mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-22 10:57:58 +01:00
Migrate further to extension methods
This commit is contained in:
parent
68af0a4f0e
commit
4719d6ccea
4 changed files with 23 additions and 30 deletions
|
@ -9,6 +9,7 @@ import org.bouncycastle.bcpg.BCPGInputStream
|
|||
import org.bouncycastle.bcpg.UnsupportedPacketVersionException
|
||||
import org.bouncycastle.extensions.getPublicKeyFor
|
||||
import org.bouncycastle.extensions.getSecretKeyFor
|
||||
import org.bouncycastle.extensions.issuerKeyId
|
||||
import org.bouncycastle.extensions.unlock
|
||||
import org.bouncycastle.openpgp.*
|
||||
import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory
|
||||
|
@ -26,7 +27,6 @@ import org.pgpainless.implementation.ImplementationFactory
|
|||
import org.pgpainless.key.SubkeyIdentifier
|
||||
import org.pgpainless.key.util.KeyRingUtils
|
||||
import org.pgpainless.policy.Policy
|
||||
import org.pgpainless.signature.SignatureUtils
|
||||
import org.pgpainless.signature.consumer.CertificateValidator
|
||||
import org.pgpainless.signature.consumer.OnePassSignatureCheck
|
||||
import org.pgpainless.signature.consumer.SignatureCheck
|
||||
|
@ -197,7 +197,7 @@ class OpenPgpMessageInputStream(
|
|||
return
|
||||
}
|
||||
|
||||
val keyId = SignatureUtils.determineIssuerKeyId(signature)
|
||||
val keyId = signature.issuerKeyId
|
||||
if (isSigForOps) {
|
||||
LOGGER.debug("Signature Packet corresponding to One-Pass-Signature by key ${keyId.openPgpKeyId()} at depth ${layerMetadata.depth} encountered.")
|
||||
signatures.leaveNesting() // TODO: Only leave nesting if all OPSs of the nesting layer are dealt with
|
||||
|
@ -632,7 +632,7 @@ class OpenPgpMessageInputStream(
|
|||
|
||||
fun addDetachedSignature(signature: PGPSignature) {
|
||||
val check = initializeSignature(signature)
|
||||
val keyId = SignatureUtils.determineIssuerKeyId(signature)
|
||||
val keyId = signature.issuerKeyId
|
||||
if (check != null) {
|
||||
detachedSignatures.add(check)
|
||||
} else {
|
||||
|
@ -644,7 +644,7 @@ class OpenPgpMessageInputStream(
|
|||
|
||||
fun addPrependedSignature(signature: PGPSignature) {
|
||||
val check = initializeSignature(signature)
|
||||
val keyId = SignatureUtils.determineIssuerKeyId(signature)
|
||||
val keyId = signature.issuerKeyId
|
||||
if (check != null) {
|
||||
prependedSignatures.add(check)
|
||||
} else {
|
||||
|
@ -682,7 +682,7 @@ class OpenPgpMessageInputStream(
|
|||
|
||||
fun addCorrespondingOnePassSignature(signature: PGPSignature, layer: Layer, policy: Policy) {
|
||||
var found = false
|
||||
val keyId = SignatureUtils.determineIssuerKeyId(signature)
|
||||
val keyId = signature.issuerKeyId
|
||||
for ((i, check) in onePassSignatures.withIndex().reversed()) {
|
||||
if (check.onePassSignature.keyID != keyId) {
|
||||
continue
|
||||
|
|
|
@ -14,17 +14,12 @@ import org.pgpainless.key.OpenPgpFingerprint
|
|||
import org.pgpainless.key.SubkeyIdentifier
|
||||
import org.pgpainless.key.util.KeyRingUtils
|
||||
import org.pgpainless.policy.Policy
|
||||
import org.pgpainless.signature.SignatureUtils
|
||||
import org.pgpainless.signature.SignatureUtils.Companion.isHardRevocation
|
||||
import org.pgpainless.signature.SignatureUtils.Companion.isSignatureExpired
|
||||
import org.pgpainless.signature.consumer.SignaturePicker
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil.Companion.getKeyExpirationTimeAsDate
|
||||
import org.pgpainless.util.DateUtil
|
||||
import org.slf4j.LoggerFactory
|
||||
import java.security.Key
|
||||
import java.util.*
|
||||
import kotlin.NoSuchElementException
|
||||
|
||||
class KeyRingInfo(
|
||||
val keys: PGPKeyRing,
|
||||
|
@ -237,7 +232,7 @@ class KeyRingInfo(
|
|||
if (publicKey.keyID == keyId) return primaryKeyExpirationDate
|
||||
val subkey = getPublicKey(keyId) ?: throw NoSuchElementException("No subkey with key-ID ${keyId.openPgpKeyId()} found.")
