feat: switch to OpenPGP v6

2026-04-28 10:56:29 +03:00 · 2024-11-18 23:11:59 +00:00
parent 3235c8bc9f
commit 5a9a125bfd
2 changed files with 10 additions and 8 deletions
--- a/src/key.rs
+++ b/src/key.rs
@@ -382,9 +382,9 @@ pub async fn preconfigure_keypair(context: &Context, secret_data: &str) -> Resul
 pub struct Fingerprint(Vec<u8>);

 impl Fingerprint {
-    /// Creates new 160-bit (20 bytes) fingerprint.
+    /// Creates new 160-bit (20 bytes) or 256-bit (32 bytes) fingerprint.
    pub fn new(v: Vec<u8>) -> Fingerprint {
-        debug_assert_eq!(v.len(), 20);
+        debug_assert!(v.len() == 20 || v.len() == 32);
        Fingerprint(v)
    }

@@ -438,7 +438,11 @@ impl std::str::FromStr for Fingerprint {
            .filter(|&c| c.is_ascii_hexdigit())
            .collect();
        let v: Vec<u8> = hex::decode(&hex_repr)?;
-        ensure!(v.len() == 20, "wrong fingerprint length: {}", hex_repr);
+        ensure!(
+            v.len() == 20 || v.len() == 32,
+            "wrong fingerprint length: {}",
+            hex_repr
+        );
        let fp = Fingerprint::new(v);
        Ok(fp)
    }
--- a/src/pgp.rs
+++ b/src/pgp.rs
@@ -11,7 +11,6 @@ use pgp::composed::{
    Deserializable, KeyType as PgpKeyType, Message, SecretKeyParamsBuilder, SignedPublicKey,
    SignedPublicSubKey, SignedSecretKey, StandaloneSignature, SubkeyParamsBuilder,
 };
-use pgp::crypto::ecc_curve::ECCCurve;
 use pgp::crypto::hash::HashAlgorithm;
 use pgp::crypto::sym::SymmetricKeyAlgorithm;
 use pgp::types::{CompressionAlgorithm, PublicKeyTrait, SignatureBytes, StringToKey};
@@ -187,14 +186,12 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
    let (signing_key_type, encryption_key_type) = match keygen_type {
        KeyGenType::Rsa2048 => (PgpKeyType::Rsa(2048), PgpKeyType::Rsa(2048)),
        KeyGenType::Rsa4096 => (PgpKeyType::Rsa(4096), PgpKeyType::Rsa(4096)),
-        KeyGenType::Ed25519 | KeyGenType::Default => (
-            PgpKeyType::EdDSALegacy,
-            PgpKeyType::ECDH(ECCCurve::Curve25519),
-        ),
+        KeyGenType::Ed25519 | KeyGenType::Default => (PgpKeyType::Ed25519, PgpKeyType::X25519),
    };

    let user_id = format!("<{addr}>");
    let key_params = SecretKeyParamsBuilder::default()
+        .version(pgp::types::KeyVersion::V6)
        .key_type(signing_key_type)
        .can_certify(true)
        .can_sign(true)
@@ -218,6 +215,7 @@ pub(crate) fn create_keypair(addr: EmailAddress, keygen_type: KeyGenType) -> Res
        ])
        .subkey(
            SubkeyParamsBuilder::default()
+                .version(pgp::types::KeyVersion::V6)
                .key_type(encryption_key_type)
                .can_encrypt(true)
                .passphrase(None)