search

kazu-yamamoto / pgpdump

A PGP packet visualizer
http://www.mew.org/~kazu/proj/pgpdump/
BSD 3-Clause "New" or "Revised" License
174 stars 33 forks source link

Please add support for subpkt 34 and more (4880bis, GnuPG 2.3) #30

Open cbiedl opened 3 years ago

cbiedl commented 3 years ago

Hello,

GnuPG 2.3, released a few weeks ago, started implementing some bits of RFC4880bis. Can you add these features in pgpdump as well?

Reproducer:

#!/bin/sh

set -e

TEMPDIR="$(mktemp --directory --tmpdir "keygen.$$.XXXXX")"
trap "cd / ; rm -rf \"$TEMPDIR\"" EXIT
KEYFILE="$TEMPDIR/keyfile"

export GNUPGHOME="$TEMPDIR"
chmod 700 "$TEMPDIR"

gpg --batch --debug-quick-random --quick-gen-key --passphrase '' \
    genkey-test RSA encrypt 0

gpg --export-secret-keys >"$KEYFILE"
gpg --list-packets <"$KEYFILE"
pgpdump "$KEYFILE"

exit 0

Part of the --list-packets output:

    hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
    hashed subpkt 34 len 2 (pref-aead-algos: 2 1)
    hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2)

Related pgpdump output:

    Hashed Sub: preferred symmetric algorithms(sub 11)(4 bytes)
            Sym alg - AES with 256-bit key(sym 9)
            Sym alg - AES with 192-bit key(sym 8)
            Sym alg - AES with 128-bit key(sym 7)
            Sym alg - Triple-DES(sym 2)
    Hashed Sub: unknown(sub 34)(2 bytes)
    Hashed Sub: preferred hash algorithms(sub 21)(5 bytes)
            Hash alg - SHA512(hash 10)
            Hash alg - SHA384(hash 9)
            Hash alg - SHA256(hash 8)
            Hash alg - SHA224(hash 11)
            Hash alg - SHA1(hash 2)

Kind regards,

kazu-yamamoto commented 3 years ago

Thank you for pointing this out. I would like to catch up new changes.

However, draft status looks very strange:

Which draft should I trust?

kazu-yamamoto commented 3 years ago

https://mailarchive.ietf.org/arch/msg/openpgp/CwEZ-Jd_NU2z59zkGrDEYOXVmKc/

kazu-yamamoto commented 3 years ago

No PR for AEAD: https://gitlab.com/openpgp-wg/rfc4880bis/-/issues

We should wait for it a bit.

cbiedl commented 3 years ago

Good to see you check things thoroughly. Yes, let's wait until things settle. There is no need to hurry, at least not on my side. Aside, I'm subscribed to that rfc4880bis mailing list so I'll learn about progress in that matter.