Remove usage of OpenPgpKeyAttributeUtil

2025-09-09 10:19:39 +02:00 · 2025-05-08 14:56:35 +02:00 · 2025-05-08 14:56:35 +02:00 · 65f341f687
commit 65f341f687
parent a0ef949bb4
5 changed files with 5 additions and 188 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/key/package-info.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/package-info.java
@ -1,8 +0,0 @@
-// SPDX-FileCopyrightText: 2018 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-/**
- * Classes related to OpenPGP keys.
- */
-package org.pgpainless.key;
--- a/pgpainless-core/src/main/java/org/pgpainless/key/util/OpenPgpKeyAttributeUtil.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/OpenPgpKeyAttributeUtil.java
@ -1,113 +0,0 @@
-// SPDX-FileCopyrightText: 2020 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package org.pgpainless.key.util;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.LinkedHashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.bouncycastle.openpgp.PGPPublicKey;
-import org.bouncycastle.openpgp.PGPSignature;
-import org.pgpainless.algorithm.HashAlgorithm;
-import org.pgpainless.algorithm.SignatureType;
-
-public final class OpenPgpKeyAttributeUtil {
-
-    private OpenPgpKeyAttributeUtil() {
-
-    }
-
-    public static List<HashAlgorithm> getPreferredHashAlgorithms(PGPPublicKey publicKey) {
-        List<HashAlgorithm> hashAlgorithms = new ArrayList<>();
-        Iterator<?> keySignatures = publicKey.getSignatures();
-        while (keySignatures.hasNext()) {
-            PGPSignature signature = (PGPSignature) keySignatures.next();
-
-            if (signature.getKeyID() != publicKey.getKeyID()) {
-                // Signature from a foreign key. Skip.
-                continue;
-            }
-
-            SignatureType signatureType = SignatureType.fromCode(signature.getSignatureType());
-            if (signatureType == null) {
-                // unknown signature type
-                continue;
-            }
-            if (signatureType == SignatureType.POSITIVE_CERTIFICATION
-                    || signatureType == SignatureType.GENERIC_CERTIFICATION) {
-                int[] hashAlgos = signature.getHashedSubPackets().getPreferredHashAlgorithms();
-                if (hashAlgos == null) {
-                    continue;
-                }
-                for (int h : hashAlgos) {
-                    HashAlgorithm algorithm = HashAlgorithm.fromId(h);
-                    if (algorithm != null) {
-                        hashAlgorithms.add(algorithm);
-                    }
-                }
-                // Exit the loop after the first key signature with hash algorithms.
-                break;
-            }
-        }
-        return hashAlgorithms;
-    }
-
-    /**
-     * Return the hash algorithm that was used in the latest self signature.
-     *
-     * @param publicKey public key
-     * @return list of hash algorithm
-     */
-    public static List<HashAlgorithm> guessPreferredHashAlgorithms(PGPPublicKey publicKey) {
-        HashAlgorithm hashAlgorithm = null;
-        Date lastCreationDate = null;
-
-        Iterator<?> keySignatures = publicKey.getSignatures();
-        while (keySignatures.hasNext()) {
-            PGPSignature signature = (PGPSignature) keySignatures.next();
-            if (signature.getKeyID() != publicKey.getKeyID()) {
-                continue;
-            }
-
-            SignatureType signatureType = SignatureType.fromCode(signature.getSignatureType());
-            if (signatureType == null || signatureType != SignatureType.POSITIVE_CERTIFICATION
-                    && signatureType != SignatureType.GENERIC_CERTIFICATION) {
-                continue;
-            }
-
-            Date creationDate = signature.getCreationTime();
-            if (lastCreationDate == null || lastCreationDate.before(creationDate)) {
-                lastCreationDate = creationDate;
-                hashAlgorithm = HashAlgorithm.fromId(signature.getHashAlgorithm());
-            }
-        }
-
-        if (hashAlgorithm == null) {
-            return Collections.emptyList();
-        }
-        return Collections.singletonList(hashAlgorithm);
-    }
-
-    /**
-     * Try to extract hash algorithm preferences from self signatures.
-     * If no self-signature containing hash algorithm preferences is found,
-     * try to derive a hash algorithm preference by inspecting the hash algorithm used by existing
-     * self-signatures.
-     *
-     * @param publicKey key
-     * @return hash algorithm preferences (might be empty!)
-     */
-    public static Set<HashAlgorithm> getOrGuessPreferredHashAlgorithms(PGPPublicKey publicKey) {
-        List<HashAlgorithm> preferredHashAlgorithms = OpenPgpKeyAttributeUtil.getPreferredHashAlgorithms(publicKey);
-        if (preferredHashAlgorithms.isEmpty()) {
-            preferredHashAlgorithms = OpenPgpKeyAttributeUtil.guessPreferredHashAlgorithms(publicKey);
-        }
-        return new LinkedHashSet<>(preferredHashAlgorithms);
-    }
-}
--- a/pgpainless-core/src/main/java/org/pgpainless/key/util/package-info.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/package-info.java
@ -1,8 +0,0 @@
-// SPDX-FileCopyrightText: 2020 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-/**
- * Utility functions to deal with OpenPGP keys.
- */
-package org.pgpainless.key.util;
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/signature/builder/AbstractSignatureBuilder.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/signature/builder/AbstractSignatureBuilder.kt
@ -6,7 +6,6 @@ package org.pgpainless.signature.builder

