Use ECC (ed25519) for artifact signing keys

GnuPG 2.3.0 (2021-04-07) switched the default key algorithm to ed25519/cv25519. Even though we're not currently using such a new release, this is a good signal that we should start doing the same for our artifact signing keys. Thankfully our current GPG version on bridge can create them using the --expert option, so document the slight changes to the required commands and update the example output to more closely match its new behavior. While we're here, the version we're using also autogenerates revocation certificates. Take advantage of that to slightly simplify our key generation instructions. Change-Id: Ibb1c5ae8c540713e1c39d0000497c6b8b89b67c8
2021-05-01 19:25:39 +00:00 · 2021-05-01 19:25:39 +00:00 · fb418c2d4a
commit fb418c2d4a
parent 8346b9ac6f
1 changed files with 78 additions and 101 deletions
--- a/doc/source/signing.rst
+++ b/doc/source/signing.rst
@ -161,7 +161,7 @@ earlier keys unless we know it to have been compromised):

 .. code-block:: shell-session

-    root@bridge:~# gpg --homedir signing.gnupg --full-generate-key
+    root@bridge:~# gpg --homedir signing.gnupg --full-generate-key --expert
    gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.
@ -171,10 +171,23 @@ earlier keys unless we know it to have been compromised):
       (2) DSA and Elgamal
       (3) DSA (sign only)
       (4) RSA (sign only)
-    Your selection?
-    RSA keys may be between 1024 and 4096 bits long.
-    What keysize do you want? (2048)
-    Requested keysize is 2048 bits
+       (7) DSA (set your own capabilities)
+       (8) RSA (set your own capabilities)
+       (9) ECC and ECC
+       (10) ECC (sign only)
+       (11) ECC (set your own capabilities)
+       (13) Existing key
+    Your selection? 9
+    Please select which elliptic curve you want:
+       (1) Curve 25519
+       (3) NIST P-256
+       (4) NIST P-384
+       (5) NIST P-521
+       (6) Brainpool P-256
+       (7) Brainpool P-384
+       (8) Brainpool P-512
+       (9) secp256k1
+    Your selection? 1
    Please specify how long the key should be valid.
             0 = key does not expire
          <n>  = key expires in n days
@ -214,18 +227,15 @@ earlier keys unless we know it to have been compromised):
    .+++++
    +++++
    gpg: key 0x120D3C23C6D5584D marked as ultimately trusted
+    gpg: revocation certificate stored as '/root/signing.gnupg/openpgp-revocs.d/7222E5A05730B7670F93035A120D3C23C6D5584D.rev'
    public and secret key created and signed.

-    gpg: checking the trustdb
-    gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
-    gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
-    gpg: next trustdb check due at 2017-02-02
-    pub   rsa3072/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
-          Key fingerprint = 7222 E5A0 5730 B767 0F93  035A 120D 3C23 C6D5 584D
-    uid                 [ultimate] OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-    sub   rsa3072/0x1F215B56867C5D9A 2016-07-07 [expires: 2017-02-02]
+    pub   ed25519/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
+          7222E5A05730B7670F93035A120D3C23C6D5584D
+    uid                              OpenStack Infra (Some Cycle) <infra-root@openstack.org>
+    sub   cv25519/0x1F215B56867C5D9A 2016-07-07 [E] [expires: 2017-02-02]

-Create a revocation certificate for the master key, for use in the
+Save the revocation certificate for the master key, for use in the
 case extreme case that this master key itself becomes inaccessible,
 for example because the decryption passphrase is lost (under any
 other circumstances, a revocation certificate with a more detailed
@ -235,40 +245,9 @@ cycle name:

