OpenPGP interoperability test suite
These are the results of running the OpenPGP interoperability test suite version 0.1.0 (b6dca0a) on 2021-01-08T14:13.
This test suite has been very successful in identifying problems in many OpenPGP implementations. If you want to see your implementation included in these results, please implement the Stateless OpenPGP Command Line Interface and open an issue in our tracker. Note: The implementation doesn't have to be complete to be useful.
How to read the test results
Tests are loosely coupled in categories. Both tests and categories have anchors and can be linked to. The anchors should be stable enough to be included in commit messages and documentation. Every test describes the setup, and may introduce terminology used in the test results. Additional resources (e.g. certificates) required by the test can be inspected by clicking on the inspect button (). The results are in tabular form. The producers are on the left going down, the consumers on the top going right.
There are two kinds of tests. In producer-consumer tests, the OpenPGP implementations being tested produce an artifact (e.g. they encrypt a message), and every implementation is used to consume the artifact (e.g. to decrypt the encrypted message). In consumer tests, the artifacts are produced by the test suite, and consumed by every OpenPGP implementation. In either case, the artifact that is consumed can be inspected by clicking on the inspect button () in the second column in every row. If a producer failed to produce an artifact, or the artifact did not conform to the expectation, a cross mark (✗) is displayed. Hovering over it with the mouse pointer reveals the error message in a tooltip.
Each row now contains the result of consuming the row's artifact using the different OpenPGP implementations. Here, a check mark (✓) indicates that the operation was successful. The resulting output (e.g. the decrypted message) can be found in the tooltip. Like before, a cross mark (✗) indicates that the operation was not successful, or the produced artifact did not meet expectations. Again, details can be found in the tooltip.
Up to this point, we did not judge whether or not a operation should be successful or not, we merely recorded the facts. This answers the question of how implementations react to certain inputs, and we can quantify that and have an informed conversation about the consequences. But, we observed that the bare results were hard to interpret, a problem exacerbated by the vastness of the results due to combinatorial effects.
To address this, most tests now have an expectation for the outcome, and an explanation for the expected outcome. (If one of these expectations disagree with you, please get in touch!) If the result of an operation agrees with the expectation, the result has a green background and has a diagonal line in the top-left corner. If they disagree, the background is red and the line is in the top-right corner.
Example test
This is an example.
Additional artifacts:
Consumer |
FooPGP/1 |
BarPGP/2 |
BazPGP/3 |
Expectation |
Comment |
|
---|---|---|---|---|---|---|
Producer | Artifact | |||||
Base case | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Well-formed variant | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
Malformed variant | ✗ | ✓ | ✗ | ✗ | Message is malformed. | |
Weird variant | ✗ | ✓ | ✓ | |||
Producer failure | ✗ | ✓ | Should work (TM). |
Table of Contents
-
Test Results
- Asymmetric Encryption
- Symmetric Encryption
- Symmetric Encryption Algorithm support
- Encrypt-Decrypt roundtrip with key 'Bob', IDEA
- Encrypt-Decrypt roundtrip with key 'Bob', TripleDES
- Encrypt-Decrypt roundtrip with key 'Bob', CAST5
- Encrypt-Decrypt roundtrip with key 'Bob', Blowfish
- Encrypt-Decrypt roundtrip with key 'Bob', AES128
- Encrypt-Decrypt roundtrip with key 'Bob', AES192
- Encrypt-Decrypt roundtrip with key 'Bob', AES256
- Encrypt-Decrypt roundtrip with key 'Bob', Twofish
- Encrypt-Decrypt roundtrip with key 'Bob', Camellia128
- Encrypt-Decrypt roundtrip with key 'Bob', Camellia192
- Encrypt-Decrypt roundtrip with key 'Bob', Camellia256
- Encrypt-Decrypt roundtrip with key 'Bob', EAX
- Encrypt-Decrypt roundtrip with key 'Bob', OCB
- SEIP packet support
- Detached Signatures
- Hash Algorithms
- Detached Sign-Verify roundtrip with key 'Bob', MD5
- Detached Sign-Verify roundtrip with key 'Bob', SHA1
- Detached Sign-Verify roundtrip with key 'Bob', RipeMD
- Detached Sign-Verify roundtrip with key 'Bob', SHA256
- Detached Sign-Verify roundtrip with key 'Bob', SHA384
- Detached Sign-Verify roundtrip with key 'Bob', SHA512
- Detached Sign-Verify roundtrip with key 'Bob', SHA224
- Signature over the shattered collision
- Compression Algorithms
- Key Generation
- Certificates
- Revocations
- Key revocation test: primary key signs and is not revoked (base case)
- Key revocation test: subkey signs, primary key is not revoked (base case)
- Key revocation test: primary key signs and is revoked; revoked: no subpacket
- Key revocation test: subkey signs, primary key is revoked; revoked: no subpacket
- Key revocation test: subkey signs, subkey is revoked; revoked: no subpacket
- Key revocation test: primary key signs and is revoked; revoked: unspecified
- Key revocation test: subkey signs, primary key is revoked; revoked: unspecified
- Key revocation test: subkey signs, subkey is revoked; revoked: unspecified
- Key revocation test: primary key signs and is revoked; revoked: compromised
- Key revocation test: subkey signs, primary key is revoked; revoked: compromised
- Key revocation test: subkey signs, subkey is revoked; revoked: compromised
- Key revocation test: primary key signs and is revoked; revoked: private
- Key revocation test: subkey signs, primary key is revoked; revoked: private
- Key revocation test: subkey signs, subkey is revoked; revoked: private
