Draft: update V5 keys, signatures, SKESK and SEIPD to the latest draft of the specification #1505
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
twiss
force-pushed
the
v5-direct-key-sigs
branch
from
a15c5cf
to
60ea170
Compare
twiss
force-pushed
the
v5-direct-key-sigs
branch
from
684f833
to
a5a9775
Compare
Store key flags, features and preferences in a direct-key signature instead of user ID signatures, for V5 keys.
The AEAD Encrypted Data packet has been removed from the draft in favor of version 2 of the Sym. Encrypted Integrity Protected Data packet. It also has a new feature flag to match.
This flag has been removed from the draft specification.
Also, set it as the preferred AEAD algorithm.
This subpacket replaces both symmetric algorithm preferences and AEAD algorithm preferences when AEAD is supported, by providing sets of preferred symmetric and AEAD algorithm pairs. We still keep the symmetric algorithm preferences in case AEAD is not supported.
Chrome's Web Crypto implementation doesn't support it, and it seems unnecessary to list it when AES-256 is available.
This field was removed from the draft specification.
In unencrypted v5 secret key packets, don't include the count of the optional fields, as per the updated crypto refresh. Since they are always absent, the count is not needed.
This has been changed in the crypto refresh.
Key flags, expiration time, algorithm preferences, et cetera, are now read from the direct-key signature instead of the primary User ID binding signature for V5 keys. This also requires a direct-key signature to be present for V5 keys.
The crypto refresh says that we MUST NOT reject messages where the CRC24 checksum is incorrect. So, we remove the check for it. Also, remove the checksumRequired config.
The latest crypto refresh specifies an HKDF step to be used for deriving the key to encrypt the session key with. It also specifies two additional length fields.
twiss
force-pushed
the
v5-direct-key-sigs
branch
from
a5a9775
to
d3513c9
Compare
twiss
changed the title
6 tasks
|
Replaced by #1630. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fixes part of #1442.