mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-29 15:52:08 +01:00
Separate key generation from scratch and from templates in to buildKeyRing() and generateKeyRing()
This commit is contained in:
parent
59c9ec341e
commit
03a350d279
17 changed files with 220 additions and 186 deletions
|
@ -16,6 +16,7 @@ import org.pgpainless.decryption_verification.DecryptionStream;
|
|||
import org.pgpainless.encryption_signing.EncryptionBuilder;
|
||||
import org.pgpainless.encryption_signing.EncryptionStream;
|
||||
import org.pgpainless.key.generation.KeyRingBuilder;
|
||||
import org.pgpainless.key.generation.KeyRingTemplates;
|
||||
import org.pgpainless.key.info.KeyRingInfo;
|
||||
import org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditor;
|
||||
import org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface;
|
||||
|
@ -31,10 +32,19 @@ public final class PGPainless {
|
|||
}
|
||||
|
||||
/**
|
||||
* Generate a new OpenPGP key ring.
|
||||
* Generate a fresh OpenPGP key ring from predefined templates.
|
||||
* @return templates
|
||||
*/
|
||||
public static KeyRingTemplates generateKeyRing() {
|
||||
return new KeyRingTemplates();
|
||||
}
|
||||
|
||||
/**
|
||||
* Build a custom OpenPGP key ring.
|
||||
*
|
||||
* @return builder
|
||||
*/
|
||||
public static KeyRingBuilder generateKeyRing() {
|
||||
public static KeyRingBuilder buildKeyRing() {
|
||||
return new KeyRingBuilder();
|
||||
}
|
||||
|
||||
|
|
|
@ -41,14 +41,10 @@ import org.pgpainless.algorithm.SignatureType;
|
|||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
import org.pgpainless.implementation.ImplementationFactory;
|
||||
import org.pgpainless.key.generation.type.KeyType;
|
||||
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
|
||||
import org.pgpainless.key.generation.type.rsa.RsaLength;
|
||||
import org.pgpainless.key.generation.type.xdh.XDHSpec;
|
||||
import org.pgpainless.key.protection.UnlockSecretKey;
|
||||
import org.pgpainless.key.util.UserId;
|
||||
import org.pgpainless.provider.ProviderFactory;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
|
||||
public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
|
||||
|
||||
|
@ -64,158 +60,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
|
|||
private Passphrase passphrase = null;
|
||||
private Date expirationDate = null;
|
||||
|
||||
/**
|
||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId.toString(), length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId, length, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
* @param password Password of the key. Can be null for unencrypted keys.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId.toString(), length, password);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
* @param password Password of the key. Can be null for unencrypted keys.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length, String password)
|
||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||
KeyRingBuilder builder = new KeyRingBuilder()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(length), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS))
|
||||
.addUserId(userId);
|
||||
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId.toString(), password);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a X25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId, String password)
|
||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||
KeyRingBuilder builder = new KeyRingBuilder()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
|
||||
.addUserId(userId);
|
||||
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a modern PGP key ring consisting of an ed25519 EdDSA primary key which is used to certify
|
||||
* an X25519 XDH encryption subkey and an ed25519 EdDSA signing key.
|
||||
*
|
||||
* @param userId primary user id
|
||||
* @param password passphrase or null if the key should be unprotected.
|
||||
* @return key ring
|
||||
*/
|
||||
public PGPSecretKeyRing modernKeyRing(String userId, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
KeyRingBuilder builder = new KeyRingBuilder()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA))
|
||||
.addUserId(userId);
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeyRingBuilder setPrimaryKey(@Nonnull KeySpec keySpec) {
|
||||
verifyMasterKeyCanCertify(keySpec);
|
||||
|
@ -256,10 +100,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
|
|||
return this;
|
||||
}
|
||||
|
||||
private static boolean isNullOrEmpty(String password) {
|
||||
return password == null || password.trim().isEmpty();
|
||||
}
|
||||
|
||||
private void verifyMasterKeyCanCertify(KeySpec spec) {
|
||||
if (!hasCertifyOthersFlag(spec)) {
|
||||
throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER");
|
||||
|
|
|
@ -0,0 +1,184 @@
|
|||
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package org.pgpainless.key.generation;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.KeyFlag;
|
||||
import org.pgpainless.key.generation.type.KeyType;
|
||||
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
|
||||
import org.pgpainless.key.generation.type.rsa.RsaLength;
|
||||
import org.pgpainless.key.generation.type.xdh.XDHSpec;
|
||||
import org.pgpainless.key.util.UserId;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
|
||||
public final class KeyRingTemplates {
|
||||
|
||||
public KeyRingTemplates() {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId.toString(), length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId, length, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
* @param password Password of the key. Can be null for unencrypted keys.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleRsaKeyRing(userId.toString(), length, password);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||
*
|
||||
* @param userId user id.
|
||||
* @param length length in bits.
