Shared Key between GnuPG and WebCrypt

SSH, OpenPGP, GPG
#1

Is it currently possible to use the same ECC keys for WebCrypt and GnuPG?

Current progress:

  • Created X25519 keypair (using gpg2 --generate-full-key --expert) with UID “foobar”/loaded to onlykey (slot 102 for sk and 101 for dk/subkey)
  • Set up onlykey-agent/onlykey-gpg
  • Successfully created keys using onlykey-gpg init "foobar"

Issues:

  • onlykey-gpg init "foobar" -sk 102 -dk 101 --i ~/public.asc fails (error reading key: No secret key)
  • Webcrypt hangs when attempting to perform decryption operation with loaded ECC keys.

Questions:

  • Is Webcrypt support of ECC supposed to work in the current version?
  • Is it possible (in theory) to use the same keys for Webcrypt and GnuPG?

Let me know if any information would make troubleshooting easier.

#2

GPG offers a lot of options that are not supported by OpenPGP. GPG keys may work but only OpenPGP keys are supported. Yes you can use the same keys with webcrypt as with OnlyKey agent.

An easier way of troubleshooting might be to start with a known working configuration. Create protonmail ed25519 key and you would be able to follow the guide to load and use with webcrypt and OnlyKey agent - Import keys from Keybase, Protonmail, and Mailvelope/GPG | Docs

Adding GPG Stored Keys
#3

I have reproduced these issues using a protonmail ed25519 key - Webcrypt still hangs with my test decryption configuration:

  • encrypted message (not signed)
  • blank sender field, protonmail ed15519 public key pasted into recipient field
  • protonmail ed15519 private key loaded to onlykey using Auto Load

I get the same error as before when trying to use stored keys for OpenGPG with protonmail ed15519 keys too.

I will continue testing using protonmail keys (as far as I can determine, they follow the same format as the same keys generated by gpg, but it’s good to be sure).

#4

Did you use autoload to load your protonmail key onto OnlyKey? That ensures your key is loaded correctly, if it is not loaded correctly that could be the reason for Webcrypt issues.

#5

I did indeed. I have just reproduced the issues again (reloading the keys using AutoLoad).

#6

With some more testing, the Webcrypt issue seems to be specific to “Decrypt Only” mode. Both signing, encrypt+sign, and decrypt+verify operations work.

#7

We made some updates to the webcrypt app, can you try Decrypt Only again to see if this resolves your issue?

#8

Yes, that works!

With the other half of my problem, I’ve tried loading stored keys both on Fedora and Debian - same error. The problem occurs when trying to read the private key, using the helper script in .gnupg/onlykey.
It seems to be attempting to access the private key before connecting to the OnlyKey:

  • Using generated keys works, as mentioned.
  • When using generated keys, if the OK is not connected, it errors out, as expected.
  • Try running the command to load a stored key, and it makes no difference whether the key is even connected - the code to connect to the OK interface is not run, before trying to list the private keys.
#9
  • Try running the command to load a stored key, and it makes no difference whether the key is even connected - the code to connect to the OK interface is not run, before trying to list the private keys.

What command is that? You would load stored keys with the OnlyKey app i.e.
image
image

Then use like this:

$ onlykey-gpg init "Bob Smith <bob@protonmail.com>" -sk 104 -dk 105 -i publickey.bob@protonmail.com.asc
#10

This command is the issue - I will try using slots 104/105 as in your example to see if the issue persists.

#11 
2021-02-16 17:20:53,003 WARNING      This GPG tool is still in EXPERIMENTAL mode, so please note that the API and features may change without backwards compatibility! [__init__.py:128]
2021-02-16 17:20:53,033 WARNING      NOTE: in order to re-generate the exact same GPG key later, run this command with "--time=0" commandline flag (to set the timestamp of the GPG key manually). [__init__.py:39]
gpg: inserting ownertrust of 6
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: keydb_search failed: End of file
gpg: error reading key: End of file
Traceback (most recent call last):
  File "/home/user/.local/bin/onlykey-gpg", line 11, in <module>
    load_entry_point('onlykey-agent==1.1.10', 'console_scripts', 'onlykey-gpg')()
  File "/home/user/.local/bin/onlykey_agent.py", line 6, in <lambda>
    gpg_tool = lambda: libagent.gpg.main(DeviceType)
  File "/home/user/.local/lib/python3.8/site-packages/libagent/gpg/__init__.py", line 375, in main
    return args.func(device_type=device_type, args=args)
  File "/home/user/.local/lib/python3.8/site-packages/libagent/gpg/__init__.py", line 223, in run_init
    check_call(keyring.gpg_command(['--homedir', homedir,
  File "/home/user/.local/lib/python3.8/site-packages/libagent/gpg/__init__.py", line 114, in check_call
    subprocess.check_call(args=args, stdin=stdin, env=env)
  File "/usr/lib64/python3.8/subprocess.py", line 364, in check_call
    raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/usr/bin/gpg', '--homedir', '/home/user/.gnupg/onlykey', '--list-secret-keys', 'username@protonmail.com <username@protonmail.com>']' returned non-zero exit status 2.
#12

Also note that unplugging the OnlyKey does not change the error message, where it should give the error:
libagent.device.interface.NotFoundError: {} not connected: "{}".

