PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 18:29:39 +02:00
Code Issues Releases Wiki Activity

Add OpenPGPImplementation.checksumCalculator() extension function

Browse source
This commit is contained in:
Paul Schaub 2025-03-14 14:00:56 +01:00
parent 6c68285a95
commit a95ebce07b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 22 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

13
pgpainless-core/src/main/kotlin/org/pgpainless/bouncycastle/extensions/OpenPGPImplementationExtensions.kt Normal file
View file

@ -0,0 +1,13 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.bouncycastle.extensions
import org.bouncycastle.bcpg.HashAlgorithmTags
import org.bouncycastle.openpgp.api.OpenPGPImplementation
import org.bouncycastle.openpgp.operator.PGPDigestCalculator
fun OpenPGPImplementation.checksumCalculator(): PGPDigestCalculator {
return pgpDigestCalculatorProvider().get(HashAlgorithmTags.SHA1)
}

19
pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
View file

@ -6,7 +6,6 @@ package org.pgpainless.key.generation
import java.io.IOException import java.io.IOException
import java.util.* import java.util.*
import org.bouncycastle.bcpg.HashAlgorithmTags
import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.*
import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.api.OpenPGPImplementation
import org.bouncycastle.openpgp.api.OpenPGPKey import org.bouncycastle.openpgp.api.OpenPGPKey
@ -18,6 +17,7 @@ import org.pgpainless.PGPainless
import org.pgpainless.algorithm.KeyFlag import org.pgpainless.algorithm.KeyFlag
import org.pgpainless.algorithm.OpenPGPKeyVersion import org.pgpainless.algorithm.OpenPGPKeyVersion
import org.pgpainless.algorithm.SignatureType import org.pgpainless.algorithm.SignatureType
import org.pgpainless.bouncycastle.extensions.checksumCalculator
import org.pgpainless.bouncycastle.extensions.unlock import org.pgpainless.bouncycastle.extensions.unlock
import org.pgpainless.policy.Policy import org.pgpainless.policy.Policy
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets import org.pgpainless.signature.subpackets.SelfSignatureSubpackets
@ -83,10 +83,7 @@ class KeyRingBuilder(
private fun keyIsCertificationCapable(keySpec: KeySpec) = keySpec.keyType.canCertify private fun keyIsCertificationCapable(keySpec: KeySpec) = keySpec.keyType.canCertify
override fun build(): OpenPGPKey { override fun build(): OpenPGPKey {
val keyFingerprintCalculator = val checksumCalculator = OpenPGPImplementation.getInstance().checksumCalculator()
OpenPGPImplementation.getInstance()
.pgpDigestCalculatorProvider()
.get(HashAlgorithmTags.SHA1)
// generate primary key // generate primary key
requireNotNull(primaryKeySpec) { "Primary Key spec required." } requireNotNull(primaryKeySpec) { "Primary Key spec required." }
@ -111,18 +108,13 @@ class KeyRingBuilder(
val ringGenerator = val ringGenerator =
if (userIds.isEmpty()) { if (userIds.isEmpty()) {
PGPKeyRingGenerator( PGPKeyRingGenerator(
certKey, certKey, checksumCalculator, hashedSubPackets, null, signer, secretKeyEncryptor)
keyFingerprintCalculator,
hashedSubPackets,
null,
signer,
secretKeyEncryptor)
} else { } else {
PGPKeyRingGenerator( PGPKeyRingGenerator(
SignatureType.POSITIVE_CERTIFICATION.code, SignatureType.POSITIVE_CERTIFICATION.code,
certKey, certKey,
userIds.keys.first(), userIds.keys.first(),
keyFingerprintCalculator, checksumCalculator,
hashedSubPackets, hashedSubPackets,
null, null,
signer, signer,
@ -165,8 +157,7 @@ class KeyRingBuilder(
// Reassemble secret key ring with modified primary key // Reassemble secret key ring with modified primary key
val primarySecretKey = val primarySecretKey =
PGPSecretKey( PGPSecretKey(privateKey, primaryPubKey, checksumCalculator, true, secretKeyEncryptor)
privateKey, primaryPubKey, keyFingerprintCalculator, true, secretKeyEncryptor)
val secretKeyList = mutableListOf(primarySecretKey) val secretKeyList = mutableListOf(primarySecretKey)
while (secretKeys.hasNext()) { while (secretKeys.hasNext()) {
secretKeyList.add(secretKeys.next()) secretKeyList.add(secretKeys.next())