- Key revocation test: primary key signs and is revoked; revoked: unknown
- Key revocation test: subkey signs, primary key is revoked; revoked: unknown
- Key revocation test: subkey signs, subkey is revoked; revoked: unknown
- Key revocation test: primary key signs and is revoked; revoked: superseded
- Key revocation test: subkey signs, primary key is revoked; revoked: superseded
- Key revocation test: subkey signs, subkey is revoked; revoked: superseded
- Key revocation test: primary key signs and is revoked; revoked: key retired
- Key revocation test: subkey signs, primary key is revoked; revoked: key retired
- Key revocation test: subkey signs, subkey is revoked; revoked: key retired
- Key revocation test: primary key signs and is revoked; revoked: uid retired
- Key revocation test: subkey signs, primary key is revoked; revoked: uid retired
- Key revocation test: subkey signs, subkey is revoked; revoked: uid retired
- Message structure
- ASCII Armor
- Elliptic Curve Cryptography
- Packet parser
- Hall of Fame
- Configuration
Test Results
Asymmetric Encryption
Encrypt-Decrypt roundtrip with key 'Alice'
Encrypt-Decrypt roundtrip using the 'Alice' key from draft-bre-openpgp-samples-00.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob'
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Recipient IDs
Tests variations of recipient ids.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Encryption subkey's KeyID | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Base case | |
Wildcard KeyID | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | Interoperability concern | |
Certificate KeyID | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
Fictitious KeyID | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ |
Symmetric Encryption
Symmetric Encryption Algorithm support
This tests support for the different symmetric encryption algorithms using Sequoia to generate the artifacts.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
IDEA | ✗ | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | |||
TripleDES | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
CAST5 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
Blowfish | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | |||
AES128 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
AES192 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
AES256 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
Twofish | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | |||
Camellia128 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | |||
Camellia192 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | |||
Camellia256 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | |||
Unencrypted | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Unencrypted cipher must not be used |
Encrypt-Decrypt roundtrip with key 'Bob', IDEA
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [IDEA].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
Sequoia-SOP/0.20.0 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
dkg-sop/1.2.0 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✗ | Algorithm should be avoided. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
GPGME-SOP/2.2.20 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✗ | Algorithm should be avoided. |
Encrypt-Decrypt roundtrip with key 'Bob', TripleDES
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [TripleDES].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
Sequoia-SOP/0.20.0 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
dkg-sop/1.2.0 | ✗ | |||||||||||
GopenPGP/v2.0.1 | ✗ | |||||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
RNP/0.0.0+git20201125.80ba4a | ✗ | |||||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
GPGME-SOP/2.2.20 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
GPGME-SOP/1.4.23 | ✗ |
Encrypt-Decrypt roundtrip with key 'Bob', CAST5
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [CAST5].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
dkg-sop/1.2.0 | ✗ | ✗ | Algorithm should be avoided. | |||||||||
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✗ | Algorithm should be avoided. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Algorithm should be avoided. | |
GPGME-SOP/1.4.23 | ✗ | ✗ | Algorithm should be avoided. |
Encrypt-Decrypt roundtrip with key 'Bob', Blowfish
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [Blowfish].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob', AES128
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [AES128].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
dkg-sop/1.2.0 | ✗ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |||||||||
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES-128 is a MUST according to RFC4880bis8. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | AES-128 is a MUST according to RFC4880bis8. |
Encrypt-Decrypt roundtrip with key 'Bob', AES192
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [AES192].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
dkg-sop/1.2.0 | ✗ | ✓ | AES should be supported | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | AES should be supported | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | AES should be supported | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
GPGME-SOP/1.4.23 | ✗ | ✓ | AES should be supported |
Encrypt-Decrypt roundtrip with key 'Bob', AES256
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [AES256].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
RNP/0.0.0+git20201125.80ba4a | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | AES should be supported | |
GPGME-SOP/1.4.23 | ✗ | ✓ | AES should be supported |
Encrypt-Decrypt roundtrip with key 'Bob', Twofish
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [Twofish].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob', Camellia128
