mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-09-10 10:49:39 +02:00
Pass down API instance
This commit is contained in:
parent
d24a4a0883
commit
12ff104cf8
GPG key ID:
62BEE9264BF17311
17 changed files with 157 additions and 112 deletions
|
|
@ -217,8 +217,8 @@ class PGPainless(
|
|||
fun modifyKeyRing(
|
||||
secretKey: PGPSecretKeyRing,
|
||||
referenceTime: Date = Date(),
|
||||
policy: Policy = getInstance().algorithmPolicy
|
||||
) = SecretKeyRingEditor(secretKey, policy, referenceTime)
|
||||
api: PGPainless = getInstance()
|
||||
) = SecretKeyRingEditor(secretKey, api, referenceTime)
|
||||
|
||||
/**
|
||||
* Quickly access information about a [org.bouncycastle.openpgp.PGPPublicKeyRing] /
|
||||
|
|
@ -237,7 +237,7 @@ class PGPainless(
|
|||
@JvmStatic
|
||||
@JvmOverloads
|
||||
fun inspectKeyRing(key: OpenPGPCertificate, referenceTime: Date = Date()) =
|
||||
KeyRingInfo(key, getInstance().algorithmPolicy, referenceTime)
|
||||
KeyRingInfo(key, getInstance(), referenceTime)
|
||||
|
||||
/**
|
||||
* Access, and make changes to PGPainless policy on acceptable/default algorithms etc.
|
||||
|
|
@ -255,6 +255,6 @@ class PGPainless(
|
|||
*
|
||||
* @return builder
|
||||
*/
|
||||
@JvmStatic fun certify() = CertifyCertificate()
|
||||
@JvmStatic fun certify() = CertifyCertificate(getInstance())
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ import org.pgpainless.signature.subpackets.CertificationSubpackets
|
|||
* really belongs to the owner of the certificate. A delegation over a key can be used to delegate
|
||||
* trust by marking the certificate as a trusted introducer.
|
||||
*/
|
||||
class CertifyCertificate {
|
||||
class CertifyCertificate(private val api: PGPainless) {
|
||||
|
||||
/**
|
||||
* Create a certification over a User-Id. By default, this method will use
|
||||
|
|
@ -49,7 +49,7 @@ class CertifyCertificate {
|
|||
userId: CharSequence,
|
||||
certificate: OpenPGPCertificate,
|
||||
certificationType: CertificationType = CertificationType.GENERIC
|
||||
): CertificationOnUserId = CertificationOnUserId(userId, certificate, certificationType)
|
||||
): CertificationOnUserId = CertificationOnUserId(userId, certificate, certificationType, api)
|
||||
|
||||
/**
|
||||
* Create a certification over a User-Id. By default, this method will use
|
||||
|
|
@ -76,7 +76,7 @@ class CertifyCertificate {
|
|||
userId: String,
|
||||
certificate: PGPPublicKeyRing,
|
||||
certificationType: CertificationType
|
||||
) = CertificationOnUserId(userId, certificate, certificationType)
|
||||
) = CertificationOnUserId(userId, certificate, certificationType, api)
|
||||
|
||||
/**
|
||||
* Create a delegation (direct key signature) over a certificate. This can be used to mark a
|
||||
|
|
@ -88,7 +88,7 @@ class CertifyCertificate {
|
|||
*/
|
||||
@JvmOverloads
|
||||
fun certificate(certificate: OpenPGPCertificate, trustworthiness: Trustworthiness? = null) =
|
||||
DelegationOnCertificate(certificate, trustworthiness)
|
||||
DelegationOnCertificate(certificate, trustworthiness, api)
|
||||
|
||||
/**
|
||||
* Create a delegation (direct key signature) over a certificate. This can be used to mark a
|
||||
|
|
@ -113,20 +113,22 @@ class CertifyCertificate {
|
|||
*/
|
||||
@Deprecated("Pass in an OpenPGPCertificate instead of PGPPublicKeyRing.")
|
||||
fun certificate(certificate: PGPPublicKeyRing, trustworthiness: Trustworthiness?) =
|
||||
DelegationOnCertificate(certificate, trustworthiness)
|
||||
DelegationOnCertificate(certificate, trustworthiness, api)
|
||||
|
||||
class CertificationOnUserId(
|
||||
val userId: CharSequence,
|
||||
val certificate: OpenPGPCertificate,
|
||||
val certificationType: CertificationType
|
||||
val certificationType: CertificationType,
|
||||
private val api: PGPainless
|
||||
) {
|
||||
|
||||
@Deprecated("Use primary constructor instead.")
