1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 03:17:58 +01:00

Merge pull request #9 from Flowdalic/flow

Various small commits
This commit is contained in:
Paul Schaub 2019-07-28 22:16:12 +02:00 committed by GitHub
commit 0b4f8afe58
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 8 additions and 176 deletions

1
.gitignore vendored
View file

@ -3,6 +3,7 @@
out/ out/
build/ build/
bin/
*.iws *.iws
*.iml *.iml

View file

@ -51,7 +51,6 @@ import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.RSA_GENERAL; import org.pgpainless.key.generation.type.RSA_GENERAL;
import org.pgpainless.key.generation.type.curve.EllipticCurve; import org.pgpainless.key.generation.type.curve.EllipticCurve;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
import org.pgpainless.util.KeyRingSubKeyFix;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
public class KeyRingBuilder implements KeyRingBuilderInterface { public class KeyRingBuilder implements KeyRingBuilderInterface {
@ -206,9 +205,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
PGPPublicKeyRing publicKeys = ringGenerator.generatePublicKeyRing(); PGPPublicKeyRing publicKeys = ringGenerator.generatePublicKeyRing();
PGPSecretKeyRing secretKeys = ringGenerator.generateSecretKeyRing(); PGPSecretKeyRing secretKeys = ringGenerator.generateSecretKeyRing();
// TODO: Remove once BC 1.61 is released
secretKeys = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null);
return new PGPKeyRing(publicKeys, secretKeys); return new PGPKeyRing(publicKeys, secretKeys);
} }

View file

@ -43,8 +43,8 @@ public class PartialUserId {
@Override @Override
public boolean accept(String identifier, @Nonnull PGPSecretKey key) { public boolean accept(String identifier, @Nonnull PGPSecretKey key) {
for (Iterator userIds = key.getUserIDs(); userIds.hasNext(); ) { for (Iterator<String> userIds = key.getUserIDs(); userIds.hasNext(); ) {
String userId = (String) userIds.next(); String userId = userIds.next();
if (userId.contains(identifier)) { if (userId.contains(identifier)) {
return true; return true;
} }

View file

@ -65,10 +65,8 @@ public class BCUtil {
public static PGPPublicKeyRing publicKeyRingFromSecretKeyRing(@Nonnull PGPSecretKeyRing secretKeys) public static PGPPublicKeyRing publicKeyRingFromSecretKeyRing(@Nonnull PGPSecretKeyRing secretKeys)
throws PGPException, IOException { throws PGPException, IOException {
PGPSecretKeyRing fixedSecretKeys = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null);
ByteArrayOutputStream buffer = new ByteArrayOutputStream(512); ByteArrayOutputStream buffer = new ByteArrayOutputStream(512);
for (PGPSecretKey secretKey : fixedSecretKeys) { for (PGPSecretKey secretKey : secretKeys) {
PGPPublicKey publicKey = secretKey.getPublicKey(); PGPPublicKey publicKey = secretKey.getPublicKey();
if (publicKey != null) { if (publicKey != null) {
publicKey.encode(buffer, false); publicKey.encode(buffer, false);
@ -218,9 +216,9 @@ public class BCUtil {
} }
public static PGPPublicKey getMasterKeyFrom(@Nonnull PGPKeyRing ring) { public static PGPPublicKey getMasterKeyFrom(@Nonnull PGPKeyRing ring) {
Iterator it = ring.getPublicKeys(); Iterator<PGPPublicKey> it = ring.getPublicKeys();
while (it.hasNext()) { while (it.hasNext()) {
PGPPublicKey k = (PGPPublicKey) it.next(); PGPPublicKey k = it.next();
if (k.isMasterKey()) { if (k.isMasterKey()) {
// There can only be one master key, so we can immediately return // There can only be one master key, so we can immediately return
return k; return k;
@ -237,7 +235,7 @@ public class BCUtil {
boolean signingKey = false; boolean signingKey = false;
Iterator sit = k.getSignatures(); Iterator<?> sit = k.getSignatures();
while (sit.hasNext()) { while (sit.hasNext()) {
Object n = sit.next(); Object n = sit.next();
if (!(n instanceof PGPSignature)) { if (!(n instanceof PGPSignature)) {

