Last active 4 months ago


Last active 1 year, 10 months ago

#106 Evaluate switch from pgpy to pygpgme 2 years ago

Comment by ~kiba on ~sircmpwn/sr.ht

I ran into meta.sr.ht not accepting my PGP key, which uses ECC (ed25519 + cv25519). The interface will simply say:

This is not a valid PGP key

I wanted to suggest potentially using Go, which has pretty solid crypto libraries in the standard library, if you ever plan to rewrite meta.srt.ht. However, after doing a bit of digging it looks like ed25519 is not supported when I look at the PublicKeyAlgorithm type. Other ECC keys are supported though.

It looks like gpg is using algo 22 for ed25519 (I see this by running gpg --list-packets mypubkey.asc), which isn't listed in iana here: https://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12

I didn't quite realize I may be out of luck as far as support when I created my key... The idea of running gpg as a separate process for this piece seems really clunky though. I wonder what the effort would be to update the Python and/or Go library with support for ECC + ed25519 keys.