From 23e31a1483bb2fe02bccc32eb646b6d4037bb85c Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Tue, 1 Aug 2023 15:53:33 +0200 Subject: [PATCH] Add support for PreferredAEADCiphersuites subpacket Requires BC 1.77 See https://github.com/bcgit/bc-java/pull/1464 --- .../subpackets/SelfSignatureSubpackets.java | 27 +++++++++---- .../subpackets/SignatureSubpackets.java | 38 +++++++++++++++++++ .../subpackets/SignatureSubpacketsHelper.java | 6 ++- 3 files changed, 62 insertions(+), 9 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java index 02cc5e93..03beda4a 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SelfSignatureSubpackets.java @@ -13,15 +13,18 @@ import javax.annotation.Nullable; import org.bouncycastle.bcpg.sig.Features; import org.bouncycastle.bcpg.sig.KeyExpirationTime; import org.bouncycastle.bcpg.sig.KeyFlags; +import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites; import org.bouncycastle.bcpg.sig.PreferredAlgorithms; import org.bouncycastle.bcpg.sig.PrimaryUserID; import org.bouncycastle.bcpg.sig.RevocationKey; import org.bouncycastle.openpgp.PGPPublicKey; +import org.pgpainless.algorithm.AEADAlgorithm; import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.Feature; import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; +import org.pgpainless.util.Tuple; public interface SelfSignatureSubpackets extends BaseSignatureSubpackets { @@ -56,6 +59,14 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets { SelfSignatureSubpackets setKeyExpirationTime(@Nullable KeyExpirationTime keyExpirationTime); + SelfSignatureSubpackets setPreferredAEADCiphersuites(Tuple... algorithms); + + SelfSignatureSubpackets setPreferredAEADCiphersuites(Set> algorithms); + + SelfSignatureSubpackets setPreferredAEADCiphersuites(boolean isCritical, Set> algorithms); + + SelfSignatureSubpackets setPreferredAEADCiphersuites(@Nullable PreferredAEADCiphersuites algorithms); + SelfSignatureSubpackets setPreferredCompressionAlgorithms(CompressionAlgorithm... algorithms); SelfSignatureSubpackets setPreferredCompressionAlgorithms(Set algorithms); @@ -64,14 +75,6 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets { SelfSignatureSubpackets setPreferredCompressionAlgorithms(@Nullable PreferredAlgorithms algorithms); - SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(SymmetricKeyAlgorithm... algorithms); - - SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(Set algorithms); - - SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(boolean isCritical, Set algorithms); - - SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(@Nullable PreferredAlgorithms algorithms); - SelfSignatureSubpackets setPreferredHashAlgorithms(HashAlgorithm... algorithms); SelfSignatureSubpackets setPreferredHashAlgorithms(Set algorithms); @@ -80,6 +83,14 @@ public interface SelfSignatureSubpackets extends BaseSignatureSubpackets { SelfSignatureSubpackets setPreferredHashAlgorithms(@Nullable PreferredAlgorithms algorithms); + SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(SymmetricKeyAlgorithm... algorithms); + + SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(Set algorithms); + + SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(boolean isCritical, Set algorithms); + + SelfSignatureSubpackets setPreferredSymmetricKeyAlgorithms(@Nullable PreferredAlgorithms algorithms); + SelfSignatureSubpackets addRevocationKey(@Nonnull PGPPublicKey revocationKey); SelfSignatureSubpackets addRevocationKey(boolean isCritical, @Nonnull PGPPublicKey revocationKey); diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java index d0466b6a..03b29170 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpackets.java @@ -28,6 +28,7 @@ import org.bouncycastle.bcpg.sig.KeyExpirationTime; import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.NotationData; import org.bouncycastle.bcpg.sig.PolicyURI; +import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites; import org.bouncycastle.bcpg.sig.PreferredAlgorithms; import org.bouncycastle.bcpg.sig.PrimaryUserID; import org.bouncycastle.bcpg.sig.RegularExpression; @@ -42,6 +43,7 @@ import org.bouncycastle.bcpg.sig.TrustSignature; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureSubpacketVector; +import org.pgpainless.algorithm.AEADAlgorithm; import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.Feature; import org.pgpainless.algorithm.HashAlgorithm; @@ -49,6 +51,7 @@ import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.PublicKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.key.util.RevocationAttributes; +import org.pgpainless.util.Tuple; public class SignatureSubpackets implements BaseSignatureSubpackets, SelfSignatureSubpackets, CertificationSubpackets, RevocationSignatureSubpackets { @@ -68,6 +71,7 @@ public class SignatureSubpackets private PreferredAlgorithms preferredCompressionAlgorithms; private PreferredAlgorithms preferredSymmetricKeyAlgorithms; private PreferredAlgorithms preferredHashAlgorithms; + private PreferredAEADCiphersuites preferredAEADCiphersuites; private final List embeddedSignatureList = new ArrayList<>(); private SignerUserID signerUserId; private KeyExpirationTime keyExpirationTime; @@ -313,6 +317,40 @@ public class SignatureSubpackets return this; } + @Override + public SelfSignatureSubpackets setPreferredAEADCiphersuites(Tuple... algorithms) { + return setPreferredAEADCiphersuites(new LinkedHashSet<>(Arrays.asList(algorithms))); + } + + @Override + public SelfSignatureSubpackets setPreferredAEADCiphersuites(Set> algorithms) { + return setPreferredAEADCiphersuites(false, algorithms); + } + + @Override + public SelfSignatureSubpackets setPreferredAEADCiphersuites(boolean isCritical, Set> algorithms) { + List combinations = new ArrayList<>(); + Iterator> iterator = algorithms.iterator(); + while (iterator.hasNext()) { + Tuple tuple = iterator.next(); + combinations.add(new PreferredAEADCiphersuites.Combination( + tuple.getA().getAlgorithmId(), tuple.getB().getAlgorithmId())); + } + PreferredAEADCiphersuites subpacket = new PreferredAEADCiphersuites( + isCritical, combinations.toArray(new PreferredAEADCiphersuites.Combination[0])); + return setPreferredAEADCiphersuites(subpacket); + } + + @Override + public SelfSignatureSubpackets setPreferredAEADCiphersuites(@Nullable PreferredAEADCiphersuites algorithms) { + this.preferredAEADCiphersuites = algorithms; + return this; + } + + public PreferredAEADCiphersuites getPreferredAEADCiphersuites() { + return preferredAEADCiphersuites; + } + public KeyExpirationTime getKeyExpirationTimeSubpacket() { return keyExpirationTime; } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java index 8af60a03..2cb98d47 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsHelper.java @@ -13,6 +13,7 @@ import org.bouncycastle.bcpg.sig.KeyExpirationTime; import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.NotationData; import org.bouncycastle.bcpg.sig.PolicyURI; +import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites; import org.bouncycastle.bcpg.sig.PreferredAlgorithms; import org.bouncycastle.bcpg.sig.PrimaryUserID; import org.bouncycastle.bcpg.sig.RegularExpression; @@ -79,6 +80,9 @@ public class SignatureSubpacketsHelper { case preferredCompressionAlgorithms: subpackets.setPreferredCompressionAlgorithms((PreferredAlgorithms) subpacket); break; + case preferredAEADAlgorithms: + subpackets.setPreferredAEADCiphersuites((PreferredAEADCiphersuites) subpacket); + break; case primaryUserId: PrimaryUserID primaryUserID = (PrimaryUserID) subpacket; subpackets.setPrimaryUserId(primaryUserID); @@ -128,7 +132,6 @@ public class SignatureSubpacketsHelper { case keyServerPreferences: case preferredKeyServers: case placeholder: - case preferredAEADAlgorithms: case attestedCertification: subpackets.addResidualSubpacket(subpacket); break; @@ -161,6 +164,7 @@ public class SignatureSubpacketsHelper { addSubpacket(generator, subpackets.getPreferredCompressionAlgorithmsSubpacket()); addSubpacket(generator, subpackets.getPreferredSymmetricKeyAlgorithmsSubpacket()); addSubpacket(generator, subpackets.getPreferredHashAlgorithmsSubpacket()); + addSubpacket(generator, subpackets.getPreferredAEADCiphersuites()); for (EmbeddedSignature embeddedSignature : subpackets.getEmbeddedSignatureSubpackets()) { addSubpacket(generator, embeddedSignature); }