1 // Copyright 2012 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package packet 6 7 import ( 8 "crypto" 9 "crypto/rand" 10 "io" 11 "math/big" 12 "time" 13 14 "github.com/ProtonMail/go-crypto/openpgp/s2k" 15 ) 16 17 // Config collects a number of parameters along with sensible defaults. 18 // A nil *Config is valid and results in all default values. 19 type Config struct { 20 // Rand provides the source of entropy. 21 // If nil, the crypto/rand Reader is used. 22 Rand io.Reader 23 // DefaultHash is the default hash function to be used. 24 // If zero, SHA-256 is used. 25 DefaultHash crypto.Hash 26 // DefaultCipher is the cipher to be used. 27 // If zero, AES-128 is used. 28 DefaultCipher CipherFunction 29 // Time returns the current time as the number of seconds since the 30 // epoch. If Time is nil, time.Now is used. 31 Time func() time.Time 32 // DefaultCompressionAlgo is the compression algorithm to be 33 // applied to the plaintext before encryption. If zero, no 34 // compression is done. 35 DefaultCompressionAlgo CompressionAlgo 36 // CompressionConfig configures the compression settings. 37 CompressionConfig *CompressionConfig 38 // S2K (String to Key) config, used for key derivation in the context of secret key encryption 39 // and password-encrypted data. 40 // If nil, the default configuration is used 41 S2KConfig *s2k.Config 42 // Iteration count for Iterated S2K (String to Key). 43 // Only used if sk2.Mode is nil. 44 // This value is duplicated here from s2k.Config for backwards compatibility. 45 // It determines the strength of the passphrase stretching when 46 // the said passphrase is hashed to produce a key. S2KCount 47 // should be between 65536 and 65011712, inclusive. If Config 48 // is nil or S2KCount is 0, the value 16777216 used. Not all 49 // values in the above range can be represented. S2KCount will 50 // be rounded up to the next representable value if it cannot 51 // be encoded exactly. When set, it is strongly encrouraged to 52 // use a value that is at least 65536. See RFC 4880 Section 53 // 3.7.1.3. 54 // 55 // Deprecated: SK2Count should be configured in S2KConfig instead. 56 S2KCount int 57 // RSABits is the number of bits in new RSA keys made with NewEntity. 58 // If zero, then 2048 bit keys are created. 59 RSABits int 60 // The public key algorithm to use - will always create a signing primary 61 // key and encryption subkey. 62 Algorithm PublicKeyAlgorithm 63 // Some known primes that are optionally prepopulated by the caller 64 RSAPrimes []*big.Int 65 // Curve configures the desired packet.Curve if the Algorithm is PubKeyAlgoECDSA, 66 // PubKeyAlgoEdDSA, or PubKeyAlgoECDH. If empty Curve25519 is used. 67 Curve Curve 68 // AEADConfig configures the use of the new AEAD Encrypted Data Packet, 69 // defined in the draft of the next version of the OpenPGP specification. 70 // If a non-nil AEADConfig is passed, usage of this packet is enabled. By 71 // default, it is disabled. See the documentation of AEADConfig for more 72 // configuration options related to AEAD. 73 // **Note: using this option may break compatibility with other OpenPGP 74 // implementations, as well as future versions of this library.** 75 AEADConfig *AEADConfig 76 // V5Keys configures version 5 key generation. If false, this package still 77 // supports version 5 keys, but produces version 4 keys. 78 V5Keys bool 79 // "The validity period of the key. This is the number of seconds after 80 // the key creation time that the key expires. If this is not present 81 // or has a value of zero, the key never expires. This is found only on 82 // a self-signature."" 83 // https://tools.ietf.org/html/rfc4880#section-5.2.3.6 84 KeyLifetimeSecs uint32 85 // "The validity period of the signature. This is the number of seconds 86 // after the signature creation time that the signature expires. If 87 // this is not present or has a value of zero, it never expires." 88 // https://tools.ietf.org/html/rfc4880#section-5.2.3.10 89 SigLifetimeSecs uint32 90 // SigningKeyId is used to specify the signing key to use (by Key ID). 91 // By default, the signing key is selected automatically, preferring 92 // signing subkeys if available. 