From 7a5ece090707a52763545142131dfe15a1b631ec Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Wed, 19 Mar 2025 10:22:07 +0100
Subject: [PATCH] Replace deprecated method usage and make policy injectable in
 UnlockSecretKey utility class

---
 .../pgpainless/key/protection/UnlockSecretKey.kt  | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt
index a4526f61..f83b8336 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/UnlockSecretKey.kt
@@ -18,6 +18,7 @@ import org.pgpainless.bouncycastle.extensions.isEncrypted
 import org.pgpainless.exception.KeyIntegrityException
 import org.pgpainless.exception.WrongPassphraseException
 import org.pgpainless.key.util.PublicKeyParameterValidationUtil
+import org.pgpainless.policy.Policy
 import org.pgpainless.util.Passphrase
 
 class UnlockSecretKey {
@@ -31,17 +32,19 @@ class UnlockSecretKey {
             protector: SecretKeyRingProtector
         ): PGPPrivateKey {
             return if (secretKey.isEncrypted()) {
-                unlockSecretKey(secretKey, protector.getDecryptor(secretKey.keyID))
+                unlockSecretKey(secretKey, protector.getDecryptor(secretKey.keyIdentifier))
             } else {
                 unlockSecretKey(secretKey, null as PBESecretKeyDecryptor?)
             }
         }
 
         @JvmStatic
+        @JvmOverloads
         @Throws(PGPException::class)
         fun unlockSecretKey(
             secretKey: OpenPGPSecretKey,
-            protector: SecretKeyRingProtector
+            protector: SecretKeyRingProtector,
+            policy: Policy = PGPainless.getInstance().algorithmPolicy
         ): OpenPGPPrivateKey {
             val privateKey =
                 try {
@@ -59,7 +62,7 @@ class UnlockSecretKey {
                 throw PGPException("Cannot decrypt secret key.")
             }
 
-            if (PGPainless.getPolicy().isEnableKeyParameterValidation()) {
+            if (policy.isEnableKeyParameterValidation()) {
                 PublicKeyParameterValidationUtil.verifyPublicKeyParameterIntegrity(
                     privateKey.keyPair.privateKey, privateKey.keyPair.publicKey)
             }
@@ -68,10 +71,12 @@ class UnlockSecretKey {
         }
 
         @JvmStatic
+        @JvmOverloads
         @Throws(PGPException::class)
         fun unlockSecretKey(
             secretKey: PGPSecretKey,
-            decryptor: PBESecretKeyDecryptor?
+            decryptor: PBESecretKeyDecryptor?,
+            policy: Policy = PGPainless.getInstance().algorithmPolicy
         ): PGPPrivateKey {
             val privateKey =
                 try {
@@ -89,7 +94,7 @@ class UnlockSecretKey {
                 throw PGPException("Cannot decrypt secret key.")
             }
 
-            if (PGPainless.getPolicy().isEnableKeyParameterValidation()) {
+            if (policy.isEnableKeyParameterValidation()) {
                 PublicKeyParameterValidationUtil.verifyPublicKeyParameterIntegrity(
                     privateKey, secretKey.publicKey)
             }