diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt index e4a79d5b..2512c89c 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt @@ -430,7 +430,7 @@ class OpenPgpMessageInputStream( } if (decryptWithPrivateKey( esks, - privateKey.unlockedKey, + privateKey.keyPair, SubkeyIdentifier( secretKey.openPGPKey.pgpSecretKeyRing, secretKey.keyIdentifier), pkesk)) { @@ -458,7 +458,7 @@ class OpenPgpMessageInputStream( val privateKey = decryptionKey.unlock(protector) if (decryptWithPrivateKey( - esks, privateKey.unlockedKey, SubkeyIdentifier(decryptionKey), pkesk)) { + esks, privateKey.keyPair, SubkeyIdentifier(decryptionKey), pkesk)) { return true } } @@ -489,7 +489,7 @@ class OpenPgpMessageInputStream( } catch (e: PGPException) { throw WrongPassphraseException(secretKey.keyIdentifier, e) } - if (decryptWithPrivateKey(esks, privateKey.unlockedKey, decryptionKeyId, pkesk)) { + if (decryptWithPrivateKey(esks, privateKey.keyPair, decryptionKeyId, pkesk)) { return true } } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt index 4dbfe64b..d60943b1 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt @@ -25,6 +25,7 @@ import org.pgpainless.util.Passphrase class EncryptionOptions(private val purpose: EncryptionPurpose) { private val _encryptionMethods: MutableSet = mutableSetOf() + private val _encryptionKeys: MutableSet = mutableSetOf() private val _encryptionKeyIdentifiers: MutableSet = mutableSetOf() private val _keyRingInfo: MutableMap = mutableMapOf() private val _keyViews: MutableMap = mutableMapOf() @@ -40,6 +41,9 @@ class EncryptionOptions(private val purpose: EncryptionPurpose) { val encryptionKeyIdentifiers get() = _encryptionKeyIdentifiers.toSet() + val encryptionKeys + get() = _encryptionKeys.toSet() + val keyRingInfo get() = _keyRingInfo.toMap() @@ -326,6 +330,7 @@ class EncryptionOptions(private val purpose: EncryptionPurpose) { } private fun addRecipientKey(key: OpenPGPComponentKey, wildcardKeyId: Boolean) { + _encryptionKeys.add(key) _encryptionKeyIdentifiers.add(SubkeyIdentifier(key)) addEncryptionMethod( ImplementationFactory.getInstance() diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt index da2ebb42..6e9ca8a5 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt @@ -450,8 +450,7 @@ class SigningOptions { } val generator: PGPSignatureGenerator = - createSignatureGenerator( - signingKey.unlockedKey.privateKey, hashAlgorithm, signatureType) + createSignatureGenerator(signingKey.keyPair.privateKey, hashAlgorithm, signatureType) // Subpackets val hashedSubpackets = diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt index 597be3e6..a4526f61 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt @@ -61,7 +61,7 @@ class UnlockSecretKey { if (PGPainless.getPolicy().isEnableKeyParameterValidation()) { PublicKeyParameterValidationUtil.verifyPublicKeyParameterIntegrity( - privateKey.unlockedKey.privateKey, privateKey.unlockedKey.publicKey) + privateKey.keyPair.privateKey, privateKey.keyPair.publicKey) } return privateKey diff --git a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptionOptionsTest.java b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptionOptionsTest.java index 809b90ae..b81313e1 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptionOptionsTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptionOptionsTest.java @@ -16,11 +16,10 @@ import java.util.Iterator; import java.util.List; import java.util.Set; -import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; -import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.api.OpenPGPCertificate; +import org.bouncycastle.openpgp.api.OpenPGPKey; import org.jetbrains.annotations.NotNull; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; @@ -28,7 +27,6 @@ import