 .. code-block:: shell-session

-    root@bridge:~# gpg --homedir signing.gnupg --output \
-    > signing.gnupg/some.revoke.asc --gen-revoke 0x120D3C23C6D5584D
-    sec  rsa3072/0x120D3C23C6D5584D 2016-07-07 OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-
-    Create a revocation certificate for this key? (y/N) y
-    Please select the reason for the revocation:
-      0 = No reason specified
-      1 = Key has been compromised
-      2 = Key is superseded
-      3 = Key is no longer used
-      Q = Cancel
-    (Probably you want to select 1 here)
-    Your decision? 1
-    Enter an optional description; end it with an empty line:
-    > This revocation is to be used in the event the key cannot be recovered.
-    >
-    Reason for revocation: Key has been compromised
-    This revocation is to be used in the event the key cannot be recovered.
-    Is this okay? (y/N) y
-
-    You need a passphrase to unlock the secret key for
-    user: "OpenStack Infra (Some Cycle) <infra-root@openstack.org>"
-    2048-bit RSA key, ID 0x120D3C23C6D5584D, created 2016-07-07
-
-    Enter passphrase: ********************************
-
-    ASCII armored output forced.
-    Revocation certificate created.
-
-    Please move it to a medium which you can hide away; if Mallory gets
-    access to this certificate he can use it to make your key unusable.
-    It is smart to print this certificate and store it away, just in case
-    your media become unreadable.  But have some caution:  The print system of
-    your machine might store the data and make it available to others!
+    root@bridge:~# mv \
+    > signing.gnupg/openpgp-revocs.d/7222E5A05730B7670F93035A120D3C23C6D5584D.rev
+    > signing.gnupg/some.revoke.asc

 Use the interactive key editor to add a subkey constrained to
 signing purposes only. It does not need an expiration since it will
@ -276,16 +255,18 @@ be valid only for as long as its associated master key is valid:

 .. code-block:: shell-session

-    root@bridge:~# gpg --homedir signing.gnupg --edit-key 0x120D3C23C6D5584D
+    root@bridge:~# gpg --homedir signing.gnupg --expert --edit-key 0x120D3C23C6D5584D
    gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
    This is free software: you are free to change and redistribute it.
    There is NO WARRANTY, to the extent permitted by law.

    Secret key is available.

-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
+    sec  ed25519/0x120D3C23C6D5584D
+         created: 2016-07-07  expires: 2017-02-02  usage: SC
         trust: ultimate      validity: ultimate
-    sub  rsa3072/0x1F215B56867C5D9A  created: 2016-07-07  expires: 2017-02-02  usage: E
+    ssb  cv25519/0x1F215B56867C5D9A
+         created: 2016-07-07  expires: 2017-02-02  usage: E
    [ultimate] (1). OpenStack Infra (Some Cycle) <infra-root@openstack.org>

    gpg> addkey
@ -294,10 +275,23 @@ be valid only for as long as its associated master key is valid:
       (4) RSA (sign only)
       (5) Elgamal (encrypt only)
       (6) RSA (encrypt only)
-    Your selection? 4
-    RSA keys may be between 1024 and 4096 bits long.
-    What keysize do you want? (2048)
-    Requested keysize is 2048 bits
+       (7) DSA (set your own capabilities)
+       (8) RSA (set your own capabilities)
+      (10) ECC (sign only)
+      (11) ECC (set your own capabilities)
+      (12) ECC (encrypt only)
+      (13) Existing key
+    Your selection? 10
+    Please select which elliptic curve you want:
+       (1) Curve 25519
+       (3) NIST P-256
+       (4) NIST P-384
+       (5) NIST P-521
+       (6) Brainpool P-256
+       (7) Brainpool P-384
+       (8) Brainpool P-512
+       (9) secp256k1
+    Your selection? 1
    Please specify how long the key should be valid.
             0 = key does not expire
          <n>  = key expires in n days
@ -312,7 +306,7 @@ be valid only for as long as its associated master key is valid:

    You need a passphrase to unlock the secret key for
    user: "OpenStack Infra (Some Cycle) <infra-root@openstack.org>"
-    2048-bit RSA key, ID 0x120D3C23C6D5584D, created 2016-07-07
+    ID 0x120D3C23C6D5584D, created 2016-07-07

    Enter passphrase: ********************************

@ -323,10 +317,13 @@ be valid only for as long as its associated master key is valid:
    +++++
    ........+++++

-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
+    sec  ed25519/0x120D3C23C6D5584D
+         created: 2016-07-07  expires: 2017-02-02  usage: SC
         trust: ultimate      validity: ultimate
-    sub  rsa3072/0x1F215B56867C5D9A  created: 2016-07-07  expires: 2017-02-02  usage: E
-    sub  rsa3072/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage: S
+    ssb  cv25519/0x1F215B56867C5D9A
+         created: 2016-07-07  expires: 2017-02-02  usage: E
+    ssb  ed25519/0xC0224DB5F541FB68
+         created: 2016-07-07  expires: never       usage: S
    [ultimate] (1). OpenStack Infra (Some Cycle) <infra-root@openstack.org>

    gpg> save
@ -340,19 +337,6 @@ provides some added assurance of its validity:

    root@bridge:~# gpg --homedir signing.gnupg --default-key 0x70CA2E45DF30B1B8 --sign-key 0x120D3C23C6D5584D

