Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
publics
/
crypto
0
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

openpgp: don't generate PubKeyAlgoRSASignOnly keys

These are deprecated according to RFC4880 and should no longer be
generated: https://tools.ietf.org/html/rfc4880#section-13.5
With that, the notion of a "sign-only" private key doesn't make sense
(as that is a signature property, not a private key property), so remove
it from the comment.

Fixes golang/go#27888

Change-Id: I7d41acd0793b2caf3c0897e580f42375c72d82a8
Reviewed-on: https://go-review.googlesource.com/c/137896
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Axel Wagner 7 lat temu
rodzic
74cb1d3d52
commit
85e1b3f913
3 zmienionych plików z 9 dodań i 13 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 7 5
      openpgp/packet/packet.go
  2. 1 3
      openpgp/packet/private_key.go
  3. 1 5
      openpgp/packet/private_key_test.go

+ 7 - 5
openpgp/packet/packet.go
Wyświetl plik 

@@ -404,14 +404,16 @@ const (
 
 type PublicKeyAlgorithm uint8
 
 
 const (
 
-	PubKeyAlgoRSA            PublicKeyAlgorithm = 1
 
-	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
 
-	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
 
-	PubKeyAlgoElGamal        PublicKeyAlgorithm = 16
 
-	PubKeyAlgoDSA            PublicKeyAlgorithm = 17
 
+	PubKeyAlgoRSA     PublicKeyAlgorithm = 1
 
+	PubKeyAlgoElGamal PublicKeyAlgorithm = 16
 
+	PubKeyAlgoDSA     PublicKeyAlgorithm = 17
 
 	// RFC 6637, Section 5.
 
 	PubKeyAlgoECDH  PublicKeyAlgorithm = 18
 
 	PubKeyAlgoECDSA PublicKeyAlgorithm = 19
 
+
 
+	// Deprecated in RFC 4880, Section 13.5. Use key flags instead.
 
+	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
 
+	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
 
 )
 
 
 // CanEncrypt returns true if it's possible to encrypt a message to a public

+ 1 - 3
openpgp/packet/private_key.go
Wyświetl plik 

@@ -64,7 +64,7 @@ func NewECDSAPrivateKey(currentTime time.Time, priv *ecdsa.PrivateKey) *PrivateK
 
 	return pk
 
 }
 
 
-// NewSignerPrivateKey creates a sign-only PrivateKey from a crypto.Signer that
 
+// NewSignerPrivateKey creates a PrivateKey from a crypto.Signer that
 
 // implements RSA or ECDSA.
 
 func NewSignerPrivateKey(currentTime time.Time, signer crypto.Signer) *PrivateKey {
 
 	pk := new(PrivateKey)
 
@@ -73,10 +73,8 @@ func NewSignerPrivateKey(currentTime time.Time, signer crypto.Signer) *PrivateKe
 
 	switch pubkey := signer.Public().(type) {
 
 	case *rsa.PublicKey:
 
 		pk.PublicKey = *NewRSAPublicKey(currentTime, pubkey)
 
-		pk.PubKeyAlgo = PubKeyAlgoRSASignOnly
 
 	case rsa.PublicKey:
 
 		pk.PublicKey = *NewRSAPublicKey(currentTime, &pubkey)
 
-		pk.PubKeyAlgo = PubKeyAlgoRSASignOnly
 
 	case *ecdsa.PublicKey:
 
 		pk.PublicKey = *NewECDSAPublicKey(currentTime, pubkey)
 
 	case ecdsa.PublicKey:

+ 1 - 5
openpgp/packet/private_key_test.go
Wyświetl plik 

@@ -172,12 +172,8 @@ func TestRSASignerPrivateKey(t *testing.T) {
 
 
 	priv := NewSignerPrivateKey(time.Now(), &rsaSigner{rsaPriv})
 
 
-	if priv.PubKeyAlgo != PubKeyAlgoRSASignOnly {
 
-		t.Fatal("NewSignerPrivateKey should have made a sign-only RSA private key")
 
-	}
 
-
 
 	sig := &Signature{
 
-		PubKeyAlgo: PubKeyAlgoRSASignOnly,
 
+		PubKeyAlgo: PubKeyAlgoRSA,
 
 		Hash:       crypto.SHA256,
 
 	}
 
 	msg := []byte("Hello World!")