Launchpad cannot handle ECC or Ed25519 OpenPGP keys

Bug #1827369 reported by dkg
108
This bug affects 21 people
Affects Status Importance Assigned to Milestone
Launchpad itself
Undecided
Unassigned

Bug Description

for my dkg0 account, i'm trying to upload my current OpenPGP key, which is an ed25519 key:

pub ed25519 2019-01-19 [C] [expires: 2021-01-18]
      C4BC2DDB38CCE96485EBE9C2F20691179038E5C6
uid [ultimate] Daniel Kahn Gillmor <email address hidden>
uid [ultimate] Daniel Kahn Gillmor <email address hidden>
sub ed25519 2019-01-19 [S] [expires: 2020-01-19]
sub ed25519 2019-01-19 [A] [expires: 2020-01-19]
sub cv25519 2019-01-19 [E] [expires: 2020-01-19]

when i try to do that i get the following error:

------------
 Launchpad could not import your OpenPGP key

    Did you enter your complete fingerprint correctly? (Help with fingerprints)
    Is your key in the Ubuntu keyserver yet? You may have to wait between ten minutes (if you pushed directly to the Ubuntu key server) and one hour (if you pushed your key to another server). (Help with publishing keys)
------------

however, the key is in the ubuntu keyserver: https://keyserver.ubuntu.com/pks/lookup?search=0xC4BC2DDB38CCE96485EBE9C2F20691179038E5C6&op=vindex

I notice that messages from launchpad related to other RSA keys include an OpenPGP Comment field that indicates that it is using GnuPG v1, which doesn't support elliptic curve keys at all. So it's possible that this is the problem. Launchpad should be using a modern version of GnuPG, though.

Revision history for this message
dkg (dkg0) wrote :

over on https://answers.launchpad.net/launchpad/+question/680583 @cjwatson wrote:

> This is indeed because we're using GnuPG v1. I tried to upgrade to a modern version a while ago but I
> ran into a huge slew of test failures, mainly because of the same sorts of things that Ian Jackson has
> been complaining about for some time (e.g. https://bugs.debian.org/840669). I would like to have
> another go at some point, but it may take a while.

Revision history for this message
Colin Watson (cjwatson) wrote :

To people who might be inclined to mark this as a duplicate: please note that this is not a duplicate of bug 907675. OpenPGP keys are not SSH keys, and the code involved in handling them is completely separate.

Revision history for this message
Haruka (mrx) wrote :

Hate to "bump" bugs, but it's been quite a while and it seems I still can't use EdDSA keys.

I've already revoked my old RSA key and creating another key just for ppa sounds ridiculous for me.

Any plan to revisit this soon?

Revision history for this message
Shaun Murphy (shoonmcgregor) wrote :

This issue is also impacting me.

Changed in launchpad:
status: New → Confirmed
Revision history for this message
Robert de Rooy (r-d-e-r-o-o-y) wrote :

Just spend a huge amount of time wasted on figuring out why I get this stupid cryptic error that it could not import the gpg key.

It is f****** 2022, and still no support for elliptic curve GPG keys? And certainly don't mention in the instructions that this is a limitation, and even better don't bother to tell the user when he tries to import the key that it is the "wrong" type.

Thanks!

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.