From 65e2de81864da153bc47ade371a64a1b110932a5 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Wed, 21 May 2025 11:57:13 +0200 Subject: [PATCH] Replace usage of KeyIdentifier.matches() with matchesExplicitly() --- .../src/main/kotlin/org/gnupg/GnuPGDummyKeyUtil.kt | 4 +++- .../bouncycastle/extensions/PGPKeyRingExtensions.kt | 2 +- .../OpenPgpMessageInputStream.kt | 4 ++-- .../encryption_signing/OpenPGPSignatureSet.kt | 2 +- .../pgpainless/encryption_signing/SigningOptions.kt | 2 +- .../main/kotlin/org/pgpainless/key/SubkeyIdentifier.kt | 2 +- .../main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt | 10 +++++----- .../modification/secretkeyring/SecretKeyRingEditor.kt | 2 +- .../protection/PasswordBasedSecretKeyRingProtector.kt | 2 +- .../kotlin/org/pgpainless/key/util/KeyRingUtils.kt | 2 +- .../src/main/kotlin/org/pgpainless/policy/Policy.kt | 6 ++++-- .../test/java/org/pgpainless/example/ModifyKeys.java | 2 +- 12 files changed, 22 insertions(+), 18 deletions(-) diff --git a/pgpainless-core/src/main/kotlin/org/gnupg/GnuPGDummyKeyUtil.kt b/pgpainless-core/src/main/kotlin/org/gnupg/GnuPGDummyKeyUtil.kt index 467a87bc..eafe2cf2 100644 --- a/pgpainless-core/src/main/kotlin/org/gnupg/GnuPGDummyKeyUtil.kt +++ b/pgpainless-core/src/main/kotlin/org/gnupg/GnuPGDummyKeyUtil.kt @@ -190,7 +190,9 @@ class GnuPGDummyKeyUtil private constructor() { * @return filter */ @JvmStatic - fun only(onlyKeyIdentifier: KeyIdentifier) = KeyFilter { it.matches(onlyKeyIdentifier) } + fun only(onlyKeyIdentifier: KeyIdentifier) = KeyFilter { + it.matchesExplicit(onlyKeyIdentifier) + } /** * Select all keyIds which are contained in the given set of ids. diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPKeyRingExtensions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPKeyRingExtensions.kt index 10b90d64..adde4dc6 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPKeyRingExtensions.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/PGPKeyRingExtensions.kt @@ -23,7 +23,7 @@ import org.pgpainless.key.SubkeyIdentifier * @return true if the [PGPKeyRing] contains the [SubkeyIdentifier] */ fun PGPKeyRing.matches(subkeyIdentifier: SubkeyIdentifier): Boolean = - this.publicKey.keyIdentifier.matches(subkeyIdentifier.certificateIdentifier) && + this.publicKey.keyIdentifier.matchesExplicit(subkeyIdentifier.certificateIdentifier) && this.getPublicKey(subkeyIdentifier.componentKeyIdentifier) != null /** diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt index 30ee3cd7..8425181a 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.kt @@ -709,7 +709,7 @@ class OpenPgpMessageInputStream( options.getDecryptionKeys().firstOrNull { it.pgpSecretKeyRing.getSecretKeyFor(pkesk) != null && api.inspect(it).decryptionSubkeys.any { subkey -> - pkesk.keyIdentifier.matches(subkey.keyIdentifier) + pkesk.keyIdentifier.matchesExplicit(subkey.keyIdentifier) } } @@ -717,7 +717,7 @@ class OpenPgpMessageInputStream( options.getDecryptionKeys().filter { it.pgpSecretKeyRing.getSecretKeyFor(pkesk) != null && api.inspect(it).decryptionSubkeys.any { subkey -> - pkesk.keyIdentifier.matches(subkey.keyIdentifier) + pkesk.keyIdentifier.matchesExplicit(subkey.keyIdentifier) } } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/OpenPGPSignatureSet.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/OpenPGPSignatureSet.kt index 8770b7e3..c93fef37 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/OpenPGPSignatureSet.