Have a list to summarize supported key algorithms

[mssun]

We dont support all key algorithms for Git and some PGP key is not supported. It's better to have a list to summarize this so that users can easily understand why their keys do not work.

[savyajha]

I think as a list of recommended key algorithms, at least for ssh, it should be suggested that people use RSA 2048 bit (with 4096 bits recommended if they're making a key right now) at least. I've tried out ed25519 keys and they don't work. It should also be recommended that people store their keys in the more compatible PEM format, not the newer openssh format (i.e. to not use the -o flag when using ssh-keygen).

For PGP, I know that rsa4096 works, and ed25519 doesn't. I am unsure if it is wise to recommend using any elliptic curve other than Curve 25519. I am also unsure whether to recommend DSA or not. I have never used Elgamal keys, so there is that.

[yishilin14]

I created a new Wiki page about this Supported Unsupported Key Algorithms.

@savyajha I copied some of your answers there. Cheers.

[jmpolom]

What is the status of ed25519 keys for ssh with Pass for iOS? Are these also unsupported? I tried for hours to try and get an ed25519 key to work with the app for GPG only to realize it was not me and it was the lack of support for this key type causing the trouble. I have migrated all my ssh keys to ed25519, except for the one I use for the git repo holding my pass files because I wasn't sure if this app would work with such a key.

[mssun]

@jmpolom Because of this issue https://github.com/krzyzanowskim/ObjectivePGP/issues/92, we cannot support EdDSA algorithm right now.

In the meantime, probably we should consider some other PGP libraries such as Sequoia PGP (https://gitlab.com/sequoia-pgp/sequoia).

[jmpolom]

Does the krzyzanowskim/ObjectivePGP#92 issue effect the SSH portion of the app as well or only PGP/GPG crypto?

[mssun]

No, they are separated.

[jmpolom]

What library is used for SSH/what key formats does it support? EdDSA is supported and desirable for SSH these days. My question was regarding SSH, not PGP. I'm aware that ObjectivePGP cannot support EdDSA keys.

[ZortacDev]

Is this something being actively worked on? If not, I might try to port the code from ObjectivePGP to Sequoia PGP.

[mssun]

@ZortacDev please go ahead. Sequoia PGP provides C FFI itself. However, I'm not sure about Rust's support for iOS target (i.e., aarch64-apple-ios).

[mssun]

@jmpolom we are using objective-git (https://github.com/libgit2/objective-git) which is using openssl. I believe it can support EdDSA for SSH, but I need to further verify it.

[tobiastom]

Having ED25519 support for SSH would be really awesome.

[crocket]

Are ed25519 ssh keys supported?

[mssun]

@tobiastom @crocket For the ED25519 support, I have submitted a PR to ObjectiveGit (https://github.com/libgit2/objective-git/pull/686).

[mssun]

@ZortacDev For porting Sequoia PGP, I just went through the project and found that it uses GPL license, which not compatible with our current license (MIT). If we want to use it, we need to first decide whether to change our license to GPL. Please correct me if I'm wrong about the license issue. Thanks.

[ZortacDev]

@mssun Yeah, you're right about the license issue. In addition to that I've had a few difficulties compiling Sequoia for iOS so maybe our best option would really be to add ECC support to ObjectivePGP. I'll still try to get it running with Sequoia, just for the challenge (I'm quite new to iOS programming) but don't expect anything useful to come out of it quickly.

[mssun]

Thanks @ZortacDev, please take your time. Also, I don't mind to change our license if it can provide better security and functionalities.

[ZortacDev]

ProtonMail just open-sourced their PGP library for Golang (GopenPGP). It's licensed under the MIT license, supports ECC, audited and built specifically for mobile environments. I'll look into that and I think I should be able to get some more progress done as I'm much more familiar with Go than with Rust.

[mssun]

@ZortacDev this's great! Does it easy to use golang in iOS?

[ZortacDev]

Yeah, the library is specifically made to work with gomobile, which allows for easy cross-compilation and integration with Swift or Objective-C code. GopenPGP also seems to have keyring support so switching from ObjectivePGP should be pretty easy.

[mssun]

@ZortacDev, that's awesome. Could you please try the library? If it is easy to integrate with Swift or Objective-C code, I'm totally ok to switch.

[mssun]

Thanks to @ZortacDev, we have changed to GopenPGP which may potentially resolves many existing PGP encryption algorithm issues. The latest version 0.6.0 (20) is in the TestFlight channel. Please report any issues related to the PGP encryption/decryption. Thanks.

[kron4eg]

So, having already 2 release since introducing gopenpgp, is it know if curve25519 going to work?

[mssun]

@kron4eg, curve25519 should work.

[tobiastom]

@mssun Sorry for getting back to you so late. As the mentioned pull request is merged, should the latest version support ed25519 ssh keys?

[kron4eg]

OK, I've played a bit with curve25519 keys, here's what I've found. It only worked when full master key (including private) was presented on the device, despite the fact that master key have only "Certify" capability.

Setup where I remove master private key (but Encryption private key is present) before export and then export, doesn't work. Such setup is much more secure and master key is not needed for encryption.

[jmpolom]

It appears that ed25519 ssh keys do not work? I tried loading an ed25519 ssh key and I get an error. "Failed to fetch from remote. Underlying Error: Failed to authenticate SSH session: Unable to extract public key from private key." Pass for iOS 0.7.0