|
||||
constructor(
|
||||
userId: String,
|
||||
certificate: PGPPublicKeyRing,
|
||||
certificationType: CertificationType
|
||||
) : this(userId, PGPainless.getInstance().toCertificate(certificate), certificationType)
|
||||
certificationType: CertificationType,
|
||||
api: PGPainless
|
||||
) : this(userId, api.toCertificate(certificate), certificationType, api)
|
||||
|
||||
fun withKey(
|
||||
key: OpenPGPKey,
|
||||
|
|
@ -135,7 +137,7 @@ class CertifyCertificate {
|
|||
val secretKey = getCertifyingSecretKey(key)
|
||||
val sigBuilder =
|
||||
ThirdPartyCertificationSignatureBuilder(
|
||||
certificationType.asSignatureType(), secretKey, protector)
|
||||
certificationType.asSignatureType(), secretKey, protector, api)
|
||||
|
||||
return CertificationOnUserIdWithSubpackets(certificate, userId, sigBuilder)
|
||||
}
|
||||
|
|
@ -166,8 +168,9 @@ class CertifyCertificate {
|
|||
constructor(
|
||||
certificate: PGPPublicKeyRing,
|
||||
userId: String,
|
||||
sigBuilder: ThirdPartyCertificationSignatureBuilder
|
||||
) : this(PGPainless.getInstance().toCertificate(certificate), userId, sigBuilder)
|
||||
sigBuilder: ThirdPartyCertificationSignatureBuilder,
|
||||
api: PGPainless
|
||||
) : this(api.toCertificate(certificate), userId, sigBuilder)
|
||||
|
||||
/**
|
||||
* Apply the given signature subpackets and build the certification.
|
||||
|
|
@ -202,21 +205,23 @@ class CertifyCertificate {
|
|||
|
||||
class DelegationOnCertificate(
|
||||
val certificate: OpenPGPCertificate,
|
||||
val trustworthiness: Trustworthiness?
|
||||
val trustworthiness: Trustworthiness?,
|
||||
private val api: PGPainless
|
||||
) {
|
||||
|
||||
@Deprecated("Pass in an OpenPGPCertificate instead of PGPPublicKeyRing.")
|
||||
constructor(
|
||||
certificate: PGPPublicKeyRing,
|
||||
trustworthiness: Trustworthiness?
|
||||
) : this(PGPainless.getInstance().toCertificate(certificate), trustworthiness)
|
||||
trustworthiness: Trustworthiness?,
|
||||
api: PGPainless
|
||||
) : this(api.toCertificate(certificate), trustworthiness, api)
|
||||
|
||||
fun withKey(
|
||||
key: OpenPGPKey,
|
||||
protector: SecretKeyRingProtector
|
||||
): DelegationOnCertificateWithSubpackets {
|
||||
val secretKey = getCertifyingSecretKey(key)
|
||||
val sigBuilder = ThirdPartyDirectKeySignatureBuilder(secretKey, protector)
|
||||
val sigBuilder = ThirdPartyDirectKeySignatureBuilder(secretKey, protector, api)
|
||||
if (trustworthiness != null) {
|
||||
sigBuilder.hashedSubpackets.setTrust(
|
||||
true, trustworthiness.depth, trustworthiness.amount)
|
||||
|
|
|
|||
|
|
@ -19,7 +19,6 @@ import org.pgpainless.exception.KeyException.UnboundUserIdException
|
|||
import org.pgpainless.key.OpenPgpFingerprint
|
||||
import org.pgpainless.key.SubkeyIdentifier
|
||||
import org.pgpainless.key.util.KeyRingUtils
|
||||
import org.pgpainless.policy.Policy
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil.Companion.getKeyExpirationTimeAsDate
|
||||
import org.pgpainless.util.DateUtil
|
||||
|
|
@ -27,24 +26,24 @@ import org.slf4j.LoggerFactory
|
|||
|
||||
class KeyRingInfo(
|
||||
val keys: OpenPGPCertificate,
|
||||
val policy: Policy = PGPainless.getPolicy(),
|
||||
val referenceDate: Date = Date()
|
||||
private val api: PGPainless = PGPainless.getInstance(),
|
||||
private val referenceDate: Date = Date()
|
||||
) {
|
||||
|
||||
constructor(
|
||||
keys: PGPKeyRing,
|
||||
policy: Policy = PGPainless.getPolicy(),
|
||||
api: PGPainless = PGPainless.getInstance(),
|
||||
referenceDate: Date = Date()
|
||||
) : this(
|
||||
if (keys is PGPSecretKeyRing) OpenPGPKey(keys) else OpenPGPCertificate(keys),
|
||||
policy,
|
||||
api,
|
||||
referenceDate)
|
||||
|
||||
@JvmOverloads
|
||||
constructor(
|
||||
keys: PGPKeyRing,
|
||||
referenceDate: Date = Date()
|
||||
) : this(keys, PGPainless.getPolicy(), referenceDate)
|
||||
) : this(keys, PGPainless.getInstance(), referenceDate)
|
||||
|
||||
