diff options
| author | Neal H. Walfield <neal@pep.foundation> | 2020-07-15 11:42:53 +0200 |
|---|---|---|
| committer | Neal H. Walfield <neal@pep.foundation> | 2020-07-15 12:01:49 +0200 |
| commit | 87b02b2bae6cc8ee838c8f46208a56339ebf3316 (patch) | |
| tree | fa6487416117bed464de6a0b78d4073c1fb96328 /openpgp | |
| parent | 859fd96cf006cfb0f05ad606d514a7eceb7e2724 (diff) | |
openpgp: Set the preferred algorithm subpackets correctly.
- `CertBuilder` places the `Preferred Hash Algorithm` and `Preferred
Symmetric Algorithm` subpackets only on subkeys. But, GnuPG only
recognizes them on User ID binding signatures, and direct key
signatures.
- This means that when GnuPG encrypts a message to a certificate
generated by Sequoia, it falls back to 3DES (4880's only MUST
algorithm).
- Change `CertBuilder` to match GnuPG's expectations: when creating
a certificate, add the `Preferred Hash Algorithm` and `Preferred
Symmetric Algorithm` subpackets to the User ID binding signatures,
User Attribute binding signatures, and direct key signature, and
don't bother adding them to the subkey binding signatures.
- See #522.
Diffstat (limited to 'openpgp')
| -rw-r--r-- | openpgp/src/cert/builder.rs | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index fd82bf21..a17efb02 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -975,7 +975,7 @@ impl CertBuilder { vec![Packet::from(ua), signature.into()])?; } - // sign subkeys + // Sign subkeys. for blueprint in self.subkeys { let flags = &blueprint.flags; let mut subkey = blueprint.ciphersuite @@ -994,18 +994,7 @@ impl CertBuilder { &subkey, blueprint.expiration.or(self.primary.expiration))?; - if flags.for_transport_encryption() || flags.for_storage_encryption() - { - builder = builder.set_preferred_symmetric_algorithms(vec![ - SymmetricAlgorithm::AES256, - ])?; - } - if flags.for_certification() || flags.for_signing() { - builder = builder.set_preferred_hash_algorithms(vec![ - HashAlgorithm::SHA512, - ])?; - // We need to create a primary key binding signature. let mut subkey_signer = subkey.clone().into_keypair().unwrap(); let backsig = @@ -1054,7 +1043,12 @@ impl CertBuilder { .set_key_flags(&self.primary.flags)? .set_signature_creation_time(creation_time)? .set_key_expiration_time(&key, self.primary.expiration)? - .set_preferred_hash_algorithms(vec![HashAlgorithm::SHA512])?; + .set_preferred_hash_algorithms(vec![ + HashAlgorithm::SHA512 + ])? + .set_preferred_symmetric_algorithms(vec![ + SymmetricAlgorithm::AES256, + ])?; if let Some(ref revocation_keys) = self.revocation_keys { sig = sig.set_revocation_key(revocation_keys.clone())?; |