PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-10 18:59:39 +02:00
Code Issues Releases Wiki Activity

SOP encrypt: Add profile for rfc9580

Browse source
This commit is contained in:
Paul Schaub 2025-05-30 14:45:34 +02:00
parent 8988708126
commit 5691d09e5f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
pgpainless-sop/src/main/kotlin/org/pgpainless/sop/EncryptImpl.kt
View file

@ -8,11 +8,14 @@ import java.io.IOException
import java.io.InputStream import java.io.InputStream
import java.io.OutputStream import java.io.OutputStream
import org.bouncycastle.openpgp.PGPException import org.bouncycastle.openpgp.PGPException
import org.bouncycastle.openpgp.api.MessageEncryptionMechanism
import org.bouncycastle.openpgp.api.OpenPGPKey import org.bouncycastle.openpgp.api.OpenPGPKey
import org.bouncycastle.util.io.Streams import org.bouncycastle.util.io.Streams
import org.pgpainless.PGPainless import org.pgpainless.PGPainless
import org.pgpainless.algorithm.AEADAlgorithm
import org.pgpainless.algorithm.DocumentSignatureType import org.pgpainless.algorithm.DocumentSignatureType
import org.pgpainless.algorithm.StreamEncoding import org.pgpainless.algorithm.StreamEncoding
import org.pgpainless.algorithm.SymmetricKeyAlgorithm
import org.pgpainless.encryption_signing.EncryptionOptions import org.pgpainless.encryption_signing.EncryptionOptions
import org.pgpainless.encryption_signing.ProducerOptions import org.pgpainless.encryption_signing.ProducerOptions
import org.pgpainless.encryption_signing.SigningOptions import org.pgpainless.encryption_signing.SigningOptions
@ -33,8 +36,13 @@ class EncryptImpl(private val api: PGPainless) : Encrypt {
companion object { companion object {
@JvmField val RFC4880_PROFILE = Profile("rfc4880", "Follow the packet format of rfc4880") @JvmField val RFC4880_PROFILE = Profile("rfc4880", "Follow the packet format of rfc4880")
@JvmField val RFC9580_PROFILE = Profile("rfc9580", "Follow the packet format of rfc9580")
@JvmField val SUPPORTED_PROFILES = listOf(RFC4880_PROFILE) @JvmField
val SUPPORTED_PROFILES =
listOf(
RFC4880_PROFILE.withAliases("default", "compatibility"),
RFC9580_PROFILE.withAliases("security", "performance"))
} }
private val encryptionOptions = EncryptionOptions.get(api) private val encryptionOptions = EncryptionOptions.get(api)
@ -55,6 +63,12 @@ class EncryptImpl(private val api: PGPainless) : Encrypt {
throw SOPGPException.MissingArg("Missing encryption method.") throw SOPGPException.MissingArg("Missing encryption method.")
} }
if (profile == RFC9580_PROFILE.name) {
encryptionOptions.overrideEncryptionMechanism(
MessageEncryptionMechanism.aead(
SymmetricKeyAlgorithm.AES_128.algorithmId, AEADAlgorithm.OCB.algorithmId))
}
val options = val options =
if (signingOptions != null) { if (signingOptions != null) {
ProducerOptions.signAndEncrypt(encryptionOptions, signingOptions!!) ProducerOptions.signAndEncrypt(encryptionOptions, signingOptions!!)
@ -94,7 +108,8 @@ class EncryptImpl(private val api: PGPainless) : Encrypt {
override fun profile(profileName: String): Encrypt = apply { override fun profile(profileName: String): Encrypt = apply {
profile = profile =
SUPPORTED_PROFILES.find { it.name == profileName }?.name SUPPORTED_PROFILES.find { it.name == profileName || it.aliases.contains(profileName) }
?.name
?: throw SOPGPException.UnsupportedProfile("encrypt", profileName) ?: throw SOPGPException.UnsupportedProfile("encrypt", profileName)
} }