PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-10 18:59:39 +02:00
Code Issues Releases Wiki Activity

Implement update-key command properly

Browse source
This commit is contained in:
Paul Schaub 2025-06-12 13:35:24 +02:00
parent d789d3e0c4
commit 0a639e1c2a
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
3 changed files with 297 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

16
pgpainless-sop/src/main/kotlin/org/pgpainless/sop/UpdateKeyImpl.kt
View file

@ -1,15 +1,17 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <info@pgpainless.org>
//
// SPDX-License-Identifier: CC0-1.0
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.sop
import java.io.InputStream
import java.io.OutputStream
import java.util.*
import org.bouncycastle.bcpg.KeyIdentifier
import org.bouncycastle.openpgp.PGPSecretKeyRing
import org.bouncycastle.openpgp.api.OpenPGPCertificate
import org.pgpainless.PGPainless
import org.pgpainless.key.modification.secretkeyring.OpenPGPKeyUpdater
import org.pgpainless.util.OpenPGPCertificateUtil
import org.pgpainless.util.Passphrase
import sop.Ready
@ -27,8 +29,9 @@ class UpdateKeyImpl(private val api: PGPainless) : UpdateKey {
override fun key(key: InputStream): Ready {
return object : Ready() {
override fun writeTo(outputStream: OutputStream) {
val keyList =
var keyList =
api.readKey().parseKeys(key).map {
// Merge keys
if (mergeCerts[it.keyIdentifier] == null) {
it
} else {
@ -41,6 +44,15 @@ class UpdateKeyImpl(private val api: PGPainless) : UpdateKey {
}
}
// Update keys
keyList =
keyList.map {
OpenPGPKeyUpdater(it, protector, api)
.replaceRejectedAlgorithmPreferencesAndFeatures(addCapabilities)
.replaceWeakSubkeys(true, signingOnly)
.finish()
}
if (armor) {
OpenPGPCertificateUtil.armor(keyList, outputStream)
} else {