Fix: Respect user requested keyflags when adding a subkey.

2024-11-23 04:42:06 +01:00 · 2021-06-24 14:11:18 +02:00 · 2021-06-24 14:11:18 +02:00 · 548bfff93f
commit 548bfff93f
parent 8fffa3079a
4 changed files with 18 additions and 4 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpec.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpec.java
@ -42,7 +42,7 @@ public class KeySpec {
    }

    @Nullable
-    PGPSignatureSubpacketVector getSubpackets() {
+    public PGPSignatureSubpacketVector getSubpackets() {
        return subpacketGenerator != null ? subpacketGenerator.generate() : null;
    }

--- a/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.java
@ -167,12 +167,16 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
        PGPSecretKey secretSubKey = generateSubKey(keySpec, subKeyPassphrase);
        SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector
                .forKey(secretSubKey, subKeyPassphrase);
+        PGPSignatureSubpacketVector hashedSubpackets = keySpec.getSubpackets();
+        PGPSignatureSubpacketVector unhashedSubpackets = null;

-        return addSubKey(secretSubKey, subKeyProtector, secretKeyRingProtector);
+        return addSubKey(secretSubKey, hashedSubpackets, unhashedSubpackets, subKeyProtector, secretKeyRingProtector);
    }

    @Override
    public SecretKeyRingEditorInterface addSubKey(PGPSecretKey secretSubKey,
+                                                  PGPSignatureSubpacketVector hashedSubpackets,
+                                                  PGPSignatureSubpacketVector unhashedSubpackets,
                                                  SecretKeyRingProtector subKeyProtector,
                                                  SecretKeyRingProtector keyRingProtector)
            throws PGPException {
@ -196,7 +200,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
        PGPKeyRingGenerator keyRingGenerator = new PGPKeyRingGenerator(
                secretKeyRing, ringDecryptor, digestCalculator, contentSignerBuilder, subKeyEncryptor);

-        keyRingGenerator.addSubKey(subKeyPair);
+        keyRingGenerator.addSubKey(subKeyPair, hashedSubpackets, unhashedSubpackets);
        secretKeyRing = keyRingGenerator.generateSecretKeyRing();

        return this;
--- a/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java
@ -25,6 +25,7 @@ import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPSecretKey;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.bouncycastle.openpgp.PGPSignature;
+import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
 import org.pgpainless.key.OpenPgpV4Fingerprint;
 import org.pgpainless.key.generation.KeySpec;
 import org.pgpainless.key.protection.KeyRingProtectionSettings;
@ -99,7 +100,10 @@ public interface SecretKeyRingEditorInterface {
                                           SecretKeyRingProtector secretKeyRingProtector)
            throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException;

-    SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey, SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector)
+    SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey,
+                                           PGPSignatureSubpacketVector hashedSubpackets,
+                                           PGPSignatureSubpacketVector unhashedSubpackets,
+                                           SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector)
            throws PGPException;

    /**
--- a/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubKeyTest.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubKeyTest.java
@ -15,12 +15,14 @@
 */
 package org.pgpainless.key.modification;

+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;

 import java.io.IOException;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.NoSuchAlgorithmException;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;

@ -38,6 +40,7 @@ import org.pgpainless.key.TestKeys;
 import org.pgpainless.key.generation.KeySpec;
 import org.pgpainless.key.generation.type.ecc.EllipticCurve;
 import org.pgpainless.key.generation.type.ecc.ecdsa.ECDSA;
+import org.pgpainless.key.info.KeyRingInfo;
 import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
 import org.pgpainless.key.protection.SecretKeyRingProtector;
 import org.pgpainless.key.protection.UnlockSecretKey;
@ -78,5 +81,8 @@ public class AddSubKeyTest {
        SecretKeyRingProtector protector = SecretKeyRingProtector.unlockAllKeysWith(
                Passphrase.fromPassword("subKeyPassphrase"), secretKeys);
        PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(subKey, protector);
+
+        KeyRingInfo info = new KeyRingInfo(secretKeys);
+        assertEquals(Collections.singletonList(KeyFlag.SIGN_DATA), info.getKeyFlagsOf(subKeyId));
    }
 }