Implement an initial OpenPGP/GNUPG/GPG/BCPG signer producing detached signatures that for instance could be used for code signing.
This ticket is about adding initial Minimal PGP/GPG Key Management support as well as a Generic PGP/GPG Signer doing signing on the server-side. Additional follow up tickets will be added for other more advanced use cases.
- This signer will work like most of the document signers. That is the client will send a request containing the file to sign and the signer creates the signature and returns it in binary or ASCII armored form.
- No special client interface is needed for this implementation
- As normally done in SignServer (for instance with key in HSM). The key creation time will be taken from the notBefore field of the dummy X.509 certificate generated by Java in the keystore/HSM.
- The initial public key will not have any PGP key ID or certification but the key ID (based on public key and the creation time) can be displayed in the status output
Certification: (to have the User ID in the PGP public key / "certificate")
- The create CSR functionality in SignServer is used to export a copy of the public key with a self-signed signature (certification) including a user ID and an optional expiration time.
- The subject DN field of the CSR operation maps to the User ID so instead of writing a DN like "CN=My User,C=SE" one simply writes a User ID string like "My Name (Code Signing key) <firstname.lastname@example.org>".
- To set an expiration time the worker property SELFSIGNED_VALIDITY needs to be set at the time of "CSR" generation to a number of seconds from the creation time the key should expire. Setting this to 0 or not setting it at all and there is no expiration time included.
Issue: the generate CSR operation should take this as a option in a similar way as in DSS-1156.
- Issue: Currently the ASCII armored PGP public key is base64 encoded and wrapped like an X.509 PEM certificate by AdminGUI. So one needs to remove the PEM headers and base64 decode the content before obtaining the PGP public key. Fixed in
- In order to store the PGP public key, the admin can manually save it in a workerproperty named PGPPUBLICKEY. Then that key will be used the next time with the "CSR" operation.
- To add additional User IDs or a new longer expired time (renewing), simply do the generate "CSR" operation again (this assumes the previous public key version is stored in worker property GPGPUBLICKEY).
- Generation of revocation certificate is not supported in the PoC. But should for instance be implemented like this: A worker property is set before performing the CSR process to flag that a revocation certificate should be generated and then the worker property is changed again.
- No support for subkeys are planned. Keys will be master keys
- No support for signing other keys planned at this stage but might or might not be added in the future.
- No support for OpenPGP card (unless they can be accessed with PKCS#11 from Java). Normal HSM or smartcards will be supported as usual through PKCS#11.
- Only detached and clear-text signatures are to be supported. No encryption etc.
- Storing "certificate" (PGP public key with signatures) in the token not supported. Certificate can be stored in the config or if multiple keys are used the certificates could be stored somewhere else (the certificates are not needed to be able to sign as only the Key ID is stored in the signatures).
TODOs for this ticket:
DSS-1962: Add support for specifying algorithms (3.5h) DSS-1963: Add revocation certificate support (see also above) (5h) DSS-1961: Cleanup PoC (2h)
- Code convention
DSS-1966: Fix public key vs. CSR encoding issue DSS-1964: Support for soft keystore (not just PKCS11CryptoToken) DSS-1967: Create template DSS-1971: Documentation (4h)
- Tests (13h total)
DSS-1968: Worker is not offline even when the key does not exist DSS-1974: Large file support. See in OpenPGPSigner: // TODO: getAsInputStream() DSS-1970:Response format: BINARY or ARMORED
TODOs for later tickets:
- Better support for CSR generation and revocation certificate generation possibly using option for this like what is mentioned with DSS-1156.
- Better support in the admin web for PGP in general