-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage:SC
-                                   trust: ultimate      validity: ultimate
-    sub  rsa3072/0x1F215B56867C5D9A  created: 2016-07-07  expires: 2017-02-02  usage:E
-    sub  rsa3072/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage:S
-    [ultimate] (1). OpenStack Infra (Pike Cycle) <infra-root@openstack.org>
-
-
-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage:SC
-                                   trust: ultimate      validity: ultimate
-     Primary key fingerprint: 120D 3C23 C6D5 584D 6FC2  4646 64DB B05A CC5E 7C28
-
-         OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-
    This key is due to expire on 2017-02-02.
    Are you sure that you want to sign this key with your
    key "OpenStack Infra (Previous Cycle) <infra-root@openstack.org>" (0x70CA2E45DF30B1B8)
@ -361,7 +345,7 @@ provides some added assurance of its validity:

    You need a passphrase to unlock the secret key for
    user: "OpenStack Infra (Previous Cycle) <infra-root@openstack.org>"
-    2048-bit RSA key, ID 0x70CA2E45DF30B1B8, created 2016-11-03
+    ID 0x70CA2E45DF30B1B8, created 2016-11-03

    Enter passphrase: ********************************

@ -399,7 +383,7 @@ GnuPG directory:
    gpg: temporary.gnupg/trustdb.gpg: trustdb created
    gpg: key C6D5584D: public key "OpenStack Infra (Some Cycle) <infra-root@openstack.org>" imported
    gpg: Total number processed: 1
-    gpg:               imported: 1  (RSA: 1)
+    gpg:               imported: 1
    gpg:       secret keys read: 1
    gpg:   secret keys imported: 1

@ -413,10 +397,10 @@ front of it instead of just ``sec``:

    /root/temporary.gnupg/pubring.kbx
    ---------------------------------
-    sec#  rsa3072 2016-07-07 [SC] [expires: 2017-02-02]
+    sec#  ed25519 2016-07-07 [SC] [expires: 2017-02-02]
          120D3C23C6D5584D
    uid           [unknown] OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-    ssb   rsa3072 2016-07-07 [S]
+    ssb   ed25519 2016-07-07 [S]

 So that our CI jobs will be able to make use of this subkey without
 interactively supplying a passphrase, the old passphrase (exported
@ -437,9 +421,9 @@ again done using an interactive key editor session:

    Secret subkeys are available.

-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
+    pub  ed25519/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
                     trust: unknown       validity: unknown
-    sub  rsa3072/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage: S
+    sub  ed25519/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage: S
    [ unknown] (1). OpenStack Infra (Some Cycle) <infra-root@openstack.org>

    gpg> passwd
@ -455,13 +439,6 @@ Test the subkey can be used without a passphrase::
  root@bridge:~# echo foo | gpg --homedir temporary.gnupg --sign --armor
  -----BEGIN PGP MESSAGE-----

-  owEB0QEu/pANAwAKARpUEUgFTp44AcsKYgBbid4PZm9vCokBswQAAQoAHRYhBB5+
-  uy3Npgy9sH8nfBpUEUgFTp44BQJbid4PAAoJEBpUEUgFTp4486YMAIQ8zfP5ZBTq
-  7+d6ZAO25HeYCXwqU7qqNRazrceyfBBcES6+TvOtbpNPxpCzAhT2RhkIJZMJaetF
-  /RObIXn5/nHdXRsEKgTIxoyPMfxo5M8zbLqnm7NEsFzUjK2lojBPxBQs/SxiD9Qy
-  5Hvv7sAtgNV11dzzoTtyIfOXU9dUjuEnfgboc7z410ctflgI8USRiaYaCJbdj1J/
-  iGlplq/jTNMnIB3N15M5M5U9GfFO05MVyoPz0qi3t9gWP8hkOnvOSakG25NVGB4l
-  zUbMR1oK8pmLJ33fcw/8/TejjeI2FVJh9jSVE8v4O77Iiir8XcIC+PwT2MK/HIda
  SR43vh1iK66BbmlsONWxII74fIPEDHDeCqVnkzxdhleDf7DOd9HhYmI8WNOKtTIU
  7hcy6cYqHBjEgVr5oViNiveiwGsKlOUhh8x1eYDIxEEoGQEHDJDKq9YOMMjRdsO8
  fOw0TD/1r8Lmi8QLkCfGvFdrSY6EoCHqCMx3+JmGUD+iFGp2rCOucw==
@ -484,8 +461,8 @@ as a secret to Zuul for use by release jobs.
    writing RSA key
    Public key length: 4096 bits (512 bytes)
    Max plaintext length per chunk: 470 bytes
-    Input plaintext length: 4818 bytes
-    Number of chunks: 11
+    Input plaintext length: 1490 bytes
+    Number of chunks: 4

