14 March 2016

WebCrypto and GPG - yet another missed opportunity

(Preface: I’m not good at crypto. My brain is just not big enough to juggle the necessary math. What I can do, in most cases, is juggling the basic concepts (private/public keys, certificates, chain of trust, hashing, signing, salting, encrypting, ciphers, etc) and parsing crypto-jargon enough to get by. I like to believe I belong to the silent majority of web plumbers out there — as far as I know, the world of real cryptographers and crypto-developers is still very small. If anything I say here is wrong, by all means let me know in comments.)

I’m yet again dismayed at the stubborness of crypto-nerd in making things as awkward as possible for the rest of us.

I’m currently trying to setup a simple browser extension to verify signed data, given public keys. A fairly mundane problem, one would think; and sure enough, browser vendors recently started to implement secure interfaces for this sort of operation. Great!

So let’s import a public key to verify some data. What is the most popular key manager/generator out there, something that has been around for 25 years in various incarnations? PGP/GnuPG, of course. So I export a standard RSA key in the classic armoured format and… nothing. SubtleCrypto.importKey() does not support it. Most examples I got from googling (like these excellent ones) use JWK, yet-another-JSON-format-invented-yesterday. There are a bunch of tools out there to convert OpenSSL PEM keys to JWK (for Node.js, unsurprisingly), but nothing straightforward for PGP/GPG. No biggie: considering GnuPG is only at the core of software distribution for (almost) the entire world of Linux, it’s understandable that it could be overlooked... /sarcasm

In the end, one could probably get by using hacks like the one described here. To be honest, I’ve not tried — by the time I found it, the evening had gone and the level of frustration was too high.

Projects like Let’s Encrypt demonstrated very clearly that everyday cryptography is held back by inconsiderate and hostile interfaces; once you remove them, people adopt it extremely quickly. It is understandable that legacy implementations (X509 and so on) will be awkward; but brand new interfaces which are supposed to gain widespread popularity outside the small circle of crypto specialists, designed in the last decade, should be better than this.