Note: Midsummer is alpha and under active development. Expect packages/apis/etc... to change
Midsummer is an application designed to simplify the creation of personal cryptographic assets for use in several facets, specifically:
- Signing
- Encrypting
- Authenticating
While there is the 'batch' functionality for the commonly use GnuPG tooling it only supports generating a single subkey, which is less than ideal for most situations.
Additionally, to simplify the overall process around handling the assets there are helpers for backing up the generated keys, creating revocation certificates and loading the keys on to a SmartCard.
For now, don't 😅
Currently the build depends on patches submitted to golang, but not yet accepted. These include:
openpgp: add FlagsAuthenticate, FlagsGroupKey and FlagsSplitKey support to packet.Signature
openpgp: add PreferredKeyServer support to packet.Signature
It is recommended not to patch your x/crypto packages until these patches have been verified and accepted.
To build the application:
dep ensure
go build .
check request file hash matches known request hash (using pgp-words)
for each primaryKey
generate Key
self-sign
*cross-sign*?
request yubikey
write card data to yubikey
write private keys to yubikey
write public key and stubs to public usb drive
[write backup to usb drive]
write revocation certificate to revocation usb drive
end