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/OpenPGPSignatureSet.kt @@ -14,7 +14,7 @@ class OpenPGPSignatureSet(val signatures: List) : Itera fun getSignaturesBy(componentKey: OpenPGPCertificate.OpenPGPComponentKey): List = signatures.filter { sig -> - sig.signature.keyIdentifiers.any { componentKey.keyIdentifier.matches(it) } + sig.signature.keyIdentifiers.any { componentKey.keyIdentifier.matchesExplicit(it) } } override fun iterator(): Iterator { diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt index 5a0b4f62..0df6c931 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt @@ -262,7 +262,7 @@ class SigningOptions(private val api: PGPainless) { throw UnacceptableSigningKeyException(openPGPKey) } - if (!signingPubKeys.any { it.keyIdentifier.matches(signingKey.keyIdentifier) }) { + if (!signingPubKeys.any { it.keyIdentifier.matchesExplicit(signingKey.keyIdentifier) }) { throw MissingSecretKeyException(signingKey) } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/SubkeyIdentifier.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/SubkeyIdentifier.kt index ee8bb043..5dfee653 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/SubkeyIdentifier.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/SubkeyIdentifier.kt @@ -127,7 +127,7 @@ class SubkeyIdentifier( @Deprecated("Use of key-ids is discouraged.") val primaryKeyId = certificateIdentifier.keyId /** True, if the component key is the primary key. */ - val isPrimaryKey = certificateIdentifier.matches(componentKeyIdentifier) + val isPrimaryKey = certificateIdentifier.matchesExplicit(componentKeyIdentifier) /** * Return true, if the provided [fingerprint] matches either the [certificateFingerprint] or diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt index 5ae87e38..3197dc51 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt @@ -167,7 +167,7 @@ class KeyRingInfo( keys.keys .asSequence() .filter { - if (!it.keyIdentifier.matches(keyIdentifier)) { + if (!it.keyIdentifier.matchesExplicit(keyIdentifier)) { if (it.getLatestSelfSignature(referenceDate) == null) { LOGGER.debug("Subkey ${it.keyIdentifier} has no binding signature.") return@filter false @@ -281,7 +281,7 @@ class KeyRingInfo( * @return expiration date */ fun getSubkeyExpirationDate(keyIdentifier: KeyIdentifier): Date? { - if (primaryKey.keyIdentifier.matches(keyIdentifier)) return primaryKeyExpirationDate + if (primaryKey.keyIdentifier.matchesExplicit(keyIdentifier)) return primaryKeyExpirationDate val subkey = getPublicKey(keyIdentifier) ?: throw NoSuchElementException("No subkey with key-ID ${keyIdentifier} found.") @@ -522,7 +522,7 @@ class KeyRingInfo( * @return list of key flags */ fun getKeyFlagsOf(keyIdentifier: KeyIdentifier): List = - if (primaryKey.keyIdentifier.matches(keyIdentifier)) { + if (primaryKey.keyIdentifier.matchesExplicit(keyIdentifier)) { latestDirectKeySelfSignature?.let { sig -> SignatureSubpacketsUtil.parseKeyFlags(sig)?.let { flags -> return flags @@ -655,7 +655,7 @@ class KeyRingInfo( * key of the key. */ fun getPublicKey(identifier: SubkeyIdentifier): OpenPGPComponentKey? { - require(primaryKey.keyIdentifier.matches(identifier.keyIdentifier)) { + require(primaryKey.keyIdentifier.matchesExplicit(identifier.keyIdentifier)) { "Mismatching primary key ID." } return getPublicKey(identifier.componentKeyIdentifier) @@ -669,7 +669,7 @@ class KeyRingInfo( * key of the key. */ fun getSecretKey(identifier: SubkeyIdentifier): OpenPGPComponentKey? { - require(primaryKey.keyIdentifier.matches(identifier.keyIdentifier)) { + require(primaryKey.keyIdentifier.matchesExplicit(identifier.keyIdentifier)) { "Mismatching primary key ID." } return getSecretKey(identifier.componentKeyIdentifier) diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt index 5b7aca08..ce03501c 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt @@ -522,7 +522,7 @@ class SecretKeyRingEditor( var secretKeyRing = key.pgpSecretKeyRing // is primary key - if (keyId.matches(key.keyIdentifier)) { + if (keyId.matchesExplicit(key.keyIdentifier)) { return setExpirationDate(expiration, protector) } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/PasswordBasedSecretKeyRingProtector.