PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-12-17 09:41:08 +01:00
Code Issues Releases Wiki Activity

Verify that keys can carry certain key flags

Browse source
This commit is contained in:
Paul Schaub 2021-01-03 17:01:08 +01:00
parent 2378162953
commit 5143da1311
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
10 changed files with 167 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

25
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilder.java
View file

@ -38,10 +38,35 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
@Override
public WithDetailedConfiguration withKeyFlags(@Nonnull KeyFlag... flags) {
assureKeyCanCarryFlags(flags);
this.hashedSubPackets.setKeyFlags(false, KeyFlag.toBitmask(flags));
return new WithDetailedConfigurationImpl();
}
private void assureKeyCanCarryFlags(KeyFlag... flags) {
final int mask = KeyFlag.toBitmask(flags);
if (!type.canCertify() && KeyFlag.hasKeyFlag(mask, KeyFlag.CERTIFY_OTHER)) {
throw new IllegalArgumentException("KeyType " + type.getName() + " cannot carry key flag CERTIFY_OTHER.");
}
if (!type.canSign() && KeyFlag.hasKeyFlag(mask, KeyFlag.SIGN_DATA)) {
throw new IllegalArgumentException("KeyType " + type.getName() + " cannot carry key flag SIGN_DATA.");
}
if (!type.canEncryptCommunication() && KeyFlag.hasKeyFlag(mask, KeyFlag.ENCRYPT_COMMS)) {
throw new IllegalArgumentException("KeyType " + type.getName() + " cannot carry key flag ENCRYPT_COMMS.");
}
if (!type.canEncryptStorage() && KeyFlag.hasKeyFlag(mask, KeyFlag.ENCRYPT_STORAGE)) {
throw new IllegalArgumentException("KeyType " + type.getName() + " cannot carry key flag ENCRYPT_STORAGE.");
}
if (!type.canAuthenticate() && KeyFlag.hasKeyFlag(mask, KeyFlag.AUTHENTICATION)) {
throw new IllegalArgumentException("KeyType " + type.getName() + " cannot carry key flag AUTHENTIACTION.");
}
}
@Override
public KeySpec withInheritedSubPackets() {
return new KeySpec(type, null, true);

44
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/KeyType.java
View file

@ -52,12 +52,50 @@ public interface KeyType {
AlgorithmParameterSpec getAlgorithmSpec();
/**
* Return true if the key that is generated from this type is able to carry the CERTIFY_OTHERS key flag.
* Return true if the key that is generated from this type is able to carry the SIGN_DATA key flag.
* See {@link org.pgpainless.algorithm.KeyFlag#SIGN_DATA}.
*
* @return true if the key can sign.
*/
boolean canSign();
/**
* Return true if the key that is generated from this type is able to carry the CERTIFY_OTHER key flag.
* See {@link org.pgpainless.algorithm.KeyFlag#CERTIFY_OTHER}.
*
* @return true if the key is able to certify others
* @return true if the key is able to certify other keys
*/
boolean canCertify();
default boolean canCertify() {
return canSign();
}
/**
* Return true if the key that is generated from this type is able to carry the AUTHENTICATION key flag.
* See {@link org.pgpainless.algorithm.KeyFlag#AUTHENTICATION}.
*
* @return true if the key is able to be used for authentication purposes.
*/
default boolean canAuthenticate() {
return canSign();
}
/**
* Return true if the key that is generated from this type is able to carry the ENCRYPT_COMMS key flag.
* See {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_COMMS}.
*
* @return true if the key can encrypt communication
*/
boolean canEncryptCommunication();
/**
* Return true if the key that is generated from this type is able to carry the ENCRYPT_STORAGE key flag.
* See {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_STORAGE}.
*
* @return true if the key can encrypt for storage
*/
default boolean canEncryptStorage() {
return canEncryptCommunication();
}
static KeyType RSA(RsaLength length) {
return RSA.withLength(length);

7
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/ecc/ecdh/ECDH.java
View file

@ -51,7 +51,12 @@ public final class ECDH implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return false;
}
@Override
public boolean canEncryptCommunication() {
return true;
}
}

8
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/ecc/ecdsa/ECDSA.java
View file

@ -52,7 +52,13 @@ public final class ECDSA implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return true;
}
@Override
public boolean canEncryptCommunication() {
return false;
}
}

7
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/eddsa/EdDSA.java
View file

@ -52,7 +52,12 @@ public final class EdDSA implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return true;
}
@Override
public boolean canEncryptCommunication() {
return false;
}
}

8
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/elgamal/ElGamal_ENCRYPT.java
View file

@ -50,7 +50,13 @@ public final class ElGamal_ENCRYPT implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return false;
}
@Override
public boolean canEncryptCommunication() {
return true;
}
}

9
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/elgamal/ElGamal_GENERAL.java
View file

@ -51,7 +51,12 @@ public class ElGamal_GENERAL implements KeyType {
}
@Override
public boolean canCertify() {
return false;
public boolean canSign() {
return true;
}
@Override
public boolean canEncryptCommunication() {
return true;
}
}

7
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/rsa/RSA.java
View file

@ -53,7 +53,12 @@ public class RSA implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return true;
}
@Override
public boolean canEncryptCommunication() {
return true;
}
}

7
pgpainless-core/src/main/java/org/pgpainless/key/generation/type/xdh/XDH.java
View file

@ -49,7 +49,12 @@ public final class XDH implements KeyType {
}
@Override
public boolean canCertify() {
public boolean canSign() {
return false;
}
@Override
public boolean canEncryptCommunication() {
return true;
}
}