-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Version 2 upgrade of go-crypto #182
Commits on Oct 24, 2023
-
Add support for v6 public key and secret key packets
Updates the parsing and serialization methods to support v6 keys. Adds the AEAD s2k type for secret key encryption but does not implement the feature yet.
Configuration menu - View commit details
-
Copy full SHA for 0eb9fa5 - Browse repository at this point
Copy the full SHA 0eb9fa5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6199e47 - Browse repository at this point
Copy the full SHA 6199e47View commit details -
This change implements the necessary updates for parsing and serializing v6 signature packets. Further it implements the v6 signature salt. V6 signatures require that a salt is prepended to the signing content before creating the signature hash. In this commit, we add this feature, which requires a change in the API for signing content. The Sign API takes an externally created hasher object as an argument to sign. To ensure that the salt is hashed before the conten in v6 singatures, we introduce a PrepareSignature method that creates a hasher object with prepended salt.
Configuration menu - View commit details
-
Copy full SHA for fecd413 - Browse repository at this point
Copy the full SHA fecd413View commit details -
Add support for direct-key signatures and v6 key messages
This commit introduces support for direct-key signatures and ensures that version 6 keys store their properties in it. Instead of calling PrimaryIdentity to access a keys properties, one should now call PrimarySelfSignature to get the primary self-signature of a key.
Configuration menu - View commit details
-
Copy full SHA for c0784f9 - Browse repository at this point
Copy the full SHA c0784f9View commit details -
Add support for v6 one-pass-signatures and update read/write API
This commit implements version 6 one-pass-signatures. Further, it updates the read/write API to support v6 signatures with salt and fingerprints.
Configuration menu - View commit details
-
Copy full SHA for 35770b9 - Browse repository at this point
Copy the full SHA 35770b9View commit details -
This change removes armor checksums and removes checks accordingly.
Configuration menu - View commit details
-
Copy full SHA for 7ed878a - Browse repository at this point
Copy the full SHA 7ed878aView commit details -
Configuration menu - View commit details
-
Copy full SHA for b5fb1e3 - Browse repository at this point
Copy the full SHA b5fb1e3View commit details -
All these constants should have the type SignatureType and not int.
Configuration menu - View commit details
-
Copy full SHA for d1a77a1 - Browse repository at this point
Copy the full SHA d1a77a1View commit details -
Configuration menu - View commit details
-
Copy full SHA for b11525d - Browse repository at this point
Copy the full SHA b11525dView commit details -
Configuration menu - View commit details
-
Copy full SHA for ff41495 - Browse repository at this point
Copy the full SHA ff41495View commit details -
Configuration menu - View commit details
-
Copy full SHA for 741dddf - Browse repository at this point
Copy the full SHA 741dddfView commit details -
Add support for v6 AEAD private key encryption
The OpenPGP crypto refresh allows to encrypt secret keys with AEAD encryption. In this commit, we add AEAD secret key encryption and the addtional HKDF step in key derivation. The packet.Config contains a new field to configure the type of secret key encryption.
Configuration menu - View commit details
-
Copy full SHA for ed35ec1 - Browse repository at this point
Copy the full SHA ed35ec1View commit details -
Configuration menu - View commit details
-
Copy full SHA for dc99efd - Browse repository at this point
Copy the full SHA dc99efdView commit details -
Configuration menu - View commit details
-
Copy full SHA for 306ec0d - Browse repository at this point
Copy the full SHA 306ec0dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 253d004 - Browse repository at this point
Copy the full SHA 253d004View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2581248 - Browse repository at this point
Copy the full SHA 2581248View commit details -
Remove S2K secret key encryption type from config
The aead secret key encrypton mode is now enabled by setting the aead config in config.