/** Primary [OpenPGPCertificate.OpenPGPPrimaryKey]. */
|
||||
val primaryKey: OpenPGPCertificate.OpenPGPPrimaryKey = keys.primaryKey
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ import org.pgpainless.key.util.KeyRingUtils
|
|||
import org.pgpainless.key.util.KeyRingUtils.Companion.changePassphrase
|
||||
import org.pgpainless.key.util.KeyRingUtils.Companion.injectCertification
|
||||
import org.pgpainless.key.util.RevocationAttributes
|
||||
import org.pgpainless.policy.Policy
|
||||
import org.pgpainless.signature.builder.*
|
||||
import org.pgpainless.signature.subpackets.*
|
||||
import org.pgpainless.util.Passphrase
|
||||
|
|
@ -47,7 +46,7 @@ import org.pgpainless.util.selection.userid.SelectUserId
|
|||
|
||||
class SecretKeyRingEditor(
|
||||
var key: OpenPGPKey,
|
||||
val policy: Policy = PGPainless.getInstance().algorithmPolicy,
|
||||
val api: PGPainless = PGPainless.getInstance(),
|
||||
override val referenceTime: Date = Date()
|
||||
) : SecretKeyRingEditorInterface {
|
||||
|
||||
|
|
@ -56,9 +55,9 @@ class SecretKeyRingEditor(
|
|||
@JvmOverloads
|
||||
constructor(
|
||||
secretKeyRing: PGPSecretKeyRing,
|
||||
policy: Policy = PGPainless.getInstance().algorithmPolicy,
|
||||
api: PGPainless = PGPainless.getInstance(),
|
||||
referenceTime: Date = Date()
|
||||
) : this(PGPainless.getInstance().toKey(secretKeyRing), policy, referenceTime)
|
||||
) : this(PGPainless.getInstance().toKey(secretKeyRing), api, referenceTime)
|
||||
|
||||
override fun addUserId(
|
||||
userId: CharSequence,
|
||||
|
|
@ -298,14 +297,16 @@ class SecretKeyRingEditor(
|
|||
SignatureSubpacketsUtil.assureKeyCanCarryFlags(subkeyAlgorithm)
|
||||
|
||||
val bitStrength = subkey.publicKey.bitStrength
|
||||
require(policy.publicKeyAlgorithmPolicy.isAcceptable(subkeyAlgorithm, bitStrength)) {
|
||||
require(
|
||||
api.algorithmPolicy.publicKeyAlgorithmPolicy.isAcceptable(
|
||||
subkeyAlgorithm, bitStrength)) {
|
||||
"Public key algorithm policy violation: $subkeyAlgorithm with bit strength $bitStrength is not acceptable."
|
||||
}
|
||||
|
||||
val primaryKey = secretKeyRing.secretKey
|
||||
val info = inspectKeyRing(secretKeyRing, referenceTime)
|
||||
val hashAlgorithm =
|
||||
HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(policy)
|
||||
HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(api.algorithmPolicy)
|
||||
.negotiateHashAlgorithm(info.preferredHashAlgorithms)
|
||||
|
||||
var secretSubkey =
|
||||
|
|
@ -323,13 +324,15 @@ class SecretKeyRingEditor(
|
|||
PGPainless.getInstance().implementation.pbeSecretKeyDecryptorBuilderProvider())
|
||||
|
||||
val skBindingBuilder =
|
||||
SubkeyBindingSignatureBuilder(key.primarySecretKey, primaryKeyProtector, hashAlgorithm)
|
||||
SubkeyBindingSignatureBuilder(
|
||||
key.primarySecretKey, primaryKeyProtector, hashAlgorithm, api)
|
||||
skBindingBuilder.apply {
|
||||
hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
hashedSubpackets.setKeyFlags(flags)
|
||||
if (subkeyAlgorithm.isSigningCapable()) {
|
||||
val pkBindingBuilder =
|
||||
PrimaryKeyBindingSignatureBuilder(componentKey, subkeyProtector, hashAlgorithm)
|
||||
PrimaryKeyBindingSignatureBuilder(
|
||||
componentKey, subkeyProtector, hashAlgorithm, api)
|
||||
pkBindingBuilder.hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
hashedSubpackets.addEmbeddedSignature(pkBindingBuilder.build(primaryKey.publicKey))
|
||||
}
|
||||
|
|
@ -623,7 +626,7 @@ class SecretKeyRingEditor(
|
|||
if (revokeeSubkey.isMasterKey) SignatureType.KEY_REVOCATION
|
||||
else SignatureType.SUBKEY_REVOCATION
|
||||
|
||||
return RevocationSignatureBuilder(signatureType, key.primarySecretKey, protector)
|
||||
return RevocationSignatureBuilder(signatureType, key.primarySecretKey, protector, api)
|
||||
.apply { applyCallback(callback) }
|
||||
.build(revokeeSubkey)
|
||||
}
|
||||
|
|
@ -634,7 +637,7 @@ class SecretKeyRingEditor(
|
|||
callback: RevocationSignatureSubpackets.Callback?
