ECC code now in GnuPG master

Werner Koch wk at gnupg.org
Thu Feb 3 17:54:41 CET 2011


Hi,

after some cleanup Andrey's ECC code has been merged into GnuPG master
(aka 2.1).  The latest commit also adds an extended algorithm selection
menu, which shows up like this:

  $ ~/b/gnupg/g10/gpg2 --expert --gen-key
  Please select what kind of key you want:
     (1) RSA and RSA (default)
     (2) DSA and Elgamal
     (3) DSA (sign only)
     (4) RSA (sign only)
     (7) DSA (set your own capabilities)
     (8) RSA (set your own capabilities)
     (9) ECDSA and ECDH
    (10) ECDSA (sign only)
    (11) ECDSA (set your own capabilities)
  
Note that the --expert option is required to allow the generation of ECC
keys.  When using the addkey sub-command of --edit-key, the list shows
up like this:

  gpg> addkey
  Please select what kind of key you want:
     (3) DSA (sign only)
     (4) RSA (sign only)
     (5) Elgamal (encrypt only)
     (6) RSA (encrypt only)
     (7) DSA (set your own capabilities)
     (8) RSA (set your own capabilities)
    (10) ECDSA (sign only)
    (11) ECDSA (set your own capabilities)
    (12) ECDH (encrypt only)

Not ethat there are likely a couple of bugs left.  A quick test shows
that 521 bit encryption keys can't be generated.

Please note that this ECC support is really new and shall not be used to
create production quality keys.  A code audit is required and we also
need to do compliance testing with other implementations.

Remember to build and install the latest Libgcrypt master before
configuring GnuPG.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list