Configuration menu - View commit details
-
Copy full SHA for f3bce80 - Browse repository at this point
Copy the full SHA f3bce80View commit details -
Configuration menu - View commit details
-
Copy full SHA for d0b8f30 - Browse repository at this point
Copy the full SHA d0b8f30View commit details -
Add Argon2-AEAD encrypted secret key test case
Added a test case for v6 Argon2-AEAD encrypted secret keys, which was freshly included in the crypto refresh rfc: https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/274
Configuration menu - View commit details
-
Copy full SHA for eb368c2 - Browse repository at this point
Copy the full SHA eb368c2View commit details -
Add support for v6 signatures in cleartext messages
This commit, updates the cleartext signature api to support v6 signatures. Cleartext messages with v6 signatures require a new header, which specifies the used hash function in combination with the used salt. It now checks that the salt and hash matches with the contained v6 signature.
Configuration menu - View commit details
-
Copy full SHA for 4147fe2 - Browse repository at this point
Copy the full SHA 4147fe2View commit details -
Configuration menu - View commit details
-
Copy full SHA for c62d973 - Browse repository at this point
Copy the full SHA c62d973View commit details -
Implements clearsign message for v6 correctly
This commit ensures that cleatext messages with v6 signatures contain a salted hash header with the matching hash and salt. Allows for both v4 and v6 signatures in the same message with mixed headers.
Configuration menu - View commit details
-
Copy full SHA for 0510848 - Browse repository at this point
Copy the full SHA 0510848View commit details -
Configuration menu - View commit details
-
Copy full SHA for 79a381f - Browse repository at this point
Copy the full SHA 79a381fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7f0b978 - Browse repository at this point
Copy the full SHA 7f0b978View commit details -
Configuration menu - View commit details
-
Copy full SHA for 848b22f - Browse repository at this point
Copy the full SHA 848b22fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 2141f18 - Browse repository at this point
Copy the full SHA 2141f18View commit details -
Configuration menu - View commit details
-
Copy full SHA for bd16267 - Browse repository at this point
Copy the full SHA bd16267View commit details -
Configuration menu - View commit details
-
Copy full SHA for 26afebe - Browse repository at this point
Copy the full SHA 26afebeView commit details -
Imitate model for v6 direct key self-signatures from identity self-si…
…gnatures Ensures that a v6 key contains a valid direct-key signature for the primary key that stores its properties. On parsing a v6 key, the newest direct-key signature is selected and checked for validity while other signatures are stored but ignored.
Configuration menu - View commit details
-
Copy full SHA for 7f25dd6 - Browse repository at this point
Copy the full SHA 7f25dd6View commit details -
Configuration menu - View commit details
-
Copy full SHA for a2c729e - Browse repository at this point
Copy the full SHA a2c729eView commit details -
Update PKESK to the latest version of the crypto refresh
This commit changes the PKESK parsing and serialization methods to the updated encodings of x25519 and x488 ciphertexts for v3 PKESK. Instead of encoding the symmetric key algorithm in the ciphertext with padding, the symmetric key algorithm is now encoded unencrypted. Further, the commit refactors the checksum handling and enforces AES with v3 PKESK for the above algorithms.
Configuration menu - View commit details
-
Copy full SHA for d84a83c - Browse repository at this point
Copy the full SHA d84a83cView commit details -
Configuration menu - View commit details
-
Copy full SHA for a4e36b0 - Browse repository at this point
Copy the full SHA a4e36b0View commit details -
Fix one-pass-signature parsing with wrong version
One-pass-signature parsing now directly returns an error if an unsuported version is parsed.
Configuration menu - View commit details
-
Copy full SHA for 3c375b0 - Browse repository at this point
Copy the full SHA 3c375b0View commit details -
Configuration menu - View commit details
-
Copy full SHA for c92612b - Browse repository at this point
Copy the full SHA c92612bView commit details -
Update HKDF in X25519 and X448
The input to the HKDF function now includes the ephemeral public key and the recipient public key as described in the latest version of the crypto refresh. https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/278
Configuration menu - View commit details
-
Copy full SHA for 51e16b3 - Browse repository at this point
Copy the full SHA 51e16b3View commit details -
When forming ASCII Armor, the CRC24 footer should not be generated according to the crypto refresh. However, due to a compatibility issue with GnuPG, we generate them for now and pospone the removal to version 2 of go-crypto.