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [Camellia128].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✓ | Interoperability concern. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob', Camellia192
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [Camellia192].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✓ | Interoperability concern. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob', Camellia256
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [Camellia256].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✓ | Interoperability concern. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Encrypt-Decrypt roundtrip with key 'Bob', EAX
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [AES256], AEAD algorithm preference [EAX].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
Sequoia-SOP/0.20.0 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
dkg-sop/1.2.0 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
GopenPGP/v2.0.1 | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
GPGME-SOP/2.2.20 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | EAX is a MUST according to RFC4880bis8. |
Encrypt-Decrypt roundtrip with key 'Bob', OCB
Encrypt-Decrypt roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the symmetric algorithm preference [AES256], AEAD algorithm preference [OCB].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✓ | Interoperability concern. | |||||||||
Sequoia-SOP/0.20.0 | ✗ | ✓ | Interoperability concern. | |||||||||
dkg-sop/1.2.0 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/2.2.20 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
SEIP packet support
This tests support for the Symmetrically Encrypted Integrity Protected Data Packet (Tag 18) and verifies that modifications to the ciphertext are detected. It uses Sequoia to generate the artifacts.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Base case | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | SEIP is a MUST according to RFC4880. | |
Missing MDC | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Missing MDC must abort processing. | |
Downgrade to SED | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | Security concern: Downgrade must be prevented. | |
Tampered ciphertext | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Security concern: Tampering must be prevented. | |
Tampered MDC | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Security concern: Tampering must be prevented. |
Detached Signatures
Detached Sign-Verify roundtrip with key 'Alice'
Detached Sign-Verify roundtrip using the 'Alice' key from draft-bre-openpgp-samples-00.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Detached Sign-Verify roundtrip with key 'Bob'
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Detached signature with Subpackets
Tests how implementations constrain the validity of signatures depending on the given subpackets.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Base case | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Base case, unhashed issuer fingerprint | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Base case, hashed issuer | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
No issuer fingerprint | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
No issuer fingerprint, hashed issuer | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
No issuer | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗ | ✓ | Issuer fingerprint ought to be enough. | |
No issuer, unhashed issuer fingerprint | ✓ | ✓ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✗ | ✓ | Issuer fingerprint ought to be enough. | |
No issuer, no issuer fingerprint | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
Issuer, fake issuer | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
Fake issuer, issuer | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | Interoperability concern. | |
Issuer, fake issuer, V6 issuer FP | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | Interoperability concern. | |
Fake issuer, issuer, V6 issuer FP | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
Unhashed creation time | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | Creation time must be hashed. | |
No creation time | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ | Creation time must exist. | |
Creation time given twice | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Uniqueness of subpackets is not required. | |
Future creation time | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ | ✗ | Creation time is in the future. | |
Future creation time given twice | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | ✓ | ✗ | Creation time is in the future. | |
Future creation time, backdated | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✓ | ✗ | Creation time is in the future. | |
Unknown subpacket | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Critical unknown subpacket | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | Critical unknown subpacket invalidates signature. | |
Unknown subpacket, unhashed | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Critical unknown subpacket, unhashed | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | ✓ | ✗ | ✗ | |||
Unknown notation | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Critical unknown notation | ✗ | ✗ | ✗ | ✗ | ✓ | ✓ | ✓ | ✗ | ✗ | ✗ | Critical unknown notation invalidates signature. | |
Unknown notation, unhashed | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Critical unknown notation, unhashed | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✗ | ✗ |
Detached signatures: Linebreak normalization
Tests how implementations normalize line breaks when verifying text signatures. Section 5.2.1 of RFC4880 says: The signature is calculated over the text data with its line endings converted to <CR><LF>.
