From 6c924ba862475b83fcdeaaa43d8516c59b0c79a1 Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Sat, 25 Aug 2018 14:36:25 +0100 Subject: [PATCH] GPG key rollover. This commit adds the new ids and fingerprints in the keys appendix of the manual, and moves the old ones down into the historic-keys section. I've tweaked a few pieces of wording for ongoing use, so that they don't imply a specific number of past key rollovers. The -pgpfp option in all the tools now shows the new Master Key fingerprint and the previous (2015) one. I've adjusted all the uses of the #defines in putty.h so that future rollovers should only have to modify the #defines themselves. Most importantly, sign.sh bakes in the ids of the current release and snapshot keys, so that snapshots will automatically be signed with the new snapshot key and the -r option will invoke the new release key. --- doc/pgpkeys.but | 91 ++++++++++++++++++++++++++++------------------ putty.h | 16 ++++---- sign.sh | 4 +- unix/uxmisc.c | 10 ++--- windows/wincons.c | 10 ++--- windows/winutils.c | 10 ++--- 6 files changed, 81 insertions(+), 60 deletions(-) diff --git a/doc/pgpkeys.but b/doc/pgpkeys.but index 71143af2..85008c88 100644 --- a/doc/pgpkeys.but +++ b/doc/pgpkeys.but @@ -53,31 +53,25 @@ The current issue of those keys are available for download from the PuTTY website, and are also available on PGP keyservers using the key IDs listed below. -\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-2015.asc}{\s{Master Key}} +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-2018.asc}{\s{Master Key} (2018)} -\dd RSA, 4096-bit. Key ID: \cw{4096R/04676F7C} (long version: -\cw{4096R/AB585DC604676F7C}). Fingerprint: -\cw{440D\_E3B5\_B7A1\_CA85\_B3CC\_\_1718\_AB58\_5DC6\_0467\_6F7C} +\dd RSA, 4096-bit. Key ID: \cw{76BC7FE4EBFD2D9E}. Fingerprint: +\cw{24E1\_B1C5\_75EA\_3C9F\_F752\_\_A922\_76BC\_7FE4\_EBFD\_2D9E} -\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-2015.asc}{\s{Release Key}} +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-2018.asc}{\s{Release Key} (2018)} -\dd RSA, 2048-bit. Key ID: \cw{2048R/B43434E4} (long version: -\cw{2048R/9DFE2648B43434E4}). Fingerprint: -\cw{0054\_DDAA\_8ADA\_15D2\_768A\_\_6DE7\_9DFE\_2648\_B434\_34E4} +\dd RSA, 3072-bit. Key ID: \cw{6289A25F4AE8DA82}. Fingerprint: +\cw{E273\_94AC\_A3F9\_D904\_9522\_\_E054\_6289\_A25F\_4AE8\_DA82} -\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/contact-2016.asc}{\s{Secure Contact Key}} +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-2018.asc}{\s{Snapshot Key} (2018)} -\dd RSA, 2048-bit. Main key ID: \cw{2048R/8A0AF00B} (long version: -\cw{2048R/C4FCAAD08A0AF00B}). Encryption subkey ID: -\cw{2048R/50C2CF5C} (long version: \cw{2048R/9EB39CC150C2CF5C}). -Fingerprint: -\cw{8A26\_250E\_763F\_E359\_75F3\_\_118F\_C4FC\_AAD0\_8A0A\_F00B} +\dd RSA, 3072-bit. Key ID: \cw{38BA7229B7588FD1}. Fingerprint: +\cw{C92B\_52E9\_9AB6\_1DDA\_33DB\_\_2B7A\_38BA\_7229\_B758\_8FD1} -\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-2015.asc}{\s{Snapshot Key}} +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/contact-2018.asc}{\s{Secure Contact Key} (2018)} -\dd RSA, 2048-bit. Key ID: \cw{2048R/D15F7E8A} (long version: -\cw{2048R/EEF20295D15F7E8A}). Fingerprint: -\cw{0A3B\_0048\_FE49\_9B67\_A234\_\_FEB6\_EEF2\_0295\_D15F\_7E8A} +\dd RSA, 3072-bit. Key ID: \cw{657D487977F95C98}. Fingerprint: +\cw{A680\_0082\_2998\_6E46\_22CA\_\_0E43\_657D\_4879\_77F9\_5C98} \H{pgpkeys-security} Security details @@ -156,28 +150,53 @@ once. \H{pgpkeys-rollover} Key rollover -Our current keys were generated in September 2015, except for the -Secure Contact Key which was generated in February 2016 (we didn't -think of it until later). +Our current keys were generated in August 2018. -Prior to that, we had a much older set of keys generated in 2000. For -each of the key types above (other than the Secure Contact Key), we -provided both an RSA key \e{and} a DSA key (because at the time we -generated them, RSA was not in practice available to everyone, due to -export restrictions). +Each new Master Key is signed with the old one, to show that it really +is owned by the same people and not substituted by an attacker. -The new Master Key is signed with both of the old ones, to show that -it really is owned by the same people and not substituted by an -attacker. Also, we have retrospectively signed the old Release Keys -with the new Master Key, in case you're trying to verify the -signatures on a release prior to the rollover and can find a chain of -trust to those keys from any of the people who have signed our new -Master Key. +Each new Master Key also signs the previous Release Keys, in case +you're trying to verify the signatures on a release prior to the +rollover and can find a chain of trust to those keys from any of the +people who have signed our new Master Key. -Future releases will be signed with the up-to-date keys shown above. -Releases prior to the rollover are signed with the old Release Keys. +Each release is signed with the Release Key that was current at the +time of release. We don't go back and re-sign old releases with newly +generated keys. -For completeness, those old keys are given here: +The details of all previous keys are given here. + +\s{Key generated in 2016} (when we first introduced the Secure Contact Key) + +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/contact-2016.asc}{\s{Secure Contact Key} (2016)} + +\dd RSA, 2048-bit. Main key ID: \cw{2048R/8A0AF00B} (long version: +\cw{2048R/C4FCAAD08A0AF00B}). Encryption subkey ID: +\cw{2048R/50C2CF5C} (long version: \cw{2048R/9EB39CC150C2CF5C}). +Fingerprint: +\cw{8A26\_250E\_763F\_E359\_75F3\_\_118F\_C4FC\_AAD0\_8A0A\_F00B} + +\s{Keys generated in the 2015 rollover} + +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-2015.asc}{\s{Master Key} (2015)} + +\dd RSA, 4096-bit. Key ID: \cw{4096R/04676F7C} (long version: +\cw{4096R/AB585DC604676F7C}). Fingerprint: +\cw{440D\_E3B5\_B7A1\_CA85\_B3CC\_\_1718\_AB58\_5DC6\_0467\_6F7C} + +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/release-2015.asc}{\s{Release Key} (2015)} + +\dd RSA, 2048-bit. Key ID: \cw{2048R/B43434E4} (long version: +\cw{2048R/9DFE2648B43434E4}). Fingerprint: +\cw{0054\_DDAA\_8ADA\_15D2\_768A\_\_6DE7\_9DFE\_2648\_B434\_34E4} + +\dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/snapshot-2015.asc}{\s{Snapshot Key} (2015)} + +\dd RSA, 2048-bit. Key ID: \cw{2048R/D15F7E8A} (long version: +\cw{2048R/EEF20295D15F7E8A}). Fingerprint: +\cw{0A3B\_0048\_FE49\_9B67\_A234\_\_FEB6\_EEF2\_0295\_D15F\_7E8A} + +\s{Original keys generated in 2000} (two sets, RSA and DSA) \dt \W{https://www.chiark.greenend.org.uk/~sgtatham/putty/keys/master-rsa.asc}{\s{Master Key} (original RSA)} diff --git a/putty.h b/putty.h index fb9a2d55..844c6fa1 100644 --- a/putty.h +++ b/putty.h @@ -30,15 +30,17 @@ #define MAX_TICK_MINS (INT_MAX / (60 * TICKSPERSEC)) /* - * Fingerprints of the PGP master keys that can be used to establish a trust - * path between an executable and other files. + * Fingerprints of the current and previous PGP master keys, to + * establish a trust path between an executable and other files. */ -#define PGP_MASTER_KEY_FP \ +#define PGP_MASTER_KEY_YEAR "2018" +#define PGP_MASTER_KEY_DETAILS "RSA, 4096-bit" +#define PGP_MASTER_KEY_FP \ + "24E1 B1C5 75EA 3C9F F752 A922 76BC 7FE4 EBFD 2D9E" +#define PGP_PREV_MASTER_KEY_YEAR "2015" +#define PGP_PREV_MASTER_KEY_DETAILS "RSA, 4096-bit" +#define PGP_PREV_MASTER_KEY_FP \ "440D E3B5 B7A1 CA85 B3CC 1718 AB58 5DC6 0467 6F7C" -#define PGP_RSA_MASTER_KEY_FP \ - "8F 15 97 DA 25 30 AB 0D 88 D1 92 54 11 CF 0C 4C" -#define PGP_DSA_MASTER_KEY_FP \ - "313C 3E76 4B74 C2C5 F2AE 83A8 4F5E 6DF5 6A93 B34E" /* Three attribute types: * The ATTRs (normal attributes) are stored with the characters in diff --git a/sign.sh b/sign.sh index 8dbdb613..bece850a 100755 --- a/sign.sh +++ b/sign.sh @@ -9,14 +9,14 @@ set -e -keyname=EEF20295D15F7E8A +keyname=38BA7229B7588FD1 preliminary=false while :; do case "$1" in -r) shift - keyname=9DFE2648B43434E4 + keyname=6289A25F4AE8DA82 ;; -p) shift diff --git a/unix/uxmisc.c b/unix/uxmisc.c index c478856b..320a6c9e 100644 --- a/unix/uxmisc.c +++ b/unix/uxmisc.c @@ -158,12 +158,12 @@ void pgp_fingerprints(void) "one. See the manual for more information.\n" "(Note: these fingerprints have nothing to do with SSH!)\n" "\n" - "PuTTY Master Key as of 2015 (RSA, 4096-bit):\n" + "PuTTY Master Key as of " PGP_MASTER_KEY_YEAR + " (" PGP_MASTER_KEY_DETAILS "):\n" " " PGP_MASTER_KEY_FP "\n\n" - "Original PuTTY Master Key (RSA, 1024-bit):\n" - " " PGP_RSA_MASTER_KEY_FP "\n" - "Original PuTTY Master Key (DSA, 1024-bit):\n" - " " PGP_DSA_MASTER_KEY_FP "\n", stdout); + "Previous Master Key (" PGP_PREV_MASTER_KEY_YEAR + ", " PGP_PREV_MASTER_KEY_DETAILS "):\n" + " " PGP_PREV_MASTER_KEY_FP "\n", stdout); } /* diff --git a/windows/wincons.c b/windows/wincons.c index e315f64a..4827ddbd 100644 --- a/windows/wincons.c +++ b/windows/wincons.c @@ -327,12 +327,12 @@ void pgp_fingerprints(void) "one. See the manual for more information.\n" "(Note: these fingerprints have nothing to do with SSH!)\n" "\n" - "PuTTY Master Key as of 2015 (RSA, 4096-bit):\n" + "PuTTY Master Key as of " PGP_MASTER_KEY_YEAR + " (" PGP_MASTER_KEY_DETAILS "):\n" " " PGP_MASTER_KEY_FP "\n\n" - "Original PuTTY Master Key (RSA, 1024-bit):\n" - " " PGP_RSA_MASTER_KEY_FP "\n" - "Original PuTTY Master Key (DSA, 1024-bit):\n" - " " PGP_DSA_MASTER_KEY_FP "\n", stdout); + "Previous Master Key (" PGP_PREV_MASTER_KEY_YEAR + ", " PGP_PREV_MASTER_KEY_DETAILS "):\n" + " " PGP_PREV_MASTER_KEY_FP "\n", stdout); } void console_provide_logctx(void *logctx) diff --git a/windows/winutils.c b/windows/winutils.c index 31b98d18..58614966 100644 --- a/windows/winutils.c +++ b/windows/winutils.c @@ -142,12 +142,12 @@ void pgp_fingerprints(void) "one. See the manual for more information.\n" "(Note: these fingerprints have nothing to do with SSH!)\n" "\n" - "PuTTY Master Key as of 2015 (RSA, 4096-bit):\n" + "PuTTY Master Key as of " PGP_MASTER_KEY_YEAR + " (" PGP_MASTER_KEY_DETAILS "):\n" " " PGP_MASTER_KEY_FP "\n\n" - "Original PuTTY Master Key (RSA, 1024-bit):\n" - " " PGP_RSA_MASTER_KEY_FP "\n" - "Original PuTTY Master Key (DSA, 1024-bit):\n" - " " PGP_DSA_MASTER_KEY_FP, + "Previous Master Key (" PGP_PREV_MASTER_KEY_YEAR + ", " PGP_PREV_MASTER_KEY_DETAILS "):\n" + " " PGP_PREV_MASTER_KEY_FP, "PGP fingerprints", MB_ICONINFORMATION | MB_OK, HELPCTXID(pgp_fingerprints)); }