|
||||
val bindingSig = getCurrentSubkeyBindingSignature(keyId) ?: throw AssertionError("Subkey has no valid binding signature.")
|
||||
return SignatureUtils.getKeyExpirationDate(subkey.creationTime, bindingSig)
|
||||
return bindingSig.getKeyExpirationDate(subkey.creationTime)
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -560,7 +555,7 @@ class KeyRingInfo(
|
|||
|
||||
// Primary key -> Check Primary Key Revocation
|
||||
if (publicKey.keyID == this.publicKey.keyID) {
|
||||
return if (signatures.primaryKeyRevocation != null && isHardRevocation(signatures.primaryKeyRevocation)) {
|
||||
return if (signatures.primaryKeyRevocation != null && signatures.primaryKeyRevocation.isHardRevocation) {
|
||||
false
|
||||
} else signatures.primaryKeyRevocation == null
|
||||
}
|
||||
|
@ -570,18 +565,18 @@ class KeyRingInfo(
|
|||
val revocation = signatures.subkeyRevocations[keyId]
|
||||
|
||||
// No valid binding
|
||||
if (binding == null || isSignatureExpired(binding)) {
|
||||
if (binding == null || binding.isExpired(referenceDate)) {
|
||||
return false
|
||||
}
|
||||
|
||||
// Revocation
|
||||
return if (revocation != null) {
|
||||
if (isHardRevocation(revocation)) {
|
||||
if (revocation.isHardRevocation) {
|
||||
// Subkey is hard revoked
|
||||
false
|
||||
} else {
|
||||
// Key is soft-revoked, not yet re-bound
|
||||
(isSignatureExpired(revocation) || !revocation.creationTime.after(binding.creationTime))
|
||||
(revocation.isExpired(referenceDate) || !revocation.creationTime.after(binding.creationTime))
|
||||
}
|
||||
} else true
|
||||
}
|
||||
|
|
|
@ -10,16 +10,13 @@ import org.bouncycastle.extensions.*
|
|||
import org.bouncycastle.openpgp.*
|
||||
import org.bouncycastle.util.encoders.Hex
|
||||
import org.bouncycastle.util.io.Streams
|
||||
import org.pgpainless.algorithm.SignatureType
|
||||
import org.pgpainless.implementation.ImplementationFactory
|
||||
import org.pgpainless.key.OpenPgpFingerprint
|
||||
import org.pgpainless.key.util.RevocationAttributes.Reason
|
||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil
|
||||
import org.pgpainless.util.ArmorUtils
|
||||
import java.io.IOException
|
||||
import java.io.InputStream
|
||||
import java.util.*
|
||||
import kotlin.math.sign
|
||||
|
||||
const val MAX_ITERATIONS = 10000
|
||||
|
||||
|
@ -36,21 +33,21 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method.",
|
||||
ReplaceWith("signature.getKeyExpirationDate(keyCreationDate)"))
|
||||
ReplaceWith("signature.getKeyExpirationDate(keyCreationDate)", "org.bouncycastle.extensions.getKeyExpirationDate"))
|
||||
fun getKeyExpirationDate(keyCreationDate: Date, signature: PGPSignature): Date? {
|
||||
return signature.getKeyExpirationDate(keyCreationDate)
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the expiration date of the signature.
|
||||
* If the signature has no expiration date, [datePlusSeconds] will return null.
|
||||
* If the signature has no expiration date, this will return null.
|
||||
*
|
||||
* @param signature signature
|
||||
* @return expiration date of the signature, or null if it does not expire.
