Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add key expiry #179

Open
mdosch opened this issue Apr 18, 2022 · 9 comments
Open

Add key expiry #179

mdosch opened this issue Apr 18, 2022 · 9 comments
Labels
v2 Targeting GopenPGP v2

Comments

@mdosch
Copy link
Contributor

mdosch commented Apr 18, 2022

Dear maintainers,

thank you very much for your libraries. While using it one question occurred to me: How do I set the key expiry? I haven't found any way to set an expiry date.
@wussler
Copy link
Collaborator

wussler commented Apr 25, 2022

Hi @mdosch, we currently do not support this feature. If you're interested we'd welcome a PR with a new wrapper function around generateKey that provides an expiration parameter.

Thanks!

@mdosch
Copy link
Contributor Author

mdosch commented Apr 25, 2022

I discovered that there is already an PR: #58

@wussler
Copy link
Collaborator

wussler commented Apr 25, 2022

Unfortunately that PR never got merged because its parent PR in go-crypto was never followed up, therefore it is outdated and incompatible.

In order to generate keys with expiration we have now this PR merged upstream: ProtonMail/go-crypto#64

@grixxie
Copy link

grixxie commented Jun 5, 2023

@mdosch @wussler any update on this?

@mdosch
Copy link
Contributor Author

mdosch commented Jun 5, 2023 via email

@lubux
Copy link
Contributor

lubux commented Jun 27, 2023

@grixxie A version 3 of GopenPGP is in development, which allows setting a key expiration time in key generation.

@devasmith
Copy link

@grixxie A version 3 of GopenPGP is in development, which allows setting a key expiration time in key generation.

Hi. Sorry for hijacking this. Also interested in this feature and wanted to test it out. I tried adding version 3 according to v3#downloadinstall but fails, see below.

go get github.com/ProtonMail/gopenpgp/v3
go: module github.com/ProtonMail/gopenpgp@upgrade found (v1.0.0), but does not contain package github.com/ProtonMail/gopenpgp/v3

However I am trying this and it seems to work using the latest commit:

go get github.com/ProtonMail/gopenpgp/v3@8cdb29f42ab4
go: added github.com/ProtonMail/gopenpgp/v3 v3.0.0-20230914090609-8cdb29f42ab4

I can't seem to find the module that can generate a key with expiration date. In v2 I create the key the following way:

rsaKey, err := helper.GenerateKey(name, email, passphrase, "rsa", rsaBits)
if err != nil {
        log.Fatal(err)
}

How can I access this function?

@lubux
Copy link
Contributor

lubux commented Sep 25, 2023

@devasmith v3 is still under development and might still change. Nevertheless, it is possible to check out the current API. The helper package does not exists anymore in v3, instead a key can be generated as follows:

github.com/ProtonMail/gopenpgp/v3/crypto
github.com/ProtonMail/gopenpgp/v3/profile

pgp := crypto.PGPWithProfile(profile.RFC4880())

// Generate pgp key with RFC4880 profile (RSA keys)
keyGenerationHandle := pgp.KeyGeneration().
    AddUserId("Max Mustermann", "max.mustermann@example.com").
    Lifetime(5260000). // Sets the key liftetime in seconds i.e., expiration date 
    New()
key, err := keyGenerationHandle.GenerateKey()
if err != nil { 
   // ...
}
fmt.Println(key.Armor())

// Lock key
lockedKey, err := pgp.LockKey(key, []byte("password"))
if err != nil { 
   // ...
}
key.ClearPrivateParams()
fmt.Println(lockedKey.Armor())

@devasmith
Copy link

@devasmith v3 is still under development and might still change. Nevertheless, it is possible to check out the current API. The helper package does not exists anymore in v3, instead a key can be generated as follows:

github.com/ProtonMail/gopenpgp/v3/crypto
github.com/ProtonMail/gopenpgp/v3/profile

pgp := crypto.PGPWithProfile(profile.RFC4880())

// Generate pgp key with RFC4880 profile (RSA keys)
keyGenerationHandle := pgp.KeyGeneration().
    AddUserId("Max Mustermann", "max.mustermann@example.com").
    Lifetime(5260000). // Sets the key liftetime in seconds i.e., expiration date 
    New()
key, err := keyGenerationHandle.GenerateKey()
if err != nil { 
   // ...
}
fmt.Println(key.Armor())

// Lock key
lockedKey, err := pgp.LockKey(key, []byte("password"))
if err != nil { 
   // ...
}
key.ClearPrivateParams()
fmt.Println(lockedKey.Armor())

Thank you! Work as expected. 🥇

@lubux lubux added the v2 Targeting GopenPGP v2 label Jun 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
v2 Targeting GopenPGP v2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mdosch @wussler @lubux @grixxie @devasmith