mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-01-09 11:48:00 +01:00
Remove KeyRingUtils.deleteUserId() in favor of revoking SecretKeyRingEditor.removeUserId() methods
This commit is contained in:
parent
3a69f90401
commit
245376d7d0
4 changed files with 30 additions and 92 deletions
|
@ -190,6 +190,28 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public SecretKeyRingEditorInterface removeUserId(
|
||||||
|
SelectUserId userIdSelector,
|
||||||
|
SecretKeyRingProtector protector)
|
||||||
|
throws PGPException {
|
||||||
|
RevocationAttributes revocationAttributes = RevocationAttributes.createCertificateRevocation()
|
||||||
|
.withReason(RevocationAttributes.Reason.USER_ID_NO_LONGER_VALID)
|
||||||
|
.withoutDescription();
|
||||||
|
return revokeUserIds(userIdSelector,
|
||||||
|
protector,
|
||||||
|
revocationAttributes);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public SecretKeyRingEditorInterface removeUserId(
|
||||||
|
CharSequence userId,
|
||||||
|
SecretKeyRingProtector protector) throws PGPException {
|
||||||
|
return removeUserId(
|
||||||
|
SelectUserId.exactMatch(userId.toString()),
|
||||||
|
protector);
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: Move to utility class?
|
// TODO: Move to utility class?
|
||||||
private String sanitizeUserId(@Nonnull CharSequence userId) {
|
private String sanitizeUserId(@Nonnull CharSequence userId) {
|
||||||
// TODO: Further research how to sanitize user IDs.
|
// TODO: Further research how to sanitize user IDs.
|
||||||
|
|
|
@ -69,6 +69,14 @@ public interface SecretKeyRingEditorInterface {
|
||||||
@Nonnull SecretKeyRingProtector protector)
|
@Nonnull SecretKeyRingProtector protector)
|
||||||
throws PGPException;
|
throws PGPException;
|
||||||
|
|
||||||
|
SecretKeyRingEditorInterface removeUserId(SelectUserId userIdSelector,
|
||||||
|
SecretKeyRingProtector protector)
|
||||||
|
throws PGPException;
|
||||||
|
|
||||||
|
SecretKeyRingEditorInterface removeUserId(CharSequence userId,
|
||||||
|
SecretKeyRingProtector protector)
|
||||||
|
throws PGPException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a subkey to the key ring.
|
* Add a subkey to the key ring.
|
||||||
* The subkey will be generated from the provided {@link KeySpec}.
|
* The subkey will be generated from the provided {@link KeySpec}.
|
||||||
|
|
|
@ -159,52 +159,6 @@ public final class KeyRingUtils {
|
||||||
return ring.getPublicKey(keyId) != null;
|
return ring.getPublicKey(keyId) != null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Delete the given user-id and its certification signatures from the given key.
|
|
||||||
*
|
|
||||||
* @deprecated Deleting user-ids is highly discouraged, since it might lead to all sorts of problems
|
|
||||||
* (e.g. lost key properties).
|
|
||||||
* Instead, user-ids should only be revoked.
|
|
||||||
*
|
|
||||||
* @param secretKeys secret keys
|
|
||||||
* @param userId user-id
|
|
||||||
* @return modified secret keys
|
|
||||||
*/
|
|
||||||
@Deprecated
|
|
||||||
public static PGPSecretKeyRing deleteUserId(PGPSecretKeyRing secretKeys, String userId) {
|
|
||||||
PGPSecretKey secretKey = secretKeys.getSecretKey(); // user-ids are located on primary key only
|
|
||||||
PGPPublicKey publicKey = secretKey.getPublicKey(); // user-ids are placed on the public key part
|
|
||||||
publicKey = PGPPublicKey.removeCertification(publicKey, userId);
|
|
||||||
if (publicKey == null) {
|
|
||||||
throw new NoSuchElementException("User-ID " + userId + " not found on the key.");
|
|
||||||
}
|
|
||||||
secretKey = PGPSecretKey.replacePublicKey(secretKey, publicKey);
|
|
||||||
secretKeys = PGPSecretKeyRing.insertSecretKey(secretKeys, secretKey);
|
|
||||||
return secretKeys;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Delete the given user-id and its certification signatures from the given certificate.
|
|
||||||
*
|
|
||||||
* @deprecated Deleting user-ids is highly discouraged, since it might lead to all sorts of problems
|
|
||||||
* (e.g. lost key properties).