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/PasswordBasedSecretKeyRingProtector.kt index 1a1125e6..1a106093 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/PasswordBasedSecretKeyRingProtector.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/PasswordBasedSecretKeyRingProtector.kt @@ -85,7 +85,7 @@ class PasswordBasedSecretKeyRingProtector : BaseSecretKeyRingProtector { } override fun hasPassphrase(keyIdentifier: KeyIdentifier): Boolean { - return keyIdentifier.matches(singleKeyIdentifier) + return keyIdentifier.matchesExplicit(singleKeyIdentifier) } } .let { PasswordBasedSecretKeyRingProtector(it) } diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt index d788d1f9..f449487c 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt @@ -495,7 +495,7 @@ class KeyRingUtils { secretKeys.secretKeys .asSequence() .map { - if (it.keyIdentifier.matches(keyId)) { + if (it.keyIdentifier.matchesExplicit(keyId)) { reencryptPrivateKey(it, oldProtector, newProtector) } else { it diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt index 1df56259..872aa972 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt @@ -49,7 +49,8 @@ class Policy { this.keyGenerationAlgorithmSuite = keyGenerationAlgorithmSuite } - @Deprecated("Constructors receiving SymmetricKeyAlgorithmPolicy objects are deprecated in favor of ones receiving MessageEncryptionMechanismPolicy objects.") + @Deprecated( + "Constructors receiving SymmetricKeyAlgorithmPolicy objects are deprecated in favor of ones receiving MessageEncryptionMechanismPolicy objects.") constructor( certificationSignatureHashAlgorithmPolicy: HashAlgorithmPolicy, revocationSignatureHashAlgorithmPolicy: HashAlgorithmPolicy, @@ -78,7 +79,8 @@ class Policy { this.keyGenerationAlgorithmSuite = keyGenerationAlgorithmSuite } - @Deprecated("Constructors receiving SymmetricKeyAlgorithmPolicy objects are deprecated in favor of ones receiving MessageEncryptionMechanismPolicy objects.") + @Deprecated( + "Constructors receiving SymmetricKeyAlgorithmPolicy objects are deprecated in favor of ones receiving MessageEncryptionMechanismPolicy objects.") constructor() : this( HashAlgorithmPolicy.smartCertificationSignatureHashAlgorithmPolicy(), diff --git a/pgpainless-core/src/test/java/org/pgpainless/example/ModifyKeys.java b/pgpainless-core/src/test/java/org/pgpainless/example/ModifyKeys.java index 487a8817..ba424402 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/example/ModifyKeys.java +++ b/pgpainless-core/src/test/java/org/pgpainless/example/ModifyKeys.java @@ -178,7 +178,7 @@ public class ModifyKeys { List encryptionSubkeys = info.getEncryptionSubkeys(EncryptionPurpose.COMMUNICATIONS); assertEquals(2, encryptionSubkeys.size()); OpenPGPCertificate.OpenPGPComponentKey addedKey = encryptionSubkeys.stream() - .filter(it -> !it.getKeyIdentifier().matches(encryptionSubkeyId)).findFirst() + .filter(it -> !it.getKeyIdentifier().matchesExplicit(encryptionSubkeyId)).findFirst() .get(); UnlockSecretKey.unlockSecretKey(secretKey.getSecretKey(addedKey.getKeyIdentifier()).getPGPSecretKey(), subkeyPassphrase); }