 import java.util.function.Predicate
 import org.bouncycastle.openpgp.PGPException
-import org.bouncycastle.openpgp.PGPPublicKey
 import org.bouncycastle.openpgp.PGPSignature
 import org.bouncycastle.openpgp.PGPSignatureGenerator
 import org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPComponentKey
@ -14,10 +13,9 @@ import org.bouncycastle.openpgp.api.OpenPGPKey
 import org.pgpainless.PGPainless
 import org.pgpainless.algorithm.HashAlgorithm
 import org.pgpainless.algorithm.SignatureType
-import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator
+import org.pgpainless.bouncycastle.extensions.toHashAlgorithms
 import org.pgpainless.key.protection.SecretKeyRingProtector
 import org.pgpainless.key.protection.UnlockSecretKey
-import org.pgpainless.key.util.OpenPgpKeyAttributeUtil
 import org.pgpainless.signature.subpackets.SignatureSubpackets
 import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper

@ -127,20 +125,11 @@ abstract class AbstractSignatureBuilder<B : AbstractSignatureBuilder<B>>(

    companion object {

-        /**
-         * Negotiate a [HashAlgorithm] to be used when creating the signature.
-         *
-         * @param publicKey signing public key
-         * @return hash algorithm
-         */
-        @JvmStatic
-        fun negotiateHashAlgorithm(publicKey: PGPPublicKey, api: PGPainless): HashAlgorithm =
-            HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(api.algorithmPolicy)
-                .negotiateHashAlgorithm(
-                    OpenPgpKeyAttributeUtil.getOrGuessPreferredHashAlgorithms(publicKey))
-
        @JvmStatic
        fun negotiateHashAlgorithm(key: OpenPGPComponentKey, api: PGPainless): HashAlgorithm =
-            negotiateHashAlgorithm(key.pgpPublicKey, api)
+            key.hashAlgorithmPreferences?.toHashAlgorithms()?.first {
+                api.algorithmPolicy.dataSignatureHashAlgorithmPolicy.isAcceptable(it)
+            }
+                ?: api.algorithmPolicy.dataSignatureHashAlgorithmPolicy.defaultHashAlgorithm
    }
 }
--- a/pgpainless-core/src/test/java/org/pgpainless/util/GuessPreferredHashAlgorithmTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/util/GuessPreferredHashAlgorithmTest.java
@ -1,43 +0,0 @@
-// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
-//
-// SPDX-License-Identifier: Apache-2.0
-
-package org.pgpainless.util;
-
-import static org.junit.jupiter.api.Assertions.assertEquals;
-
-import java.util.Collections;
-
-import org.bouncycastle.openpgp.PGPPublicKey;
-import org.bouncycastle.openpgp.PGPSecretKeyRing;
-import org.junit.jupiter.api.Test;
-import org.pgpainless.PGPainless;
-import org.pgpainless.algorithm.AlgorithmSuite;
-import org.pgpainless.algorithm.HashAlgorithm;
-import org.pgpainless.algorithm.KeyFlag;
-import org.pgpainless.algorithm.OpenPGPKeyVersion;
-import org.pgpainless.key.generation.KeySpec;
-import org.pgpainless.key.generation.type.KeyType;
-import org.pgpainless.key.generation.type.eddsa_legacy.EdDSALegacyCurve;
-import org.pgpainless.key.util.OpenPgpKeyAttributeUtil;
-
-public class GuessPreferredHashAlgorithmTest {
-
-    @Test
-    public void guessPreferredHashAlgorithmsAssumesHashAlgoUsedBySelfSig() {
-        PGPainless api = PGPainless.getInstance();
-        PGPSecretKeyRing secretKeys = api.buildKey(OpenPGPKeyVersion.v4)
-                .withPreferences(AlgorithmSuite.emptyBuilder().build())
-                .setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519),
-                                KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
-                .addUserId("test@test.test")
-                .build()
-                .getPGPSecretKeyRing();
-
-        PGPPublicKey publicKey = secretKeys.getPublicKey();
-        assertEquals(Collections.emptyList(),
-                OpenPgpKeyAttributeUtil.getPreferredHashAlgorithms(publicKey));
-        assertEquals(Collections.singletonList(HashAlgorithm.SHA512),
-                OpenPgpKeyAttributeUtil.guessPreferredHashAlgorithms(publicKey));
-    }
-}