6
pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt
View file

@ -9,7 +9,6 @@ import java.util.function.Predicate
import javax.annotation.Nonnull import javax.annotation.Nonnull
import kotlin.NoSuchElementException import kotlin.NoSuchElementException
import openpgp.openPgpKeyId import openpgp.openPgpKeyId
import org.bouncycastle.bcpg.HashAlgorithmTags
import org.bouncycastle.bcpg.KeyIdentifier import org.bouncycastle.bcpg.KeyIdentifier
import org.bouncycastle.bcpg.sig.KeyExpirationTime import org.bouncycastle.bcpg.sig.KeyExpirationTime
import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.*
@ -27,6 +26,7 @@ import org.pgpainless.algorithm.KeyFlag
import org.pgpainless.algorithm.OpenPGPKeyVersion import org.pgpainless.algorithm.OpenPGPKeyVersion
import org.pgpainless.algorithm.SignatureType import org.pgpainless.algorithm.SignatureType
import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator
import org.pgpainless.bouncycastle.extensions.checksumCalculator
import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate
import org.pgpainless.bouncycastle.extensions.publicKeyAlgorithm import org.pgpainless.bouncycastle.extensions.publicKeyAlgorithm
import org.pgpainless.bouncycastle.extensions.requirePublicKey import org.pgpainless.bouncycastle.extensions.requirePublicKey
@ -310,9 +310,7 @@ class SecretKeyRingEditor(var key: OpenPGPKey, override val referenceTime: Date
PGPSecretKey( PGPSecretKey(
subkey.privateKey, subkey.privateKey,
subkey.publicKey, subkey.publicKey,
OpenPGPImplementation.getInstance() OpenPGPImplementation.getInstance().checksumCalculator(),
.pgpDigestCalculatorProvider()
.get(HashAlgorithmTags.SHA1),
false, false,
subkeyProtector.getEncryptor(subkey.publicKey)) subkeyProtector.getEncryptor(subkey.publicKey))

7
pgpainless-core/src/main/kotlin/org/pgpainless/key/protection/fixes/S2KUsageFix.kt
View file

@ -4,11 +4,11 @@
package org.pgpainless.key.protection.fixes package org.pgpainless.key.protection.fixes
import org.bouncycastle.bcpg.HashAlgorithmTags
import org.bouncycastle.bcpg.SecretKeyPacket import org.bouncycastle.bcpg.SecretKeyPacket
import org.bouncycastle.openpgp.PGPSecretKey import org.bouncycastle.openpgp.PGPSecretKey
import org.bouncycastle.openpgp.PGPSecretKeyRing import org.bouncycastle.openpgp.PGPSecretKeyRing
import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.api.OpenPGPImplementation
import org.pgpainless.bouncycastle.extensions.checksumCalculator
import org.pgpainless.bouncycastle.extensions.unlock import org.pgpainless.bouncycastle.extensions.unlock
import org.pgpainless.exception.WrongPassphraseException import org.pgpainless.exception.WrongPassphraseException
import org.pgpainless.key.protection.SecretKeyRingProtector import org.pgpainless.key.protection.SecretKeyRingProtector
@ -48,10 +48,7 @@ class S2KUsageFix {
protector: SecretKeyRingProtector, protector: SecretKeyRingProtector,
skipKeysWithMissingPassphrase: Boolean = false skipKeysWithMissingPassphrase: Boolean = false
): PGPSecretKeyRing { ): PGPSecretKeyRing {
val digestCalculator = val digestCalculator = OpenPGPImplementation.getInstance().checksumCalculator()
OpenPGPImplementation.getInstance()
.pgpDigestCalculatorProvider()
.get(HashAlgorithmTags.SHA1)
val keyList = mutableListOf<PGPSecretKey>() val keyList = mutableListOf<PGPSecretKey>()
for (key in keys) { for (key in keys) {
// CHECKSUM is not recommended // CHECKSUM is not recommended