Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Offer implementation of the Stateless OpenPGP Command-Line Interface ("SOP") #440

Open
wants to merge 52 commits into
base: master
Choose a base branch
from
Open

Offer implementation of the Stateless OpenPGP Command-Line Interface ("SOP") #440

wants to merge 52 commits into from

Commits on Jun 16, 2023

  1. initial PGPy-backed implementation of sop 

    It works in the basic mode, but we still need to handle the args for
encrypt/decrypt.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    26e6c37 View commit details
    Browse the repository at this point in the history

  2. sop.py: allow instances to augment the interface; provide autocomplete

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    8dabb3a View commit details
    Browse the repository at this point in the history

  3. treat keyflags as a set, as expected

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    1d5e06e View commit details
    Browse the repository at this point in the history

  4. use specialized exception for missing options

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    814a65e View commit details
    Browse the repository at this point in the history

  5. sopgpy: add armor and dearmor subcommands

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    adbd3bd View commit details
    Browse the repository at this point in the history

  6. indicate each unsupported feature separately for cleaner diffs

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    820a9fc View commit details
    Browse the repository at this point in the history

  7. sopgpy: added --sessionkey to encrypt subcommand

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    19c7f7e View commit details
    Browse the repository at this point in the history

  8. cleanup and overhaul python sop.py framework 

     - add enums for the flags passed into the sop interface

 - make member functions of StatelessOpenPGP well-typed

 - adjust docstrings so that help(sop) provides useful guidance

 - handle sessionkey and timestamp parsing in sop.py

 - handle all indirect access directly in sop.py

 - complete strict typing ("mypy --strict sop.py" passes)
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    699f4b0 View commit details
    Browse the repository at this point in the history

  9. clean up signature result printing

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    dad83bc View commit details
    Browse the repository at this point in the history

  10. sopgpy: do not try to encrypt with IDEA

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    48f2cc1 View commit details
    Browse the repository at this point in the history

  11. sop decrypt: handle session key and verification output cleanly 

    Signed-off-by: Daniel Kahn Gillmor <[email protected]>
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    0a64e50 View commit details
    Browse the repository at this point in the history

  12. Enable easier extension to the sop interface 

    By making all arguments to the functions keyword arguments, we can
use **kwargs to receive any extended options.

Signed-off-by: Daniel Kahn Gillmor <[email protected]>
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    95b635a View commit details
    Browse the repository at this point in the history

  13. sopgpy: Improve shebang so that we can use virtualenv.

    @teythoon @dkg
    teythoon authored and dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    d5aaa90 View commit details
    Browse the repository at this point in the history

  14. sopgpy: move to 0.2.0 of python-sop 

    This reflects the changes to the subcommand names and additional
arguments from draft-dkg-openpgp-stateless-cli-01
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    6a5f4cd View commit details
    Browse the repository at this point in the history

  15. PGPy removed __version__ in 0.5.4. This fix relies on python ≥ 3.8

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    b2b861c View commit details
    Browse the repository at this point in the history

  16. sopgpy: encrypt --sign-with 

    This implements simple signatures inside encryption for sopgpy
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    e0b6b9a View commit details
    Browse the repository at this point in the history

  17. sopgpy decrypt: handle --verify-with 

    This should enable tests of signature verification concurrent with
decryption.

We do this by refactoring out the signature verification and relying
on PGPY to know how to verify an "inline" message.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    0fbb2aa View commit details
    Browse the repository at this point in the history

  18. sopgpy encrypt: implement --with-password

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    65fe736 View commit details
    Browse the repository at this point in the history

  19. sopgpy decrypt: implement --with-password

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    03c9eae View commit details
    Browse the repository at this point in the history

  20. sopgpy sign: Raise the correct error when trying to sign non-UTF-8 te… 

    …xt as text
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    a1fd82f View commit details
    Browse the repository at this point in the history

  21. reported multiple signature problem to PGPy

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    60a046e View commit details
    Browse the repository at this point in the history

  22. sopgpy encrypt: respect --as= argument

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    e136dd7 View commit details
    Browse the repository at this point in the history

  23. Avoid passing a bytes object as a passphrase to pgpy ≤ 0.5.4 

    This works around SecurityInnovation#388
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    99b839b View commit details
    Browse the repository at this point in the history

  24. Bump sopgpy version to 0.2.0 

    there have been a bunch of changes (including implementations of previously-missing options)
This just acknowledges those changes.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    a6eb7db View commit details
    Browse the repository at this point in the history

