4

When you generate an PGP key-pair, you can choose a Public-Key algorithm:

$ gpg --expert --full-gen-key
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
   (7) DSA (set your own capabilities)
   (8) RSA (set your own capabilities)
   (9) ECC and ECC
  (10) ECC (sign only)
  (11) ECC (set your own capabilities)
  (13) Existing key
  (14) Existing key from card
Your selection?

When you list/browse PGP public keys, the used algorithms for this key is represented as a number. Example with a simple RSA 2048 key:

$ gpg --export me@localhost.com | gpg --list-packets --verbose
...
:public key packet:
    version 4, algo 1, created 1531406055, expires 0s 0
...
:signature packet: algo 1, keyid 47F915B113C9BC18
    version 4, created 1531406055, md5len 0, sigclass 0x13
    digest algo 2, begin of digest 7a 9c
...
:public sub key packet:
    version 4, algo 1, created 1531406055, expires 0

I'm here talking about the algo 1, digest algo 8, algo 2 etc.

I'm looking for a complete list where I can find the name of each algo, given this algo number.

I found a list in the RFC 4880 (OpenPGP Message Format):

      ID           Algorithm
      --           ---------
      1          - RSA (Encrypt or Sign) [HAC]
      2          - RSA Encrypt-Only [HAC]
      3          - RSA Sign-Only [HAC]
      16         - Elgamal (Encrypt-Only) [ELGAMAL] [HAC]
      17         - DSA (Digital Signature Algorithm) [FIPS186] [HAC]
      18         - Reserved for Elliptic Curve
      19         - Reserved for ECDSA
      20         - Reserved (formerly Elgamal Encrypt or Sign)
      21         - Reserved for Diffie-Hellman (X9.42,
                   as defined for IETF-S/MIME)
      100 to 110 - Private/Experimental algorithm

But this list seems to be incomplete: if I generate a key with ECC algorithm (Elliptic Curve Cryptography) and Curve 25519, the public key algo is 22 which is not in the list above. However gpg binary is aware of this algo name:

$ gpg --list-keys

pub   ed25519 2022-04-06 [SC]
      7D438CA8D0C6D57EA168521C2C800B246796CFC9
uid           [ultimate] John <john.doe@ed25519.org>
sub   cv25519 2022-04-06 [E]

Is there an up-to-date list of all available algos and their associated number somewhere ?

Pierre
  • 2,552
  • 5
  • 26
  • 47
  • Found another RFC draft defining this n°22: https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-04.html#name-public-key-algorithms-2 but this is still a draft – Pierre May 04 '22 at 08:55

1 Answers1

5

Not sure this fully covers your needs, but in addition to the RFC4880 - sections 9.1 to 9.4, that has the following lists:

9.1. Public-Key Algorithms
9.2. Symmetric-Key Algorithms
9.3. Compression Algorithms
9.4. Hash Algorithms

Here's what I could find:

Elliptic Curve Cryptography (ECC) in OpenPGP
RFC6637, section 5 - https://www.rfc-editor.org/rfc/rfc6637#section-5

"Unknown algorithm 22" thread
https://lists.gnupg.org/pipermail/gnupg-devel/2017-April/032762.html

Algorithm 22 seems to be listed in this thread:

Right we are a bit faster than the specs. The OpenPGP WG agreed on using 22 for EdDSA in mid 2014. The draft-koch-eddsa-for-openpgp-00 specified the algorithms; meanwhile superseded by draft-ietf-openpgp-rfc4880bis-01.

+-----------+----------------------------------------------------+
|        ID | Algorithm                                          |
+-----------+----------------------------------------------------+
|         1 | RSA (Encrypt or Sign) [HAC]                        |
|         2 | RSA Encrypt-Only [HAC]                             |
|         3 | RSA Sign-Only [HAC]                                |
|        16 | Elgamal (Encrypt-Only) [ELGAMAL] [HAC]             |
|        17 | DSA (Digital Signature Algorithm) [FIPS186] [HAC]  |
|        18 | ECDH public key algorithm                          |
|        19 | ECDSA public key algorithm [FIPS186]               |
|        20 | Reserved (formerly Elgamal Encrypt or Sign)        |
|        21 | Reserved for Diffie-Hellman                        |
|           | (X9.42, as defined for IETF-S/MIME)                |
|        22 | EdDSA [I-D.irtf-cfrg-eddsa]                        |
|  100--110 | Private/Experimental algorithm                     |
+-----------+----------------------------------------------------+

Note: just in case it helps you as it helped me, "digest" is the output of a hash algorithm.

Y. E.
  • 687
  • 1
  • 10
  • 29
evilmandarine
  • 4,241
  • 4
  • 17
  • 40