Swappable algorithm negotiation delegates

2025-09-09 18:29:39 +02:00 · 2025-06-03 11:58:59 +02:00 · 2025-06-03 11:58:59 +02:00 · fa289e9ca2
commit fa289e9ca2
parent 91730fd13f
4 changed files with 46 additions and 23 deletions
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/negotiation/CompressionAlgorithmNegotiator.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/algorithm/negotiation/CompressionAlgorithmNegotiator.kt
@ -0,0 +1,24 @@
+// SPDX-FileCopyrightText: 2025 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package org.pgpainless.algorithm.negotiation
+
+import org.pgpainless.algorithm.CompressionAlgorithm
+import org.pgpainless.policy.Policy
+
+fun interface CompressionAlgorithmNegotiator {
+    fun negotiate(
+        policy: Policy,
+        override: CompressionAlgorithm?,
+        orderedPreferences: Set<CompressionAlgorithm>?
+    ): CompressionAlgorithm
+
+    companion object {
+        @JvmStatic
+        fun staticNegotiation(): CompressionAlgorithmNegotiator =
+            CompressionAlgorithmNegotiator { policy, override, _ ->
+                override ?: policy.compressionAlgorithmPolicy.defaultCompressionAlgorithm
+            }
+    }
+}
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/EncryptionOptions.kt
@ -27,6 +27,9 @@ import org.pgpainless.key.info.KeyRingInfo
 import org.pgpainless.util.Passphrase

 class EncryptionOptions(private val purpose: EncryptionPurpose, private val api: PGPainless) {
+
+    var encryptionMechanismNegotiator: EncryptionMechanismNegotiator =
+        EncryptionMechanismNegotiator.modificationDetectionOrBetter(byPopularity())
    private val _encryptionMethods: MutableSet<PGPKeyEncryptionMethodGenerator> = mutableSetOf()
    private val keysAndAccessors: MutableMap<OpenPGPComponentKey, KeyAccessor> = mutableMapOf()
    private val _keyRingInfo: MutableMap<SubkeyIdentifier, KeyRingInfo> = mutableMapOf()
@ -442,13 +445,12 @@ class EncryptionOptions(private val purpose: EncryptionPurpose, private val api:
            keysAndAccessors.values.map { it.preferredSymmetricKeyAlgorithms }.toList()

        val mechanism =
-            EncryptionMechanismNegotiator.modificationDetectionOrBetter(byPopularity())
-                .negotiate(
-                    api.algorithmPolicy,
-                    encryptionMechanismOverride,
-                    features,
-                    aeadAlgorithms,
-                    symmetricKeyAlgorithms)
+            encryptionMechanismNegotiator.negotiate(
+                api.algorithmPolicy,
+                encryptionMechanismOverride,
+                features,
+                aeadAlgorithms,
+                symmetricKeyAlgorithms)

        return mechanism
    }
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/ProducerOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/ProducerOptions.kt
@ -8,13 +8,15 @@ import java.util.*
 import org.bouncycastle.openpgp.PGPLiteralData
 import org.pgpainless.algorithm.CompressionAlgorithm
 import org.pgpainless.algorithm.StreamEncoding
+import org.pgpainless.algorithm.negotiation.CompressionAlgorithmNegotiator
 import org.pgpainless.policy.Policy

 class ProducerOptions(
    val encryptionOptions: EncryptionOptions?,
    val signingOptions: SigningOptions?
 ) {
-
+    var compressionAlgorithmNegotiator: CompressionAlgorithmNegotiator =
+        CompressionAlgorithmNegotiator.staticNegotiation()
    private var _fileName: String = ""
    private var _modificationDate: Date = PGPLiteralData.NOW
    private var encodingField: StreamEncoding = StreamEncoding.BINARY
@ -237,8 +239,8 @@ class ProducerOptions(
    }

    internal fun negotiateCompressionAlgorithm(policy: Policy): CompressionAlgorithm {
-        return compressionAlgorithmOverride
-            ?: policy.compressionAlgorithmPolicy.defaultCompressionAlgorithm
+        return compressionAlgorithmNegotiator.negotiate(
+            policy, compressionAlgorithmOverride, setOf())
    }