I can also send more verbose logs if that would be helpful?

#13

I just need to know what command you are trying to run, the log output above does not show that.

#14 
onlykey-gpg init "username@protonmail.com <username@protonmail.com>" -sk 104 -dk 105 -i publickey.username@protonmail.com.asc

Where “username” is the protonmail username. I have also tried:

onlykey-gpg init "User Name <username@protonmail.com>" -sk 104 -dk 105 -i publickey.username@protonmail.com.asc
#15

That error is likely because your identity you are specifying does not match the identity in your public key. Try using just

onlykey-gpg init "username@protonmail.com" -sk 104 -dk 105 -i publickey.username@protonmail.com.asc
#16

Importing the public key into gpg verifies that the identity is username@protonmail.com <username@protonmail.com>

#17

I have been unable to replicate the issue, import of protonmail key works every time I have tested using this:

onlykey-gpg init "username@protonmail.com" -sk 104 -dk 105 -i publickey.username@protonmail.com.asc

or this:

onlykey-gpg init "username@protonmail.com <username@protonmail.com>" -sk 104 -dk 105 -i publickey.username@protonmail.com.asc

Assuming that the correct keys are loaded to slot 104 and 105, if there are no keys loaded on OnlyKey in those slots OnlyKey will flash red and you will see the error. For protonmail key you should be loading primary key as signing key and subkey 1 as decryption key.

onlykey-gpg init "crptest@protonmail.com" -sk 104 -dk 105 -i publickey.asc 
2021-02-18 12:09:56,371 WARNING      This GPG tool is still in EXPERIMENTAL mode, so please note that the API and features may change without backwards compatibility! [__init__.py:128]
2021-02-18 12:09:56,410 WARNING      NOTE: in order to re-generate the exact same GPG key later, run this command with "--time=0" commandline flag (to set the timestamp of the GPG key manually). [__init__.py:41]
gpg: inserting ownertrust of 6
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
sec   ed25519 2021-02-15 [SC]
      DE1F327B3F5F343A317880FEDF697F7407CFA758
uid           [ultimate] crptest@protonmail.com <crptest@protonmail.com>
ssb   cv25519 2021-02-15 [E]
#18

Well, this is certainly strange!
This may be overkill, but the fastest way to reproduce the issue is probably to run QubesOS in a virtual machine (I believe VMware has prebuilt ones if you don’t already have one).

Open a Debian-10 or Fedora-32 Qube, and run the corresponding setup command:

Debian: sudo apt update && sudo apt upgrade && sudo apt install python3-pip python3-tk libusb-1.0-0-dev libudev-dev -y && pip3 install onlykey-agent --user && wget https://raw.githubusercontent.com/trustcrypto/trustcrypto.github.io/master/49-onlykey.rules && sudo cp 49-onlykey.rules /etc/udev/rules.d/ && sudo udevadm control --reload-rules && sudo udevadm trigger && export PATH=$PATH:/home/user/.local/bin

Fedora: sudo dnf install python3-pip python3-devel python3-tkinter libusb-devel libudev-devel gcc redhat-rpm-config -y && pip3 install onlykey-agent --user && wget https://raw.githubusercontent.com/trustcrypto/trustcrypto.github.io/master/49-onlykey.rules && sudo cp 49-onlykey.rules /etc/udev/rules.d/ && sudo udevadm control --reload-rules && sudo udevadm trigger

These both reliably create an environment to replicate the issue (both in Standalone and Disposable Qubes). The issue doesn’t seem to be Qubes specific, since aside from using stored keys everything works as intended.

#19

Have you reproduced issue on non-qubes systems? Qubes has some unique things like USB blocking that may cause this.

#20

I don’t have access to other machines for testing right now, unfortunately. I believe the trezor gpg agent works in Qubes, as well as the OnlyKey gpg agent using generated keys.

The USB blocking doesn’t apply if you connect the device to a specific VM - though I can’t rule out other issues. Is there some stored key specific code you think it might be breaking?