yetangitu/deltachat-core
1
0
Fork 0
mirror of https://github.com/deltachat/deltachat-core.git synced 2025-10-04 10:19:16 +02:00
Code Issues Releases Wiki Activity

Fix key generation issues: Primary key can 'sign+cert', subkey can 'encrypt'. No hash/algo/encryption preferences for subkeys. Reorder hash preferences. Disable bzip2 preference (don't know if this will be supported by Delta Chat for now).

Browse source
This commit is contained in:
B. Petersen 2017-05-24 23:26:43 +02:00
parent 9d4b18e5e3
commit 8fb10a1bf9
3 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
libs/netpgp/src/keyring.c
View file

@ -862,7 +862,7 @@ pgp_add_selfsigned_userid(pgp_key_t *skey, pgp_key_t *pkey, const uint8_t *useri
pgp_add_key_expiration_time(sig, key_expiry); pgp_add_key_expiration_time(sig, key_expiry);
pgp_add_issuer_keyid(sig, skey->pubkeyid); pgp_add_issuer_keyid(sig, skey->pubkeyid);
pgp_add_primary_userid(sig, 1); pgp_add_primary_userid(sig, 1);
pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_ENC_COMM); pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_CERT_KEYS); // Edit for Autocrypt/Delta Chat: our primary key should be able to SIGN+CERTIFY (original was SIGN+ENC_COMM) (maybe we should create a copy of this functions to be future-save on netpgp-updates)
pgp_add_key_prefs(sig); pgp_add_key_prefs(sig);
pgp_add_key_features(sig); pgp_add_key_features(sig);

8
libs/netpgp/src/signature.c
View file

@ -921,15 +921,15 @@ pgp_add_key_prefs(pgp_create_sig_t *sig)
/* Hash algo prefs */ /* Hash algo prefs */
pgp_write_ss_header(sig->output, 6, PGP_PTAG_SS_PREFERRED_HASH) && pgp_write_ss_header(sig->output, 6, PGP_PTAG_SS_PREFERRED_HASH) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA256, 1) && pgp_write_scalar(sig->output, PGP_HASH_SHA256, 1) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA1, 1) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA384, 1) && pgp_write_scalar(sig->output, PGP_HASH_SHA384, 1) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA512, 1) && pgp_write_scalar(sig->output, PGP_HASH_SHA512, 1) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA224, 1) && pgp_write_scalar(sig->output, PGP_HASH_SHA224, 1) &&
pgp_write_scalar(sig->output, PGP_HASH_SHA1, 1) && // Edit for Autocrypt/Delta Chat: due to the weak SHA1, it should not be preferred
/* Compression algo prefs */ /* Compression algo prefs */
pgp_write_ss_header(sig->output, 3, PGP_PTAG_SS_PREF_COMPRESS) && pgp_write_ss_header(sig->output, 2/*1+number of following items*/, PGP_PTAG_SS_PREF_COMPRESS) &&
pgp_write_scalar(sig->output, PGP_C_ZLIB, 1) && pgp_write_scalar(sig->output, PGP_C_ZLIB, 1) /*&& -- not sure if Delta Chat will support bzip2 on all platforms, however, this is not that important as typical files are compressed themselves and text is not that big
pgp_write_scalar(sig->output, PGP_C_BZIP2, 1); pgp_write_scalar(sig->output, PGP_C_BZIP2, 1) -- if you re-enable this, do not forget to modifiy the header count*/;
} }
unsigned unsigned

6
src/mre2ee_driver_openssl.c
View file

@ -163,9 +163,9 @@ int mre2ee_driver_create_keypair(mrmailbox_t* mailbox, const char* addr, mrkey_t
pgp_add_creation_time(sig, time(NULL)); pgp_add_creation_time(sig, time(NULL));
pgp_add_key_expiration_time(sig, 0); pgp_add_key_expiration_time(sig, 0);
pgp_add_issuer_keyid(sig, seckey.pubkeyid); pgp_add_issuer_keyid(sig, seckey.pubkeyid);
pgp_add_primary_userid(sig, 1); //pgp_add_primary_userid(sig, 1); -- seems not be needed for "ubkey Binding Signature"
pgp_add_key_flags(sig, PGP_KEYFLAG_SIGN_DATA|PGP_KEYFLAG_ENC_COMM); pgp_add_key_flags(sig, PGP_KEYFLAG_ENC_STORAGE|PGP_KEYFLAG_ENC_COMM);
pgp_add_key_prefs(sig); //pgp_add_key_prefs(sig); -- algo/hash/compression preferences seems not to be required for subkeys
pgp_add_key_features(sig); pgp_add_key_features(sig);
pgp_end_hashed_subpkts(sig); pgp_end_hashed_subpkts(sig);