Question on Kyber Encryption (Key Gen)

Vincent Cozzo cozzovj at gmail.com
Wed Oct 23 17:07:18 CEST 2024 

Hi Werner,

If it helps at all, here is the stacktrace when I run my executable through GDB:
```
#0  common_gen (keyparms=keyparms at entry=0x55555569c920
"(genkey(ecc(curve 15:brainpoolP256r1)(flags nocomp)))",
    keyparms2=keyparms2 at entry=0x5555556471d7 "(genkey(kyber768))",
algo=algo at entry=8, algoelem=algoelem at entry=0x55555564fa38 "",
pub_root=pub_root at entry=0x55555568aa50,
    timestamp=timestamp at entry=1729663031, expireval=39312000,
is_subkey=1, keygen_flags=4, passphrase=0x0,
cache_nonce_addr=0x7fffffffe130,
    passwd_nonce_addr=0x7fffffffe138, common_gen_cb_parm=0x0,
common_gen_cb=0x0) at ../../g10/keygen.c:1837
#1  0x00005555555dcf77 in gen_kyber (algo=8, common_gen_cb=0x0,
common_gen_cb_parm=0x0, passwd_nonce_addr=0x7fffffffe138,
cache_nonce_addr=0x7fffffffe130, passphrase=0x0,
    keygen_flags=0x7fffffffe108, is_subkey=1, expireval=39312000,
timestamp=1729663031, pub_root=0x55555568aa50, curve=0x555555646e4d
"brainpoolP256r1",
    nbits=<optimized out>) at ../../g10/keygen.c:2219
#2  do_create (algo=<optimized out>, nbits=<optimized out>,
curve=<optimized out>, pub_root=pub_root at entry=0x55555568aa50,
timestamp=timestamp at entry=1729663031,
    expiredate=39312000, is_subkey=1, keygen_flags=0x7fffffffe108,
passphrase=0x0, cache_nonce_addr=0x7fffffffe130,
passwd_nonce_addr=0x7fffffffe138,
    common_gen_cb_parm=0x0, common_gen_cb=0x0) at ../../g10/keygen.c:3731
#3  0x00005555555e5802 in generate_subkeypair
(ctrl=ctrl at entry=0x55555568a9a0, keyblock=0x55555568aa50,
algostr=algostr at entry=0x0, usagestr=usagestr at entry=0x0,
    expirestr=expirestr at entry=0x0) at ../../g10/keygen.c:6789
#4  0x0000555555579660 in keyedit_menu
(ctrl=ctrl at entry=0x55555568a9a0,
username=username at entry=0x55555567e990
"E32483030E004974DF9ABB322D2CB79326383D77", locusr=0x0,
    commands=<optimized out>, commands at entry=0x0, quiet=quiet at entry=0,
seckey_check=seckey_check at entry=1) at ../../g10/keyedit.c:1801
#5  0x000055555556d543 in main (argc=<optimized out>, argv=<optimized
out>) at ../../g10/gpg.c:4764
```

So, the first `agent_genkey` call works just fine (`err` code is
zero), but the subsequent agent_genkey returns `16777220`...

Anyway, to answer your question: the result of gpgconf is:
```
gpgconf: running /usr/local/bin/dirmngr failed (exitcode=127): Success
* GnuPG 2.5.1 (72ef316aab22cf9ec22c432747564cba7120ac86)
GNU/Linux

* Libgcrypt 1.11.0 (9d94d784)
version:1.11.0:10b00:1.50:13200:
cc:100201:gcc:10.2.1 20210110:
ciphers:arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:idea:salsa20:gost28147:chacha20:sm4:aria:
pubkeys:dsa:elgamal:rsa:ecc:
digests:crc:gostr3411-94::md4:md5:rmd160:sha1:sha256:sha512:sha3:tiger:whirlpool:stribog:blake2:sm3:
rnd-mod:getentropy:
cpu-arch:x86:amd64:
mpi-asm:amd64/mpih-add1.S:amd64/mpih-sub1.S:amd64/mpih-mul1.S:amd64/mpih-mul2.S:amd64/mpih-mul3.S:amd64/mpih-lshift.S:amd64/mpih-rshift.S:
hwflist:intel-cpu:intel-fast-shld:intel-bmi2:intel-ssse3:intel-sse4.1:intel-pclmul:intel-aesni:intel-rdrand:intel-avx:intel-avx2:intel-rdtsc:
fips-mode:n:::
rng-type:standard:1:3030000:1:
compliance:::

* GpgRT 1.50 (bb73261)

[error: can't get further info]
```
So there is very possibly a problem with how I installed the new
binary. In full disclosure, I tried to "compile" the GnuPG binaries
without "installing" them, which might be the root cause of my errors.
But I really don't understand how... I am setting the LD_LIBRARY_PATH
so that the binaries should be using the new Libgcrypt 1.11.0 (and it
is!).

