diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/OpenPGPImplementationExtensions.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/OpenPGPImplementationExtensions.kt new file mode 100644 index 00000000..5a33b609 --- /dev/null +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/OpenPGPImplementationExtensions.kt @@ -0,0 +1,13 @@ +// SPDX-FileCopyrightText: 2025 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.bouncycastle.extensions + +import org.bouncycastle.bcpg.HashAlgorithmTags +import org.bouncycastle.openpgp.api.OpenPGPImplementation +import org.bouncycastle.openpgp.operator.PGPDigestCalculator + +fun OpenPGPImplementation.checksumCalculator(): PGPDigestCalculator { + return pgpDigestCalculatorProvider().get(HashAlgorithmTags.SHA1) +} diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt index c8d61971..4bea07d0 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt @@ -6,7 +6,6 @@ package org.pgpainless.key.generation import java.io.IOException import java.util.* -import org.bouncycastle.bcpg.HashAlgorithmTags import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.api.OpenPGPKey @@ -18,6 +17,7 @@ import org.pgpainless.PGPainless import org.pgpainless.algorithm.KeyFlag import org.pgpainless.algorithm.OpenPGPKeyVersion import org.pgpainless.algorithm.SignatureType +import org.pgpainless.bouncycastle.extensions.checksumCalculator import org.pgpainless.bouncycastle.extensions.unlock import org.pgpainless.policy.Policy import org.pgpainless.signature.subpackets.SelfSignatureSubpackets @@ -83,10 +83,7 @@ class KeyRingBuilder( private fun keyIsCertificationCapable(keySpec: KeySpec) = keySpec.keyType.canCertify override fun build(): OpenPGPKey { - val keyFingerprintCalculator = - OpenPGPImplementation.getInstance() - .pgpDigestCalculatorProvider() - .get(HashAlgorithmTags.SHA1) + val checksumCalculator = OpenPGPImplementation.getInstance().checksumCalculator() // generate primary key requireNotNull(primaryKeySpec) { "Primary Key spec required." } @@ -111,18 +108,13 @@ class KeyRingBuilder( val ringGenerator = if (userIds.isEmpty()) { PGPKeyRingGenerator( - certKey, - keyFingerprintCalculator, - hashedSubPackets, - null, - signer, - secretKeyEncryptor) + certKey, checksumCalculator, hashedSubPackets, null, signer, secretKeyEncryptor) } else { PGPKeyRingGenerator( SignatureType.POSITIVE_CERTIFICATION.code, certKey, userIds.keys.first(), - keyFingerprintCalculator, + checksumCalculator, hashedSubPackets, null, signer, @@ -165,8 +157,7 @@ class KeyRingBuilder( // Reassemble secret key ring with modified primary key val primarySecretKey = - PGPSecretKey( - privateKey, primaryPubKey, keyFingerprintCalculator, true, secretKeyEncryptor) + PGPSecretKey(privateKey, primaryPubKey, checksumCalculator, true, secretKeyEncryptor) val secretKeyList = mutableListOf(primarySecretKey) while (secretKeys.hasNext()) { secretKeyList.add(secretKeys.next()) diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt index eb19941c..5ed651dc 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt @@ -9,7 +9,6 @@ import java.util.function.Predicate import javax.annotation.Nonnull import kotlin.NoSuchElementException import openpgp.openPgpKeyId -import org.bouncycastle.bcpg.HashAlgorithmTags import org.bouncycastle.bcpg.KeyIdentifier import org.bouncycastle.bcpg.sig.KeyExpirationTime import org.bouncycastle.openpgp.* @@ -27,6 +26,7 @@ import org.pgpainless.algorithm.KeyFlag import org.pgpainless.algorithm.OpenPGPKeyVersion import org.pgpainless.algorithm.SignatureType import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator +import org.pgpainless.bouncycastle.extensions.checksumCalculator import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate import org.pgpainless.bouncycastle.extensions.publicKeyAlgorithm import org.pgpainless.bouncycastle.extensions.requirePublicKey @@ -310,9 +310,7 @@ class SecretKeyRingEditor(var key: OpenPGPKey, override val referenceTime: Date PGPSecretKey( subkey.privateKey, subkey.publicKey, - OpenPGPImplementation.getInstance() - .pgpDigestCalculatorProvider() - .get(HashAlgorithmTags.SHA1), + OpenPGPImplementation.getInstance().checksumCalculator(), false, subkeyProtector.getEncryptor(subkey.publicKey)) diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/fixes/S2KUsageFix.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/fixes/S2KUsageFix.kt index 3e843e60..b7447af7 100644 --- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/fixes/S2KUsageFix.kt +++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/fixes/S2KUsageFix.kt @@ -4,11 +4,11 @@ package org.pgpainless.key.protection.fixes -import org.bouncycastle.bcpg.HashAlgorithmTags import org.bouncycastle.bcpg.SecretKeyPacket import org.bouncycastle.openpgp.PGPSecretKey import org.bouncycastle.openpgp.PGPSecretKeyRing import org.bouncycastle.openpgp.api.OpenPGPImplementation +import org.pgpainless.bouncycastle.extensions.checksumCalculator import org.pgpainless.bouncycastle.extensions.unlock import org.pgpainless.exception.WrongPassphraseException import org.pgpainless.key.protection.SecretKeyRingProtector @@ -48,10 +48,7 @@ class S2KUsageFix { protector: SecretKeyRingProtector, skipKeysWithMissingPassphrase: Boolean = false ): PGPSecretKeyRing { - val digestCalculator = - OpenPGPImplementation.getInstance() - .pgpDigestCalculatorProvider() - .get(HashAlgorithmTags.SHA1) + val digestCalculator = OpenPGPImplementation.getInstance().checksumCalculator() val keyList = mutableListOf() for (key in keys) { // CHECKSUM is not recommended