diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java index 48afd5af..9dfc8076 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java +++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java @@ -23,7 +23,7 @@ import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.StreamEncoding; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.exception.SignatureValidationException; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.SubkeyIdentifier; public class OpenPgpMetadata { @@ -201,7 +201,7 @@ public class OpenPgpMetadata { */ public boolean containsVerifiedSignatureFrom(PGPPublicKeyRing certificate) { for (PGPPublicKey key : certificate) { - OpenPgpV4Fingerprint fingerprint = new OpenPgpV4Fingerprint(key); + OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(key); if (containsVerifiedSignatureFrom(fingerprint)) { return true; } @@ -218,7 +218,7 @@ public class OpenPgpMetadata { * @param fingerprint fingerprint of primary key or signing subkey * @return true if validly signed, false otherwise */ - public boolean containsVerifiedSignatureFrom(OpenPgpV4Fingerprint fingerprint) { + public boolean containsVerifiedSignatureFrom(OpenPgpFingerprint fingerprint) { for (SubkeyIdentifier verifiedSigningKey : getVerifiedSignatures().keySet()) { if (verifiedSigningKey.getPrimaryKeyFingerprint().equals(fingerprint) || verifiedSigningKey.getSubkeyFingerprint().equals(fingerprint)) { diff --git a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java index b75e0081..65948168 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java +++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java @@ -23,7 +23,7 @@ import org.bouncycastle.openpgp.operator.PGPKeyEncryptionMethodGenerator; import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.implementation.ImplementationFactory; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.info.KeyAccessor; import org.pgpainless.key.info.KeyRingInfo; @@ -187,7 +187,7 @@ public class EncryptionOptions { KeyRingInfo info = new KeyRingInfo(key, new Date()); Date primaryKeyExpiration = info.getPrimaryKeyExpirationDate(); if (primaryKeyExpiration != null && primaryKeyExpiration.before(new Date())) { - throw new IllegalArgumentException("Provided key " + new OpenPgpV4Fingerprint(key) + " is expired: " + primaryKeyExpiration.toString()); + throw new IllegalArgumentException("Provided key " + OpenPgpFingerprint.of(key) + " is expired: " + primaryKeyExpiration); } List encryptionSubkeys = encryptionKeySelectionStrategy .selectEncryptionSubkeys(info.getEncryptionSubkeys(purpose)); diff --git a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/SigningOptions.java b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/SigningOptions.java index 651e96ea..c1714c89 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/SigningOptions.java +++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/SigningOptions.java @@ -27,7 +27,7 @@ import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator; import org.pgpainless.exception.KeyCannotSignException; import org.pgpainless.exception.KeyValidationError; import org.pgpainless.implementation.ImplementationFactory; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.SubkeyIdentifier; import org.pgpainless.key.info.KeyRingInfo; import org.pgpainless.key.protection.SecretKeyRingProtector; @@ -159,7 +159,7 @@ public final class SigningOptions { List signingPubKeys = keyRingInfo.getSigningSubkeys(); if (signingPubKeys.isEmpty()) { - throw new KeyCannotSignException("Key " + new OpenPgpV4Fingerprint(secretKey) + " has no valid signing key."); + throw new KeyCannotSignException("Key " + OpenPgpFingerprint.of(secretKey) + " has no valid signing key."); } for (PGPPublicKey signingPubKey : signingPubKeys) { diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpFingerprint.java b/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpFingerprint.java index e9db3f5e..318f7a05 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpFingerprint.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpFingerprint.java @@ -16,9 +16,8 @@ import org.bouncycastle.util.encoders.Hex; /** * Abstract super class of different version OpenPGP fingerprints. * - * @param subclass type */ -public abstract class OpenPgpFingerprint implements CharSequence, Comparable { +public abstract class OpenPgpFingerprint implements CharSequence, Comparable { protected static final Charset utf8 = Charset.forName("UTF-8"); protected final String fingerprint; @@ -29,7 +28,7 @@ public abstract class OpenPgpFingerprint impleme * @param key key * @return fingerprint */ - public static OpenPgpFingerprint of(PGPPublicKey key) { + public static OpenPgpFingerprint of(PGPPublicKey key) { if (key.getVersion() == 4) { return new OpenPgpV4Fingerprint(key); } @@ -43,7 +42,7 @@ public abstract class OpenPgpFingerprint impleme * @param ring key ring * @return fingerprint */ - public static OpenPgpFingerprint of(PGPKeyRing ring) { + public static OpenPgpFingerprint of(PGPKeyRing ring) { return of(ring.getPublicKey()); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpV4Fingerprint.java b/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpV4Fingerprint.java index a1e6eb7f..b5b3d4a7 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpV4Fingerprint.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/OpenPgpV4Fingerprint.java @@ -18,9 +18,9 @@ import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.util.encoders.Hex; /** - * This class represents an hex encoded, uppercase OpenPGP v4 fingerprint. + * This class represents a hex encoded, uppercase OpenPGP v4 fingerprint. */ -public class OpenPgpV4Fingerprint extends OpenPgpFingerprint { +public class OpenPgpV4Fingerprint extends OpenPgpFingerprint { public static final String SCHEME = "openpgp4fpr"; @@ -129,7 +129,7 @@ public class OpenPgpV4Fingerprint extends OpenPgpFingerprint bindingSignatures = subjectPubKey.getSignaturesOfType(SignatureType.SUBKEY_BINDING.getCode()); @@ -425,7 +425,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface { } if (oldSignature == null) { - throw new IllegalStateException("Key " + new OpenPgpV4Fingerprint(subjectPubKey) + " does not have a previous subkey binding signature."); + throw new IllegalStateException("Key " + OpenPgpFingerprint.of(subjectPubKey) + " does not have a previous subkey binding signature."); } return oldSignature; } diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java b/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java index 5b8f329f..fc78f95c 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java @@ -15,7 +15,7 @@ import org.bouncycastle.openpgp.PGPSecretKey; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureSubpacketVector; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.protection.KeyRingProtectionSettings; import org.pgpainless.key.protection.SecretKeyRingProtector; @@ -104,7 +104,7 @@ public interface SecretKeyRingEditorInterface { * @param secretKeyRingProtector protector to unlock the secret key ring * @return the builder */ - SecretKeyRingEditorInterface deleteSubKey(OpenPgpV4Fingerprint fingerprint, SecretKeyRingProtector secretKeyRingProtector); + SecretKeyRingEditorInterface deleteSubKey(OpenPgpFingerprint fingerprint, SecretKeyRingProtector secretKeyRingProtector); /** * Delete a subkey from the key ring. @@ -150,7 +150,7 @@ public interface SecretKeyRingEditorInterface { * @param secretKeyRingProtector protector to unlock the secret key ring * @return the builder */ - default SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint, + default SecretKeyRingEditorInterface revokeSubKey(OpenPgpFingerprint fingerprint, SecretKeyRingProtector secretKeyRingProtector) throws PGPException { return revokeSubKey(fingerprint, secretKeyRingProtector, null); @@ -166,7 +166,7 @@ public interface SecretKeyRingEditorInterface { * @param revocationAttributes reason for the revocation * @return the builder */ - SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint, + SecretKeyRingEditorInterface revokeSubKey(OpenPgpFingerprint fingerprint, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException; @@ -249,7 +249,7 @@ public interface SecretKeyRingEditorInterface { * @param secretKeyRingProtector protector to unlock the priary key * @return the builder */ - SecretKeyRingEditorInterface setExpirationDate(OpenPgpV4Fingerprint fingerprint, + SecretKeyRingEditorInterface setExpirationDate(OpenPgpFingerprint fingerprint, Date expiration, SecretKeyRingProtector secretKeyRingProtector) throws PGPException; @@ -270,7 +270,7 @@ public interface SecretKeyRingEditorInterface { RevocationAttributes revocationAttributes) throws PGPException; - default PGPSignature createRevocationCertificate(OpenPgpV4Fingerprint subkeyFingerprint, + default PGPSignature createRevocationCertificate(OpenPgpFingerprint subkeyFingerprint, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes) throws PGPException { diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/protection/CachingSecretKeyRingProtector.java b/pgpainless-core/src/main/java/org/pgpainless/key/protection/CachingSecretKeyRingProtector.java index 192fb9f9..d0cdd59e 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/protection/CachingSecretKeyRingProtector.