From 4911816b7d7c2f2375401a691aa993fff1422fb9 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Sun, 11 Aug 2024 13:40:49 +0200
Subject: [PATCH] Adopt new PublicKeyDataDecryptorFactory API

---
 .../CachingBcPublicKeyDataDecryptorFactory.kt          | 10 ++++++----
 .../decryption_verification/HardwareSecurity.kt        |  6 ++++--
 .../CustomPublicKeyDataDecryptorFactoryTest.java       |  2 +-
 3 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/CachingBcPublicKeyDataDecryptorFactory.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/CachingBcPublicKeyDataDecryptorFactory.kt
index 3d07065e..463f44f9 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/CachingBcPublicKeyDataDecryptorFactory.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/CachingBcPublicKeyDataDecryptorFactory.kt
@@ -27,10 +27,11 @@ class CachingBcPublicKeyDataDecryptorFactory(
 
     override fun recoverSessionData(
         keyAlgorithm: Int,
-        secKeyData: Array<out ByteArray>
+        secKeyData: Array<out ByteArray>,
+        pkeskVersion: Int
     ): ByteArray =
         lookupSessionKeyData(secKeyData)
-            ?: costlyRecoverSessionData(keyAlgorithm, secKeyData).also {
+            ?: costlyRecoverSessionData(keyAlgorithm, secKeyData, pkeskVersion).also {
                 cacheSessionKeyData(secKeyData, it)
             }
 
@@ -39,8 +40,9 @@ class CachingBcPublicKeyDataDecryptorFactory(
 
     private fun costlyRecoverSessionData(
         keyAlgorithm: Int,
-        secKeyData: Array<out ByteArray>
-    ): ByteArray = super.recoverSessionData(keyAlgorithm, secKeyData)
+        secKeyData: Array<out ByteArray>,
+        pkeskVersion: Int
+    ): ByteArray = super.recoverSessionData(keyAlgorithm, secKeyData, pkeskVersion)
 
     private fun cacheSessionKeyData(secKeyData: Array<out ByteArray>, sessionKey: ByteArray) {
         cachedSessions[toKey(secKeyData)] = sessionKey.clone()
diff --git a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/HardwareSecurity.kt b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/HardwareSecurity.kt
index 1974e290..a46857b0 100644
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/HardwareSecurity.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/HardwareSecurity.kt
@@ -9,6 +9,7 @@ import org.bouncycastle.bcpg.AEADEncDataPacket
 import org.bouncycastle.bcpg.SymmetricEncIntegrityPacket
 import org.bouncycastle.openpgp.PGPException
 import org.bouncycastle.openpgp.PGPSessionKey
+import org.bouncycastle.openpgp.operator.AbstractPublicKeyDataDecryptorFactory
 import org.bouncycastle.openpgp.operator.PGPDataDecryptor
 import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory
 import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory
@@ -44,7 +45,7 @@ class HardwareSecurity {
     class HardwareDataDecryptorFactory(
         override val subkeyIdentifier: SubkeyIdentifier,
         private val callback: DecryptionCallback,
-    ) : CustomPublicKeyDataDecryptorFactory {
+    ) : AbstractPublicKeyDataDecryptorFactory(), CustomPublicKeyDataDecryptorFactory {
 
         // luckily we can instantiate the BcPublicKeyDataDecryptorFactory with null as argument.
         private val factory: PublicKeyDataDecryptorFactory = BcPublicKeyDataDecryptorFactory(null)
@@ -73,7 +74,8 @@ class HardwareSecurity {
 
         override fun recoverSessionData(
             keyAlgorithm: Int,
-            secKeyData: Array<out ByteArray>
+            secKeyData: Array<out ByteArray>,
+            pkeskVersion: Int
         ): ByteArray {
             return try {
                 callback.decryptSessionKey(subkeyIdentifier.subkeyId, keyAlgorithm, secKeyData[0])
diff --git a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java
index 73c3bf56..95802480 100644
--- a/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/decryption_verification/CustomPublicKeyDataDecryptorFactoryTest.java
@@ -62,7 +62,7 @@ public class CustomPublicKeyDataDecryptorFactoryTest {
                     PGPSecretKey decryptionKey = secretKey.getSecretKey(encryptionKey.getKeyID());
                     PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(decryptionKey, Passphrase.emptyPassphrase());
                     PublicKeyDataDecryptorFactory internal = new BcPublicKeyDataDecryptorFactory(privateKey);
-                    return internal.recoverSessionData(keyAlgorithm, new byte[][] {sessionKeyData});
+                    return internal.recoverSessionData(keyAlgorithm, new byte[][] {sessionKeyData}, 3);
                 } catch (PGPException e) {
                     throw new HardwareSecurity.HardwareSecurityException();
                 }