|
||||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method.",
|
||||
ReplaceWith("signature.signatureExpirationDate"))
|
||||
ReplaceWith("signature.signatureExpirationDate", "org.bouncycastle.extensions.signatureExpirationDate"))
|
||||
fun getSignatureExpirationDate(signature: PGPSignature): Date? = signature.signatureExpirationDate
|
||||
|
||||
/**
|
||||
|
@ -65,7 +62,7 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of Date extension method.",
|
||||
ReplaceWith("date.plusSeconds(seconds)"))
|
||||
ReplaceWith("date.plusSeconds(seconds)", "openpgp.plusSeconds"))
|
||||
fun datePlusSeconds(date: Date, seconds: Long): Date? {
|
||||
return date.plusSeconds(seconds)
|
||||
}
|
||||
|
@ -79,7 +76,7 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method.",
|
||||
ReplaceWith("signature.isExpired()"))
|
||||
ReplaceWith("signature.isExpired()", "org.bouncycastle.extensions.isExpired"))
|
||||
fun isSignatureExpired(signature: PGPSignature): Boolean {
|
||||
return signature.isExpired()
|
||||
}
|
||||
|
@ -94,7 +91,7 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method.",
|
||||
ReplaceWith("signature.isExpired(referenceTime)"))
|
||||
ReplaceWith("signature.isExpired(referenceTime)", "org.bouncycastle.extensions.isExpired"))
|
||||
fun isSignatureExpired(signature: PGPSignature, referenceTime: Date): Boolean {
|
||||
return signature.isExpired(referenceTime)
|
||||
}
|
||||
|
@ -109,7 +106,7 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension function.",
|
||||
ReplaceWith("signature.isHardRevocation()"))
|
||||
ReplaceWith("signature.isHardRevocation", "org.bouncycastle.extensions.isHardRevocation"))
|
||||
fun isHardRevocation(signature: PGPSignature): Boolean {
|
||||
return signature.isHardRevocation
|
||||
}
|
||||
|
@ -179,7 +176,7 @@ class SignatureUtils {
|
|||
*/
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method.",
|
||||
ReplaceWith("signature.issuerKeyId"))
|
||||
ReplaceWith("signature.issuerKeyId", "org.bouncycastle.extensions.issuerKeyId"))
|
||||
fun determineIssuerKeyId(signature: PGPSignature): Long {
|
||||
return signature.issuerKeyId
|
||||
}
|
||||
|
@ -197,14 +194,14 @@ class SignatureUtils {
|
|||
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method",
|
||||
ReplaceWith("signature.wasIssuedBy(fingerprint)"))
|
||||
ReplaceWith("signature.wasIssuedBy(fingerprint)", "org.bouncycastle.extensions.wasIssuedBy"))
|
||||
fun wasIssuedBy(fingerprint: ByteArray, signature: PGPSignature): Boolean {
|
||||
return signature.wasIssuedBy(fingerprint)
|
||||
}
|
||||
|
||||
@JvmStatic
|
||||
@Deprecated("Deprecated in favor of PGPSignature extension method",
|
||||
ReplaceWith("signature.wasIssuedBy(fingerprint)"))
|
||||
ReplaceWith("signature.wasIssuedBy(fingerprint)", "org.bouncycastle.extensions.wasIssuedBy"))
|
||||
fun wasIssuedBy(fingerprint: OpenPgpFingerprint, signature: PGPSignature): Boolean {
|
||||
return signature.wasIssuedBy(fingerprint)
|
||||
}
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
package org.pgpainless.signature.subpackets
|
||||
|
||||
import openpgp.openPgpKeyId
|
||||
import openpgp.plusSeconds
|
||||
import org.bouncycastle.bcpg.sig.*
|
||||
import org.bouncycastle.openpgp.PGPPublicKey
|
||||
import org.bouncycastle.openpgp.PGPSignature
|
||||
|
@ -116,7 +117,7 @@ class SignatureSubpacketsUtil {
|
|||
@JvmStatic
|
||||
fun getSignatureExpirationTimeAsDate(signature: PGPSignature): Date? =
|
||||
getSignatureExpirationTime(signature)?.let {
|
||||
SignatureUtils.datePlusSeconds(signature.creationTime, it.time)
|
||||
signature.creationTime.plusSeconds(it.time)
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -146,7 +147,7 @@ class SignatureSubpacketsUtil {
|
|||
"Provided key (${signingKey.keyID.openPgpKeyId()}) did not create the signature (${signature.keyID.openPgpKeyId()})"
|
||||
}.run {
|
||||
getKeyExpirationTime(signature)?.let {
|
||||
SignatureUtils.datePlusSeconds(signingKey.creationTime, it.time)
|
||||
signingKey.creationTime.plusSeconds(it.time)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue