search

keybase / go-crypto

[mirror] Go supplementary cryptography libraries
https://godoc.org/golang.org/x/crypto
BSD 3-Clause "New" or "Revised" License
50 stars 20 forks source link

Add subkey crosssignature generation #73

Closed zapu closed 6 years ago

zapu commented 6 years ago

Also add test that we properly set flags on a subkey. When there are two signatures, always the one which expires later should be taken (or the one that extends key lifetime infinitely). Then, subkey should take flags of selected signature, never combination of many signatures.

There might be a case that there is an RSA key that has one signature with Flags=Sign, and another one with Flags=Encrypt. Both valid. If the one with Flags=Encrypt extends key lifetime further and is selected, key will not be used to verify messages.

TODO:

zapu commented 6 years ago

@maxtaco repro of Keybase PGP is in: subkey_multiple_sigs_test.go