From 44169ecf6431df824aecea47f7d7cf4ea7367774 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Sat, 6 Nov 2021 17:37:01 +0100 Subject: [PATCH] More progress! --- .../CertificationSignatureBuilder.java | 27 +++++-- .../builder/SelfSignatureBuilder.java | 75 +++++++++++++++++++ .../signature/builder/SignatureFactory.java | 26 +++++-- .../signature/consumer/ProofUtil.java | 3 +- .../SignatureSubpacketGeneratorWrapper.java | 2 +- 5 files changed, 117 insertions(+), 16 deletions(-) create mode 100644 pgpainless-core/src/main/java/org/pgpainless/signature/builder/SelfSignatureBuilder.java diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/builder/CertificationSignatureBuilder.java b/pgpainless-core/src/main/java/org/pgpainless/signature/builder/CertificationSignatureBuilder.java index fd37d9d5..e41d9807 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/builder/CertificationSignatureBuilder.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/builder/CertificationSignatureBuilder.java @@ -15,27 +15,37 @@ import org.bouncycastle.openpgp.PGPUserAttributeSubpacketVector; import org.pgpainless.algorithm.SignatureType; import org.pgpainless.exception.WrongPassphraseException; import org.pgpainless.key.protection.SecretKeyRingProtector; -import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; +import org.pgpainless.signature.subpackets.CertificationSubpackets; public class CertificationSignatureBuilder extends AbstractSignatureBuilder { - public CertificationSignatureBuilder(PGPSecretKey certificationKey, SecretKeyRingProtector protector) throws WrongPassphraseException { - super(SignatureType.GENERIC_CERTIFICATION, certificationKey, protector); + public CertificationSignatureBuilder(PGPSecretKey certificationKey, SecretKeyRingProtector protector) + throws WrongPassphraseException { + this(SignatureType.GENERIC_CERTIFICATION, certificationKey, protector); } - public CertificationSignatureBuilder(PGPSecretKey certificationKey, SecretKeyRingProtector protector, PGPSignature archetypeSignature) throws WrongPassphraseException { + public CertificationSignatureBuilder(SignatureType signatureType, PGPSecretKey signingKey, SecretKeyRingProtector protector) + throws WrongPassphraseException { + super(signatureType, signingKey, protector); + } + + public CertificationSignatureBuilder( + PGPSecretKey certificationKey, + SecretKeyRingProtector protector, + PGPSignature archetypeSignature) + throws WrongPassphraseException { super(certificationKey, protector, archetypeSignature); } - public SelfSignatureSubpackets getHashedSubpackets() { + public CertificationSubpackets getHashedSubpackets() { return hashedSubpackets; } - public SelfSignatureSubpackets getUnhashedSubpackets() { + public CertificationSubpackets getUnhashedSubpackets() { return unhashedSubpackets; } - public void applyCallback(@Nullable SelfSignatureSubpackets.Callback callback) { + public void applyCallback(@Nullable CertificationSubpackets.Callback callback) { if (callback != null) { callback.modifyHashedSubpackets(getHashedSubpackets()); callback.modifyUnhashedSubpackets(getUnhashedSubpackets()); @@ -46,7 +56,8 @@ public class CertificationSignatureBuilder extends AbstractSignatureBuilder +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.signature.builder; + +import javax.annotation.Nullable; + +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPPublicKey; +import org.bouncycastle.openpgp.PGPSecretKey; +import org.bouncycastle.openpgp.PGPSignature; +import org.bouncycastle.openpgp.PGPUserAttributeSubpacketVector; +import org.pgpainless.algorithm.SignatureType; +import org.pgpainless.exception.WrongPassphraseException; +import org.pgpainless.key.protection.SecretKeyRingProtector; +import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; + +public class SelfSignatureBuilder extends AbstractSignatureBuilder { + + public SelfSignatureBuilder(PGPSecretKey signingKey, SecretKeyRingProtector protector) throws WrongPassphraseException { + this(SignatureType.GENERIC_CERTIFICATION, signingKey, protector); + } + + public SelfSignatureBuilder(SignatureType signatureType, PGPSecretKey signingKey, SecretKeyRingProtector protector) + throws WrongPassphraseException { + super(signatureType, signingKey, protector); + } + + public SelfSignatureBuilder( + PGPSecretKey primaryKey, + SecretKeyRingProtector primaryKeyProtector, + PGPSignature oldCertification) + throws WrongPassphraseException { + super(primaryKey, primaryKeyProtector, oldCertification); + } + + public SelfSignatureSubpackets getHashedSubpackets() { + return hashedSubpackets; + } + + public SelfSignatureSubpackets getUnhashedSubpackets() { + return unhashedSubpackets; + } + + public void applyCallback(@Nullable SelfSignatureSubpackets.Callback callback) { + if (callback != null) { + callback.modifyHashedSubpackets(getHashedSubpackets()); + callback.modifyUnhashedSubpackets(getUnhashedSubpackets()); + } + } + + public PGPSignature build(PGPPublicKey certifiedKey, String userId) throws PGPException { + return buildAndInitSignatureGenerator().generateCertification(userId, certifiedKey); + } + + public PGPSignature build(PGPPublicKey certifiedKey, PGPUserAttributeSubpacketVector userAttribute) + throws PGPException { + return buildAndInitSignatureGenerator().generateCertification(userAttribute, certifiedKey); + } + + @Override + protected boolean isValidSignatureType(SignatureType type) { + switch (type) { + case GENERIC_CERTIFICATION: + case NO_CERTIFICATION: + case CASUAL_CERTIFICATION: + case POSITIVE_CERTIFICATION: + case DIRECT_KEY: + return true; + default: + return false; + } + } +} diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/builder/SignatureFactory.java b/pgpainless-core/src/main/java/org/pgpainless/signature/builder/SignatureFactory.java index 6ee1ea4b..f9a7d540 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/builder/SignatureFactory.