Fix Windows CI: convert GNUPGHOME path to MSYS2 format for GPG subprocess

[Copilot]

Description

9 GPG export roundtrip tests fail on desktop (windows-latest) CI. Python's tempfile returns native Windows paths (C:\Users\...) but Git-for-Windows ships an MSYS2 GPG that expects POSIX paths (/c/Users/...). GPG concatenates the CWD with the Windows path, producing invalid paths like /d/a/seedsigner/seedsigner/C:\Users\...\pubring.kbx.

Added _msys2_path() helper in test_gpg_message.py to convert drive-letter paths for GNUPGHOME:

def _msys2_path(path: str) -> str:
    if sys.platform == "win32":
        path = path.replace("\\", "/")
        # Convert drive letter, e.g. "C:/Users/..." → "/c/Users/..."
        if len(path) >= 2 and path[1] == ":":
            path = "/" + path[0].lower() + path[2:]
    return path

No-op on Linux/macOS. Applied to both test_bip85_key_gpg_export_roundtrip and test_generate_new_gpg_export_roundtrip.

No screenshots — test-only change.

This pull request is categorized as a:

• New feature
• Bug fix
• Code refactor
• Documentation
• Other

Checklist

• I've run pytest and made sure all unit tests pass before sumbitting the PR

If you modified or added functionality/workflow, did you add new unit tests?

• No, I'm a fool
• Yes
• N/A

I have tested this PR on the following platforms/os:

• Raspberry Pi OS Manual Build
• SeedSigner OS on a Pi0/Pi0W board
• Other

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[Copilot]

Pull request overview

This PR expands SeedSigner’s BIP85 GPG/PGP key support (additional ECC curves and corrected derivation behavior) and introduces a new ec_point.py helper that derives EC public keys via multiple crypto backends with automatic selection.

Changes:

• Add support for NIST P-384/P-521 and Brainpool P-384/P-512 across the BIP85 PGP tool and GPG flows.
• Introduce src/seedsigner/helpers/ec_point.py with backend detection/dispatch and add backend cross-agreement tests.
• Fix message signing to derive directly from a root HDKey (avoiding prior double-derivation) and add regression tests.

Reviewed changes

Copilot reviewed 12 out of 13 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
tools/bip85_pgp.py	Extends CLI PGP key generation to additional ECC curves and subkey specs.
src/seedsigner/helpers/ec_point.py	New multi-backend EC public key derivation module with backend selection API.
src/seedsigner/views/tools_views.py	Updates BIP85 GPG derivation path scheme, adds new ECC curves, and adds a new “View Keys” menu/view.
src/seedsigner/helpers/embit_utils.py	Changes sign_message to accept a root HDKey directly (fixing derivation behavior).
src/seedsigner/views/seed_views.py	Updates message signing call site to pass root=seed.get_root().
tests/test_ec_backends.py	New tests to validate EC backends agree on derived public points/keys.
tests/test_embit_utils.py	Adds regression tests ensuring message signing uses the correct root derivation.
tests/test_bip85_pgp_cli.py	Extends CLI coverage for new ECC key types and adds GPG round-trip tests for compatible key types.
tests/test_bip85_gpg.py	Updates vectors and adds cross-implementation tests for entropy/private keys/RSA determinism and UI assertions.
tests/test_bip85_bipsea_vectors.py	Adds a comprehensive cross-implementation vector suite (bipsea/OpenSSL/PyCryptodome claims).
tests/BIP85_GPG_CROSS_IMPL_REPORT.md	Adds a detailed validation report and spec recommendations.
requirements.txt	Switches pgpy to a fork URL and removes hash-pinning / cryptography pinning.
AGENTS.md	Documents the seed.get_root(network) requirement across seed types.

Comments suppressed due to low confidence (2)

src/seedsigner/views/tools_views.py:5931

• PR description states "No UI changes", but ToolsGPGMenuView adds a new "View Keys" menu option and a new view implementation. Please update the PR description (or revert the UI change) so reviewers/testers know to validate the new menu flow.

class ToolsGPGMenuView(View):
    FILE_OPS = ButtonOption("File Operations")
    IMPORT = ButtonOption("Import Keys")
    EXPORT = ButtonOption("Export Keys")
    VIEW_KEYS = ButtonOption("View Keys")
    MESSAGE = ButtonOption("Secure Messaging")
    SMART_GPG = ButtonOption("SmartGPG")
    ADVANCED = ButtonOption("Advanced")

    def run(self):
        from seedsigner.controller import Controller

        if self.controller.resume_main_flow == Controller.FLOW__GPG_MESSAGE:
            self.controller.resume_main_flow = None
            return Destination(ToolsGPGDecryptMessageView, skip_current_view=True)

        button_data = [
            self.FILE_OPS,
            self.IMPORT,
            self.EXPORT,
            self.VIEW_KEYS,
            self.MESSAGE,
            self.SMART_GPG,
            self.ADVANCED,
        ]

src/seedsigner/helpers/embit_utils.py:203

• sign_message() returns a base64-encoded string ("...decode()"), but its return type annotation is "-> bytes". This is now inconsistent with actual behavior and the new tests asserting a str. Update the annotation to "-> str" (or change the return value to bytes) to keep typing accurate.

def sign_message(root: HDKey, derivation: str, msg: bytes, compressed: bool = True) -> bytes:
    """
        from: https://github.com/cryptoadvance/specter-diy/blob/b58a819ef09b2bca880a82c7e122618944355118/src/apps/signmessage/signmessage.py

        Sign a Bitcoin message using a BIP-32 root key and derivation path.
        Use seed.get_root(network) to obtain the root key — never
        bip32.HDKey.from_seed(seed.seed_bytes) directly (see AGENTS.md).
    """
    msghash = sha256(
        sha256(
            b"\x18Bitcoin Signed Message:\n" + compact.to_bytes(len(msg)) + msg
        ).digest()
    ).digest()

    prv = root.derive(derivation).key
    sig = secp256k1.ecdsa_sign_recoverable(msghash, prv._secret)
    flag = sig[64]
    sig = ec.Signature(sig[:64])
    c = 4 if compressed else 0
    flag = bytes([27 + flag + c])
    ser = flag + secp256k1.ecdsa_signature_serialize_compact(sig._sig)
    return b2a_base64(ser).strip().decode()

[Copilot]

test_auto_detect_prefers_cryptography() claims to verify that auto-detection prefers cryptography, but it only checks the derived pubkey length. As written it won’t fail if a different backend is used. Consider exposing/recording the selected backend (e.g., a helper that reports the backend used for the last operation) and asserting it here.

Suggested change

	pytest.skip("cryptography not installed")
	set_backend(None)
	# Ed25519 should use cryptography (first in preference order)
	pub = ed25519_pub_from_seed(_SEED_32)
	assert len(pub) == 32
	pytest.skip("cryptography not installed")
	# Restore auto-detection and verify that the preferred backend is chosen
	set_backend(None)
	# Ed25519 should use cryptography (first in preference order)
	pub = ed25519_pub_from_seed(_SEED_32)
	assert len(pub) == 32
	# Ensure that auto-detection actually selected the cryptography backend
	assert get_backend() == CRYPTOGRAPHY

[Copilot]

The module docstring says the vectors are validated against OpenSSL via the cryptography library, but these tests never force the cryptography backend (and can pass using other backends). Either force cryptography for the OpenSSL cross-validation portions or reword the docstring/comments to reflect that the validation is against SeedSigner’s backend-derived points (which may or may not be OpenSSL-backed).