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/protection/CachingSecretKeyRingProtector.java @@ -15,7 +15,7 @@ import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider; import org.pgpainless.util.Passphrase; @@ -84,7 +84,7 @@ public class CachingSecretKeyRingProtector implements SecretKeyRingProtector, Se addPassphrase(key.getKeyID(), passphrase); } - public void addPassphrase(@Nonnull OpenPgpV4Fingerprint fingerprint, @Nullable Passphrase passphrase) { + public void addPassphrase(@Nonnull OpenPgpFingerprint fingerprint, @Nullable Passphrase passphrase) { addPassphrase(fingerprint.getKeyId(), passphrase); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/DetachedSignatureCheck.java b/pgpainless-core/src/main/java/org/pgpainless/signature/DetachedSignatureCheck.java index ab481b72..2ffcff0e 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/DetachedSignatureCheck.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/DetachedSignatureCheck.java @@ -6,7 +6,7 @@ package org.pgpainless.signature; import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPSignature; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.SubkeyIdentifier; /** @@ -59,13 +59,13 @@ public class DetachedSignatureCheck { } /** - * Return the {@link OpenPgpV4Fingerprint} of the key that created the signature. + * Return the {@link OpenPgpFingerprint} of the key that created the signature. * * @return fingerprint of the signing key * @deprecated use {@link #getSigningKeyIdentifier()} instead. */ @Deprecated - public OpenPgpV4Fingerprint getFingerprint() { + public OpenPgpFingerprint getFingerprint() { return signingKeyIdentifier.getSubkeyFingerprint(); } } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/OnePassSignatureCheck.java b/pgpainless-core/src/main/java/org/pgpainless/signature/OnePassSignatureCheck.java index 4fcfe239..ec22b6ab 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/OnePassSignatureCheck.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/OnePassSignatureCheck.java @@ -7,7 +7,6 @@ package org.pgpainless.signature; import org.bouncycastle.openpgp.PGPOnePassSignature; import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSignature; -import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.SubkeyIdentifier; /** @@ -45,7 +44,7 @@ public class OnePassSignatureCheck { } /** - * Return the {@link OpenPgpV4Fingerprint} of the signing key. + * Return an identifier for the signing key. * * @return signing key fingerprint */ diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java index 754f3e7e..c4468b89 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java @@ -33,7 +33,7 @@ import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.SignatureType; import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator; import org.pgpainless.implementation.ImplementationFactory; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.util.OpenPgpKeyAttributeUtil; import org.pgpainless.key.util.RevocationAttributes; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; @@ -286,8 +286,14 @@ public final class SignatureUtils { * @return signatures issuing key id */ public static long determineIssuerKeyId(PGPSignature signature) { + if (signature.getVersion() == 3) { + // V3 sigs do not contain subpackets + return signature.getKeyID(); + } + IssuerKeyID issuerKeyId = SignatureSubpacketsUtil.getIssuerKeyId(signature); - OpenPgpV4Fingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpV4Fingerprint(signature); + OpenPgpFingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpFingerprint(signature); + if (issuerKeyId != null && issuerKeyId.getKeyID() != 0) { return issuerKeyId.getKeyID(); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureValidator.java b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureValidator.java index 69a7a80a..0a4947af 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureValidator.