Open vollkorn1982 opened 4 years ago
I'm trying to figure out what the best behavior should be here. PGPy can't know what the private algorithms are unless it knows what implementation they come from. Since we don't have support for other implementations' private algorithms right now, I don't see the value in being able to import keys with these settings, but I'm open to hearing how it would be helpful.
@J-M0 Same story here as in #329. These fields are just blank fields described by the OpenPGP standard. You can use them or just ignore them, but a key having these fields is a valid key and should IMHO be imported. Just as they are with gnupg. Such keys exist and conform to the standard.
Worst case would be a key, that does not support any of the standardized hash algorithms, but a custom one. That's an easy case though: Just ignore the custom ones and handle this key as if it doesn't have any hash algorithms defined.
I think it boils down to the question: Is PGPy meant to deal with the crazy, yet standard-conforming keys out there in "production" or not? If yes, import the custom fields, but ignore them, don't offer any possible way to interact with them and we're fine.
These two issues are my personal blockers for using PGPy instead of gnupg in a couple of other FOSS projects (e.g. https://github.com/byro/byro). If PGPy won't learn to import such keys I will not use PGPy but instead wait for Sequoia's python bindings. I really prefer to use PGPy, though.
Ok, I think this has merit then. Could you provide a PGP key that uses one of these private algorithms please? I need to see how PGPy would behave right now with one.
The key 0x1B4FF635AAE6C36A is on the public key servers, for example at http://pool.sks-keyservers.net/pks/lookup?op=get&search=0x1B4FF635AAE6C36A
(Yes, it's old and revoked, but it is a key with this feature that's public)
I receive the below error when importing a key, that has "pref-hash-algos" set to "101".
According to the RFC 100 through 110 are reserved for "Private/Experimental algorithm[s]". It is highly unlikely that PGPy will ever be able to support any of these due to the very nature of this definition.
Therefore, I propose to change the behavior such that IDs 100 through 110 are simply ignored, because they are valid, but impossible to support.
Full error message