View file

@ -1,111 +0,0 @@
/*
* Copyright 2018 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless.util;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.bcpg.HashAlgorithmTags;
import org.bouncycastle.bcpg.PublicKeyPacket;
import org.bouncycastle.bcpg.PublicSubkeyPacket;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
public class KeyRingSubKeyFix {
private static final Logger LOGGER = Logger.getLogger(KeyRingSubKeyFix.class.getName());
/**
* This method makes sure, that sub keys do consist of sub key packets.
* Bouncycastle versions up to and including 1.60 created {@link PGPSecretKeyRing}s which sub keys consisted of
* normal public key packets, which would result in lost keys when converting PGPSecretKeyRings to PGPPublicKeyRings.
*
* This method throws a {@link RuntimeException} of a {@link NoSuchFieldException} or {@link IllegalAccessException}.
*
* @see <a href="https://github.com/bcgit/bc-java/issues/381">Bouncycastle Java bug report #381</a>
*
* @param secretKeys possibly faulty PGPSecretKeyRing
* @param decryptor decryptor in case the keys are encrypted (can be null)
* @param encryptor encryptor to re-encrypt the keys in case they are encrypted (can be null)
*
* @return fixed PGPSecretKeyRing
*
* @throws PGPException in case we cannot dismantle or reassemble the key.
*/
public static PGPSecretKeyRing repairSubkeyPackets(@Nonnull PGPSecretKeyRing secretKeys,
@Nullable PBESecretKeyDecryptor decryptor,
@Nullable PBESecretKeyEncryptor encryptor)
throws PGPException {
PGPDigestCalculator calculator = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1);
List<PGPSecretKey> _secretKeys = new ArrayList<>();
Iterator<PGPSecretKey> secretKeyIterator = secretKeys.iterator();
try {
while (secretKeyIterator.hasNext()) {
PGPSecretKey secSubKey = secretKeyIterator.next();
if (secSubKey.isMasterKey()) {
LOGGER.log(Level.FINER, Long.toHexString(secSubKey.getKeyID()) + " is master key. Skip.");
_secretKeys.add(secSubKey);
continue;
}
PGPPublicKey pubSubKey = secSubKey.getPublicKey();
// check for public key packet type
Field publicPk = pubSubKey.getClass().getDeclaredField("publicPk");
publicPk.setAccessible(true);
PublicKeyPacket keyPacket = (PublicKeyPacket) publicPk.get(pubSubKey);
if (keyPacket instanceof PublicSubkeyPacket) {
// Sub key is already sub key
_secretKeys.add(secSubKey);
continue;
}
// Sub key is normal key -> fix
LOGGER.log(Level.FINER, "Subkey " + Long.toHexString(secSubKey.getKeyID()) + " does not have a subkey key packet. Convert it...");
keyPacket = new PublicSubkeyPacket(pubSubKey.getAlgorithm(), pubSubKey.getCreationTime(), keyPacket.getKey());
publicPk.set(pubSubKey, keyPacket);
PGPPrivateKey privateKey = secSubKey.extractPrivateKey(decryptor);
PGPSecretKey secretKey = new PGPSecretKey(privateKey, pubSubKey, calculator, false, encryptor);
_secretKeys.add(secretKey);
}
return new PGPSecretKeyRing(_secretKeys);
} catch (NoSuchFieldException | IllegalAccessException e) {
throw new RuntimeException("Cannot apply fix due to an error while using reflections.", e);
}
}
}

View file

@ -125,7 +125,7 @@ public class MultiMap<K, V> {
return true; return true;
} }
return map.equals(((MultiMap) o).map); return map.equals(((MultiMap<?, ?>) o).map);
} }
@Override @Override

View file

@ -1,52 +0,0 @@
/*
* Copyright 2018 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless;
import static junit.framework.TestCase.assertTrue;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Arrays;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.junit.Test;
import org.pgpainless.key.collection.PGPKeyRing;
import org.pgpainless.util.BCUtil;
import org.pgpainless.util.KeyRingSubKeyFix;
public class KeyRingSubKeyFixTest extends AbstractPGPainlessTest {
@Test
public void test()
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
IOException {
PGPKeyRing ring = PGPainless.generateKeyRing().simpleEcKeyRing("hallo@welt.de");
PGPSecretKeyRing secretKeys = ring.getSecretKeys();
PGPPublicKeyRing publicKeys = ring.getPublicKeys();
PGPSecretKeyRing fixed = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null);
assertTrue(Arrays.equals(secretKeys.getEncoded(), fixed.getEncoded()));
PGPPublicKeyRing fixedPub = BCUtil.publicKeyRingFromSecretKeyRing(fixed);
assertTrue(Arrays.equals(publicKeys.getEncoded(), fixedPub.getEncoded()));
}
}