ECC key with MPIs represented as "SOS"
gniibe's SOS proposal suggests that we could retcon MPIs for existing ECC curve points as "SOS" by counting the length as 8*octets (not as bits) and by not requiring removal of leading zeros.
The test suite already experiments some with zero-padding.
I propose a new test with an ECC certificate (Ed25519, single primary key both signing and certification-capable, one user ID of testing SOS
, one self-sig) whose eddsa_public_len
is set to 01 08
instead of the standard 01 07
. This certificate has two potential v4 fingerprints (one with the EC point as an MPI and a distinct one as an SOS). Using that certificate, two binary signatures over the simple ASCII text string Hello World :)
. For the first signature, set any Issuer Fingerprint or Issuer subpackets to the MPI-based fingerprint; for the second, set any Issuer Fingerprint or Issuer subpacket to the SOS-based fingerprint.
For each signature, the test can indicate:
- does it verify?
- If it verifies, what signature fingerprint is indicated in the
VERIFICATIONS
output?
sop doesn't have enough key management capabilities yet to be able to do more investigation of how the certificate itself is handled, i think, but the above would be a useful starting point.