Bug#872271: hopenpgp-tools: please make a simple OpenPGP signature validation binary

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Aug 15 14:49:43 UTC 2017 

Package: hopenpgp-tools
Version: 0.19.4-3
Severity: wishlist

I'd like hopenpgp-tools to produce a simple signature validation
binary, which validates a signature against a set of curated keyrings.

let's call it hov (for "hopenpgp validator").

Synopsis
--------

The proposed syntax is:

   hov -k KEYRING [-k OTHERKEYRING ...] [options] SIGNATURE BLOB

Where options include:

   --not-before TIMESPEC
   --not-after TIMESPEC

if not present, --not-before defaults to NULL, and --not-after
defaults to "now".

It should return 0 (success) if the the signature is valid over the
blob, and was issued correctly from one of the keys in the set of
keyrings offered, and some non-zero code otherwise.


Details
-------

It should take into account at least the following concerns:

 * key usage flags (signatures made by keys not with the "signing"
   capability are not valid)
 
 * signature time (signatures made before the --not-before timespec
   (if non-NULL) or after the --not-after timespec are not valid)
 
 * key validity time (signatures made before key creation or after key
  expiry are not valid)

 * key revocation (signatures made by revoked keys are not valid)

 * key strength and signature strength (signatures over MD5 and SHA1
   are not valid; signatures made by RSA keys less than 2048 bits are
   not valid -- maybe there's a possible extension here to mark other
   algorithms as unacceptable)

 * subkey bindings (signatures made by a signing-capable subkey must
   have a cross-sig to the primary key; binding sigs and cross-sigs
   must be made with a reasonable signature algorithm; binding sigs
   and cross-sigs must be valid, non-revoked, non-expired, not in the
   past, etc)

Freshness
---------

[ rationale for --not-before and --not-after ]

In some cases, the user expects signatures to be made within a certain
temporal window.  For example, in e-mail validation, if i think the
e-mail was sent at time T (e.g. if it has a "Date: T" header), i
expect the signature to be made in a little window of time around T,
or else something is clearly amiss.

For software package validation, i might have some prior version of
the software package from the same vendor, and i want to ensure that
the Date is explicitly *after* the date of that previous signature.

The user should be able to express this preference simply to the
validator and have the validator do the right thing.


Open questions
==============

here are some open questions about the proposed design and possible
future enhancements to keep in mind:

TIMESPEC format
---------------

How should hov expect the user to entire time information?  With what
precision?  OpenPGP has 1sec granularity.  Should we bake that choice
of precision into hov?


Covert Channels
---------------

What if the SIGNATURE blob contains something other than an OpenPGP
signature?  Should hov reject it or ignore the cruft?


Multiple Signatures
-------------------

What if the user wants to ensure that there are signatures from
multiple signers in the curated keyrings (e.g. 2 of 5 signers)?  the
proposed interface doesn't have any way to represent that.


Info about the signature
------------------------

In the event that a signature is validated, it's possible that the
person doing verification wants to learn something about it (e.g. to
record details in a log, like date of signature).  In the event that
it is not successful, it's possible that they want to learn more about
it for debugging purposes.  The above simple proposal doesn't provide
any means for emitting this information for those who want it.

perhaps just logging in machine-readable form to stderr is sufficient
for the first crack at this?

         --dkg

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), (200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.11.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages hopenpgp-tools depends on:
ii  libbz2-1.0    1.0.6-8.1
ii  libc6         2.24-12
ii  libffi6       3.2.1-6
ii  libgmp10      2:6.1.2+dfsg-1
ii  libncursesw5  6.0+20170715-2
ii  libnettle6    3.3-1+b1
ii  libtinfo5     6.0+20170715-2
ii  libyaml-0-2   0.1.7-2
ii  zlib1g        1:1.2.8.dfsg-5

hopenpgp-tools recommends no packages.

hopenpgp-tools suggests no packages.

-- no debconf information

More information about the Pkg-haskell-maintainers mailing list