-
Notifications
You must be signed in to change notification settings - Fork 97
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Experimental: Symmetric Keys and Forwarding #141
Draft
wussler
wants to merge
19
commits into
main
Choose a base branch
from
Proton
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Commits on Jul 18, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 4d8199d - Browse repository at this point
Copy the full SHA 4d8199dView commit details -
Configuration menu - View commit details
-
Copy full SHA for ae15360 - Browse repository at this point
Copy the full SHA ae15360View commit details -
openpgp: Add support for symmetric subkeys (#74)
It is sometimes useful to encrypt data under some symmetric key. While this was possible to do using passphrase-derived keys, there was no support for long-term storage of the keys that was used to encrypt the key packets. To solve this, a new type of key is introduced. This key will hold a symmetric key, and will be used for both encryption and decryption of data. Specifically, as with asymmetric keys, the actual data will be encrypted using a session key, generated ad-hoc for these data. Then, instead of using a public key to encrypt the session key, the persistent symmetric key will be used instead, to produce a, so to say, Key Encrypted Key Packet. Conversly, instead of using a private key to decrypt the session key, the same symmetric key will be used. Then, the decrypted session key can be used to decrypt the data packet, as usual. As with the case of AEAD keys, it is sometimes useful to "sign" data with a persistent, symmetric key. This key holds a symmetric key, which can be used for both signing and verifying the integrity of data. While not strictly needed, the signature process will first generate a digest of the data-to-be-signed, and then the key will be used to sign the digest, using an HMAC construction. For technical reasons, related to this implenetation of the openpgp protocol, the secret key material is also stored in the newly defined public key types. Future contributors must take note of this, and not export or serialize that key in a way that it will be publicly availabe. Since symmetric keys do not have a public and private part, there is no point serializing the internal "public key" structures. Thus, symmetric keys are skipped when serialing the public part of a keyring.
Configuration menu - View commit details
-
Copy full SHA for b1cb1d2 - Browse repository at this point
Copy the full SHA b1cb1d2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 04e69d6 - Browse repository at this point
Copy the full SHA 04e69d6View commit details -
Configuration menu - View commit details
-
Copy full SHA for cd1df39 - Browse repository at this point
Copy the full SHA cd1df39View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2e2d56a - Browse repository at this point
Copy the full SHA 2e2d56aView commit details -
Configuration menu - View commit details
-
Copy full SHA for c759ef2 - Browse repository at this point
Copy the full SHA c759ef2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8186276 - Browse repository at this point
Copy the full SHA 8186276View commit details -
Configuration menu - View commit details
-
Copy full SHA for b77643d - Browse repository at this point
Copy the full SHA b77643dView commit details -
Configuration menu - View commit details
-
Copy full SHA for c38aca0 - Browse repository at this point
Copy the full SHA c38aca0View commit details -
Configuration menu - View commit details
-
Copy full SHA for 7c4521c - Browse repository at this point
Copy the full SHA 7c4521cView commit details -
Configuration menu - View commit details
-
Copy full SHA for aaf4fba - Browse repository at this point
Copy the full SHA aaf4fbaView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0c84782 - Browse repository at this point
Copy the full SHA 0c84782View commit details -
Configuration menu - View commit details
-
Copy full SHA for 736343d - Browse repository at this point
Copy the full SHA 736343dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 6c1edd7 - Browse repository at this point
Copy the full SHA 6c1edd7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 635733f - Browse repository at this point
Copy the full SHA 635733fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 08bd3f7 - Browse repository at this point
Copy the full SHA 08bd3f7View commit details -
Configuration menu - View commit details
-
Copy full SHA for 5c6f2b4 - Browse repository at this point
Copy the full SHA 5c6f2b4View commit details -
Generate an AEAD subkey when requesting an HMAC primary key.
Configuration menu - View commit details
-
Copy full SHA for 5cc763e - Browse repository at this point
Copy the full SHA 5cc763eView commit details
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.