org.pgpainless.PGPainless; import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.exception.KeyException; -import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.eddsa_legacy.EdDSALegacyCurve; @@ -40,11 +38,11 @@ import javax.annotation.Nonnull; public class EncryptionOptionsTest { - private static PGPSecretKeyRing secretKeys; - private static PGPPublicKeyRing publicKeys; - private static SubkeyIdentifier primaryKey; - private static SubkeyIdentifier encryptComms; - private static SubkeyIdentifier encryptStorage; + private static OpenPGPKey secretKeys; + private static OpenPGPCertificate publicKeys; + private static OpenPGPCertificate.OpenPGPComponentKey primaryKey; + private static OpenPGPCertificate.OpenPGPComponentKey encryptComms; + private static OpenPGPCertificate.OpenPGPComponentKey encryptStorage; @BeforeAll public static void generateKey() { @@ -56,15 +54,14 @@ public class EncryptionOptionsTest { .addSubkey(KeySpec.getBuilder(KeyType.XDH_LEGACY(XDHLegacySpec._X25519), KeyFlag.ENCRYPT_STORAGE) .build()) .addUserId("test@pgpainless.org") - .build() - .getPGPSecretKeyRing(); + .build(); - publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys); + publicKeys = secretKeys.toCertificate(); - Iterator iterator = publicKeys.iterator(); - primaryKey = new SubkeyIdentifier(publicKeys, iterator.next().getKeyID()); - encryptComms = new SubkeyIdentifier(publicKeys, iterator.next().getKeyID()); - encryptStorage = new SubkeyIdentifier(publicKeys, iterator.next().getKeyID()); + Iterator iterator = publicKeys.getKeys().iterator(); + primaryKey = iterator.next(); + encryptComms = iterator.next(); + encryptStorage = iterator.next(); } @Test @@ -91,7 +88,7 @@ public class EncryptionOptionsTest { EncryptionOptions options = EncryptionOptions.encryptCommunications(); options.addRecipient(publicKeys); - Set encryptionKeys = options.getEncryptionKeyIdentifiers(); + Set encryptionKeys = options.getEncryptionKeys(); assertEquals(1, encryptionKeys.size()); assertEquals(encryptComms, encryptionKeys.iterator().next()); } @@ -101,7 +98,7 @@ public class EncryptionOptionsTest { EncryptionOptions options = EncryptionOptions.encryptDataAtRest(); options.addRecipient(publicKeys); - Set encryptionKeys = options.getEncryptionKeyIdentifiers(); + Set encryptionKeys = options.getEncryptionKeys(); assertEquals(1, encryptionKeys.size()); assertEquals(encryptStorage, encryptionKeys.iterator().next()); } @@ -111,7 +108,7 @@ public class EncryptionOptionsTest { EncryptionOptions options = new EncryptionOptions(); options.addRecipient(publicKeys, EncryptionOptions.encryptToAllCapableSubkeys()); - Set encryptionKeys = options.getEncryptionKeyIdentifiers(); + Set encryptionKeys = options.getEncryptionKeys(); assertEquals(2, encryptionKeys.size()); assertTrue(encryptionKeys.contains(encryptComms)); @@ -136,12 +133,11 @@ public class EncryptionOptionsTest { @Test public void testAddRecipient_KeyWithoutEncryptionKeyFails() { EncryptionOptions options = new EncryptionOptions(); - PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing() + OpenPGPKey secretKeys = PGPainless.buildKeyRing() .setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)) .addUserId("test@pgpainless.org") - .build() - .getPGPSecretKeyRing(); - PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys); + .build(); + OpenPGPCertificate publicKeys = secretKeys.toCertificate(); assertThrows(KeyException.UnacceptableEncryptionKeyException.class, () -> options.addRecipient(publicKeys)); } @@ -175,7 +171,7 @@ public class EncryptionOptionsTest { .getPGPSecretKeyRing()); PGPPublicKeyRingCollection collection = new PGPPublicKeyRingCollection( - Arrays.asList(publicKeys, secondKeyRing)); + Arrays.asList(publicKeys.getPGPPublicKeyRing(), secondKeyRing)); EncryptionOptions options = new EncryptionOptions(); options.addRecipients(collection, EncryptionOptions.encryptToFirstSubkey());