This test creates two signatures, a binary and a text signature, over the message one\r\ntwo\r\nthree
, and checks whether variants of the message with different line endings can be verified using these signatures.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
"one\r\ntwo\r\nthree" | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Base case (b) | |
"one\r\ntwo\r\nthree" | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Base case (t) | |
"one\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\ntwo\nthree" | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Line endings must be normalized (t) | |
"one\ntwo\r\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\ntwo\r\nthree" | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Line endings must be normalized (t) | |
"one\r\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\r\ntwo\nthree" | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Line endings must be normalized (t) | |
"one\rtwo\rthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\rtwo\rthree" | ✓ | ✓ | ✗ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | |||
"one\n\rtwo\n\rthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\n\rtwo\n\rthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{1e}two\u{1e}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{1e}two\u{1e}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{b}two\u{b}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{b}two\u{b}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{c}two\u{c}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{c}two\u{c}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{85}two\u{85}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{85}two\u{85}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{2028}two\u{2028}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{2028}two\u{2028}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one\u{2029}two\u{2029}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{2029}two\u{2029}three" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | |||
"one \ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one \ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\ntwo \nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\ntwo \nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\ntwo\nthree " | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\ntwo\nthree " | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\ntwo\nthree\n" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\ntwo\nthree\n" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"\none\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"\none\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\t\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\t\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\u{a0}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{a0}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\u{1680}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{1680}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) | |
"one\u{2000}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Binary signature must not be valid (b) | |
"one\u{2000}\ntwo\nthree" | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | ✗ | Erroneous normalization (e.g. trailing whitespace) (t) |
Detached signatures with unknown packets
This tests whether detached signatures with unknown versions of Signature packets are still verified. This is important for the evolution of the message format.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
SIG4 SIG4 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Base case | |
SIG4 SIG23 | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | ✗ | ✓ | Unknown versions should be ignored | |
SIG23 SIG4 | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | ✗ | ✗ | ✗ | ✓ | Unknown versions should be ignored |
Hash Algorithms
Detached Sign-Verify roundtrip with key 'Bob', MD5
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [MD5].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | ✗ | ✗ | Hash should not be used anymore. | |
Sequoia-SOP/0.20.0 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | ✗ | ✗ | Hash should not be used anymore. | |
dkg-sop/1.2.0 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✗ | Hash should not be used anymore. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | ✗ | ✗ | Hash should not be used anymore. | |
GPGME-SOP/2.2.20 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✗ | Hash should not be used anymore. |
Detached Sign-Verify roundtrip with key 'Bob', SHA1
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [SHA1].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Hash should not be used anymore. | |
Sequoia-SOP/0.20.0 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Hash should not be used anymore. | |
dkg-sop/1.2.0 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✗ | Hash should not be used anymore. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Hash should not be used anymore. | |
GPGME-SOP/2.2.20 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✗ | Hash should not be used anymore. |
Detached Sign-Verify roundtrip with key 'Bob', RipeMD
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [RipeMD].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | Hash should not be used anymore. | |
Sequoia-SOP/0.20.0 | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | Hash should not be used anymore. | |
dkg-sop/1.2.0 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✗ | Hash should not be used anymore. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GPGME-SOP/2.2.20 | ✗ | ✗ | Hash should not be used anymore. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✗ | Hash should not be used anymore. |
Detached Sign-Verify roundtrip with key 'Bob', SHA256
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [SHA256].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | MUST be implemented according to RFC4880bis8. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | MUST be implemented according to RFC4880bis8. | |
dkg-sop/1.2.0 | ✗ | ✓ | MUST be implemented according to RFC4880bis8. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | MUST be implemented according to RFC4880bis8. | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | MUST be implemented according to RFC4880bis8. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | MUST be implemented according to RFC4880bis8. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | MUST be implemented according to RFC4880bis8. | |
GPGME-SOP/2.2.20 | ✗ | ✓ | MUST be implemented according to RFC4880bis8. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | MUST be implemented according to RFC4880bis8. |
Detached Sign-Verify roundtrip with key 'Bob', SHA384
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [SHA384].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
dkg-sop/1.2.0 | ✗ | ✓ | Should be supported. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Should be supported. | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Should be supported. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
GPGME-SOP/2.2.20 | ✗ | ✓ | Should be supported. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | Should be supported. |
Detached Sign-Verify roundtrip with key 'Bob', SHA512
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [SHA512].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
dkg-sop/1.2.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Should be supported. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Should be supported. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Should be supported. |
Detached Sign-Verify roundtrip with key 'Bob', SHA224
Detached Sign-Verify roundtrip using the 'Bob' key from draft-bre-openpgp-samples-00, modified with the hash algorithm preference [SHA224].
