mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-25 12:27:58 +01:00
Enforce key algorithm capabilities for subkeys
This commit is contained in:
parent
70da96b064
commit
378890f83a
1 changed files with 13 additions and 3 deletions
|
@ -216,12 +216,17 @@ open class GenerateOpenPgpKey(
|
||||||
keyType: KeyType,
|
keyType: KeyType,
|
||||||
creationTime: Date = referenceTime,
|
creationTime: Date = referenceTime,
|
||||||
bindingTime: Date = creationTime
|
bindingTime: Date = creationTime
|
||||||
) =
|
) = apply {
|
||||||
|
require(keyType.canEncryptCommunication || keyType.canEncryptStorage) {
|
||||||
|
"KeyType $keyType cannot be used for encryption keys."
|
||||||
|
}
|
||||||
addSubkey(
|
addSubkey(
|
||||||
keyType,
|
keyType,
|
||||||
creationTime,
|
creationTime,
|
||||||
bindingTime,
|
bindingTime,
|
||||||
listOf(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
|
listOf(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add a new subkey to be used for creating data signatures.
|
* Add a new subkey to be used for creating data signatures.
|
||||||
|
@ -236,7 +241,12 @@ open class GenerateOpenPgpKey(
|
||||||
keyType: KeyType,
|
keyType: KeyType,
|
||||||
creationTime: Date = referenceTime,
|
creationTime: Date = referenceTime,
|
||||||
bindingTime: Date = creationTime
|
bindingTime: Date = creationTime
|
||||||
) = addSubkey(keyType, creationTime, bindingTime, listOf(KeyFlag.SIGN_DATA))
|
) = apply {
|
||||||
|
require(keyType.canSign) {
|
||||||
|
"KeyType $keyType cannot be used for signing keys."
|
||||||
|
}
|
||||||
|
addSubkey(keyType, creationTime, bindingTime, listOf(KeyFlag.SIGN_DATA))
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Build the finished OpenPGP key.
|
* Build the finished OpenPGP key.
|
||||||
|
|
Loading…
Reference in a new issue