On Fri, 2020-07-10 at 17:41 +0200, Jorge Gonzalez via Users wrote: > Good morning, > I'm having some trouble when importing public PGP keys in Ciphermail > (Ubuntu 16) which have been created with EC private keys. These keys > have started to be created by default by Enigmail (PGP extension for > Thunderbird) since some time ago, and for the moment we are > instructing our partners to make sure they select RSA type keys > instead of the default EC when creating their keys. > The error log found in the djigzo log is as follows: > 10 Jul 2020 11:24:54 | WARN Error downloading key with key ID > 2E78B913BC3C849635F38F357CACB7AA3BEC5AF2. Error message : > IOException: unknown PGP public key algorithm encountered, Class: > class java.io.IOException > (mitm.application.djigzo.ws.impl.KeyServerClientWSImpl) > [defaultEventExecutorGroup-4-6] > By downloading Ciphermail source and tracing a bit, it seems that > Bouncy Castle libraries are used to manage PGP keys, and it also > seems that EC PGP keys are not supported until version 1.60 > (Ciphermail ships with BC 1.58). > I have manually substituted the JARs for Bouncy Castle in > /usr/share/djigzo/lib and then restarted the service. Importing EC > PGP keys then worked flawlessly, no errors in log and I could see > them on the web management app. > But then I tried to send a test email to one of the addresses for > which only EC keys existed in Ciphermail, and it did NOT work, so I > put bak the original vesions of the BC libraries, and everything went > back to normal. I had to delete the EC keys from Ciphermail, since > they were now marked as invalid. > My question to Ciphermail developers: are there any plans in the > roadmap to update the Bouncy Castle libraries so that EC PGP keys are > supported?
Hi Jorge, You are right that EC support is long overdue :( The main reason is that Bouncycastle did not have support for EC keys. The last time I checked it could import EC keys but they could not be used with PGP because of some missing functionality. I will look at this again to see whether we can support it. Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF Messenger and Webmail Messenger > -- > Jorge Gonzalez Villalonga > Systems Engineer > The International Consortium of Investigative Journalists > 1710 Rhode Island Ave NW, 11th floor | Washington DC 20036 | United > States > Phone: +34 672 173 200 (Madrid, Spain) > _______________________________________________ > Users mailing list -- [email protected] > To unsubscribe send an email to [email protected] _______________________________________________ Users mailing list -- [email protected] To unsubscribe send an email to [email protected]