  25. sopgpy: move _multisig bogus object to its own definition

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    b5d9886 View commit details
    Browse the repository at this point in the history

  26. sopgpy: drop sop armor's --allow-nested option (deprecated in the spec)

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    112f8f5 View commit details
    Browse the repository at this point in the history

  27. sopgpy: fix decrypt warnings when symmetric decryption fails

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    40aa017 View commit details
    Browse the repository at this point in the history

  28. sopgpy: clean up _maybe_armor type definitions

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    6da28fc View commit details
    Browse the repository at this point in the history

  29. sopgpy: clean up tz-naive objects if pgpy emits them (it shouldn't)

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    a727188 View commit details
    Browse the repository at this point in the history

  30. sopgpy: create wrapper that permits a closure to do operations with a… 

    … locked secret key
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    28fc92f View commit details
    Browse the repository at this point in the history

  31. sopgpy: add sop sign --micalg-out

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    6678af8 View commit details
    Browse the repository at this point in the history

  32. sopgpy: announce backend distinctly from version of sopgpy

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    6210476 View commit details
    Browse the repository at this point in the history

  33. sopgpy: add sop generate-key --with-key-password

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    faf8f4e View commit details
    Browse the repository at this point in the history

  34. sopgpy: add --with-key-password to decrypt, sign, and encrypt (when s… 

    …igning)
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    14d94b7 View commit details
    Browse the repository at this point in the history

  35. sopgpy: add inline-{detach,sign,verify}

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    323b48f View commit details
    Browse the repository at this point in the history

  36. sopgpy: bump to version 0.3.0 (depends on sop 0.4.0)

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    b7c3192 View commit details
    Browse the repository at this point in the history

  37. sopgpy generate-key: improve key password 

    See discussion at
https://gitlab.com/sequoia-pgp/sequoia-sop/-/issues/17
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    114321b View commit details
    Browse the repository at this point in the history

  38. sopgpy: move to PGPy 0.6.0 (sigsubj changes) 

    sigsubj objects have an "issues" bitfield, which follows
the "Anna Karenina principle" instead of "verified"
boolean.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    8272870 View commit details
    Browse the repository at this point in the history

  39. sopgpy: move to PGPy 0.6.0 (from_blob() behavior changes) 

    as of 0.6.0, from_blob() methods will return non-functioning objects
rather than raising an error directly.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    34a35b8 View commit details
    Browse the repository at this point in the history

  40. sopgpy: change license to match PGPy license. I am the sole author so… 

    … far.
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    be04b27 View commit details
    Browse the repository at this point in the history

  41. sopgpy: use the PGPy version directly, rather than a distinct sopgpy … 

    …version
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    70601fc View commit details
    Browse the repository at this point in the history

  42. sopgpy version --extended: add version info about cryptography module… 

    … and OpenSSL
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    a2a0621 View commit details
    Browse the repository at this point in the history

  43. intentionally distribute sopgpy as part of the module

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    02bd731 View commit details
    Browse the repository at this point in the history

  44. sopgpy: drop trailing whitespace

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    4127e47 View commit details
    Browse the repository at this point in the history

  45. sopgpy: return ArgumentParser for argparse-manpage

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    c3090f9 View commit details
    Browse the repository at this point in the history

  46. sopgpy: lowercase name to match the command-line name

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    8d071c8 View commit details
    Browse the repository at this point in the history

  47. use keyword-based arguments when creating SOPSigResult

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    d21c5de View commit details
    Browse the repository at this point in the history

  48. Add PGPSignatures object, representing bundled detached signatures 

    a PGPMessage object can contain more than one signature.  Detached signatures should
also be able to handle having more than one signature.

https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-09.html#name-detached-signatures says:

> These detached signatures are simply one or more Signature packets
> stored separately from the data for which they are a signature.

A PGPSignatures object makes the most sense to represent such a thing.

Closes: SecurityInnovation#197
    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    e0c2ba8 View commit details
    Browse the repository at this point in the history

  49. sopgpy: clean up type annotations

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    f087339 View commit details
    Browse the repository at this point in the history

  50. sopgpy: use sop 0.5.1 (support profiles)

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    37a741b View commit details
    Browse the repository at this point in the history

  51. sopgpy generate-key: Add "rfc4880" profile, for 3072-bit RSA keys

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    cbe16c5 View commit details
    Browse the repository at this point in the history

  52. PEP-8 whitespace cleanup

    @dkg
    dkg committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    0aa4d68 View commit details
    Browse the repository at this point in the history