|
||||
): SecretKeyRingEditorInterface {
|
||||
RevocationSignatureBuilder(
|
||||
SignatureType.CERTIFICATION_REVOCATION, key.primarySecretKey, protector)
|
||||
SignatureType.CERTIFICATION_REVOCATION, key.primarySecretKey, protector, api)
|
||||
.apply {
|
||||
hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
applyCallback(callback)
|
||||
|
|
@ -663,7 +666,7 @@ class SecretKeyRingEditor(
|
|||
prevUserIdSig: PGPSignature
|
||||
): PGPSignature {
|
||||
val builder =
|
||||
SelfSignatureBuilder(key.primarySecretKey, secretKeyRingProtector, prevUserIdSig)
|
||||
SelfSignatureBuilder(key.primarySecretKey, secretKeyRingProtector, prevUserIdSig, api)
|
||||
builder.hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
builder.applyCallback(
|
||||
object : SelfSignatureSubpackets.Callback {
|
||||
|
|
@ -682,7 +685,8 @@ class SecretKeyRingEditor(
|
|||
@Nonnull primaryUserId: String,
|
||||
@Nonnull prevUserIdSig: PGPSignature
|
||||
): PGPSignature {
|
||||
return SelfSignatureBuilder(key.primarySecretKey, secretKeyRingProtector, prevUserIdSig)
|
||||
return SelfSignatureBuilder(
|
||||
key.primarySecretKey, secretKeyRingProtector, prevUserIdSig, api)
|
||||
.apply {
|
||||
hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
applyCallback(
|
||||
|
|
@ -710,7 +714,7 @@ class SecretKeyRingEditor(
|
|||
prevDirectKeySig: PGPSignature
|
||||
): OpenPGPSignature {
|
||||
return DirectKeySelfSignatureBuilder(
|
||||
secretKeyRing, secretKeyRingProtector, prevDirectKeySig)
|
||||
secretKeyRing, secretKeyRingProtector, prevDirectKeySig, api)
|
||||
.apply {
|
||||
hashedSubpackets.setSignatureCreationTime(referenceTime)
|
||||
applyCallback(
|
||||
|
|
@ -741,7 +745,7 @@ class SecretKeyRingEditor(
|
|||
|
||||
val builder =
|
||||
SubkeyBindingSignatureBuilder(
|
||||
key.primarySecretKey, protector, prevSubkeyBindingSignature)
|
||||
key.primarySecretKey, protector, prevSubkeyBindingSignature, api)
|
||||
builder.hashedSubpackets.apply {
|
||||
// set expiration
|
||||
setSignatureCreationTime(referenceTime)
|
||||
|
|
@ -761,7 +765,7 @@ class SecretKeyRingEditor(
|
|||
clearEmbeddedSignatures()
|
||||
addEmbeddedSignature(
|
||||
PrimaryKeyBindingSignatureBuilder(
|
||||
key.getSecretKey(subkey.keyIdentifier), protector)
|
||||
key.getSecretKey(subkey.keyIdentifier), protector, api)
|
||||
.build(primaryKey))
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ import org.bouncycastle.openpgp.PGPPublicKey
|
|||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.PGPSignatureGenerator
|
||||
import org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPComponentKey
|
||||
import org.bouncycastle.openpgp.api.OpenPGPImplementation
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.HashAlgorithm
|
||||
|
|
@ -27,7 +26,8 @@ abstract class AbstractSignatureBuilder<B : AbstractSignatureBuilder<B>>(
|
|||
protected var _hashAlgorithm: HashAlgorithm,
|
||||
protected var _signatureType: SignatureType,
|
||||
protected val _hashedSubpackets: SignatureSubpackets,
|
||||
protected val _unhashedSubpackets: SignatureSubpackets
|
||||
protected val _unhashedSubpackets: SignatureSubpackets,
|
||||
protected val api: PGPainless
|
||||
) {
|
||||
|
||||
protected abstract val signatureTypePredicate: Predicate<SignatureType>
|
||||
|
|
@ -45,40 +45,46 @@ abstract class AbstractSignatureBuilder<B : AbstractSignatureBuilder<B>>(
|
|||
protector: SecretKeyRingProtector,
|
||||
hashAlgorithm: HashAlgorithm,
|
||||
hashedSubpackets: SignatureSubpackets,
|
||||
unhashedSubpackets: SignatureSubpackets
|
||||
unhashedSubpackets: SignatureSubpackets,
|
||||
api: PGPainless
|
||||
) : this(
|
||||
UnlockSecretKey.unlockSecretKey(signingKey, protector),
|
||||
hashAlgorithm,
|
||||
signatureType,
|
||||
hashedSubpackets,
|
||||
unhashedSubpackets)
|
||||
unhashedSubpackets,
|
||||
api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signatureType: SignatureType,
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : this(
|
||||
signatureType,
|
||||
signingKey,
|
||||
protector,
|
||||
negotiateHashAlgorithm(signingKey),
|
||||
negotiateHashAlgorithm(signingKey, api),
|
||||
SignatureSubpackets.createHashedSubpackets(signingKey.pgpSecretKey.publicKey),
|
||||
SignatureSubpackets.createEmptySubpackets())
|
||||
SignatureSubpackets.createEmptySubpackets(),
|
||||
api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : this(
|
||||
