improve API for signatures and subkeys #451
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These tests are pulled from the OpenPGP Interoperability Test Suite, in particular from those tests tagged "forward-compat": https://tests.sequoia-pgp.org/?q=forward-compat These failures make it difficult to use PGPy in an OpenPGP ecosystem that can evolve, because PGPy will complain about OpenPGP objects that contain something it doesn't understand, even though the rest of the message is otherwise comprehensible and usable. See Justus Winter's message to openpgp@ietf.org describing his concerns: https://mailarchive.ietf.org/arch/msg/openpgp/QUiEKx3PQeJOXnkcvvnuHpv739M I've selected specific examples that PGPy is known to currently fail with.
pgpy.types.Exportable was renamed to Armorable before version 0.3.0 was released (in d00010e, back in 2014), which indicates that this test program has not been run in over 8 years. Given that the asyncio stuff has also changed in python since then, it is simpler to just drop this file than try to fix it.
This reduces the number of SKIPPED and XFAIL messages from the test suite. Given where the cleanup is happening, also make the remaining XFAIL messages a little clearer.
This is not a signature subpacket. Rather, it is a signature type.
dkg
force-pushed
the
dkg/api-tuneup
branch
4 times, most recently
from
2dd79a7
to
e2b7b8c
Compare
|
In addition to the API tune-up, with this PR applied, ( |
dkg
force-pushed
the
dkg/api-tuneup
branch
2 times, most recently
from
b1f6827
to
e028c80
Compare
|
Given that #450 is still a WIP, this is also a WIP. I'll remove "WIP" when it is a bit more stable, but i wanted to make clear the specific API changes i'm considering making. |
It works in the basic mode, but we still need to handle the args for encrypt/decrypt.
- add enums for the flags passed into the sop interface
- make member functions of StatelessOpenPGP well-typed
- adjust docstrings so that help(sop) provides useful guidance
- handle sessionkey and timestamp parsing in sop.py
- handle all indirect access directly in sop.py
- complete strict typing ("mypy --strict sop.py" passes)
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
By making all arguments to the functions keyword arguments, we can use **kwargs to receive any extended options. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
This reflects the changes to the subcommand names and additional arguments from draft-dkg-openpgp-stateless-cli-01
…ithm I don't expect new image encoding types to be defined. Indeed, the version itself could just go away and we could probably retcon UserAttribute 1 as JPEG (see https://gitlab.com/openpgp-wg/rfc4880bis/-/issues/162) with a weird 16-octet header. But it's better to have the code normalized here.
See the rationale from the upcoming standard: https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#name-optional-checksum
The implementation will select a reasonable option for the indicated pubkey algorithm if you don't supply it.
This could be done only during the --profile draft-ietf-openpgp-crypto-refresh-10, but there's nothing in the earlier specifications that would indicate a problem or incompatibility to include such a signature.
Move encrypt into fields.PubKey, and decrypt into fields.PrivKey. This is a simplifying change, and also prepares the codebase for the crypto-refresh, which has different subtle changes in the encoded pkesk, for different versions and different algorithms. The underlying cryptographic code gets pushed into fields.py (out of sight from higher-level functions) and lets us make more straightforward and explicit type definitions.
- if something is not implemented, just raise NotImplementedError directly, rather than trying to sometimes return a NotImplemented object. Returning a NotImplemented object complicates the type signature without providing much of an advantage in terms of workflow. - PGPSignature.target_signature is a property that was never implemented or used. We can just drop this property entirely, implementing it only when it can actually be implemented.
use search_pref_sigs() instead of walking each user ID
This leaves only one place to list the requirements
dkg
force-pushed
the
dkg/api-tuneup
branch
2 times, most recently
from
8558542
to
ce54273
Compare
This will be important if a non-v4 signature gets embedded. It might end up being an opaque signature, if PGPy can't read the version, but it shouldn't try to force a SignatureV4 if it is not actually version 4. This change also isolates the parsing of the embedded signature so that it can only consume bytes within the enclosing subpacket.
This hasn't been necessary since fingerprints knew their own version, it was just a no-op.
This is what caught the problem of passing _version to addnew
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
On top of #450, this change makes the following API adjustments (from the diff in the changelog):
These underlying changes have a few advantages: