE-----
steinybot commented 3 years ago

Any idea what version this was added in?

Lucent commented 2 months ago 
$ keybase pgp select
You are selecting a PGP key from your local GnuPG keychain, and
will publish a statement signed with this key to make it part of
your Keybase.io identity.

Note that GnuPG will prompt you to perform this signature.

You can also import the secret key to *local*, *encrypted* Keybase
keyring, enabling decryption and signing with the Keybase client.
To do that, use "--import" flag.

Learn more: keybase pgp help select

#    Algo    Key Id             Created   UserId
=    ====    ======             =======   ======
1    255?    ADFE984091983F93             name <email>
Choose a key: 1
▶ ERROR ImportKey (secret: false) error: openpgp: unsupported feature: unsupported oid: 2b06010401da470f01