SignatureType.requireFromCode(archetypeSignature.signatureType),
|
||||
signingKey,
|
||||
protector,
|
||||
negotiateHashAlgorithm(signingKey),
|
||||
negotiateHashAlgorithm(signingKey, api),
|
||||
SignatureSubpackets.refreshHashedSubpackets(
|
||||
signingKey.publicKey.pgpPublicKey, archetypeSignature),
|
||||
SignatureSubpackets.refreshUnhashedSubpackets(archetypeSignature))
|
||||
SignatureSubpackets.refreshUnhashedSubpackets(archetypeSignature),
|
||||
api)
|
||||
|
||||
val hashAlgorithm = _hashAlgorithm
|
||||
|
||||
|
|
@ -110,8 +116,7 @@ abstract class AbstractSignatureBuilder<B : AbstractSignatureBuilder<B>>(
|
|||
@Throws(PGPException::class)
|
||||
protected fun buildAndInitSignatureGenerator(): PGPSignatureGenerator =
|
||||
PGPSignatureGenerator(
|
||||
OpenPGPImplementation.getInstance()
|
||||
.pgpContentSignerBuilder(
|
||||
api.implementation.pgpContentSignerBuilder(
|
||||
signingKey.keyPair.publicKey.algorithm, hashAlgorithm.algorithmId),
|
||||
signingKey.keyPair.publicKey)
|
||||
.apply {
|
||||
|
|
@ -129,13 +134,13 @@ abstract class AbstractSignatureBuilder<B : AbstractSignatureBuilder<B>>(
|
|||
* @return hash algorithm
|
||||
*/
|
||||
@JvmStatic
|
||||
fun negotiateHashAlgorithm(publicKey: PGPPublicKey): HashAlgorithm =
|
||||
HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(PGPainless.getPolicy())
|
||||
fun negotiateHashAlgorithm(publicKey: PGPPublicKey, api: PGPainless): HashAlgorithm =
|
||||
HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(api.algorithmPolicy)
|
||||
.negotiateHashAlgorithm(
|
||||
OpenPgpKeyAttributeUtil.getOrGuessPreferredHashAlgorithms(publicKey))
|
||||
|
||||
@JvmStatic
|
||||
fun negotiateHashAlgorithm(key: OpenPGPComponentKey): HashAlgorithm =
|
||||
negotiateHashAlgorithm(key.pgpPublicKey)
|
||||
fun negotiateHashAlgorithm(key: OpenPGPComponentKey, api: PGPainless): HashAlgorithm =
|
||||
negotiateHashAlgorithm(key.pgpPublicKey, api)
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,24 +29,24 @@ class DirectKeySelfSignatureBuilder : AbstractSignatureBuilder<DirectKeySelfSign
|
|||
constructor(
|
||||
signingKeyRing: PGPSecretKeyRing,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
) : this(
|
||||
PGPainless.getInstance().toKey(signingKeyRing).primarySecretKey,
|
||||
protector,
|
||||
archetypeSignature)
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : this(api.toKey(signingKeyRing).primarySecretKey, protector, archetypeSignature, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
) : super(signingKey, protector, archetypeSignature)
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(signingKey, protector, archetypeSignature, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(SignatureType.DIRECT_KEY, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.DIRECT_KEY, signingKey, protector, api)
|
||||
|
||||
val hashedSubpackets: SelfSignatureSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: SelfSignatureSubpackets = _unhashedSubpackets
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPException
|
|||
import org.bouncycastle.openpgp.PGPPublicKey
|
||||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.HashAlgorithm
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector
|
||||
|
|
@ -29,21 +30,24 @@ class PrimaryKeyBindingSignatureBuilder :
|
|||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingSubkey: OpenPGPKey.OpenPGPSecretKey,
|
||||
subkeyProtector: SecretKeyRingProtector
|
||||
) : super(SignatureType.PRIMARYKEY_BINDING, signingSubkey, subkeyProtector)
|
||||
subkeyProtector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.PRIMARYKEY_BINDING, signingSubkey, subkeyProtector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingSubkey: OpenPGPKey.OpenPGPSecretKey,
|
||||
subkeyProtector: SecretKeyRingProtector,
|
||||
hashAlgorithm: HashAlgorithm
|
||||
hashAlgorithm: HashAlgorithm,
|
||||
api: PGPainless
|
||||
) : super(
|
||||
SignatureType.PRIMARYKEY_BINDING,
|
||||
signingSubkey,
|
||||
subkeyProtector,
|
||||
hashAlgorithm,
|
||||
SignatureSubpackets.createHashedSubpackets(signingSubkey.publicKey.pgpPublicKey),
|
||||
SignatureSubpackets.createEmptySubpackets())
|
||||
SignatureSubpackets.createEmptySubpackets(),
|
||||
api)
|
||||
|
||||
val hashedSubpackets: SelfSignatureSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: SelfSignatureSubpackets = _unhashedSubpackets
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPException
