Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Notation data support in subpackets #33

Merged
merged 11 commits into from
Jan 31, 2023
Merged

Add Notation data support in subpackets #33

merged 11 commits into from
Jan 31, 2023

Conversation

wussler
Copy link
Contributor

@wussler wussler commented Aug 30, 2019

see #27

@YarmoM
Copy link

YarmoM commented Nov 24, 2022

Dear maintainers, will this get reviewed?

@wiktor-k
Copy link

wiktor-k commented Dec 6, 2022

Hi folks! 👋

Some people brought it to my attention that notation support is critical to their use case, e.g. writing Keyoxide-compatible tools (Keybase-like decentralized bidirectional proof systems) in Go.

If conflicts are the only thing preventing the merge I know some people even have fixed that in their forks (@omz13) and could raise a fix-up PR if that's the only concern.

Would that be an acceptable resolution? Thanks for your time! CC: @twiss, @wussler.

(I'll use this occasion to plug an ad that Sequoia PGP has a nice and full support for notations! 😅 haha)

@wussler
Copy link
Contributor Author

wussler commented Dec 6, 2022

Hi @wiktor-k, thank you for your interest.

We've seen there is quite some push for this feature, and will take care of merging this PR!

@wiktor-k
Copy link

wiktor-k commented Dec 6, 2022

Thank you, very, very much! 🙇 Have a nice day!

@twiss
Copy link
Member

twiss commented Dec 6, 2022

Hey 👋 Thanks!

I think there is one thing missing which is some handling of known / unknown notations. Currently this code will accept all notations but we should reject them if they're critical and unknown.

In OpenPGP.js we have config.knownNotations for this purpose, we could add something similar here.

@wiktor-k
Copy link

wiktor-k commented Dec 6, 2022

Good point @twiss, I should have remembered that! 😅

@twiss
Copy link
Member

twiss commented Dec 6, 2022

Right :D Thanks for pushing this forward in all our implementations ^.^

@omz13
Copy link

omz13 commented Dec 6, 2022

The Notations structure does not contain any exportable fields... should they be exported? Just thinking about this because I'm dumping some entities as JSON data and the Notations entry is there but an empty object because nothing to export (even though there's some notation data present).

@twiss
Copy link
Member

twiss commented Dec 7, 2022

Yeah, let's change it to

type Notation struct {
	Name          string
	Value         []byte
	HumanReadable bool
	Critical      bool
}

and get rid of the getters, that will make the API a bit simpler as well.

@omz13
Copy link

omz13 commented Dec 7, 2022

Yeah, let's change it to

type Notation struct {
	Name          string
	Value         []byte
	HumanReadable bool

IsHumanReadable?

Critical bool

IsCritical?

}


and get rid of the getters, that will make the API a bit simpler as well.

Yep. No need for getters.

@twiss
Copy link
Member

twiss commented Dec 7, 2022

IsHumanReadable?

Critical bool

IsCritical?

Yeah, maybe that's better 👍

@wiktor-k
Copy link

wiktor-k commented Dec 9, 2022

I just noticed (for the record) that my old commit contains quite a few examples that could be used in unit tests for critical notations here:

openpgpjs/openpgpjs@8279939#diff-c789f741e120e8bd74404f74450907c81bcc9918eb3de78037b04b15552290e7R470-R637

@wussler
Copy link
Contributor Author

wussler commented Dec 27, 2022

Leaving this on hold until we find a way to pass the notation data for signature validation in key parsing

@twiss
Copy link
Member

twiss commented Jan 30, 2023

I've added config.KnownNotations, a map[string]bool indicating which notation names are known (i.e. allowed for critical notations). This is then checked when reading a message / verifying a signature, both for the signature itself and all relevant key binding signatures. Let me know if anyone sees an issue with this API!

@wiktor-k thanks for the link to the test case, I've added it here as well :)

@twiss twiss requested a review from marinthiercelin January 30, 2023 15:37
openpgp/packet/notation.go Outdated Show resolved Hide resolved
openpgp/packet/notation.go Outdated Show resolved Hide resolved
@twiss twiss requested a review from marinthiercelin January 30, 2023 18:27
@twiss twiss requested a review from marinthiercelin January 31, 2023 13:05
@twiss twiss merged commit 34c1fc3 into main Jan 31, 2023
@twiss twiss deleted the notationdata branch January 31, 2023 18:51
@wiktor-k
Copy link

Thanks everyone! 👏 Great to see this finally being in! 👍

Have a great evening! 👋

@twiss
Copy link
Member

twiss commented Jan 31, 2023

Thanks, you too :)

@omz13
Copy link

omz13 commented Feb 1, 2023

Many many many thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants