Add support for PreferredAEADCiphersuites subpacket

Requires BC 1.77 See https://github.com/bcgit/bc-java/pull/1464
2024-11-14 00:12:06 +01:00 · 2023-08-01 15:53:33 +02:00 · 2023-08-01 15:53:33 +02:00 · 23e31a1483
commit 23e31a1483
parent 8cdb7ee4e0
3 changed files with 62 additions and 9 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java
@ -13,15 +13,18 @@ import javax.annotation.Nullable;
 import org.bouncycastle.bcpg.sig.Features;
 import org.bouncycastle.bcpg.sig.KeyExpirationTime;
 import org.bouncycastle.bcpg.sig.KeyFlags;
+import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites;
 import org.bouncycastle.bcpg.sig.PreferredAlgorithms;
 import org.bouncycastle.bcpg.sig.PrimaryUserID;
 import org.bouncycastle.bcpg.sig.RevocationKey;
 import org.bouncycastle.openpgp.PGPPublicKey;
+import org.pgpainless.algorithm.AEADAlgorithm;
 import org.pgpainless.algorithm.CompressionAlgorithm;
 import org.pgpainless.algorithm.Feature;
 import org.pgpainless.algorithm.HashAlgorithm;
 import org.pgpainless.algorithm.KeyFlag;
 import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
+import org.pgpainless.util.Tuple;

 public interface SelfSignatureSubpackets extends BaseSignatureSubpackets {

@ -56,6 +59,14 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets {

    SelfSignatureSubpackets setKeyExpirationTime(@Nullable KeyExpirationTime keyExpirationTime);

+    SelfSignatureSubpackets setPreferredAEADCiphersuites(Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>... algorithms);
+
+    SelfSignatureSubpackets setPreferredAEADCiphersuites(Set<Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>> algorithms);
+
+    SelfSignatureSubpackets setPreferredAEADCiphersuites(boolean isCritical, Set<Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>> algorithms);
+
+    SelfSignatureSubpackets setPreferredAEADCiphersuites(@Nullable PreferredAEADCiphersuites algorithms);
+
    SelfSignatureSubpackets setPreferredCompressionAlgorithms(CompressionAlgorithm... algorithms);

    SelfSignatureSubpackets setPreferredCompressionAlgorithms(Set<CompressionAlgorithm> algorithms);
@ -64,14 +75,6 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets {

    SelfSignatureSubpackets setPreferredCompressionAlgorithms(@Nullable PreferredAlgorithms algorithms);

-    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(SymmetricKeyAlgorithm... algorithms);
-
-    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(Set<SymmetricKeyAlgorithm> algorithms);
-
-    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(boolean isCritical, Set<SymmetricKeyAlgorithm> algorithms);
-
-    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(@Nullable PreferredAlgorithms algorithms);
-
    SelfSignatureSubpackets setPreferredHashAlgorithms(HashAlgorithm... algorithms);

    SelfSignatureSubpackets setPreferredHashAlgorithms(Set<HashAlgorithm> algorithms);
@ -80,6 +83,14 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets {

    SelfSignatureSubpackets setPreferredHashAlgorithms(@Nullable PreferredAlgorithms algorithms);

+    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(SymmetricKeyAlgorithm... algorithms);
+
+    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(Set<SymmetricKeyAlgorithm> algorithms);
+
+    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(boolean isCritical, Set<SymmetricKeyAlgorithm> algorithms);
+
+    SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(@Nullable PreferredAlgorithms algorithms);
+
    SelfSignatureSubpackets addRevocationKey(@Nonnull PGPPublicKey revocationKey);

    SelfSignatureSubpackets addRevocationKey(boolean isCritical, @Nonnull PGPPublicKey revocationKey);
--- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java
@ -28,6 +28,7 @@ import org.bouncycastle.bcpg.sig.KeyExpirationTime;
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.bcpg.sig.NotationData;
 import org.bouncycastle.bcpg.sig.PolicyURI;
+import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites;
 import org.bouncycastle.bcpg.sig.PreferredAlgorithms;
 import org.bouncycastle.bcpg.sig.PrimaryUserID;
 import org.bouncycastle.bcpg.sig.RegularExpression;
@ -42,6 +43,7 @@ import org.bouncycastle.bcpg.sig.TrustSignature;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
+import org.pgpainless.algorithm.AEADAlgorithm;
 import org.pgpainless.algorithm.CompressionAlgorithm;
 import org.pgpainless.algorithm.Feature;
 import org.pgpainless.algorithm.HashAlgorithm;
@ -49,6 +51,7 @@ import org.pgpainless.algorithm.KeyFlag;
 import org.pgpainless.algorithm.PublicKeyAlgorithm;
 import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
 import org.pgpainless.key.util.RevocationAttributes;
+import org.pgpainless.util.Tuple;

