gopenpgp
gopenpgp copied to clipboard
ProtonMail
Add key expiry
Dear maintainers,
thank you very much for your libraries. While using it one question occurred to me: How do I set the key expiry? I haven't found any way to set an expiry date.
Hi @mdosch, we currently do not support this feature. If you're interested we'd welcome a PR with a new wrapper function around generateKey that provides an expiration parameter.
Thanks!
I discovered that there is already an PR: https://github.com/ProtonMail/gopenpgp/pull/58
Unfortunately that PR never got merged because its parent PR in go-crypto was never followed up, therefore it is outdated and incompatible.
In order to generate keys with expiration we have now this PR merged upstream: https://github.com/ProtonMail/go-crypto/pull/64
Nothing from my side.
On 05.06.2023 19:17, grixxie wrote:
@mdosch @wussler any update on this?
-- Reply to this email directly or view it on GitHub: https://github.com/ProtonMail/gopenpgp/issues/179#issuecomment-1577343870 You are receiving this because you were mentioned.
Message ID: @.***>
@grixxie A version 3 of GopenPGP is in development, which allows setting a key expiration time in key generation.
@grixxie A version 3 of GopenPGP is in development, which allows setting a key expiration time in key generation.
Hi. Sorry for hijacking this. Also interested in this feature and wanted to test it out. I tried adding version 3 according to v3#downloadinstall but fails, see below.
go get github.com/ProtonMail/gopenpgp/v3
go: module github.com/ProtonMail/gopenpgp@upgrade found (v1.0.0), but does not contain package github.com/ProtonMail/gopenpgp/v3
However I am trying this and it seems to work using the latest commit:
go get github.com/ProtonMail/gopenpgp/v3@8cdb29f42ab4
go: added github.com/ProtonMail/gopenpgp/v3 v3.0.0-20230914090609-8cdb29f42ab4
I can't seem to find the module that can generate a key with expiration date. In v2 I create the key the following way:
rsaKey, err := helper.GenerateKey(name, email, passphrase, "rsa", rsaBits)
if err != nil {
log.Fatal(err)
}
How can I access this function?
@devasmith v3 is still under development and might still change. Nevertheless, it is possible to check out the current API. The helper package does not exists anymore in v3, instead a key can be generated as follows:
github.com/ProtonMail/gopenpgp/v3/crypto
github.com/ProtonMail/gopenpgp/v3/profile
pgp := crypto.PGPWithProfile(profile.RFC4880())
// Generate pgp key with RFC4880 profile (RSA keys)
keyGenerationHandle := pgp.KeyGeneration().
AddUserId("Max Mustermann", "[email protected]").
Lifetime(5260000). // Sets the key liftetime in seconds i.e., expiration date
New()
key, err := keyGenerationHandle.GenerateKey()
if err != nil {
// ...
}
fmt.Println(key.Armor())
// Lock key
lockedKey, err := pgp.LockKey(key, []byte("password"))
if err != nil {
// ...
}
key.ClearPrivateParams()
fmt.Println(lockedKey.Armor())
@devasmith v3 is still under development and might still change. Nevertheless, it is possible to check out the current API. The
helperpackage does not exists anymore in v3, instead a key can be generated as follows:github.com/ProtonMail/gopenpgp/v3/crypto github.com/ProtonMail/gopenpgp/v3/profile pgp := crypto.PGPWithProfile(profile.RFC4880()) // Generate pgp key with RFC4880 profile (RSA keys) keyGenerationHandle := pgp.KeyGeneration(). AddUserId("Max Mustermann", "[email protected]"). Lifetime(5260000). // Sets the key liftetime in seconds i.e., expiration date New() key, err := keyGenerationHandle.GenerateKey() if err != nil { // ... } fmt.Println(key.Armor()) // Lock key lockedKey, err := pgp.LockKey(key, []byte("password")) if err != nil { // ... } key.ClearPrivateParams() fmt.Println(lockedKey.Armor())
Thank you! Work as expected. 🥇