 Copy ``temporary.gnupg/zuul.yaml`` to your workstation and make a
 commit to ``zuul.d/secrets.yaml`` file in the
@ -542,11 +519,11 @@ fingerprint of the key as it exists on disk:

    me@bridge:~$ sudo gpg --homedir /root/signing.gnupg --fingerprint \
    > --list-keys "OpenStack Infra (Some Cycle)"
-    pub   rsa3072/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
+    pub   ed25519/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
          Key fingerprint = 120D 3C23 C6D5 584D 6FC2  4646 64DB B05A CC5E 7C28
    uid                 [ultimate] OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-    sub   rsa3072/0x1F215B56867C5D9A 2016-07-07 [expires: 2017-02-02]
-    sub   rsa3072/0xC0224DB5F541FB68 2016-07-07
+    sub   cv25519/0x1F215B56867C5D9A 2016-07-07 [expires: 2017-02-02]
+    sub   ed25519/0xC0224DB5F541FB68 2016-07-07

 Now on your own system where your OpenPGP key resides, retrieve the
 key, compare the fingerprint from above, and if they match, sign it
@ -562,23 +539,23 @@ and push the signature back to the keyserver network:
    gpg: depth: 1  valid:  31  signed:  46  trust: 30-, 0q, 0n, 0m, 1f, 0u
    gpg: next trustdb check due at 2016-11-30
    gpg: Total number processed: 1
-    gpg:               imported: 1  (RSA: 1)
+    gpg:               imported: 1
    me@home:~$ gpg2 --fingerprint 0x120D3C23C6D5584D
-    pub   rsa3072/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
+    pub   ed25519/0x120D3C23C6D5584D 2016-07-07 [expires: 2017-02-02]
          Key fingerprint = 120D 3C23 C6D5 584D 6FC2  4646 64DB B05A CC5E 7C28
    uid                 [  full  ] OpenStack Infra (Some Cycle) <infra-root@openstack.org>
-    sub   rsa3072/0x1F215B56867C5D9A 2016-07-07 [expires: 2017-02-02]
-    sub   rsa3072/0xC0224DB5F541FB68 2016-07-07
+    sub   cv25519/0x1F215B56867C5D9A 2016-07-07 [expires: 2017-02-02]
+    sub   ed25519/0xC0224DB5F541FB68 2016-07-07
    me@home:~$ gpg2 --sign-key 0x120D3C23C6D5584D

-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
+    pub  ed25519/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
                                   trust: unknown       validity: full
-    sub  rsa3072/0x1F215B56867C5D9A  created: 2016-07-07  expires: 2017-02-02  usage: E
-    sub  rsa3072/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage: S
+    sub  cv25519/0x1F215B56867C5D9A  created: 2016-07-07  expires: 2017-02-02  usage: E
+    sub  ed25519/0xC0224DB5F541FB68  created: 2016-07-07  expires: never       usage: S
    [  full  ] (1). OpenStack Infra (Some Cycle) <infra-root@openstack.org>


-    pub  rsa3072/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
+    pub  ed25519/0x120D3C23C6D5584D  created: 2016-07-07  expires: 2017-02-02  usage: SC
                                   trust: unknown       validity: full
     Primary key fingerprint: 120D 3C23 C6D5 584D 6FC2  4646 64DB B05A CC5E 7C28

@ -594,7 +571,7 @@ and push the signature back to the keyserver network:
       | Please enter the passphrase to unlock the secret key for the OpenPGP  |
       | certificate:                                                          |
       | "My Name <me@example.org>"                                            |
-       | 2048-bit RSA key, ID 0xAB54A98CEB1F0AD2,                              |
+       | ID 0xAB54A98CEB1F0AD2,                                                |
       | created 2008-09-10.                                                   |
       |                                                                       |
       |                                                                       |