feat: Add PQC support and PQC & Symmetric profiles

Author: lubux

crypto/base_test.go

@@ -35,8 +35,8 @@ func readTestFile(name string, trimNewlines bool) string {
 func init() {
 	testPGP = PGP()
 	testPGP.defaultTime = NewConstantClock(testTime) // 2019-05-13T13:37:07+00:00
-	testProfiles = []*profile.Custom{profile.Default(), profile.RFC4880(), profile.RFC9580()}
-	testProfileNames = []string{"Default", "RFC4880", "RFC9580"}
+	testProfiles = []*profile.Custom{profile.Default(), profile.RFC4880(), profile.RFC9580(), profile.Symmetric(), profile.PQC()}
+	testProfileNames = []string{"Default", "RFC4880", "RFC9580", "Symmetric", "PQC"}
 	initEncDecTest()
 	initGenerateKeys()
 	initArmoredKeys()

crypto/key_clear.go

@@ -3,7 +3,6 @@ package crypto
 import (
 	"crypto/dsa"
 	"crypto/rsa"
-	"errors"
 	"math/big"
 
 	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
@@ -76,7 +75,7 @@ func clearPrivateKey(privateKey interface{}) error {
 	case *ed448.PrivateKey:
 		return clearEd448PrivateKey(priv)
 	default:
-		return errors.New("gopenpgp: unknown private key")
+		return nil
 	}
 }
 

go.mod

@@ -3,7 +3,7 @@ module github.com/ProtonMail/gopenpgp/v3
 go 1.22.0
 
 require (
-	github.com/ProtonMail/go-crypto v1.2.0
+	github.com/ProtonMail/go-crypto v1.2.0-proton
 	github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f
 	github.com/stretchr/testify v1.10.0
 )

go.sum

@@ -1,5 +1,5 @@
-github.com/ProtonMail/go-crypto v1.2.0 h1:+PhXXn4SPGd+qk76TlEePBfOfivE0zkWFenhGhFLzWs=
-github.com/ProtonMail/go-crypto v1.2.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
+github.com/ProtonMail/go-crypto v1.2.0-proton h1:zPFHx2D6lXUIGccwfu5wqhgG7mNkgZkECQNYfO5fyqQ=
+github.com/ProtonMail/go-crypto v1.2.0-proton/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
 github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f h1:tCbYj7/299ekTTXpdwKYF8eBlsYsDVoggDAuAjoK66k=
 github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f/go.mod h1:gcr0kNtGBqin9zDW9GOHcVntrwnjrK+qdJ06mWYBybw=
 github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk=

profile/preset.go

@@ -80,3 +80,65 @@ func RFC9580() *Custom {
 		V6: true,
 	}
 }
+
+func PQC() *Custom {
+	setKeyAlgorithm := func(cfg *packet.Config, securityLevel int8) {
+		cfg.Algorithm = packet.PubKeyAlgoMldsa65Ed25519
+	}
+	return &Custom{
+		SetKeyAlgorithm:      setKeyAlgorithm,
+		Hash:                 crypto.SHA512,
+		CipherEncryption:     packet.CipherAES256,
+		CipherKeyEncryption:  packet.CipherAES256,
+		CompressionAlgorithm: packet.CompressionZLIB,
+		AeadKeyEncryption: &packet.AEADConfig{
+			DefaultMode: packet.AEADModeGCM,
+		},
+		AeadEncryption: &packet.AEADConfig{
+			DefaultMode: packet.AEADModeGCM,
+		},
+		CompressionConfiguration: &packet.CompressionConfig{
+			Level: 6,
+		},
+		S2kKeyEncryption: &s2k.Config{
+			S2KMode:      s2k.Argon2S2K,
+			Argon2Config: &s2k.Argon2Config{},
+		},
+		S2kEncryption: &s2k.Config{
+			S2KMode:      s2k.Argon2S2K,
+			Argon2Config: &s2k.Argon2Config{},
+		},
+		V6: true,
+	}
+}
+
+func Symmetric() *Custom {
+	setKeyAlgorithm := func(cfg *packet.Config, securityLevel int8) {
+		cfg.Algorithm = packet.ExperimentalPubKeyAlgoHMAC
+	}
+	return &Custom{
+		SetKeyAlgorithm:      setKeyAlgorithm,
+		Hash:                 crypto.SHA512,
+		CipherEncryption:     packet.CipherAES256,
+		CipherKeyEncryption:  packet.CipherAES256,
+		CompressionAlgorithm: packet.CompressionZLIB,
+		AeadKeyEncryption: &packet.AEADConfig{
+			DefaultMode: packet.AEADModeGCM,
+		},
+		AeadEncryption: &packet.AEADConfig{
+			DefaultMode: packet.AEADModeGCM,
+		},
+		CompressionConfiguration: &packet.CompressionConfig{
+			Level: 6,
+		},
+		S2kKeyEncryption: &s2k.Config{
+			S2KMode:      s2k.Argon2S2K,
+			Argon2Config: &s2k.Argon2Config{},
+		},
+		S2kEncryption: &s2k.Config{
+			S2KMode:      s2k.Argon2S2K,
+			Argon2Config: &s2k.Argon2Config{},
+		},
+		V6: true,
+	}
+}