Hi Yutaka, On 2021/09/17 03:30 PM, NIIBE Yutaka wrote: > Baptiste Beauplat wrote: > > I noticed that the key size reported by gpg --with-colons for ECC keys > > (ed25519) have changed from 256 to 255. > > Thank you for sharing. I didn't know that it is exposed to users. > (I considered it were (only) internal thing in libgcrypt.) > > > I was wondering if that's a bug, since from what I understand (certainly > > way to little) the public key size of ed25519 is fixed at 256 and the > > value 255 is only used in the prime number calculation (2^255 - 19). > > > > Note: The changed comes from the following commit in libgcrypt: > > > > https://dev.gnupg.org/rCdb7b2c591004868abedbc2c19d3bb2efebf8529d > > Yes, I did it. > > Let me explain the reason why I did. > > It is certainly a "fix", from the viewpoint of the library. > > The field is NBITS, number of bits (of the curve). This information > (exact number of bits, instead of rounded one to 2^n) is needed. For > example, in the computation of X25519, it needs to check if there are > more bit(s) in octet. Besides, for other curves, this field is used in > this semantics (See NIST P-521).
Thank you for clarifying this. If I understood correctly, my problem comes from the fact that the size of the public key isn't strictly equal to NBITS however that's the value used in the frontend part. In that case, I'll open a bug against gnupg itself. -- Baptiste Beauplat - lyknode
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
