search

mattosaurus / PgpCore

.NET Core class library for using PGP
MIT License
244 stars 98 forks source link

Improve key handling #238

Open mattosaurus opened 1 year ago

mattosaurus commented 1 year ago

At the moment the EncryptionKeys object choses the best key for the job but it would be good to allow the user to set the key when required.

This is probably best done via an extension method on EncryptionKeys (though I'm open to other suggestions) as I'd rather not add additional parameters into all the methods.

156

204

210

Liam-Rougoor commented 1 year ago

When you mean via an extension method, do you mean something like this?

pgp.EncryptionKeys.UseEncryptionKey(_key_to_use_);
pgp.Encrypt(....); // uses _key_to_use_ if available

Out of curiosity, why do you want to avoid additional parameters?

mattosaurus commented 1 year ago

Yep, that's exactly what I mean :)

I've seen too much code where people just keep adding method parameters so it just gets a bit out of control which biases me against doing it this way.

Doing this on the EncryptionKeys object means that it'll apply to all subsequent calls made to the PGP object without having to specify it each method call. Not sure if this is a good thing or not but maybe we'd want to set it on EncryptionKeys and then allow it to be changed at the method level.

Essentially I don't know what the best solution for this is but if you've got a preferred solution feel free to put in a PR for it and I'll probably go with it :)

Liam-Rougoor commented 1 year ago

Alright! I'll try the method you mentioned and see where we get from there.

One more question though: currently, EncryptionKeys has lists of encrypt keys, verification keys, etc. This is currently a collection of keys combined from multiple public key rings.

Does it make sense to have multiple public key rings within one EncryptionKeys object? (I'm still new to Pgp, so I'm not sure). In the current implementation, users can add multiple public key rings, but I'm not sure what the use case is for that?

Liam-Rougoor commented 1 year ago

I've been looking into it a bit more. You can pass multiple public keys/rings so you can encrypt the message for multiple recipients, right? Does this mean the user should be able to specify which key to use per key ring/recipient?

MB34 commented 1 year ago

PGP command line allows you to specify which key to use in the keyring by passing the KeyID.

Liam-Rougoor commented 1 year ago

Hi @MB34 This issue makes sure you can also specify which key to use through code with PGPCore.