Configuration menu - View commit details
-
Copy full SHA for f90e664 - Browse repository at this point
Copy the full SHA f90e664View commit details -
Ensure correct key derivation when encrypting multiple keys with aead
Fixes an issue in EncryptPrivateKeys, where the hkdf was applied to the last hkdf derived key instead of the s2k dervided key.
Configuration menu - View commit details
-
Copy full SHA for 98de8c7 - Browse repository at this point
Copy the full SHA 98de8c7View commit details -
Add testcase for reading a v6 PKESK encrypted message
Adds a testcase for the following crypto refresh test vector: https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/302
Configuration menu - View commit details
-
Copy full SHA for 3573e94 - Browse repository at this point
Copy the full SHA 3573e94View commit details -
Update PKESKv6 serialization/parsing to the new packet format
This commit updates PKESKv6 serialization/parsing to the newest version of the standart, see: https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/304
Configuration menu - View commit details
-
Copy full SHA for 509d55f - Browse repository at this point
Copy the full SHA 509d55fView commit details -
Update one-pass signature v6 packets to latest crypto refresh version
This commit updates the serialization/parse methods of one-pass signature packets to the latest updated version of the crypto refresh. See: https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/305
Configuration menu - View commit details
-
Copy full SHA for c1f4c6f - Browse repository at this point
Copy the full SHA c1f4c6fView commit details -
Remove salted hash header from signed cleartext messages
The salted hash header in cleartext messages was removed from the crypto refresh: https://gitlab.com/openpgp-wg/rfc4880bis/-/merge_requests/313 This commit adds the following changes to cleartext messages: - removes the salted hash header logic - only produces ''Hash" headers if no v6 signatures are present - ignores any parsed headers in signature verification
Configuration menu - View commit details
-
Copy full SHA for 1dd6feb - Browse repository at this point
Copy the full SHA 1dd6febView commit details -
Configuration menu - View commit details
-
Copy full SHA for 21092dc - Browse repository at this point
Copy the full SHA 21092dcView commit details -
Configuration menu - View commit details
-
Copy full SHA for 774c082 - Browse repository at this point
Copy the full SHA 774c082View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1d56dee - Browse repository at this point
Copy the full SHA 1d56deeView commit details -
Configuration menu - View commit details
-
Copy full SHA for 633db87 - Browse repository at this point
Copy the full SHA 633db87View commit details -
Configuration menu - View commit details
-
Copy full SHA for 696c023 - Browse repository at this point
Copy the full SHA 696c023View commit details -
Configuration menu - View commit details
-
Copy full SHA for 60fa713 - Browse repository at this point
Copy the full SHA 60fa713View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3493ab3 - Browse repository at this point
Copy the full SHA 3493ab3View commit details -
Configuration menu - View commit details
-
Copy full SHA for c695db0 - Browse repository at this point
Copy the full SHA c695db0View commit details -
Configuration menu - View commit details
-
Copy full SHA for e884ac0 - Browse repository at this point
Copy the full SHA e884ac0View commit details -
Configuration menu - View commit details
-
Copy full SHA for f598b26 - Browse repository at this point
Copy the full SHA f598b26View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6e3d94b - Browse repository at this point
Copy the full SHA 6e3d94bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 320232b - Browse repository at this point
Copy the full SHA 320232bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 608bc7b - Browse repository at this point
Copy the full SHA 608bc7bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 162f22f - Browse repository at this point
Copy the full SHA 162f22fView commit details -
Configuration menu - View commit details
-
Copy full SHA for d36fda7 - Browse repository at this point
Copy the full SHA d36fda7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3cd52da - Browse repository at this point
Copy the full SHA 3cd52daView commit details -
Configuration menu - View commit details
-
Copy full SHA for 19c7808 - Browse repository at this point
Copy the full SHA 19c7808View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3e41c8c - Browse repository at this point
Copy the full SHA 3e41c8cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 48f7095 - Browse repository at this point
Copy the full SHA 48f7095View commit details -
Configuration menu - View commit details
-
Copy full SHA for 53ffda9 - Browse repository at this point
Copy the full SHA 53ffda9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3bdcc5b - Browse repository at this point
Copy the full SHA 3bdcc5bView commit details -
fix(packet): Only throw error if the issuer signature subpacket is in…
… hashed area in v6
Configuration menu - View commit details
-
Copy full SHA for 778b489 - Browse repository at this point
Copy the full SHA 778b489View commit details -
feat(v2): Change message details signature candidate selection for no…
… match In the case that no signature canidate verifies successfuly, the md.SignatureError should not point to the last candidate error in the list but rather to the last candidate error with a key match (if any).
