From 2a43d5704b924779b3d04d1582f575611d2d931c Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Wed, 29 Jan 2025 11:27:02 +0100 Subject: [PATCH] Pass version down in tests --- .../pgpainless/algorithm/OpenPGPKeyVersion.kt | 17 ++++++++++++++++- .../pgpainless/key/generation/KeyRingBuilder.kt | 8 ++++---- .../secretkeyring/SecretKeyRingEditor.kt | 4 +++- ...ModifiedBindingSignatureSubpacketsTest.java} | 12 +++++------- .../pgpainless/key/util/KeyRingUtilTest.java | 10 +++++----- 5 files changed, 33 insertions(+), 18 deletions(-) rename pgpainless-core/src/test/java/org/pgpainless/key/modification/{AddSubkeyWithModifiedBindingSignatureSubpackets.java => AddSubkeyWithModifiedBindingSignatureSubpacketsTest.java} (89%) diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/OpenPGPKeyVersion.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/OpenPGPKeyVersion.kt index 2ed21fd1..a2267825 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/OpenPGPKeyVersion.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/OpenPGPKeyVersion.kt @@ -1,6 +1,21 @@ +// SPDX-FileCopyrightText: 2025 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + package org.pgpainless.algorithm -enum class OpenPGPKeyVersion(val version: Int) { +enum class OpenPGPKeyVersion(val numeric: Int) { + @Deprecated("V3 keys are deprecated.") v3(3), v4(4), + librePgp(5), v6(6), + ; + + companion object { + @JvmStatic + fun from(numeric: Int): OpenPGPKeyVersion { + return values().find { numeric == it.numeric } + ?: throw IllegalArgumentException("Unknown key version $numeric") + } + } } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt index f5e4515a..483fd6d2 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt @@ -6,7 +6,6 @@ package org.pgpainless.key.generation import java.io.IOException import java.util.* -import org.bouncycastle.bcpg.PublicKeyPacket import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor @@ -90,7 +89,7 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) : // generate primary key requireNotNull(primaryKeySpec) { "Primary Key spec required." } - val certKey = generateKeyPair(primaryKeySpec!!) + val certKey = generateKeyPair(primaryKeySpec!!, version) val signer = buildContentSigner(certKey) val signatureGenerator = PGPSignatureGenerator(signer) @@ -174,7 +173,7 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) : private fun addSubKeys(primaryKey: PGPKeyPair, ringGenerator: PGPKeyRingGenerator) { for (subKeySpec in subKeySpecs) { - val subKey = generateKeyPair(subKeySpec) + val subKey = generateKeyPair(subKeySpec, version) if (subKeySpec.isInheritedSubPackets) { ringGenerator.addSubKey(subKey) } else { @@ -248,12 +247,13 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) : @JvmOverloads fun generateKeyPair( spec: KeySpec, + version: OpenPGPKeyVersion, creationTime: Date = spec.keyCreationDate ?: Date() ): PGPKeyPair { val gen = OpenPGPImplementation.getInstance() .pgpKeyPairGeneratorProvider() - .get(PublicKeyPacket.VERSION_4, creationTime) + .get(version.numeric, creationTime) return spec.keyType.generateKeyPair(gen) } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt index ec93c6d6..d2d5cae2 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt @@ -16,6 +16,7 @@ import org.pgpainless.PGPainless.Companion.inspectKeyRing import org.pgpainless.algorithm.AlgorithmSuite import org.pgpainless.algorithm.Feature import org.pgpainless.algorithm.KeyFlag +import org.pgpainless.algorithm.OpenPGPKeyVersion import org.pgpainless.algorithm.SignatureType import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate @@ -244,7 +245,8 @@ class SecretKeyRingEditor( callback: SelfSignatureSubpackets.Callback?, protector: SecretKeyRingProtector ): SecretKeyRingEditorInterface { - val keyPair = KeyRingBuilder.generateKeyPair(keySpec, referenceTime) + val version = OpenPGPKeyVersion.from(secretKeyRing.getPublicKey().version) + val keyPair = KeyRingBuilder.generateKeyPair(keySpec, OpenPGPKeyVersion.v4, referenceTime) val subkeyProtector = PasswordBasedSecretKeyRingProtector.forKeyId(keyPair.keyID, subkeyPassphrase) val keyFlags = KeyFlag.fromBitmask(keySpec.subpackets.keyFlags).toMutableList() diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpackets.java b/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpacketsTest.java similarity index 89% rename from pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpackets.java rename to pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpacketsTest.java index 85cddfd6..1c659e42 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpackets.java +++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpacketsTest.java @@ -9,14 +9,10 @@ import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; -import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; import java.util.Date; import java.util.List; import org.bouncycastle.bcpg.sig.NotationData; -import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPKeyPair; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPSecretKeyRing; @@ -25,6 +21,7 @@ import org.junit.JUtils; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.KeyFlag; +import org.pgpainless.algorithm.OpenPGPKeyVersion; import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.generation.KeyRingBuilder; import org.pgpainless.key.generation.KeySpec; @@ -35,19 +32,20 @@ import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; -public class AddSubkeyWithModifiedBindingSignatureSubpackets { +public class AddSubkeyWithModifiedBindingSignatureSubpacketsTest { public static final long MILLIS_IN_SEC = 1000; @Test - public void bindEncryptionSubkeyAndModifyBindingSignatureHashedSubpackets() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException { + public void bindEncryptionSubkeyAndModifyBindingSignatureHashedSubpackets() { SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys(); PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() .modernKeyRing("Alice "); KeyRingInfo before = PGPainless.inspectKeyRing(secretKeys); PGPKeyPair secretSubkey = KeyRingBuilder.generateKeyPair( - KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519), KeyFlag.SIGN_DATA).build()); + KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519), KeyFlag.SIGN_DATA).build(), + OpenPGPKeyVersion.v4); long secondsUntilExpiration = 1000; secretKeys = PGPainless.modifyKeyRing(secretKeys) diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/util/KeyRingUtilTest.java b/pgpainless-core/src/test/java/org/pgpainless/key/util/KeyRingUtilTest.java index 11fd5cd3..221e62bd 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/key/util/KeyRingUtilTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/key/util/KeyRingUtilTest.java @@ -18,6 +18,7 @@ import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.KeyFlag; +import org.pgpainless.algorithm.OpenPGPKeyVersion; import org.pgpainless.algorithm.SignatureType; import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.key.generation.KeyRingBuilder; @@ -28,8 +29,6 @@ import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.util.CollectionUtils; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; import java.util.Random; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -40,7 +39,7 @@ import static org.junit.jupiter.api.Assertions.assertTrue; public class KeyRingUtilTest { @Test - public void testInjectCertification() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { + public void testInjectCertification() throws PGPException { PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() .modernKeyRing("Alice"); @@ -73,12 +72,13 @@ public class KeyRingUtilTest { } @Test - public void testKeysPlusPublicKey() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { + public void testKeysPlusPublicKey() { PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing("Alice"); PGPPublicKeyRing publicKeys = PGPainless.extractCertificate(secretKeys); PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(KeySpec.getBuilder( - KeyType.ECDH(EllipticCurve._P256), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE).build()); + KeyType.ECDH(EllipticCurve._P256), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE).build(), + OpenPGPKeyVersion.v4); PGPPublicKey pubkey = keyPair.getPublicKey(); assertFalse(pubkey.isMasterKey());