Cannot add Ed25519 GPG Key
Summary
It seems that the new GitLab GPG commit verification feature does not support Ed25519 PGP public keys.
Steps to reproduce
- Make sure you have
gpg
version >=2.1.21
. - Run
gpg --full-gen-key --expert
- Select
(10) ECC (sign only)
- Select
(1) Curve 25519
- Answer remaining options with any response.
- After the key is created record its fingerprint
- Copy the newly created key from GPG keychain:
gpg --armor --export <fingerprint>
- Go to account > settings > GPG keys > paste the Ed25519 PGP public key from the previous step > add key.
Alternatively, here's an Ed25519 PGP public key for testing purposes:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - https://gpgtools.org
mDMEWZz/eRYJKwYBBAHaRw8BAQdAbEtu3px60L3UMgZK2uU7FRUDCaz4v+1uHTkK
PGu2LQy0HnRlc3QgbmFtZSA8dGVzdGVtYWlsQHRlc3QuY29tPoiQBBMWCgA4FiEE
0+eu7gj8Pykrh9fQTupXY000+ZMFAlmc/3kCGwMFCwkIBwMFFQoJCAsFFgIDAQAC
HgECF4AACgkQTupXY000+ZNnXwEAnUIBdOIZS1GAA6Qua3XhqI8MBeRO5cLTm1Li
em2SjsAA/0m/ggFo8A0kCKOtx//dsThLG7fP+txlNv1yNRQhTtEM
=CtOq
-----END PGP PUBLIC KEY BLOCK-----
What is the current bug behavior?
When Add Key
is pressed, the following error is shown:
The form contains the following errors:
Fingerprint can't be blank
Primary keyid can't be blank
What is the expected correct behavior?
A success message, with the key added to my GPG keys.
Output of checks
This bug happens on GitLab.com
Possible fixes
Implement the Curve25519 specification found here: https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-00