Configuration menu - View commit details
-
Copy full SHA for 4294467 - Browse repository at this point
Copy the full SHA 4294467View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3443512 - Browse repository at this point
Copy the full SHA 3443512View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9e18830 - Browse repository at this point
Copy the full SHA 9e18830View commit details -
feat(v2): Allow to set the time for selecting keys in encryption
This commit adds an EncryptionTime time field to the EncryptParams struct. If provided in encryption, it overrides the time for key selection. It allows to disable expiration ckecks by setting the time to zero.
Configuration menu - View commit details
-
Copy full SHA for 174dc6b - Browse repository at this point
Copy the full SHA 174dc6bView commit details -
feat: Do not allow to generate or use v6 keys with legacy oid
Implementations MUST NOT accept or generate v6 key material using the deprecated OIDs.
Configuration menu - View commit details
-
Copy full SHA for 94d8fd9 - Browse repository at this point
Copy the full SHA 94d8fd9View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4c9baeb - Browse repository at this point
Copy the full SHA 4c9baebView commit details -
Configuration menu - View commit details
-
Copy full SHA for d1f7ff4 - Browse repository at this point
Copy the full SHA d1f7ff4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0c44431 - Browse repository at this point
Copy the full SHA 0c44431View commit details
Commits on Nov 22, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 4aabb69 - Browse repository at this point
Copy the full SHA 4aabb69View commit details -
Configuration menu - View commit details
-
Copy full SHA for 820b395 - Browse repository at this point
Copy the full SHA 820b395View commit details -
Configuration menu - View commit details
-
Copy full SHA for 13e4612 - Browse repository at this point
Copy the full SHA 13e4612View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3198ed3 - Browse repository at this point
Copy the full SHA 3198ed3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 49087ba - Browse repository at this point
Copy the full SHA 49087baView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3d55a7e - Browse repository at this point
Copy the full SHA 3d55a7eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1408255 - Browse repository at this point
Copy the full SHA 1408255View commit details -
Configuration menu - View commit details
-
Copy full SHA for c10c41e - Browse repository at this point
Copy the full SHA c10c41eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4863db4 - Browse repository at this point
Copy the full SHA 4863db4View commit details -
Configuration menu - View commit details
-
Copy full SHA for ddb84e3 - Browse repository at this point
Copy the full SHA ddb84e3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1dc0808 - Browse repository at this point
Copy the full SHA 1dc0808View commit details -
Configuration menu - View commit details
-
Copy full SHA for 708c2ad - Browse repository at this point
Copy the full SHA 708c2adView commit details -
Configuration menu - View commit details
-
Copy full SHA for fb84e16 - Browse repository at this point
Copy the full SHA fb84e16View commit details -
Configuration menu - View commit details
-
Copy full SHA for 78f1529 - Browse repository at this point
Copy the full SHA 78f1529View commit details -
Configuration menu - View commit details
-
Copy full SHA for f0a31d2 - Browse repository at this point
Copy the full SHA f0a31d2View commit details -
Configuration menu - View commit details
-
Copy full SHA for bf37126 - Browse repository at this point
Copy the full SHA bf37126View commit details
Commits on Nov 23, 2023
-
Configuration menu - View commit details
-
Copy full SHA for cc1afdc - Browse repository at this point
Copy the full SHA cc1afdcView commit details -
Configuration menu - View commit details
-
Copy full SHA for be8d42d - Browse repository at this point