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✓ | Interoperability concern. | |||||||||
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✓ | Interoperability concern. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Signature over the shattered collision
This tests whether detached signatures using SHA-1 over the collision from the paper The first collision for full SHA-1 are considered valid.
The first test establishes a baseline. It is a SHA-1 signature over the text Hello World :)
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Baseline | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Data signatures using SHA-1 should be considered invalid | |
SIG-1 over PDF-1 | ✗ | ✗ | ✗ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | Attack must be mitigated | |
SIG-1 over PDF-2 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Attack must be mitigated | |
SIG-2 over PDF-1 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Attack must be mitigated | |
SIG-2 over PDF-2 | ✗ | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | Attack must be mitigated |
Compression Algorithms
Compression Algorithm support
This tests support for the different compression algorithms using Sequoia to generate the artifacts.
Additional artifacts:
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Uncompressed | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | Uncompressed MUST be supported. | |
ZIP | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | SHOULD be able to decompress ZIP. | |
ZLIB | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Zlib SHOULD be supported. | |
BZip2 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Key Generation
Default key generation, encrypt-decrypt roundtrip
This models key generation, distribution, and encrypted message exchange. Generates a default key with the producer P, then extracts the certificate from the key and uses it to encrypt a message using the consumer C, and finally P to decrypt the message.
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Default key generation, encrypt-decrypt roundtrip, 2 UIDs
This models key generation, distribution, and encrypted message exchange. Generates a default key with the producer P, then extracts the certificate from the key and uses it to encrypt a message using the consumer C, and finally P to decrypt the message.
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✗ | ✓ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/2.2.20 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | ✓ | Interoperability concern. | |
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Default key generation, encrypt-decrypt roundtrip, no UIDs
This models key generation, distribution, and encrypted message exchange. Generates a default key with the producer P, then extracts the certificate from the key and uses it to encrypt a message using the consumer C, and finally P to decrypt the message.
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
Sequoia-SOP/1.0.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
Sequoia-SOP/0.20.0 | ✓ | ✓ | ✓ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
dkg-sop/1.2.0 | ✗ | ✗ | ✓ | ✗ | ✗ | ✓ | ✗ | ✗ | ✗ | ✓ | Interoperability concern. | |
GopenPGP/v2.0.1 | ✗ | ✓ | Interoperability concern. | |||||||||
OpenPGP.js/v4.10.7 | ✗ | ✓ | Interoperability concern. | |||||||||
RNP/0.0.0+git20201125.80ba4a | ✗ | ✓ | Interoperability concern. | |||||||||
SOPGPy/0.1.0/0.5.3 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/2.2.20 | ✗ | ✓ | Interoperability concern. | |||||||||
GPGME-SOP/1.4.23 | ✗ | ✓ | Interoperability concern. |
Certificates
Interpretation of encryption keyflags
OpenPGP has two kinds of key usage flags that cover encryption: 0x04 - This key may be used to encrypt communications. 0x08 - This key may be used to encrypt storage. This tests how implementation interpret these flags.This test uses two encryption subkeys, A (7C2F AA4D F93C 37B2) and B (9F44 3C1C F2DF 113B).
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
A 0x04 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
A 0x08 | ✓ | ✓ | ✓ | ✗ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
A 0x0c, B 0x0c | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
B 0x0c, A 0x0c | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
A 0x04, B 0x08 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
A 0x08, B 0x04 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
B 0x04, A 0x08 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
B 0x08, A 0x04 | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ |
Interpretation of primary key flags
This tests various ways of specifying the primary key's flags. Key flags can be provided using direct key signatures, as well as binding signatures on userids.
Notation: p[flags-on-direct-key-sig] u[flags-on-uid-binding] s[flags-on-binding], where CSEA refer to certification, signing, encryption, and authentication capabilities, and 0 refers to an explicit empty set (the subpacket is present, but empty). The key is then used to do an encrypt-decrypt roundtrip.
Consumer | Sequoia-SOP/1.0.0 | Sequoia-SOP/0.20.0 | dkg-sop/1.2.0 | GopenPGP/v2.0.1 | OpenPGP.js/v4.10.7 | RNP/0.0.0+git20201125.80ba4a | SOPGPy/0.1.0/0.5.3 | GPGME-SOP/2.2.20 | GPGME-SOP/1.4.23 | Expectation |
Comment |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|
Producer | Artifact | |||||||||||
p uC sE (basecase) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
pC uC sE | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✗ | |||
pC u sE |