|
|||
import org.bouncycastle.openpgp.PGPPublicKey
|
||||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector
|
||||
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets
|
||||
|
|
@ -19,8 +20,11 @@ class RevocationSignatureBuilder
|
|||
constructor(
|
||||
signatureType: SignatureType,
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : AbstractSignatureBuilder<RevocationSignatureBuilder>(signatureType, signingKey, protector) {
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) :
|
||||
AbstractSignatureBuilder<RevocationSignatureBuilder>(
|
||||
signatureType, signingKey, protector, api) {
|
||||
|
||||
override val signatureTypePredicate: Predicate<SignatureType>
|
||||
get() =
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPException
|
|||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.PGPUserAttributeSubpacketVector
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector
|
||||
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets
|
||||
|
|
@ -32,22 +33,25 @@ class SelfSignatureBuilder : AbstractSignatureBuilder<SelfSignatureBuilder> {
|
|||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(SignatureType.GENERIC_CERTIFICATION, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.GENERIC_CERTIFICATION, signingKey, protector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signatureType: SignatureType,
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(signatureType, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(signatureType, signingKey, protector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
primaryKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
primaryKeyProtector: SecretKeyRingProtector,
|
||||
oldCertification: PGPSignature
|
||||
) : super(primaryKey, primaryKeyProtector, oldCertification)
|
||||
oldCertification: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(primaryKey, primaryKeyProtector, oldCertification, api)
|
||||
|
||||
val hashedSubpackets: SelfSignatureSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: SelfSignatureSubpackets = _unhashedSubpackets
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPException
|
|||
import org.bouncycastle.openpgp.PGPPublicKey
|
||||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.HashAlgorithm
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector
|
||||
|
|
@ -27,27 +28,31 @@ class SubkeyBindingSignatureBuilder : AbstractSignatureBuilder<SubkeyBindingSign
|
|||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(SignatureType.SUBKEY_BINDING, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.SUBKEY_BINDING, signingKey, protector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
hashAlgorithm: HashAlgorithm
|
||||
hashAlgorithm: HashAlgorithm,
|
||||
api: PGPainless
|
||||
) : super(
|
||||
SignatureType.SUBKEY_BINDING,
|
||||
signingKey,
|
||||
protector,
|
||||
hashAlgorithm,
|
||||
SignatureSubpackets.createHashedSubpackets(signingKey.publicKey.pgpPublicKey),
|
||||
SignatureSubpackets.createEmptySubpackets())
|
||||
SignatureSubpackets.createEmptySubpackets(),
|
||||
api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
oldSubkeyBinding: PGPSignature
|
||||
oldSubkeyBinding: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(
|
||||
signingKey,
|
||||
protector,
|
||||
|
|
@ -55,7 +60,8 @@ class SubkeyBindingSignatureBuilder : AbstractSignatureBuilder<SubkeyBindingSign
|
|||
require(it.signatureType == SignatureType.SUBKEY_BINDING.code) {
|
||||
"Invalid signature type."
|
||||
}
|
||||
})
|
||||
},
|
||||
api)
|
||||
|
||||
val hashedSubpackets: SelfSignatureSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: SelfSignatureSubpackets = _unhashedSubpackets
|
||||
|
|
|
|||
|
|
@ -47,8 +47,9 @@ class ThirdPartyCertificationSignatureBuilder :
|
|||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(SignatureType.GENERIC_CERTIFICATION, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.GENERIC_CERTIFICATION, signingKey, protector, api)
|
||||
|
||||
/**
|
||||
* Create a new certification signature builder.
|
||||
|
|
@ -62,8 +63,9 @@ class ThirdPartyCertificationSignatureBuilder :
|
|||
constructor(
|
||||
signatureType: SignatureType,
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(signatureType, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(signatureType, signingKey, protector, api)
|
||||
|
||||
/**
|
||||
* Create a new certification signature builder.