Copy the full SHA be8d42dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3db5173 - Browse repository at this point
Copy the full SHA 3db5173View commit details -
Configuration menu - View commit details
-
Copy full SHA for 1ab7fbc - Browse repository at this point
Copy the full SHA 1ab7fbcView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1f9ab12 - Browse repository at this point
Copy the full SHA 1f9ab12View commit details -
Configuration menu - View commit details
-
Copy full SHA for 59054bc - Browse repository at this point
Copy the full SHA 59054bcView commit details -
Configuration menu - View commit details
-
Copy full SHA for dc7272a - Browse repository at this point
Copy the full SHA dc7272aView commit details -
Configuration menu - View commit details
-
Copy full SHA for d16b56e - Browse repository at this point
Copy the full SHA d16b56eView commit details -
Configuration menu - View commit details
-
Copy full SHA for efe3451 - Browse repository at this point
Copy the full SHA efe3451View commit details -
Configuration menu - View commit details
-
Copy full SHA for bebb8bc - Browse repository at this point
Copy the full SHA bebb8bcView commit details -
Configuration menu - View commit details
-
Copy full SHA for e94987c - Browse repository at this point
Copy the full SHA e94987cView commit details -
docs(packet): Fix grammar issue in config comments
Co-authored-by: Aron Wussler <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 26e7edc - Browse repository at this point
Copy the full SHA 26e7edcView commit details -
Configuration menu - View commit details
-
Copy full SHA for e3b2b43 - Browse repository at this point
Copy the full SHA e3b2b43View commit details
Commits on Nov 24, 2023
-
Configuration menu - View commit details
-
Copy full SHA for d47e648 - Browse repository at this point
Copy the full SHA d47e648View commit details
Commits on Nov 27, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 8b9879a - Browse repository at this point
Copy the full SHA 8b9879aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8781dd3 - Browse repository at this point
Copy the full SHA 8781dd3View commit details
Commits on Nov 30, 2023
-
Configuration menu - View commit details
-
Copy full SHA for f5a3bd6 - Browse repository at this point
Copy the full SHA f5a3bd6View commit details
Commits on Dec 11, 2023
-
Configuration menu - View commit details
-
Copy full SHA for eafe562 - Browse repository at this point
Copy the full SHA eafe562View commit details -
Apply suggestions from code review
Co-authored-by: Aron Wussler <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 008cc9d - Browse repository at this point
Copy the full SHA 008cc9dView commit details -
Configuration menu - View commit details
-
Copy full SHA for f2990fa - Browse repository at this point
Copy the full SHA f2990faView commit details -
Configuration menu - View commit details
-
Copy full SHA for ae457d1 - Browse repository at this point
Copy the full SHA ae457d1View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0a030a3 - Browse repository at this point
Copy the full SHA 0a030a3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2cc531d - Browse repository at this point
Copy the full SHA 2cc531dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 9cf78f4 - Browse repository at this point
Copy the full SHA 9cf78f4View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0b527c6 - Browse repository at this point
Copy the full SHA 0b527c6View commit details
Commits on Jan 5, 2024
-
Configuration menu - View commit details
-
Copy full SHA for a09d905 - Browse repository at this point
Copy the full SHA a09d905View commit details -
Configuration menu - View commit details
-
Copy full SHA for 38191b9 - Browse repository at this point
Copy the full SHA 38191b9View commit details
Commits on Jan 17, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 75630f2 - Browse repository at this point
Copy the full SHA 75630f2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 93256de - Browse repository at this point
Copy the full SHA 93256deView commit details