1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-27 06:42:05 +01:00

Create separate symmetric key algorithm policies for encryption/decryption

This commit is contained in:
Paul Schaub 2021-05-15 20:43:56 +02:00
parent 3be7f12887
commit 03fb81a77e
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 49 additions and 12 deletions

View file

@ -450,7 +450,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
} }
private PBESecretKeyEncryptor buildSecretKeyEncryptor() { private PBESecretKeyEncryptor buildSecretKeyEncryptor() {
SymmetricKeyAlgorithm keyEncryptionAlgorithm = PGPainless.getPolicy().getSymmetricKeyAlgorithmPolicy() SymmetricKeyAlgorithm keyEncryptionAlgorithm = PGPainless.getPolicy().getSymmetricKeyEncryptionAlgorithmPolicy()
.getDefaultSymmetricKeyAlgorithm(); .getDefaultSymmetricKeyAlgorithm();
PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ? PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ?
null : // unencrypted key pair, otherwise AES-256 encrypted null : // unencrypted key pair, otherwise AES-256 encrypted

View file

@ -34,8 +34,10 @@ public final class Policy {
HashAlgorithmPolicy.defaultSignatureAlgorithmPolicy(); HashAlgorithmPolicy.defaultSignatureAlgorithmPolicy();
private HashAlgorithmPolicy revocationSignatureHashAlgorithmPolicy = private HashAlgorithmPolicy revocationSignatureHashAlgorithmPolicy =
HashAlgorithmPolicy.defaultRevocationSignatureHashAlgorithmPolicy(); HashAlgorithmPolicy.defaultRevocationSignatureHashAlgorithmPolicy();
private SymmetricKeyAlgorithmPolicy symmetricKeyAlgorithmPolicy = private SymmetricKeyAlgorithmPolicy symmetricKeyEncryptionAlgorithmPolicy =
SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyAlgorithmPolicy(); SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy();
private SymmetricKeyAlgorithmPolicy symmetricKeyDecryptionAlgorithmPolicy =
SymmetricKeyAlgorithmPolicy.defaultSymmetricKeyEncryptionAlgorithmPolicy();
private final NotationRegistry notationRegistry = new NotationRegistry(); private final NotationRegistry notationRegistry = new NotationRegistry();
private Policy() { private Policy() {
@ -97,25 +99,47 @@ public final class Policy {
} }
/** /**
* Return the symmetric encryption algorithm policy. * Return the symmetric encryption algorithm policy for encryption.
* This policy defines which symmetric algorithms are acceptable. * This policy defines which symmetric algorithms are acceptable when producing encrypted messages.
* *
* @return symmetric algorithm policy * @return symmetric algorithm policy for encryption
*/ */
public SymmetricKeyAlgorithmPolicy getSymmetricKeyAlgorithmPolicy() { public SymmetricKeyAlgorithmPolicy getSymmetricKeyEncryptionAlgorithmPolicy() {
return symmetricKeyAlgorithmPolicy; return symmetricKeyEncryptionAlgorithmPolicy;
} }
/** /**
* Set a custom symmetric encryption algorithm policy. * Return the symmetric encryption algorithm policy for decryption.
* This policy defines which symmetric algorithms are acceptable when decrypting encrypted messages.
*
* @return symmetric algorithm policy for decryption
*/
public SymmetricKeyAlgorithmPolicy getSymmetricKeyDecryptionAlgoritmPolicy() {
return symmetricKeyDecryptionAlgorithmPolicy;
}
/**
* Set a custom symmetric encryption algorithm policy for encrypting messages.
* *
* @param policy custom policy * @param policy custom policy
*/ */
public void setSymmetricKeyAlgorithmPolicy(SymmetricKeyAlgorithmPolicy policy) { public void setSymmetricKeyEncryptionAlgorithmPolicy(SymmetricKeyAlgorithmPolicy policy) {
if (policy == null) { if (policy == null) {
throw new NullPointerException("Policy cannot be null."); throw new NullPointerException("Policy cannot be null.");
} }
this.symmetricKeyAlgorithmPolicy = policy; this.symmetricKeyEncryptionAlgorithmPolicy = policy;
}
/**
* Set a custom symmetric encryption algorithm policy for decrypting messages.
*
* @param policy custom policy
*/
public void setSymmetricKeyDecryptionAlgorithmPolicy(SymmetricKeyAlgorithmPolicy policy) {
if (policy == null) {
throw new NullPointerException("Policy cannot be null.");
}
this.symmetricKeyDecryptionAlgorithmPolicy = policy;
} }
public static final class SymmetricKeyAlgorithmPolicy { public static final class SymmetricKeyAlgorithmPolicy {
@ -164,7 +188,20 @@ public final class Policy {
* *
* @return default symmetric encryption algorithm policy * @return default symmetric encryption algorithm policy
*/ */
public static SymmetricKeyAlgorithmPolicy defaultSymmetricKeyAlgorithmPolicy() { public static SymmetricKeyAlgorithmPolicy defaultSymmetricKeyEncryptionAlgorithmPolicy() {
return new SymmetricKeyAlgorithmPolicy(SymmetricKeyAlgorithm.AES_256, Arrays.asList(
SymmetricKeyAlgorithm.BLOWFISH,
SymmetricKeyAlgorithm.AES_128,
SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_256,
SymmetricKeyAlgorithm.TWOFISH,
SymmetricKeyAlgorithm.CAMELLIA_128,
SymmetricKeyAlgorithm.CAMELLIA_192,
SymmetricKeyAlgorithm.CAMELLIA_256
));
}
public static SymmetricKeyAlgorithmPolicy defaultSymmetricKeyDecryptionAlgorithmPolicy() {
return new SymmetricKeyAlgorithmPolicy(SymmetricKeyAlgorithm.AES_256, Arrays.asList( return new SymmetricKeyAlgorithmPolicy(SymmetricKeyAlgorithm.AES_256, Arrays.asList(
SymmetricKeyAlgorithm.IDEA, SymmetricKeyAlgorithm.IDEA,
SymmetricKeyAlgorithm.CAST5, SymmetricKeyAlgorithm.CAST5,