|
||||
|
|
@ -77,8 +79,9 @@ class ThirdPartyCertificationSignatureBuilder :
|
|||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
) : super(signingKey, protector, archetypeSignature)
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(signingKey, protector, archetypeSignature, api)
|
||||
|
||||
val hashedSubpackets: CertificationSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: CertificationSubpackets = _unhashedSubpackets
|
||||
|
|
@ -111,7 +114,7 @@ class ThirdPartyCertificationSignatureBuilder :
|
|||
@Throws(PGPException::class)
|
||||
@Deprecated("Pass in an OpenPGPCertificate instead of a PGPPublicKeyRing.")
|
||||
fun build(certificate: PGPPublicKeyRing, userId: CharSequence): PGPSignature =
|
||||
build(PGPainless.getInstance().toCertificate(certificate), userId).signature
|
||||
build(api.toCertificate(certificate), userId).signature
|
||||
|
||||
fun build(
|
||||
certificate: OpenPGPCertificate,
|
||||
|
|
@ -137,6 +140,5 @@ class ThirdPartyCertificationSignatureBuilder :
|
|||
fun build(
|
||||
certificate: PGPPublicKeyRing,
|
||||
userAttribute: PGPUserAttributeSubpacketVector
|
||||
): PGPSignature =
|
||||
build(PGPainless.getInstance().toCertificate(certificate), userAttribute).signature
|
||||
): PGPSignature = build(api.toCertificate(certificate), userAttribute).signature
|
||||
}
|
||||
|
|
|
|||
|
|
@ -33,15 +33,17 @@ class ThirdPartyDirectKeySignatureBuilder :
|
|||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(SignatureType.DIRECT_KEY, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(SignatureType.DIRECT_KEY, signingKey, protector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
) : super(signingKey, protector, archetypeSignature)
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(signingKey, protector, archetypeSignature, api)
|
||||
|
||||
val hashedSubpackets: CertificationSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: CertificationSubpackets = _unhashedSubpackets
|
||||
|
|
@ -64,7 +66,7 @@ class ThirdPartyDirectKeySignatureBuilder :
|
|||
@Throws(PGPException::class)
|
||||
@Deprecated("Pass in an OpenPGPCertificate instead.")
|
||||
fun build(certificate: PGPPublicKeyRing): PGPSignature =
|
||||
build(PGPainless.getInstance().toCertificate(certificate)).signature
|
||||
build(api.toCertificate(certificate)).signature
|
||||
|
||||
@Deprecated("Pass in an OpenPGPComponentKey instead.")
|
||||
@Throws(PGPException::class)
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ import org.bouncycastle.openpgp.PGPException
|
|||
import org.bouncycastle.openpgp.PGPSignature
|
||||
import org.bouncycastle.openpgp.PGPSignatureGenerator
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey
|
||||
import org.pgpainless.PGPainless
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpackets
|
||||
|
|
@ -27,15 +28,17 @@ class UniversalSignatureBuilder : AbstractSignatureBuilder<UniversalSignatureBui
|
|||
constructor(
|
||||
signatureType: SignatureType,
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector
|
||||
) : super(signatureType, signingKey, protector)
|
||||
protector: SecretKeyRingProtector,
|
||||
api: PGPainless
|
||||
) : super(signatureType, signingKey, protector, api)
|
||||
|
||||
@Throws(PGPException::class)
|
||||
constructor(
|
||||
signingKey: OpenPGPKey.OpenPGPSecretKey,
|
||||
protector: SecretKeyRingProtector,
|
||||
archetypeSignature: PGPSignature
|
||||
) : super(signingKey, protector, archetypeSignature)
|
||||
archetypeSignature: PGPSignature,
|
||||
api: PGPainless
|
||||
) : super(signingKey, protector, archetypeSignature, api)
|
||||
|
||||
val hashedSubpackets: SignatureSubpackets = _hashedSubpackets
|
||||
val unhashedSubpackets: SignatureSubpackets = _unhashedSubpackets
|
||||
|
|
|
|||
|
|
@ -33,7 +33,8 @@ public class SubkeyAndPrimaryKeyBindingSignatureTest {
|
|||
|
||||
@Test
|
||||
public void testRebindSubkey() throws PGPException, IOException {
|
||||
OpenPGPKey secretKeys = PGPainless.getInstance().toKey(TestKeys.getEmilSecretKeyRing());
|
||||
PGPainless api = PGPainless.getInstance();
|
||||
OpenPGPKey secretKeys = api.toKey(TestKeys.getEmilSecretKeyRing());
|
||||
KeyRingInfo info = PGPainless.inspectKeyRing(secretKeys);
|
||||
|
||||