 public class SignatureSubpackets
        implements BaseSignatureSubpackets, SelfSignatureSubpackets, CertificationSubpackets, RevocationSignatureSubpackets {
@ -68,6 +71,7 @@ public class SignatureSubpackets
    private PreferredAlgorithms preferredCompressionAlgorithms;
    private PreferredAlgorithms preferredSymmetricKeyAlgorithms;
    private PreferredAlgorithms preferredHashAlgorithms;
+    private PreferredAEADCiphersuites preferredAEADCiphersuites;
    private final List<EmbeddedSignature> embeddedSignatureList = new ArrayList<>();
    private SignerUserID signerUserId;
    private KeyExpirationTime keyExpirationTime;
@ -313,6 +317,40 @@ public class SignatureSubpackets
        return this;
    }

+    @Override
+    public SelfSignatureSubpackets setPreferredAEADCiphersuites(Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>... algorithms) {
+        return setPreferredAEADCiphersuites(new LinkedHashSet<>(Arrays.asList(algorithms)));
+    }
+
+    @Override
+    public SelfSignatureSubpackets setPreferredAEADCiphersuites(Set<Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>> algorithms) {
+        return setPreferredAEADCiphersuites(false, algorithms);
+    }
+
+    @Override
+    public SelfSignatureSubpackets setPreferredAEADCiphersuites(boolean isCritical, Set<Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>> algorithms) {
+        List<PreferredAEADCiphersuites.Combination> combinations = new ArrayList<>();
+        Iterator<Tuple<SymmetricKeyAlgorithm, AEADAlgorithm>> iterator = algorithms.iterator();
+        while (iterator.hasNext()) {
+            Tuple<SymmetricKeyAlgorithm, AEADAlgorithm> tuple = iterator.next();
+            combinations.add(new PreferredAEADCiphersuites.Combination(
+                    tuple.getA().getAlgorithmId(), tuple.getB().getAlgorithmId()));
+        }
+        PreferredAEADCiphersuites subpacket = new PreferredAEADCiphersuites(
+                isCritical, combinations.toArray(new PreferredAEADCiphersuites.Combination[0]));
+        return setPreferredAEADCiphersuites(subpacket);
+    }
+
+    @Override
+    public SelfSignatureSubpackets setPreferredAEADCiphersuites(@Nullable PreferredAEADCiphersuites algorithms) {
+        this.preferredAEADCiphersuites = algorithms;
+        return this;
+    }
+
+    public PreferredAEADCiphersuites getPreferredAEADCiphersuites() {
+        return preferredAEADCiphersuites;
+    }
+
    public KeyExpirationTime getKeyExpirationTimeSubpacket() {
        return keyExpirationTime;
    }
--- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java
@ -13,6 +13,7 @@ import org.bouncycastle.bcpg.sig.KeyExpirationTime;
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.bcpg.sig.NotationData;
 import org.bouncycastle.bcpg.sig.PolicyURI;
+import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites;
 import org.bouncycastle.bcpg.sig.PreferredAlgorithms;
 import org.bouncycastle.bcpg.sig.PrimaryUserID;
 import org.bouncycastle.bcpg.sig.RegularExpression;
@ -79,6 +80,9 @@ public class SignatureSubpacketsHelper {
                case preferredCompressionAlgorithms:
                    subpackets.setPreferredCompressionAlgorithms((PreferredAlgorithms) subpacket);
                    break;
+                case preferredAEADAlgorithms:
+                    subpackets.setPreferredAEADCiphersuites((PreferredAEADCiphersuites) subpacket);
+                    break;
                case primaryUserId:
                    PrimaryUserID primaryUserID = (PrimaryUserID) subpacket;
                    subpackets.setPrimaryUserId(primaryUserID);
@ -128,7 +132,6 @@ public class SignatureSubpacketsHelper {
                case keyServerPreferences:
                case preferredKeyServers:
                case placeholder:
-                case preferredAEADAlgorithms:
                case attestedCertification:
                    subpackets.addResidualSubpacket(subpacket);
                    break;
@ -161,6 +164,7 @@ public class SignatureSubpacketsHelper {
        addSubpacket(generator, subpackets.getPreferredCompressionAlgorithmsSubpacket());
        addSubpacket(generator, subpackets.getPreferredSymmetricKeyAlgorithmsSubpacket());
        addSubpacket(generator, subpackets.getPreferredHashAlgorithmsSubpacket());
+        addSubpacket(generator, subpackets.getPreferredAEADCiphersuites());
        for (EmbeddedSignature embeddedSignature : subpackets.getEmbeddedSignatureSubpackets()) {
            addSubpacket(generator, embeddedSignature);
        }