    companion object {
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/encryption_signing/SigningOptions.kt
@ -15,6 +15,7 @@ import org.pgpainless.PGPainless
 import org.pgpainless.algorithm.DocumentSignatureType
 import org.pgpainless.algorithm.HashAlgorithm
 import org.pgpainless.algorithm.PublicKeyAlgorithm.Companion.requireFromId
+import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator
 import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator.Companion.negotiateSignatureHashAlgorithm
 import org.pgpainless.exception.KeyException
 import org.pgpainless.exception.KeyException.*
@ -27,7 +28,8 @@ import org.pgpainless.signature.subpackets.SignatureSubpackets
 import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper

 class SigningOptions(private val api: PGPainless) {
-
+    var hashAlgorithmNegotiator: HashAlgorithmNegotiator =
+        negotiateSignatureHashAlgorithm(api.algorithmPolicy)
    val signingMethods: Map<OpenPGPPrivateKey, SigningMethod> = mutableMapOf()
    private var _hashAlgorithmOverride: HashAlgorithm? = null
    private var _evaluationDate: Date = Date()
@ -200,8 +202,7 @@ class SigningOptions(private val api: PGPainless) {
            val hashAlgorithms =
                if (userId != null) keyRingInfo.getPreferredHashAlgorithms(userId)
                else keyRingInfo.getPreferredHashAlgorithms(signingPubKey.keyIdentifier)
-            val hashAlgorithm: HashAlgorithm =
-                negotiateHashAlgorithm(hashAlgorithms, api.algorithmPolicy)
+            val hashAlgorithm: HashAlgorithm = negotiateHashAlgorithm(hashAlgorithms)
            addSigningMethod(
                signingPrivKey, hashAlgorithm, signatureType, false, subpacketsCallback)
        }
@ -268,8 +269,7 @@ class SigningOptions(private val api: PGPainless) {

        val signingPrivKey = unlockSecretKey(signingKey, signingKeyProtector)
        val hashAlgorithms = keyRingInfo.getPreferredHashAlgorithms(signingKey.keyIdentifier)
-        val hashAlgorithm: HashAlgorithm =
-            negotiateHashAlgorithm(hashAlgorithms, api.algorithmPolicy)
+        val hashAlgorithm: HashAlgorithm = negotiateHashAlgorithm(hashAlgorithms)
        addSigningMethod(signingPrivKey, hashAlgorithm, signatureType, false, subpacketsCallback)
    }

@ -467,8 +467,7 @@ class SigningOptions(private val api: PGPainless) {
        val hashAlgorithms =
            if (userId != null) keyRingInfo.getPreferredHashAlgorithms(userId)
            else keyRingInfo.getPreferredHashAlgorithms(signingKey.keyIdentifier)
-        val hashAlgorithm: HashAlgorithm =
-            negotiateHashAlgorithm(hashAlgorithms, api.algorithmPolicy)
+        val hashAlgorithm: HashAlgorithm = negotiateHashAlgorithm(hashAlgorithms)
        addSigningMethod(signingPrivKey, hashAlgorithm, signatureType, true, subpacketCallback)
    }

@ -559,12 +558,8 @@ class SigningOptions(private val api: PGPainless) {
     * @param policy policy
     * @return selected hash algorithm
     */
-    private fun negotiateHashAlgorithm(
-        preferences: Set<HashAlgorithm>?,
-        policy: Policy
-    ): HashAlgorithm {
-        return _hashAlgorithmOverride
-            ?: negotiateSignatureHashAlgorithm(policy).negotiateHashAlgorithm(preferences)
+    private fun negotiateHashAlgorithm(preferences: Set<HashAlgorithm>?): HashAlgorithm {
+        return _hashAlgorithmOverride ?: hashAlgorithmNegotiator.negotiateHashAlgorithm(preferences)
    }

    @Throws(PGPException::class)