93 SigningKeyId uint64 94 // SigningIdentity is used to specify a user ID (packet Signer's User ID, type 28) 95 // when producing a generic certification signature onto an existing user ID. 96 // The identity must be present in the signer Entity. 97 SigningIdentity string 98 // InsecureAllowUnauthenticatedMessages controls, whether it is tolerated to read 99 // encrypted messages without Modification Detection Code (MDC). 100 // MDC is mandated by the IETF OpenPGP Crypto Refresh draft and has long been implemented 101 // in most OpenPGP implementations. Messages without MDC are considered unnecessarily 102 // insecure and should be prevented whenever possible. 103 // In case one needs to deal with messages from very old OpenPGP implementations, there 104 // might be no other way than to tolerate the missing MDC. Setting this flag, allows this 105 // mode of operation. It should be considered a measure of last resort. 106 InsecureAllowUnauthenticatedMessages bool 107 // KnownNotations is a map of Notation Data names to bools, which controls 108 // the notation names that are allowed to be present in critical Notation Data 109 // signature subpackets. 110 KnownNotations map[string]bool 111 // SignatureNotations is a list of Notations to be added to any signatures. 112 SignatureNotations []*Notation 113 } 114 115 func (c *Config) Random() io.Reader { 116 if c == nil || c.Rand == nil { 117 return rand.Reader 118 } 119 return c.Rand 120 } 121 122 func (c *Config) Hash() crypto.Hash { 123 if c == nil || uint(c.DefaultHash) == 0 { 124 return crypto.SHA256 125 } 126 return c.DefaultHash 127 } 128 129 func (c *Config) Cipher() CipherFunction { 130 if c == nil || uint8(c.DefaultCipher) == 0 { 131 return CipherAES128 132 } 133 return c.DefaultCipher 134 } 135 136 func (c *Config) Now() time.Time { 137 if c == nil || c.Time == nil { 138 return time.Now().Truncate(time.Second) 139 } 140 return c.Time().Truncate(time.Second) 141 } 142 143 // KeyLifetime returns the validity period of the key. 144 func (c *Config) KeyLifetime() uint32 { 145 if c == nil { 146 return 0 147 } 148 return c.KeyLifetimeSecs 149 } 150 151 // SigLifetime returns the validity period of the signature. 152 func (c *Config) SigLifetime() uint32 { 153 if c == nil { 154 return 0 155 } 156 return c.SigLifetimeSecs 157 } 158 159 func (c *Config) Compression() CompressionAlgo { 160 if c == nil { 161 return CompressionNone 162 } 163 return c.DefaultCompressionAlgo 164 } 165 166 func (c *Config) RSAModulusBits() int { 167 if c == nil || c.RSABits == 0 { 168 return 2048 169 } 170 return c.RSABits 171 } 172 173 func (c *Config) PublicKeyAlgorithm() PublicKeyAlgorithm { 174 if c == nil || c.Algorithm == 0 { 175 return PubKeyAlgoRSA 176 } 177 return c.Algorithm 178 } 179 180 func (c *Config) CurveName() Curve { 181 if c == nil || c.Curve == "" { 182 return Curve25519 183 } 184 return c.Curve 185 } 186 187 // Deprecated: The hash iterations should now be queried via the S2K() method. 188 func (c *Config) PasswordHashIterations() int { 189 if c == nil || c.S2KCount == 0 { 190 return 0 191 } 192 return c.S2KCount 193 } 194 195 func (c *Config) S2K() *s2k.Config { 196 if c == nil { 197 return nil 198 } 199 // for backwards compatibility 200 if c != nil && c.S2KCount > 0 && c.S2KConfig == nil { 201 return &s2k.Config{ 202 S2KCount: c.S2KCount, 203 } 204 } 205 return c.S2KConfig 206 } 207 208 func (c *Config) AEAD() *AEADConfig { 209 if c == nil { 210 return nil 211 } 212 return c.AEADConfig 213 } 214 215 func (c *Config) SigningKey() uint64 { 216 if c == nil { 217 return 0 218 } 219 return c.SigningKeyId 220 } 221 222 func (c *Config) SigningUserId() string { 223 if c == nil { 224 return "" 225 } 226 return c.SigningIdentity 227 } 228 229 func (c *Config) AllowUnauthenticatedMessages() bool { 230 if c == nil { 231 return false 232 } 233 return c.InsecureAllowUnauthenticatedMessages 234 } 235 236 func (c *Config) KnownNotation(notationName string) bool { 237 if c == nil { 238 return false 239 } 240 return c.KnownNotations[notationName] 241 } 242 243 func (c *Config) Notations() []*Notation { 244 if c == nil { 245 return nil 246 } 247 return c.SignatureNotations 248 } 249