OpenPGPKey.OpenPGPSecretKey primaryKey = secretKeys.getPrimarySecretKey();
|
||||
|
|
@ -47,7 +48,7 @@ public class SubkeyAndPrimaryKeyBindingSignatureTest {
|
|||
HashAlgorithm.SHA512, HashAlgorithm.SHA384, HashAlgorithm.SHA256, HashAlgorithm.SHA224)),
|
||||
hashAlgorithmSet);
|
||||
|
||||
SubkeyBindingSignatureBuilder sbb = new SubkeyBindingSignatureBuilder(primaryKey, SecretKeyRingProtector.unprotectedKeys());
|
||||
SubkeyBindingSignatureBuilder sbb = new SubkeyBindingSignatureBuilder(primaryKey, SecretKeyRingProtector.unprotectedKeys(), api);
|
||||
sbb.applyCallback(new SelfSignatureSubpackets.Callback() {
|
||||
@Override
|
||||
public void modifyHashedSubpackets(SelfSignatureSubpackets hashedSubpackets) {
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ import org.bouncycastle.bcpg.sig.Exportable;
|
|||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPSignature;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPImplementation;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPSignature;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
|
@ -30,17 +29,20 @@ public class ThirdPartyCertificationSignatureBuilderTest {
|
|||
|
||||
@Test
|
||||
public void testInvalidSignatureTypeThrows() {
|
||||
PGPainless api = PGPainless.getInstance();
|
||||
OpenPGPKey secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice");
|
||||
assertThrows(IllegalArgumentException.class, () ->
|
||||
new ThirdPartyCertificationSignatureBuilder(
|
||||
SignatureType.BINARY_DOCUMENT, // invalid type
|
||||
secretKeys.getPrimarySecretKey(),
|
||||
SecretKeyRingProtector.unprotectedKeys()));
|
||||
SecretKeyRingProtector.unprotectedKeys(),
|
||||
api));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUserIdCertification() throws PGPException {
|
||||
PGPainless api = PGPainless.getInstance();
|
||||
OpenPGPKey secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice");
|
||||
|
||||
|
|
@ -49,7 +51,8 @@ public class ThirdPartyCertificationSignatureBuilderTest {
|
|||
|
||||
ThirdPartyCertificationSignatureBuilder signatureBuilder = new ThirdPartyCertificationSignatureBuilder(
|
||||
secretKeys.getPrimarySecretKey(),
|
||||
SecretKeyRingProtector.unprotectedKeys());
|
||||
SecretKeyRingProtector.unprotectedKeys(),
|
||||
api);
|
||||
|
||||
signatureBuilder.applyCallback(new CertificationSubpackets.Callback() {
|
||||
@Override
|
||||
|
|
@ -70,7 +73,7 @@ public class ThirdPartyCertificationSignatureBuilderTest {
|
|||
assertFalse(exportable.isExportable());
|
||||
|
||||
// test sig correctness
|
||||
signature.init(OpenPGPImplementation.getInstance().pgpContentVerifierBuilderProvider(),
|
||||
signature.init(api.getImplementation().pgpContentVerifierBuilderProvider(),
|
||||
secretKeys.getPrimaryKey().getPGPPublicKey());
|
||||
assertTrue(signature.verifyCertification("Bob", bobsPublicKeys.getPrimaryKey().getPGPPublicKey()));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,12 +34,14 @@ public class ThirdPartyDirectKeySignatureBuilderTest {
|
|||
|
||||
@Test
|
||||
public void testDirectKeySignatureBuilding() throws PGPException {
|
||||
PGPainless api = PGPainless.getInstance();
|
||||
OpenPGPKey secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice");
|
||||
|
||||
DirectKeySelfSignatureBuilder dsb = new DirectKeySelfSignatureBuilder(
|
||||
secretKeys.getPrimarySecretKey(),
|
||||
SecretKeyRingProtector.unprotectedKeys());
|
||||
SecretKeyRingProtector.unprotectedKeys(),
|
||||
api);
|
||||
|
||||
Date now = new Date();
|
||||
Date t1 = new Date(now.getTime() + 1000 * 60 * 60);
|
||||
|
|
|
|||
|
|
@ -62,10 +62,11 @@ public class UniversalSignatureBuilderTest {
|
|||
|
||||
@Test
|
||||
public void createPetNameSignature() throws PGPException {
|
||||
PGPainless api = PGPainless.getInstance();
|
||||
OpenPGPKey.OpenPGPSecretKey signingKey = secretKeys.getPrimarySecretKey();
|
||||
PGPSignature archetype = signingKey.getPublicKey().getPGPPublicKey().getSignatures().next();
|
||||
UniversalSignatureBuilder builder = new UniversalSignatureBuilder(
|
||||
signingKey, protector, archetype);
|
||||
signingKey, protector, archetype, api);
|
||||
|
||||
builder.applyCallback(new SignatureSubpackets.Callback() {
|
||||
@Override
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue