Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

High Level OpenPGP v6 Key Generation #1857

Open
wants to merge 52 commits into
base: main
Choose a base branch
from
Open

High Level OpenPGP v6 Key Generation #1857

wants to merge 52 commits into from
+3,593 −81

Conversation

vanitasvitae
Copy link
Contributor

Hey!
In this PR, I'm working on a high-level API for OpenPGP key generation (v6 only for now).
Let me know, what you think of the design sketched out in OpenPGPV6KeyGenerator :)

I tried to keep the API straight-forward, but still allow modifications of the (hashed) signature subpacket areas by the use of callbacks which the user can hook into, to modify the signature subpackets prior to signature generation.

The PR also adds key generator classes for individual keys, such that the risk of making mistakes during key generation (e.g. using wrong/weak parameters) is minimized.

I used PGPainless as orientation for the API design, but kept the generation API a bit slimmer for now. Let me know what you think of the direction the API is heading.

@vanitasvitae vanitasvitae marked this pull request as draft October 3, 2024 09:58
@vanitasvitae
Copy link
Contributor Author

I'm contemplating whether to transform the OpenPGPV6KeyGenerator into a general OpenPGPKeyGenerator class, where the user can specify the key version number.

There are some non-trivial differences between v4 and v6, most notably the fact that v6 stores preferences in a Direct-Key signature, while v4 prefers user-id certification signatures (at least if you want to be compatible to GnuPG).

@vanitasvitae
Rename masterKey -> primaryKey
fc8abc0
@vanitasvitae
Javadoc
dcd57eb
@vanitasvitae
Generics
006d233
@vanitasvitae
Use proper constructor for PGPSignatureGenerator
0be4dfa
@vanitasvitae
Final members
93324cb
@vanitasvitae
Document PGPException
ca0dff5
@vanitasvitae
Remove unnecessary toArray() optimization
620affd
@vanitasvitae
Add test for PGPKeyRingGenerator
33ee55b
@vanitasvitae
Document legacy curve OIDs
30733c9
@vanitasvitae
Sanitize key algorithm/version matchups
00ecf25
@vanitasvitae
Add PGPKeyPairGenerator class + tests
a362eca
@vanitasvitae
Generics for PGPSignatureSubpacketGenerator list
6ae45e6
@vanitasvitae
Add removePacketsOfType() method
8e75436
@vanitasvitae
Add PublicKeyUtils
3334b58
@vanitasvitae
Implement high-level OpenPGPV6KeyGenerator class
b4ff15e
@vanitasvitae
Organize subpackets
87e9a8d
@vanitasvitae
Add overrides for setters with default subpacket criticality
b7bf695
@vanitasvitae
Add PGPSecretKeyRing.toCertificate()
7cc7e6c
@vanitasvitae
Remove methods for adding deprecated UserAttributes
b5fa774
@vanitasvitae
Introduce BC implementation of OpenPGPV6KeyGenerator
7d76e3c
@vanitasvitae
Add BcOpenPGPV6KeyGeneratorTest to RegressionTests
a37ca94
@vanitasvitae
Javadoc, Checkstyle
14332fa
@vanitasvitae
AEAD secret key encryption
ee34a33
@vanitasvitae
Document PGPSecretKey.getS2KUsage()
38de340
@vanitasvitae
Further progress with the new KeyGenerator API
76e8122
@vanitasvitae
Checkstyle
a12019d
@vanitasvitae
Permutate provider argument in JcaOpenPGPV6KeyGenerator
5aa5583
@vanitasvitae vanitasvitae marked this pull request as ready for review October 17, 2024 14:06
@vanitasvitae
Copy link
Contributor Author

Ready for review. Let me know if I can make your job easier by squashing or splitting this up into smaller PRs :)

@vanitasvitae
Copy link
Contributor Author

One thing I dislike about the current API design:
PGPKeyPair by default contains a primary key. Ideally I'd like to deal with an untyped key pair, whose type is determined when the key pair is added to a key ring.
Of course, you could manually convert between key types by converting the public key packet into a PublicSubkeyPacket object, and I even added PGPPublicKey.asSubkey() for this purpose, but that's still something the user needs to know.

An additional issue with the current API is, that PBESecretKeyEncryptor instances that use AEAD rely on the public key's packet tag to derive the KEK (key encapsulation key), so the key type has to be properly set the moment the PBESecretKeyEncryptor is instantiated.

I'm not sure, if there is a clean way to refactor the current API, circumsailing these rough edges in a backwards-compatible way.

@vanitasvitae vanitasvitae mentioned this pull request Nov 15, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ligefeiBouncycastle ligefeiBouncycastle Awaiting requested review from ligefeiBouncycastle

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@vanitasvitae