|
|
||||||
* Instead, user-ids should only be revoked.
|
|
||||||
*
|
|
||||||
* @param publicKeys certificate
|
|
||||||
* @param userId user-id
|
|
||||||
* @return modified secret keys
|
|
||||||
*/
|
|
||||||
@Deprecated
|
|
||||||
public static PGPPublicKeyRing deleteUserId(PGPPublicKeyRing publicKeys, String userId) {
|
|
||||||
PGPPublicKey publicKey = publicKeys.getPublicKey(); // user-ids are located on primary key only
|
|
||||||
publicKey = PGPPublicKey.removeCertification(publicKey, userId);
|
|
||||||
if (publicKey == null) {
|
|
||||||
throw new NoSuchElementException("User-ID " + userId + " not found on the key.");
|
|
||||||
}
|
|
||||||
publicKeys = PGPPublicKeyRing.insertPublicKey(publicKeys, publicKey);
|
|
||||||
return publicKeys;
|
|
||||||
}
|
|
||||||
|
|
||||||
public static <T extends PGPKeyRing> T injectCertification(T keyRing, PGPPublicKey certifiedKey, PGPSignature certification) {
|
public static <T extends PGPKeyRing> T injectCertification(T keyRing, PGPPublicKey certifiedKey, PGPSignature certification) {
|
||||||
PGPSecretKeyRing secretKeys = null;
|
PGPSecretKeyRing secretKeys = null;
|
||||||
PGPPublicKeyRing publicKeys;
|
PGPPublicKeyRing publicKeys;
|
||||||
|
|
|
@ -6,17 +6,14 @@ package org.pgpainless.key.util;
|
||||||
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.util.NoSuchElementException;
|
|
||||||
import java.util.Random;
|
import java.util.Random;
|
||||||
|
|
||||||
import org.bouncycastle.bcpg.attr.ImageAttribute;
|
import org.bouncycastle.bcpg.attr.ImageAttribute;
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
import org.bouncycastle.openpgp.PGPSignatureGenerator;
|
import org.bouncycastle.openpgp.PGPSignatureGenerator;
|
||||||
|
@ -33,49 +30,6 @@ import org.pgpainless.util.CollectionUtils;
|
||||||
|
|
||||||
public class KeyRingUtilTest {
|
public class KeyRingUtilTest {
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testDeleteUserIdFromSecretKeyRing()
|
|
||||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
|
||||||
.modernKeyRing("Alice", null);
|
|
||||||
|
|
||||||
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
|
||||||
.addUserId("Bob", SecretKeyRingProtector.unprotectedKeys())
|
|
||||||
.done();
|
|
||||||
assertEquals(2, CollectionUtils.iteratorToList(secretKeys.getPublicKey().getUserIDs()).size());
|
|
||||||
|
|
||||||
secretKeys = KeyRingUtils.deleteUserId(secretKeys, "Bob");
|
|
||||||
|
|
||||||
assertEquals(1, CollectionUtils.iteratorToList(secretKeys.getPublicKey().getUserIDs()).size());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testDeleteUserIdFromPublicKeyRing()
|
|
||||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
|
||||||
.modernKeyRing("Alice", null);
|
|
||||||
|
|
||||||
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
|
||||||
.addUserId("Bob", SecretKeyRingProtector.unprotectedKeys())
|
|
||||||
.done();
|
|
||||||
PGPPublicKeyRing publicKeys = PGPainless.extractCertificate(secretKeys);
|
|
||||||
assertEquals(2, CollectionUtils.iteratorToList(publicKeys.getPublicKey().getUserIDs()).size());
|
|
||||||
|
|
||||||
publicKeys = KeyRingUtils.deleteUserId(publicKeys, "Alice");
|
|
||||||
|
|
||||||
assertEquals(1, CollectionUtils.iteratorToList(publicKeys.getPublicKey().getUserIDs()).size());
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testDeleteNonexistentUserIdFromKeyRingThrows()
|
|
||||||
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
|
||||||
.modernKeyRing("Alice", null);
|
|
||||||
|
|
||||||
assertThrows(NoSuchElementException.class,
|
|
||||||
() -> KeyRingUtils.deleteUserId(secretKeys, "Charlie"));
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testInjectCertification() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
public void testInjectCertification() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||||
|
|
Loading…
Reference in a new issue