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/builder/SignatureFactory.java @@ -15,6 +15,7 @@ import org.pgpainless.algorithm.SignatureType; import org.pgpainless.exception.WrongPassphraseException; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.signature.subpackets.BaseSignatureSubpackets; +import org.pgpainless.signature.subpackets.CertificationSubpackets; import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; public final class SignatureFactory { @@ -29,8 +30,8 @@ public final class SignatureFactory { @Nullable SelfSignatureSubpackets.Callback subkeyBindingSubpacketsCallback, KeyFlag... flags) throws WrongPassphraseException { if (hasSignDataFlag(flags)) { - throw new IllegalArgumentException("Binding a subkey with SIGN_DATA flag requires primary key backsig." + - "Please use the method bindSigningSubkey()."); + throw new IllegalArgumentException("Binding a subkey with SIGN_DATA flag requires primary key backsig.\n" + + "Please use the method bindSigningSubkey() instead."); } return bindSubkey(primaryKey, primaryKeyProtector, subkeyBindingSubpacketsCallback, flags); @@ -85,25 +86,26 @@ public final class SignatureFactory { return primaryKeyBinder; } - public static CertificationSignatureBuilder selfCertifyUserId( + public static SelfSignatureBuilder selfCertifyUserId( PGPSecretKey primaryKey, SecretKeyRingProtector primaryKeyProtector, @Nullable SelfSignatureSubpackets.Callback selfSignatureCallback, KeyFlag... flags) throws WrongPassphraseException { - CertificationSignatureBuilder certifier = new CertificationSignatureBuilder(primaryKey, primaryKeyProtector); + SelfSignatureBuilder certifier = new SelfSignatureBuilder(SignatureType.POSITIVE_CERTIFICATION, primaryKey, primaryKeyProtector); certifier.getHashedSubpackets().setKeyFlags(flags); + certifier.applyCallback(selfSignatureCallback); return certifier; } - public static CertificationSignatureBuilder renewSelfCertification( + public static SelfSignatureBuilder renewSelfCertification( PGPSecretKey primaryKey, SecretKeyRingProtector primaryKeyProtector, @Nullable SelfSignatureSubpackets.Callback selfSignatureCallback, PGPSignature oldCertification) throws WrongPassphraseException { - CertificationSignatureBuilder certifier = new CertificationSignatureBuilder( + SelfSignatureBuilder certifier = new SelfSignatureBuilder( primaryKey, primaryKeyProtector, oldCertification); certifier.applyCallback(selfSignatureCallback); @@ -111,6 +113,18 @@ public final class SignatureFactory { return certifier; } + public static CertificationSignatureBuilder certifyUserId( + PGPSecretKey signingKey, + SecretKeyRingProtector signingKeyProtector, + @Nullable CertificationSubpackets.Callback subpacketsCallback) + throws WrongPassphraseException { + CertificationSignatureBuilder certifier = new CertificationSignatureBuilder(signingKey, signingKeyProtector); + + certifier.applyCallback(subpacketsCallback); + + return certifier; + } + public static UniversalSignatureBuilder universalSignature( SignatureType signatureType, PGPSecretKey signingKey, diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/ProofUtil.java b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/ProofUtil.java index c61c2e25..87837bdf 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/ProofUtil.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/ProofUtil.java @@ -24,6 +24,7 @@ import org.pgpainless.key.info.KeyRingInfo; import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.signature.builder.CertificationSignatureBuilder; import org.pgpainless.signature.builder.DirectKeySignatureBuilder; +import org.pgpainless.signature.builder.SelfSignatureBuilder; public class ProofUtil { @@ -73,7 +74,7 @@ public class ProofUtil { throw new NoSuchElementException("No previous valid user-id certification found."); } - CertificationSignatureBuilder sigBuilder = new CertificationSignatureBuilder(certificationKey, protector, previousCertification); + SelfSignatureBuilder sigBuilder = new SelfSignatureBuilder(certificationKey, protector, previousCertification); for (Proof proof : proofs) { sigBuilder.getHashedSubpackets().addNotationData(false, proof.getNotationName(), proof.getNotationValue()); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketGeneratorWrapper.java b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketGeneratorWrapper.java index 636bbefa..e2e9c584 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketGeneratorWrapper.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/subpackets/SignatureSubpacketGeneratorWrapper.java @@ -49,7 +49,7 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.key.util.RevocationAttributes; public class SignatureSubpacketGeneratorWrapper - implements BaseSignatureSubpackets, SelfSignatureSubpackets, RevocationSignatureSubpackets { + implements BaseSignatureSubpackets, SelfSignatureSubpackets, CertificationSubpackets, RevocationSignatureSubpackets { private SignatureCreationTime signatureCreationTime; private SignatureExpirationTime signatureExpirationTime;