From 3d9f7e4b0c7a29be97255f52c441952d04220c4d Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter Date: Tue, 12 Nov 2024 10:08:10 +0100 Subject: [PATCH 1/4] feat: Adapt aead preferences on key generation --- openpgp/key_generation.go | 24 ++++++++++++++---------- openpgp/v2/key_generation.go | 25 +++++++++++++++---------- openpgp/v2/keys.go | 2 +- 3 files changed, 30 insertions(+), 21 deletions(-) diff --git a/openpgp/key_generation.go b/openpgp/key_generation.go index c9502c25f..13182dbc3 100644 --- a/openpgp/key_generation.go +++ b/openpgp/key_generation.go @@ -91,13 +91,15 @@ func (t *Entity) AddUserId(name, comment, email string, config *packet.Config) e } func writeKeyProperties(selfSignature *packet.Signature, creationTime time.Time, keyLifetimeSecs uint32, config *packet.Config) error { + advertiseAead := config.AEAD() != nil + selfSignature.CreationTime = creationTime selfSignature.KeyLifetimeSecs = &keyLifetimeSecs selfSignature.FlagsValid = true selfSignature.FlagSign = true selfSignature.FlagCertify = true selfSignature.SEIPDv1 = true // true by default, see 5.8 vs. 5.14 - selfSignature.SEIPDv2 = config.AEAD() != nil + selfSignature.SEIPDv2 = advertiseAead // Set the PreferredHash for the SelfSignature from the packet.Config. // If it is not the must-implement algorithm from rfc4880bis, append that. @@ -126,16 +128,18 @@ func writeKeyProperties(selfSignature *packet.Signature, creationTime time.Time, selfSignature.PreferredCompression = append(selfSignature.PreferredCompression, uint8(config.Compression())) } - // And for DefaultMode. - modes := []uint8{uint8(config.AEAD().Mode())} - if config.AEAD().Mode() != packet.AEADModeOCB { - modes = append(modes, uint8(packet.AEADModeOCB)) - } + if advertiseAead { + // And for DefaultMode. + modes := []uint8{uint8(config.AEAD().Mode())} + if config.AEAD().Mode() != packet.AEADModeOCB { + modes = append(modes, uint8(packet.AEADModeOCB)) + } - // For preferred (AES256, GCM), we'll generate (AES256, GCM), (AES256, OCB), (AES128, GCM), (AES128, OCB) - for _, cipher := range selfSignature.PreferredSymmetric { - for _, mode := range modes { - selfSignature.PreferredCipherSuites = append(selfSignature.PreferredCipherSuites, [2]uint8{cipher, mode}) + // For preferred (AES256, GCM), we'll generate (AES256, GCM), (AES256, OCB), (AES128, GCM), (AES128, OCB) + for _, cipher := range selfSignature.PreferredSymmetric { + for _, mode := range modes { + selfSignature.PreferredCipherSuites = append(selfSignature.PreferredCipherSuites, [2]uint8{cipher, mode}) + } } } return nil diff --git a/openpgp/v2/key_generation.go b/openpgp/v2/key_generation.go index 1617d48b4..b0722dcdb 100644 --- a/openpgp/v2/key_generation.go +++ b/openpgp/v2/key_generation.go @@ -147,13 +147,15 @@ func (t *Entity) AddDirectKeySignature(selectedKeyProperties *keyProperties, con } func writeKeyProperties(selfSignature *packet.Signature, selectedKeyProperties *keyProperties) error { + advertiseAead := selectedKeyProperties.aead != nil + selfSignature.CreationTime = selectedKeyProperties.creationTime selfSignature.KeyLifetimeSecs = &selectedKeyProperties.keyLifetimeSecs selfSignature.FlagsValid = true selfSignature.FlagSign = true selfSignature.FlagCertify = true selfSignature.SEIPDv1 = true // true by default, see 5.8 vs. 5.14 - selfSignature.SEIPDv2 = selectedKeyProperties.aead != nil + selfSignature.SEIPDv2 = advertiseAead // Set the PreferredHash for the SelfSignature from the packet.Config. // If it is not the must-implement algorithm from rfc4880bis, append that. @@ -197,18 +199,21 @@ func writeKeyProperties(selfSignature *packet.Signature, selectedKeyProperties * selfSignature.PreferredCompression = append(selfSignature.PreferredCompression, uint8(selectedKeyProperties.compression)) } - // And for DefaultMode. - modes := []uint8{uint8(selectedKeyProperties.aead.Mode())} - if selectedKeyProperties.aead.Mode() != packet.AEADModeOCB { - modes = append(modes, uint8(packet.AEADModeOCB)) - } + if advertiseAead { + // And for DefaultMode. + modes := []uint8{uint8(selectedKeyProperties.aead.Mode())} + if selectedKeyProperties.aead.Mode() != packet.AEADModeOCB { + modes = append(modes, uint8(packet.AEADModeOCB)) + } - // For preferred (AES256, GCM), we'll generate (AES256, GCM), (AES256, OCB), (AES128, GCM), (AES128, OCB) - for _, cipher := range selfSignature.PreferredSymmetric { - for _, mode := range modes { - selfSignature.PreferredCipherSuites = append(selfSignature.PreferredCipherSuites, [2]uint8{cipher, mode}) + // For preferred (AES256, GCM), we'll generate (AES256, GCM), (AES256, OCB), (AES128, GCM), (AES128, OCB) + for _, cipher := range selfSignature.PreferredSymmetric { + for _, mode := range modes { + selfSignature.PreferredCipherSuites = append(selfSignature.PreferredCipherSuites, [2]uint8{cipher, mode}) + } } } + return nil } diff --git a/openpgp/v2/keys.go b/openpgp/v2/keys.go index b4a7cc1e8..2566cea3f 100644 --- a/openpgp/v2/keys.go +++ b/openpgp/v2/keys.go @@ -61,7 +61,7 @@ func (e *Entity) PrimaryIdentity(date time.Time, config *packet.Config) (*packet var primaryIdentityCandidatesSelfSigs []*packet.Signature for _, identity := range e.Identities { selfSig, err := identity.Verify(date, config) // identity must be valid at date - if err == nil { // verification is successful + if err == nil { // verification is successful primaryIdentityCandidates = append(primaryIdentityCandidates, identity) primaryIdentityCandidatesSelfSigs = append(primaryIdentityCandidatesSelfSigs, selfSig) } From 533abc0043bbc90ef35aea6da9f654e5b1aba906 Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter <10532077+lubux@users.noreply.github.com> Date: Tue, 12 Nov 2024 10:28:49 +0100 Subject: [PATCH 2/4] chore: Update old comment Co-authored-by: Daniel Huigens --- openpgp/key_generation.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openpgp/key_generation.go b/openpgp/key_generation.go index 13182dbc3..77213f66b 100644 --- a/openpgp/key_generation.go +++ b/openpgp/key_generation.go @@ -129,7 +129,8 @@ func writeKeyProperties(selfSignature *packet.Signature, creationTime time.Time, } if advertiseAead { - // And for DefaultMode. + // Get the preferred AEAD mode from the packet.Config. + // If it is not the must-implement algorithm from rfc9580, append that. modes := []uint8{uint8(config.AEAD().Mode())} if config.AEAD().Mode() != packet.AEADModeOCB { modes = append(modes, uint8(packet.AEADModeOCB)) From e5e24ac6ae01c62ddbeba94da9240201c765a4f2 Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter Date: Tue, 12 Nov 2024 10:31:55 +0100 Subject: [PATCH 3/4] chore: Move comment --- openpgp/v2/keys.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openpgp/v2/keys.go b/openpgp/v2/keys.go index 2566cea3f..9a5226d5f 100644 --- a/openpgp/v2/keys.go +++ b/openpgp/v2/keys.go @@ -61,7 +61,8 @@ func (e *Entity) PrimaryIdentity(date time.Time, config *packet.Config) (*packet var primaryIdentityCandidatesSelfSigs []*packet.Signature for _, identity := range e.Identities { selfSig, err := identity.Verify(date, config) // identity must be valid at date - if err == nil { // verification is successful + if err == nil { + // verification is successful primaryIdentityCandidates = append(primaryIdentityCandidates, identity) primaryIdentityCandidatesSelfSigs = append(primaryIdentityCandidatesSelfSigs, selfSig) } From ff1c4159f0b344fe5f6be6c9185862ab9e42ce6f Mon Sep 17 00:00:00 2001 From: Lukas Burkhalter <10532077+lubux@users.noreply.github.com> Date: Tue, 12 Nov 2024 10:45:12 +0100 Subject: [PATCH 4/4] chore: Update old comment Co-authored-by: Daniel Huigens --- openpgp/v2/key_generation.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/openpgp/v2/key_generation.go b/openpgp/v2/key_generation.go index b0722dcdb..c15eba9bb 100644 --- a/openpgp/v2/key_generation.go +++ b/openpgp/v2/key_generation.go @@ -200,7 +200,8 @@ func writeKeyProperties(selfSignature *packet.Signature, selectedKeyProperties * } if advertiseAead { - // And for DefaultMode. + // Get the preferred AEAD mode from the packet.Config. + // If it is not the must-implement algorithm from rfc9580, append that. modes := []uint8{uint8(selectedKeyProperties.aead.Mode())} if selectedKeyProperties.aead.Mode() != packet.AEADModeOCB { modes = append(modes, uint8(packet.AEADModeOCB))