PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 18:29:39 +02:00
Code Issues Releases Wiki Activity

Pass version down in tests

Browse source
This commit is contained in:
Paul Schaub 2025-01-29 11:27:02 +01:00
parent 626176cdad
commit d2532977cc
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
5 changed files with 33 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

17
pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/OpenPGPKeyVersion.kt
View file

@ -1,6 +1,21 @@
// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.algorithm package org.pgpainless.algorithm
enum class OpenPGPKeyVersion(val version: Int) { enum class OpenPGPKeyVersion(val numeric: Int) {
@Deprecated("V3 keys are deprecated.") v3(3),
v4(4), v4(4),
librePgp(5),
v6(6), v6(6),
;
companion object {
@JvmStatic
fun from(numeric: Int): OpenPGPKeyVersion {
return values().find { numeric == it.numeric }
?: throw IllegalArgumentException("Unknown key version $numeric")
}
}
} }

8
pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
View file

@ -6,7 +6,6 @@ package org.pgpainless.key.generation
import java.io.IOException import java.io.IOException
import java.util.* import java.util.*
import org.bouncycastle.bcpg.PublicKeyPacket
import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.*
import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.api.OpenPGPImplementation
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor
@ -90,7 +89,7 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) :
// generate primary key // generate primary key
requireNotNull(primaryKeySpec) { "Primary Key spec required." } requireNotNull(primaryKeySpec) { "Primary Key spec required." }
val certKey = generateKeyPair(primaryKeySpec!!) val certKey = generateKeyPair(primaryKeySpec!!, version)
val signer = buildContentSigner(certKey) val signer = buildContentSigner(certKey)
val signatureGenerator = PGPSignatureGenerator(signer) val signatureGenerator = PGPSignatureGenerator(signer)
@ -174,7 +173,7 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) :
private fun addSubKeys(primaryKey: PGPKeyPair, ringGenerator: PGPKeyRingGenerator) { private fun addSubKeys(primaryKey: PGPKeyPair, ringGenerator: PGPKeyRingGenerator) {
for (subKeySpec in subKeySpecs) { for (subKeySpec in subKeySpecs) {
val subKey = generateKeyPair(subKeySpec) val subKey = generateKeyPair(subKeySpec, version)
if (subKeySpec.isInheritedSubPackets) { if (subKeySpec.isInheritedSubPackets) {
ringGenerator.addSubKey(subKey) ringGenerator.addSubKey(subKey)
} else { } else {
@ -248,12 +247,13 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion) :
@JvmOverloads @JvmOverloads
fun generateKeyPair( fun generateKeyPair(
spec: KeySpec, spec: KeySpec,
version: OpenPGPKeyVersion,
creationTime: Date = spec.keyCreationDate ?: Date() creationTime: Date = spec.keyCreationDate ?: Date()
): PGPKeyPair { ): PGPKeyPair {
val gen = val gen =
OpenPGPImplementation.getInstance() OpenPGPImplementation.getInstance()
.pgpKeyPairGeneratorProvider() .pgpKeyPairGeneratorProvider()
.get(PublicKeyPacket.VERSION_4, creationTime) .get(version.numeric, creationTime)
return spec.keyType.generateKeyPair(gen) return spec.keyType.generateKeyPair(gen)
} }

4
pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt
View file

@ -16,6 +16,7 @@ import org.pgpainless.PGPainless.Companion.inspectKeyRing
import org.pgpainless.algorithm.AlgorithmSuite import org.pgpainless.algorithm.AlgorithmSuite
import org.pgpainless.algorithm.Feature import org.pgpainless.algorithm.Feature
import org.pgpainless.algorithm.KeyFlag import org.pgpainless.algorithm.KeyFlag
import org.pgpainless.algorithm.OpenPGPKeyVersion
import org.pgpainless.algorithm.SignatureType import org.pgpainless.algorithm.SignatureType
import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator
import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate import org.pgpainless.bouncycastle.extensions.getKeyExpirationDate
@ -244,7 +245,8 @@ class SecretKeyRingEditor(
callback: SelfSignatureSubpackets.Callback?, callback: SelfSignatureSubpackets.Callback?,
protector: SecretKeyRingProtector protector: SecretKeyRingProtector
): SecretKeyRingEditorInterface { ): SecretKeyRingEditorInterface {
val keyPair = KeyRingBuilder.generateKeyPair(keySpec, referenceTime) val version = OpenPGPKeyVersion.from(secretKeyRing.getPublicKey().version)
val keyPair = KeyRingBuilder.generateKeyPair(keySpec, OpenPGPKeyVersion.v4, referenceTime)
val subkeyProtector = val subkeyProtector =
PasswordBasedSecretKeyRingProtector.forKeyId(keyPair.keyID, subkeyPassphrase) PasswordBasedSecretKeyRingProtector.forKeyId(keyPair.keyID, subkeyPassphrase)
val keyFlags = KeyFlag.fromBitmask(keySpec.subpackets.keyFlags).toMutableList() val keyFlags = KeyFlag.fromBitmask(keySpec.subpackets.keyFlags).toMutableList()

12
pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpackets.java → pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubkeyWithModifiedBindingSignatureSubpacketsTest.java
View file

@ -9,14 +9,10 @@ import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import org.bouncycastle.bcpg.sig.NotationData; import org.bouncycastle.bcpg.sig.NotationData;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair; import org.bouncycastle.openpgp.PGPKeyPair;
import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
@ -25,6 +21,7 @@ import org.junit.JUtils;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.OpenPGPKeyVersion;
import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.generation.KeyRingBuilder; import org.pgpainless.key.generation.KeyRingBuilder;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
@ -35,19 +32,20 @@ import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
public class AddSubkeyWithModifiedBindingSignatureSubpackets { public class AddSubkeyWithModifiedBindingSignatureSubpacketsTest {
public static final long MILLIS_IN_SEC = 1000; public static final long MILLIS_IN_SEC = 1000;
@Test @Test
public void bindEncryptionSubkeyAndModifyBindingSignatureHashedSubpackets() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException { public void bindEncryptionSubkeyAndModifyBindingSignatureHashedSubpackets() {
SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys(); SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys();
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
.modernKeyRing("Alice <alice@pgpainless.org>"); .modernKeyRing("Alice <alice@pgpainless.org>");
KeyRingInfo before = PGPainless.inspectKeyRing(secretKeys); KeyRingInfo before = PGPainless.inspectKeyRing(secretKeys);
PGPKeyPair secretSubkey = KeyRingBuilder.generateKeyPair( PGPKeyPair secretSubkey = KeyRingBuilder.generateKeyPair(
KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519), KeyFlag.SIGN_DATA).build()); KeySpec.getBuilder(KeyType.EDDSA_LEGACY(EdDSALegacyCurve._Ed25519), KeyFlag.SIGN_DATA).build(),
OpenPGPKeyVersion.v4);
long secondsUntilExpiration = 1000; long secondsUntilExpiration = 1000;
secretKeys = PGPainless.modifyKeyRing(secretKeys) secretKeys = PGPainless.modifyKeyRing(secretKeys)

10
pgpainless-core/src/test/java/org/pgpainless/key/util/KeyRingUtilTest.java
View file

@ -18,6 +18,7 @@ import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.OpenPGPKeyVersion;
import org.pgpainless.algorithm.SignatureType; import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.generation.KeyRingBuilder; import org.pgpainless.key.generation.KeyRingBuilder;
@ -28,8 +29,6 @@ import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.util.CollectionUtils; import org.pgpainless.util.CollectionUtils;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Random; import java.util.Random;
import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertEquals;
@ -40,7 +39,7 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
public class KeyRingUtilTest { public class KeyRingUtilTest {
@Test @Test
public void testInjectCertification() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { public void testInjectCertification() throws PGPException {
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing() PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
.modernKeyRing("Alice"); .modernKeyRing("Alice");
@ -73,12 +72,13 @@ public class KeyRingUtilTest {
} }
@Test @Test
public void testKeysPlusPublicKey() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { public void testKeysPlusPublicKey() {
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing("Alice"); PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing("Alice");
PGPPublicKeyRing publicKeys = PGPainless.extractCertificate(secretKeys); PGPPublicKeyRing publicKeys = PGPainless.extractCertificate(secretKeys);
PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(KeySpec.getBuilder( PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(KeySpec.getBuilder(
KeyType.ECDH(EllipticCurve._P256), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE).build()); KeyType.ECDH(EllipticCurve._P256), KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE).build(),
OpenPGPKeyVersion.v4);
PGPPublicKey pubkey = keyPair.getPublicKey(); PGPPublicKey pubkey = keyPair.getPublicKey();
assertFalse(pubkey.isMasterKey()); assertFalse(pubkey.isMasterKey());