forked from btrott/Crypt-OpenPGP
-
Notifications
You must be signed in to change notification settings - Fork 2
/
ToDo
88 lines (86 loc) · 4.4 KB
/
ToDo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
$Id: ToDo,v 1.37 2002/12/10 01:47:45 btrott Exp $
Crypt::OpenPGP todo
-------------------
* add note/code for stripping utf8 from passphrase
* more accessor functions
* make handle return plaintext when just a signed message
* add test for uncompressed decrypted packets
* KeyRing support multiple keyrings so that lookups occur over multiple
rings.
* support for ElGamal signing
* smart detection and description of arbitrary files, eg. pass in some
data and give back 'RSA signed message, Version 3, probably PGP2'
* subkey generation
* keyblock merging keys, signatures, user IDs
1. read keyblock
2. look up public key by key ID in existing keyring(s)
3. if key does not exist, append it to the keyring
4. compare keys (need a new Key::equal method)
5. load original keyblock
6. compare signatures
7. add the signatures
8. add the user IDs
9. add the subkeys
10. add the subkey certificates
* test suite: tests for: compressed signatures, compressed encrypted data
packets, more versions of PGP, more pkalgs, subpackets
* improve subpacket system: constants for types, better integration into
signatures, etc.
* use key flags to determine key capabilities (signing, encryption, etc.)
* add some example scripts
* caching in find_keyblock. let caller pass in 'marker' code-ref that, given
a packet, returns a unique 'marker' to point to that keyblock. eg. lookup
by keyid returns the certificate keyid, lookup by userid returns the
userid, etc. then, two levels of caching: 1) store offsets of keyblocks
by marker; 2) store already-parsed keyblocks by marker. we could let the
calling function do the latter, of course, ie. find_keyblock_by_keyid
would manage a hash of keyids => keyblocks. also: when reading a keyblock
(after already finding the start offset), maybe don't parse SECRET_KEY
and PUBLIC_KEY packets? since we already have the start cert there is
no use in parsing the next one we come to, because that indicates the
start of a new keyblock.
* improve CRC24 implementation by using C implementation. problem:
String::CRC does not work for me (doesn't accept init, for one thing).
Done
----
xx * support for CAST5
xx * bug in Key::Public::ElGamal::_gen_k? naked block?
xx * Crypt::OpenPGP main USAGE docs
xx * docs (for other classes)
xx * PassphraseCallback param for sign and decrypt. give callback function the
Certificate object (anything else?), let it ask the user for a passphrase.
xx * RecipientCallback for encrypt
xx * clear text signatures; need to make text into canonical text for
signing
xx * more support for looking up keys in keyring (eg. look up userid, etc.)
xx * encrypt and sign/decrypt and verify
xx * add KeyRing::find_keyblock_by_index; given index, return that keyblock.
also allow negative indices. create map of keyring on KeyRing::init.
xx * KeyBlock needs some methods to "do stuff" with the keyblock contents;
for example, there should be a method to return: 1) the master key;
2) a key given a key ID; 3) the key to be used for encryption, and the
key to be used for signing.
xx * KeyRing::find_keyblock_by_keyid should no longer return certificate if
called in list context. Instead it should just return a list of all
matching keys if called in list context, first match otherwise. Caller
should use KeyBlock methods to get actual certificate.
xx * compatibility param to encrypt and sign (and keygen, maybe), eg.
Compat => 'PGP2' turns on Version => 3 and Cipher => 'IDEA'
xx * read existing PGPx/GnuPG config files into Config object
xx * compressed packets
xx * symmetrically-encrypted encrypted data packets
xx * add PGPWords from Mike Dillon; probably should add an interface to this
through Certificate? ie. $cert->word_fingerprint, which would take
$cert->fingerprint and run it through the Words module.
xx * encrypted MDC packets
xx * make find_keyblock_by_keyid work with subkeys
xx * key generation, secret certificate saving and encrypting
xx * Crypt::OpenPGP high-level DWIM interface
xx * support for armouring
xx * support for writing packets (v4 fingerprints/key IDs will come with this)
xx * implement a KeyRing::find method that looks only for specific key IDs, etc.
xx * generate fingerprint on cert while reading in (in 'parse'); that way we
don't have to reserialize
xx * better installation: determine prereqs based on answers to prompts
about preferred ciphers, pk systems, etc.
xx * support writing v4 packet headers