|
||||
* @param password Password of the key. Can be null for unencrypted keys.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length, String password)
|
||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||
KeyRingBuilder builder = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(length), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS))
|
||||
.addUserId(userId);
|
||||
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
return simpleEcKeyRing(userId.toString(), password);
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates a key ring consisting of an ed25519 EdDSA primary key and a X25519 XDH subkey.
|
||||
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||
* The XDH subkey is used for encryption and decryption of messages.
|
||||
*
|
||||
* @param userId user-id
|
||||
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||
*
|
||||
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||
*/
|
||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId, String password)
|
||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||
KeyRingBuilder builder = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
|
||||
.addUserId(userId);
|
||||
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a modern PGP key ring consisting of an ed25519 EdDSA primary key which is used to certify
|
||||
* an X25519 XDH encryption subkey and an ed25519 EdDSA signing key.
|
||||
*
|
||||
* @param userId primary user id
|
||||
* @param password passphrase or null if the key should be unprotected.
|
||||
* @return key ring
|
||||
*/
|
||||
public PGPSecretKeyRing modernKeyRing(String userId, String password)
|
||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
KeyRingBuilder builder = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA))
|
||||
.addUserId(userId);
|
||||
if (!isNullOrEmpty(password)) {
|
||||
builder.setPassphrase(Passphrase.fromPassword(password));
|
||||
}
|
||||
return builder.build();
|
||||
}
|
||||
|
||||
private static boolean isNullOrEmpty(String password) {
|
||||
return password == null || password.trim().isEmpty();
|
||||
}
|
||||
|
||||
}
|
|
@ -76,7 +76,7 @@ public class EncryptDecryptTest {
|
|||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
|
||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing recipient = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.RSA(RsaLength._4096),
|
||||
KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER))
|
||||
|
|
|
@ -47,7 +47,7 @@ public class EncryptionOptionsTest {
|
|||
|
||||
@BeforeAll
|
||||
public static void generateKey() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
secretKeys = PGPainless.generateKeyRing()
|
||||
secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER)
|
||||
.build())
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_COMMS)
|
||||
|
@ -126,7 +126,7 @@ public class EncryptionOptionsTest {
|
|||
@Test
|
||||
public void testAddRecipient_KeyWithoutEncryptionKeyFails() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
EncryptionOptions options = new EncryptionOptions();
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
.addUserId("test@pgpainless.org")
|
||||
.build();
|
||||
|
|
|
@ -175,7 +175,7 @@ public class SigningTest {
|
|||
|
||||
@Test
|
||||
public void negotiateHashAlgorithmChoseFallbackIfEmptyPreferences() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA).overridePreferredHashAlgorithms())
|
||||
.addUserId("Alice")
|
||||
.build();
|
||||
|
@ -199,7 +199,7 @@ public class SigningTest {
|
|||
|
||||
@Test
|
||||
public void negotiateHashAlgorithmChoseFallbackIfUnacceptablePreferences() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)
|
||||
.overridePreferredHashAlgorithms(HashAlgorithm.MD5))
|
||||
.addUserId("Alice")
|
||||
|
@ -224,7 +224,7 @@ public class SigningTest {
|
|||
|
||||
@Test
|
||||
public void signingWithNonCapableKeyThrowsKeyCannotSignException() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
|
||||
.addUserId("Alice")
|
||||
.build();
|
||||
|
@ -236,7 +236,7 @@ public class SigningTest {
|
|||
|
||||
@Test
|
||||
public void signWithInvalidUserIdThrowsKeyValidationError() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
.addUserId("Alice")
|
||||
.build();
|
||||
|
|
|
@ -38,8 +38,8 @@ import org.pgpainless.util.Passphrase;
|
|||
* This class demonstrates how to use PGPainless to generate secret keys.
|
||||
* In general the starting point for generating secret keys using PGPainless is {@link PGPainless#generateKeyRing()}.
|
||||
* The result ({@link org.pgpainless.key.generation.KeyRingBuilder}) provides some factory methods for key archetypes
|
||||
* such as {@link org.pgpainless.key.generation.KeyRingBuilder#modernKeyRing(String, String)} or
|
||||
* {@link org.pgpainless.key.generation.KeyRingBuilder#simpleRsaKeyRing(String, RsaLength)}.
|
||||
* such as {@link org.pgpainless.key.generation.KeyRingTemplates#modernKeyRing(String, String)} or
|
||||
* {@link org.pgpainless.key.generation.KeyRingTemplates#simpleRsaKeyRing(String, RsaLength)}.
|
||||
*
|
||||
* Those methods always take a user-id which is used as primary user-id, as well as a passphrase which is used to encrypt
|
||||
* the secret key.