I'll keep testing and let you know if I solve it.

Thanks,
-Vince


On Tue, Oct 22, 2024 at 10:34 AM Werner Koch <wk at gnupg.org> wrote:
>
> Hi!
>
> On Mon, 21 Oct 2024 21:50, Vincent Cozzo said:
>
> > way to generate a Kyber public key is to add a _subkey_ to an existing
> > ECC key (right?).
>
> You can also do:
>
>   gpg -v --quick-gen-key --batch \
>        --passphrase='' pqc-test-20241022 at example.org  pqc
>
> Which generates such a key:
>
> sec   brainpoolP384r1 2024-10-22 [SC] [expires: 2027-10-22]
>       D9F7435AF96EF89EF5D4BD9E57396E9C2CA268E8
> uid           [ultimate] pqc-test-20241022 at example.org
> ssb   ky768_bp256 2024-10-22 [E]
>       57A0441BF54B3149A52EBA962CACF19BFFA3555B60084B146D012D16E5BD2154
>
>
> > But whenever I try to test this out (by creating a new ECC Key Pair
> > and then edit it by adding a subkey with the numerical code 16), I
> > keep getting the error:
> > ```
> > gpg: agent_genkey failed for second algo: Invalid public key algorithm
>
> Let's try using my current developemnt tree but there have been no
> relevant changes since 2.5.1:
>
>   $ gpg --edit-key D9F7435AF96EF89EF5D4BD9E57396E9C2CA268E8
>   gpg: WARNING: unsafe permissions on homedir '/home/wk/b/gnupg/test-pqc'
>   gpg (GnuPG) 2.5.2-beta36; Copyright (C) 2024 g10 Code GmbH
>   This is free software: you are free to change and redistribute it.
>   There is NO WARRANTY, to the extent permitted by law.
>
>   gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
>   gpg: It is only intended for test purposes and should NOT be
>   gpg: used in a production environment or with production keys!
>   Secret key is available.
>
>   sec  brainpoolP384r1/57396E9C2CA268E8
>        created: 2024-10-22  expires: 2027-10-22  usage: SC
>        trust: ultimate      validity: ultimate
>   ssb  ky768_bp256/57A0441BF54B3149
>        created: 2024-10-22  expires: never       usage: E
>   [ultimate] (1). pqc-test-20241022 at example.org
>
>   gpg> addkey
>   Please select what kind of key you want:
>      (3) DSA (sign only)
>      (4) RSA (sign only)
>      (5) Elgamal (encrypt only)
>      (6) RSA (encrypt only)
>     (10) ECC (sign only)
>     (12) ECC (encrypt only)
>     (14) Existing key from card
>     (16) Kyber (encrypt only)
>   Your selection? 16
>   Please specify how long the key should be valid.
>            0 = key does not expire
>         <n>  = key expires in n days
>         <n>w = key expires in n weeks
>         <n>m = key expires in n months
>         <n>y = key expires in n years
>   Key is valid for? (0)
>   Key does not expire at all
>   Is this correct? (y/N) y
>   Really create? (y/N) y
>   We need to generate a lot of random bytes. It is a good idea to perform
>   some other action (type on the keyboard, move the mouse, utilize the
>   disks) during the prime generation; this gives the random number
>   generator a better chance to gain enough entropy.
>
>   sec  brainpoolP384r1/57396E9C2CA268E8
>        created: 2024-10-22  expires: 2027-10-22  usage: SC
>        trust: ultimate      validity: ultimate
>   ssb  ky768_bp256/57A0441BF54B3149
>        created: 2024-10-22  expires: never       usage: E
>   ssb  ky768_bp256/F6BD9A2253968078
>        created: 2024-10-22  expires: never       usage: E
>   [ultimate] (1). pqc-test-20241022 at example.org
>
> > gpg: Key generation failed: Invalid public key algorithm
>
> Did you build with a proper Libgcrypt version?  What is the output of
>
>  gpgconf -V
>
>
> > I see that `generate_subkeypair` calls ask_algo, which sets the algo
> > parameter equal to PUKEY_ALGO_KYBER, and then delegates to `do_create`
> > which calls `gen_kyber`... but I am having trouble finding where this
> > particular error message is output. Could anyone help shed light on
>
> The above error messages is prinbted at several palces - thus it depends
> on the exact context of what you did.
>
> > where this is failing? What "base Key" do I need to make in order to
> > satisfy the "public key algorithm" requirement?
>
> You may use any primary key.  Sometimes the option --expert is needed
> but not in this case.  My gpg.conf only has a
>   with-subkey-fingerprint
> line.
>
>
> Shalom-Salam,
>
>    Werner
>
> --
> The pioneers of a warless world are the youth that
> refuse military service.             - A. Einstein

More information about the Gnupg-users mailing list