solokeys / openpgp

OpenPGP functionality for Solo
107 stars 10 forks source link

Ed25519 Support? #3

Closed SolomonSklash closed 3 years ago

SolomonSklash commented 5 years ago

I am curious if the Solo OpenPGP firmware will support Ed25519 curves? This is my biggest issue with Yubikeys, I've contacted them and they do not have a roadmap for adding it.

I'd much prefer to use my Solo full time, and once it has GPG support I will be able to, and ideally it would support Ed25519.

nickray commented 5 years ago

We intend to support Ed25519. Issue is that OpenPGP Card (the "smartcard" app) does not specify it, similar to how SSH does support 25519 keys but not its PKCS#11 interface. Worst case it will be a vendor extension. Some inofficial work on the crypto implementation has started in https://github.com/nickray/salty.

See also "stretch goals" in https://www.crowdsupply.com/solokeys/somu#details-top (our resources are limited unfortunately).

0x0ece commented 5 years ago

@SolomonSklash what's your use case, just gpg or ssh as well? Can you explain us what other tools you may be looking at?

If you check out, in our campaign we tried to explain the current issues we know of with Ed25519: https://www.crowdsupply.com/solokeys/somu (at the end, section "How Can I Be More Involved?")

Knowing what people want/need may help us prioritize.

SolomonSklash commented 5 years ago

@0x0ece I use my Yubikey for U2F, HMAC challenge-response, normal GPG usage, as well as SSH via gpg-agent. I used it for SSH via PIV/smartcard feature in the past as well, before I switched to GPG subkeys for SSH.

I somehow missed the stretch goals on the Somu adding Ed25519 and SSH. I've backed it and hope those goals are met.

nickray commented 5 years ago

@SolomonSklash off-topic, but curious as to why you switched from PIV to GPG keys?

SolomonSklash commented 5 years ago

@nickray I switched because I wanted to setup GPG anyway. I still keep PIV as a backup just in case, but having everything tied to GPG makes things simpler.

nickray commented 5 years ago

@SolomonSklash you may be the right person to give our "HMAC-SHA-256" challenge-response a spin: https://github.com/solokeys/solo-python/#challenge-response; if you don't mind my asking, what are your use cases for the Yubico HMAC-SHA1 version? Advantage of using WebAuthn's hmac-secret would be that it's not proprietary (most keys will support hmac-secret due to Microsoft requiring it), so I'm pondering useful integrations.

nickray commented 4 years ago

https://github.com/nickray/salty/blob/main/c-api/salty.h is ready for testing. Only Ed25519 signatures so far.

mightybyte commented 4 years ago

I would also love to see ED25519 support on a SoloKey. In particular, my use case needs the ability to generate raw ED25519 signatures. I'm not sure whether OpenPGP is sufficient because from what I've seen it looks like it handles the hashing automatically . For my application I would like to have the ability to calculate raw signatures with no hashing step.

lf94 commented 4 years ago

@nickray when you mean "ready for testing", is this a signal to someone or anyone to integrate it into the solo project?

nickray commented 4 years ago

Yes :) The tricky part (I think) would be to extend the RK storage which assumes just one curve.

lf94 commented 4 years ago

RK? R.... Key....

michaelblyons commented 4 years ago

RK? R.... Key....

@lf94 I'm not 100% sure, but I believe that means resident key.

merlokk commented 4 years ago

Curve25519 works. d623e5d8fe63379160ae3ee40928425982a7bf89

RA80533 commented 3 years ago

@merlokk This can be closed since it was implemented in e0f8bfa.