|
||||
|
@ -193,7 +193,7 @@ public class GenerateKeys {
|
|||
// It is recommended to use the Passphrase class, as it can be used to safely invalidate passwords from memory
|
||||
Passphrase passphrase = Passphrase.fromPassword("1nters3x");
|
||||
|
||||
PGPSecretKeyRing secretKey = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKey = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519),
|
||||
// The primary key MUST carry the CERTIFY_OTHER flag, but CAN carry additional flags
|
||||
KeyFlag.CERTIFY_OTHER))
|
||||
|
|
|
@ -71,7 +71,7 @@ public class BrainpoolKeyGenerationTest {
|
|||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.ECDSA(EllipticCurve._BRAINPOOLP384R1), KeyFlag.CERTIFY_OTHER))
|
||||
.addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA))
|
||||
|
@ -117,7 +117,7 @@ public class BrainpoolKeyGenerationTest {
|
|||
}
|
||||
|
||||
public PGPSecretKeyRing generateKey(KeySpec primaryKey, KeySpec subKey, String userId) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(primaryKey)
|
||||
.addSubkey(subKey)
|
||||
.addUserId(userId)
|
||||
|
|
|
@ -34,7 +34,7 @@ public class CertificationKeyMustBeAbleToCertifyTest {
|
|||
};
|
||||
for (KeyType type : typesIncapableOfCreatingVerifications) {
|
||||
assertThrows(IllegalArgumentException.class, () -> PGPainless
|
||||
.generateKeyRing()
|
||||
.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(type, KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
.addUserId("should@throw.ex")
|
||||
.build());
|
||||
|
|
|
@ -29,7 +29,7 @@ public class GenerateEllipticCurveKeyTest {
|
|||
@MethodSource("org.pgpainless.util.TestImplementationFactoryProvider#provideImplementationFactories")
|
||||
public void generateEllipticCurveKeys(ImplementationFactory implementationFactory) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
PGPSecretKeyRing keyRing = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing keyRing = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.EDDSA(EdDSACurve._Ed25519),
|
||||
KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
|
|
|
@ -35,7 +35,7 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
|||
public void test(ImplementationFactory implementationFactory) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
Date expiration = new Date(DateUtil.now().getTime() + 60 * 1000);
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.RSA(RsaLength._3072),
|
||||
KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS))
|
||||
|
|
|
@ -34,7 +34,7 @@ public class GenerateWithEmptyPassphraseTest {
|
|||
public void testGeneratingKeyWithEmptyPassphraseDoesNotThrow(ImplementationFactory implementationFactory) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
|
||||
assertNotNull(PGPainless.generateKeyRing()
|
||||
assertNotNull(PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.RSA(RsaLength._3072),
|
||||
KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS))
|
||||
|
|
|
@ -218,7 +218,7 @@ public class KeyRingInfoTest {
|
|||
public void testGetKeysWithFlagsAndExpiry(ImplementationFactory implementationFactory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
ImplementationFactory.setFactoryImplementation(implementationFactory);
|
||||
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
|
||||
.addSubkey(KeySpec.getBuilder(
|
||||
|
@ -556,7 +556,7 @@ public class KeyRingInfoTest {
|
|||
|
||||
@Test
|
||||
public void testGetExpirationDateForUse_NoSuchKey() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.addUserId("Alice")
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
|
||||
.build();
|
||||
|
|
|
@ -39,7 +39,7 @@ public class UserIdRevocationTest {
|
|||
|
||||
@Test
|
||||
public void testRevocationWithoutRevocationAttributes() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.EDDSA(EdDSACurve._Ed25519),
|
||||
KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER))
|
||||
|
@ -77,7 +77,7 @@ public class UserIdRevocationTest {
|
|||
|
||||
@Test
|
||||
public void testRevocationWithRevocationReason() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.EDDSA(EdDSACurve._Ed25519),
|
||||
KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER))
|
||||
|
|
|
@ -35,7 +35,7 @@ public class BCUtilTest {
|
|||
public void keyRingToCollectionTest()
|
||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException,
|
||||
IOException {
|
||||
PGPSecretKeyRing sec = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing sec = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.RSA(RsaLength._3072),
|
||||
KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
|
||||
|
|
|
@ -29,7 +29,7 @@ public class GuessPreferredHashAlgorithmTest {
|
|||
|
||||
@Test
|
||||
public void guessPreferredHashAlgorithmsAssumesHashAlgoUsedBySelfSig() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519),
|
||||
KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)
|
||||
.overridePreferredHashAlgorithms(new HashAlgorithm[] {})
|
||||
|
|
|
@ -26,7 +26,7 @@ public class TestEncryptCommsStorageFlagsDifferentiated {
|
|||
|
||||
@Test
|
||||
public void testThatEncryptionDifferentiatesBetweenPurposeKeyFlags() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
PGPSecretKeyRing secretKeys = PGPainless.buildKeyRing()
|
||||
.setPrimaryKey(KeySpec.getBuilder(
|
||||
KeyType.RSA(RsaLength._3072),
|
||||
KeyFlag.CERTIFY_OTHER,
|
||||
|
|
Loading…
Reference in a new issue