8000 API to generate new subkeys · Issue #408 · rpgp/rpgp · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

API to generate 8000 new subkeys #408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
link2xt opened this issue Sep 16, 2024 · 1 comment
Open

API to generate new subkeys #408

link2xt opened this issue Sep 16, 2024 · 1 comment
Labels
enhancement

Comments

@link2xt
Copy link
Contributor
link2xt commented Sep 16, 2024

I want to generate a new encryption subkey for existing key.

But it seems subkey generation is only implemented in the function that generates a whole new secret key:

rpgp/src/composed/key/builder.rs

Lines 215 to 248 in 6e51094

self.subkeys
.into_iter()
.map(|subkey| {
let passphrase = subkey.passphrase;
let s2k = subkey
.s2k
.unwrap_or_else(|| S2kParams::new_default(&mut rng));
let (public_params, secret_params) = subkey.key_type.generate()?;
let mut keyflags = KeyFlags::default();
keyflags.set_certify(subkey.can_certify);
keyflags.set_encrypt_comms(subkey.can_encrypt);
keyflags.set_encrypt_storage(subkey.can_encrypt);
keyflags.set_sign(subkey.can_sign);
keyflags.set_authentication(subkey.can_authenticate);
let mut sub = packet::SecretSubkey::new(
packet::PublicSubkey::new(
subkey.packet_version,
subkey.version,
subkey.key_type.to_alg(),
subkey.created_at,
subkey.expiration.map(|v| v.as_secs() as u16),
public_params,
)?,
secret_params,
);
if let Some(passphrase) = passphrase {
sub.set_password_with_s2k(|| passphrase, s2k)?;
}
Ok(SecretSubkey::new(sub, keyflags))
})
.collect::<Result<Vec<_>>>()?,

Would be nice to factor it out to have a way to generate a new subkey.

As for subkey deletion, seems I can directly delete them from https://docs.rs/pgp/0.13.2/pgp/composed/signed_key/struct.SignedSecretKey.html because secret_subkeys field is public.
For unsigned key these fields are however private, which seems inconsistent: https://docs.rs/pgp/0.13.2/pgp/composed/key/struct.SecretKey.html
@link2xt link2xt mentioned this issue Sep 16, 2024
Closed
@hko-s
Copy link
Contributor
hko-s commented Sep 16, 2024

Right, subkey generation would be a good mid-level API to have, and should be easy enough to do. I'm happy to look into that, soon.

About subkey deletion, there are two different semantics one could want, when thinking about "getting rid of subkeys":

  1. signaling to others that this subkey should not be used anymore (e.g.: they should not send messages to me that are encrypted to that subkey)
  2. just not sending that subkey anymore, without signaling anything about it to correspondents

For 1, the subkey should be revoked (by issuing a new self-signature that sets the subkey metadata to "revoked"), and still sent to correspondents.

For 2, removing the subkey from the secret_subkeys field works. However, depending on the OpenPGP software of one's correspondent, it is expected that they still consider the "removed" subkey as existent and valid. Many OpenPGP libraries will continue to encrypt to a subkey that has been "removed" in this way, forever.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dignifiedquire @link2xt @hko-s
0