Add support for generating keys without user-ids

Fixes #296
2025-09-12 03:39:39 +02:00 · 2022-08-29 14:12:02 +02:00 · 2022-08-29 14:12:02 +02:00 · c6676d3c91
commit c6676d3c91
parent 76905cc1e8
3 changed files with 118 additions and 22 deletions
--- a/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithoutUserIdTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithoutUserIdTest.java
@ -0,0 +1,93 @@
+// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package org.pgpainless.key.generation;
+
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPPublicKeyRing;
+import org.bouncycastle.openpgp.PGPSecretKeyRing;
+import org.bouncycastle.util.io.Streams;
+import org.junit.JUtils;
+import org.junit.jupiter.api.Test;
+import org.pgpainless.PGPainless;
+import org.pgpainless.algorithm.KeyFlag;
+import org.pgpainless.decryption_verification.ConsumerOptions;
+import org.pgpainless.decryption_verification.DecryptionStream;
+import org.pgpainless.decryption_verification.OpenPgpMetadata;
+import org.pgpainless.encryption_signing.EncryptionOptions;
+import org.pgpainless.encryption_signing.EncryptionResult;
+import org.pgpainless.encryption_signing.EncryptionStream;
+import org.pgpainless.encryption_signing.ProducerOptions;
+import org.pgpainless.encryption_signing.SigningOptions;
+import org.pgpainless.key.generation.type.KeyType;
+import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
+import org.pgpainless.key.generation.type.xdh.XDHSpec;
+import org.pgpainless.key.info.KeyRingInfo;
+import org.pgpainless.key.protection.SecretKeyRingProtector;
+import org.pgpainless.util.DateUtil;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Date;
+
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class GenerateKeyWithoutUserIdTest {
+
+    @Test
+    public void generateKeyWithoutUserId() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
+        Date expirationDate = DateUtil.toSecondsPrecision(new Date(DateUtil.now().getTime() + 1000 * 6000));
+        PGPSecretKeyRing secretKey = PGPainless.buildKeyRing()
+                .setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
+                .addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA))
+                .addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE))
+                .setExpirationDate(expirationDate)
+                .build();
+
+        KeyRingInfo info = PGPainless.inspectKeyRing(secretKey);
+        assertNull(info.getPrimaryUserId());
+        assertTrue(info.getUserIds().isEmpty());
+        JUtils.assertDateEquals(expirationDate, info.getPrimaryKeyExpirationDate());
+
+        InputStream plaintextIn = new ByteArrayInputStream("Hello, World!\n".getBytes());
+        ByteArrayOutputStream ciphertextOut = new ByteArrayOutputStream();
+        SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys();
+        PGPPublicKeyRing certificate = PGPainless.extractCertificate(secretKey);
+
+        EncryptionStream encryptionStream = PGPainless.encryptAndOrSign()
+                .onOutputStream(ciphertextOut)
+                .withOptions(ProducerOptions.signAndEncrypt(
+                        EncryptionOptions.get()
+                                .addRecipient(certificate),
+                        SigningOptions.get()
+                                .addSignature(protector, secretKey)
+                ));
+        Streams.pipeAll(plaintextIn, encryptionStream);
+        encryptionStream.close();
+
+        EncryptionResult result = encryptionStream.getResult();
+        assertTrue(result.isEncryptedFor(certificate));
+
+        ByteArrayInputStream ciphertextIn = new ByteArrayInputStream(ciphertextOut.toByteArray());
+        ByteArrayOutputStream plaintextOut = new ByteArrayOutputStream();
+        DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
+                .onInputStream(ciphertextIn)
+                .withOptions(ConsumerOptions.get()
+                        .addDecryptionKey(secretKey)
+                        .addVerificationCert(certificate));
+
+        Streams.pipeAll(decryptionStream, plaintextOut);
+        decryptionStream.close();
+
+        OpenPgpMetadata metadata = decryptionStream.getResult();
+
+        assertTrue(metadata.containsVerifiedSignatureFrom(certificate));
+        assertTrue(metadata.isEncrypted());
+    }
+}