diff options
| author | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-01-07 16:17:49 -0500 |
|---|---|---|
| committer | Daniel Kahn Gillmor <dkg@fifthhorseman.net> | 2009-01-07 16:17:49 -0500 |
| commit | f8344402aebe5f0497a81934b980b9ed6ea7a6a2 (patch) | |
| tree | 4c9d2c144e69213fbc9b1f76ba9bc20e7152439b /src/keytrans/pem2openpgp | |
| parent | abc8c78f7053972fe55c3330cea243a4c43cbd7b (diff) | |
pem2openpgp: break out usage flags, default to creating an authentication-capable primary key.
Diffstat (limited to 'src/keytrans/pem2openpgp')
| -rwxr-xr-x | src/keytrans/pem2openpgp | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/keytrans/pem2openpgp b/src/keytrans/pem2openpgp index 7522c8f..2fa221d 100755 --- a/src/keytrans/pem2openpgp +++ b/src/keytrans/pem2openpgp @@ -107,6 +107,23 @@ sub fingerprint { return Digest::SHA1::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody); } +# FIXME: make tables of relevant identifiers: digest algorithms, +# ciphers, asymmetric crypto, packet types, subpacket types, signature +# types. As these are created, replace the opaque numbers below with +# semantically-meaningful code. + +# see RFC 4880 section 5.2.3.21 +my $usage_flags = { certify => 0x01, + sign => 0x02, + encrypt_comms => 0x04, + encrypt_storage => 0x08, + encrypt => 0x0c, ## both comms and storage + split => 0x10, # the private key is split via secret sharing + authenticate => 0x20, + shared => 0x80, # more than one person holds the entire private key + }; + + # we're just not dealing with newline business right now. slurp in # the whole file. undef $/; @@ -141,8 +158,9 @@ my $timestamp = time(); my $creation_time_packet = pack('CCN', 5, 2, $timestamp); -# usage: signing and certification: -my $flags = 0x03; +# FIXME: HARDCODED: what if someone wants to select a different set of +# usage flags? For now, we do only authentication. +my $flags = $usage_flags->{authenticate}; my $usage_packet = pack('CCC', 2, 27, $flags); |