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureValidator.java @@ -28,7 +28,7 @@ import org.pgpainless.algorithm.SignatureSubpacket; import org.pgpainless.algorithm.SignatureType; import org.pgpainless.exception.SignatureValidationException; import org.pgpainless.implementation.ImplementationFactory; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.policy.Policy; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; import org.pgpainless.util.BCUtil; @@ -57,7 +57,7 @@ public abstract class SignatureValidator { return new SignatureValidator() { @Override public void verify(PGPSignature signature) throws SignatureValidationException { - OpenPgpV4Fingerprint signingKeyFingerprint = new OpenPgpV4Fingerprint(signingKey); + OpenPgpFingerprint signingKeyFingerprint = OpenPgpFingerprint.of(signingKey); Long issuer = SignatureSubpacketsUtil.getIssuerKeyIdAsLong(signature); if (issuer != null) { @@ -66,7 +66,7 @@ public abstract class SignatureValidator { } } - OpenPgpV4Fingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpV4Fingerprint(signature); + OpenPgpFingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpFingerprint(signature); if (fingerprint != null) { if (!fingerprint.equals(signingKeyFingerprint)) { throw new SignatureValidationException("Signature was not created by " + signingKeyFingerprint + " (signature fingerprint: " + fingerprint + ")"); diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsUtil.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsUtil.java index 226be119..4792a362 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsUtil.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketsUtil.java @@ -43,6 +43,7 @@ import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.SignatureSubpacket; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; +import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.signature.SignatureUtils; @@ -71,23 +72,24 @@ public final class SignatureSubpacketsUtil { } /** - * Return the {@link IssuerFingerprint} subpacket of the signature into a {@link OpenPgpV4Fingerprint}. + * Return the {@link IssuerFingerprint} subpacket of the signature into a {@link org.pgpainless.key.OpenPgpFingerprint}. * If no v4 issuer fingerprint is present in the signature, return null. * * @param signature signature * @return v4 fingerprint of the issuer, or null */ - public static OpenPgpV4Fingerprint getIssuerFingerprintAsOpenPgpV4Fingerprint(PGPSignature signature) { + public static OpenPgpFingerprint getIssuerFingerprintAsOpenPgpFingerprint(PGPSignature signature) { IssuerFingerprint subpacket = getIssuerFingerprint(signature); if (subpacket == null) { return null; } + OpenPgpFingerprint fingerprint = null; if (subpacket.getKeyVersion() == 4) { - OpenPgpV4Fingerprint fingerprint = new OpenPgpV4Fingerprint(Hex.encode(subpacket.getFingerprint())); - return fingerprint; + fingerprint = new OpenPgpV4Fingerprint(Hex.encode(subpacket.getFingerprint())); } - return null; + + return fingerprint; } /** diff --git a/pgpainless-core/src/main/java/org/pgpainless/util/ArmorUtils.java b/pgpainless-core/src/main/java/org/pgpainless/util/ArmorUtils.java index f94a4ce3..41aac842 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/util/ArmorUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/util/ArmorUtils.java @@ -26,7 +26,7 @@ import org.bouncycastle.openpgp.PGPUtil; import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator; import org.bouncycastle.util.io.Streams; import org.pgpainless.algorithm.HashAlgorithm; -import org.pgpainless.key.OpenPgpV4Fingerprint; +import org.pgpainless.key.OpenPgpFingerprint; public final class ArmorUtils { @@ -96,7 +96,7 @@ public final class ArmorUtils { private static MultiMap keyToHeader(PGPKeyRing keyRing) { MultiMap header = new MultiMap<>(); - OpenPgpV4Fingerprint fingerprint = new OpenPgpV4Fingerprint(keyRing); + OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(keyRing); Iterator userIds = keyRing.getPublicKey().getUserIDs(); header.put(HEADER_COMMENT, fingerprint.prettyPrint()); diff --git a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureStructureTest.java b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureStructureTest.java index 14d57567..84eecdb5 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureStructureTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/signature/SignatureStructureTest.java @@ -75,7 +75,7 @@ public class SignatureStructureTest { @Test public void testGetIssuerFingerprint() { assertEquals(new OpenPgpV4Fingerprint("D1A66E1A23B182C9980F788CFBFCC82A015E7330"), - SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpV4Fingerprint(signature)); + SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpFingerprint(signature)); } @Test