From 97e6591f0a75b887fc46f2d5fc44e80a43febb26 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Thu, 13 Mar 2025 16:12:43 +0100
Subject: [PATCH] Make secret key protection settings customizable via policy

---
 .../org/pgpainless/key/generation/KeyRingBuilder.kt       | 8 +++-----
 .../key/protection/BaseSecretKeyRingProtector.kt          | 2 +-
 .../main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt   | 2 +-
 .../src/main/kotlin/org/pgpainless/policy/Policy.kt       | 3 +++
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
index 4619abc6..5e23974b 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
@@ -19,7 +19,6 @@ import org.pgpainless.algorithm.KeyFlag
 import org.pgpainless.algorithm.OpenPGPKeyVersion
 import org.pgpainless.algorithm.SignatureType
 import org.pgpainless.bouncycastle.extensions.unlock
-import org.pgpainless.key.protection.KeyRingProtectionSettings
 import org.pgpainless.policy.Policy
 import org.pgpainless.signature.subpackets.SelfSignatureSubpackets
 import org.pgpainless.signature.subpackets.SignatureSubpackets
@@ -93,7 +92,7 @@ class KeyRingBuilder(
         requireNotNull(primaryKeySpec) { "Primary Key spec required." }
         val certKey = generateKeyPair(primaryKeySpec!!, version)
 
-        val secretKeyEncryptor = buildSecretKeyEncryptor(certKey.publicKey, false)
+        val secretKeyEncryptor = buildSecretKeyEncryptor(certKey.publicKey)
         val secretKeyDecryptor = buildSecretKeyDecryptor()
 
         passphrase.clear() // Passphrase was used above, so we can get rid of it
@@ -229,15 +228,14 @@ class KeyRingBuilder(
 
     private fun buildSecretKeyEncryptor(
         publicKey: PGPPublicKey,
-        aead: Boolean
     ): PBESecretKeyEncryptor? {
         check(passphrase.isValid) { "Passphrase was cleared." }
-        val protectionSettings = KeyRingProtectionSettings.secureDefaultSettings()
+        val protectionSettings = PGPainless.getPolicy().keyProtectionSettings
         return if (passphrase.isEmpty) null
         else
             OpenPGPImplementation.getInstance()
                 .pbeSecretKeyEncryptorFactory(
-                    aead,
+                    protectionSettings.aead,
                     protectionSettings.encryptionAlgorithm.algorithmId,
                     protectionSettings.s2kCount)
                 .build(passphrase.getChars(), publicKey.publicKeyPacket)
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/BaseSecretKeyRingProtector.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/BaseSecretKeyRingProtector.kt
index 4afe0b33..0be20c02 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/BaseSecretKeyRingProtector.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/BaseSecretKeyRingProtector.kt
@@ -49,7 +49,7 @@ open class BaseSecretKeyRingProtector(
             else
                 OpenPGPImplementation.getInstance()
                     .pbeSecretKeyEncryptorFactory(
-                        false,
+                        protectionSettings.aead,
                         protectionSettings.encryptionAlgorithm.algorithmId,
                         protectionSettings.s2kCount)
                     .build(it.getChars(), key.publicKeyPacket)
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt
index 5e789d3d..fd1baedf 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/util/KeyRingUtils.kt
@@ -509,7 +509,7 @@ class KeyRingUtils {
 
             return PGPSecretKey.copyWithNewPassword(
                 secretKey,
-                oldProtector.getDecryptor(secretKey.keyID),
+                oldProtector.getDecryptor(secretKey.keyIdentifier),
                 newProtector.getEncryptor(secretKey.publicKey))
         }
 
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
index c8bc3754..61978792 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/policy/Policy.kt
@@ -6,6 +6,7 @@ package org.pgpainless.policy
 
 import java.util.*
 import org.pgpainless.algorithm.*
+import org.pgpainless.key.protection.KeyRingProtectionSettings
 import org.pgpainless.util.DateUtil
 import org.pgpainless.util.NotationRegistry
 
@@ -17,6 +18,7 @@ class Policy(
     var symmetricKeyDecryptionAlgorithmPolicy: SymmetricKeyAlgorithmPolicy,
     var compressionAlgorithmPolicy: CompressionAlgorithmPolicy,
     var publicKeyAlgorithmPolicy: PublicKeyAlgorithmPolicy,
+    var keyProtectionSettings: KeyRingProtectionSettings,
     var notationRegistry: NotationRegistry
 ) {
 
@@ -29,6 +31,7 @@ class Policy(
             SymmetricKeyAlgorithmPolicy.symmetricKeyDecryptionPolicy2022(),
             CompressionAlgorithmPolicy.anyCompressionAlgorithmPolicy(),
             PublicKeyAlgorithmPolicy.bsi2021PublicKeyAlgorithmPolicy(),
+            KeyRingProtectionSettings.secureDefaultSettings(),
             NotationRegistry())
 
     var keyGenerationAlgorithmSuite = AlgorithmSuite.defaultAlgorithmSuite