1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 11:27:57 +01:00

Fix: Respect user requested keyflags when adding a subkey.

This commit is contained in:
Paul Schaub 2021-06-24 14:11:18 +02:00
parent 8fffa3079a
commit 548bfff93f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 18 additions and 4 deletions

View file

@ -42,7 +42,7 @@ public class KeySpec {
}
@Nullable
PGPSignatureSubpacketVector getSubpackets() {
public PGPSignatureSubpacketVector getSubpackets() {
return subpacketGenerator != null ? subpacketGenerator.generate() : null;
}

View file

@ -167,12 +167,16 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
PGPSecretKey secretSubKey = generateSubKey(keySpec, subKeyPassphrase);
SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector
.forKey(secretSubKey, subKeyPassphrase);
PGPSignatureSubpacketVector hashedSubpackets = keySpec.getSubpackets();
PGPSignatureSubpacketVector unhashedSubpackets = null;
return addSubKey(secretSubKey, subKeyProtector, secretKeyRingProtector);
return addSubKey(secretSubKey, hashedSubpackets, unhashedSubpackets, subKeyProtector, secretKeyRingProtector);
}
@Override
public SecretKeyRingEditorInterface addSubKey(PGPSecretKey secretSubKey,
PGPSignatureSubpacketVector hashedSubpackets,
PGPSignatureSubpacketVector unhashedSubpackets,
SecretKeyRingProtector subKeyProtector,
SecretKeyRingProtector keyRingProtector)
throws PGPException {
@ -196,7 +200,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
PGPKeyRingGenerator keyRingGenerator = new PGPKeyRingGenerator(
secretKeyRing, ringDecryptor, digestCalculator, contentSignerBuilder, subKeyEncryptor);
keyRingGenerator.addSubKey(subKeyPair);
keyRingGenerator.addSubKey(subKeyPair, hashedSubpackets, unhashedSubpackets);
secretKeyRing = keyRingGenerator.generateSecretKeyRing();
return this;

View file

@ -25,6 +25,7 @@ import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.protection.KeyRingProtectionSettings;
@ -99,7 +100,10 @@ public interface SecretKeyRingEditorInterface {
SecretKeyRingProtector secretKeyRingProtector)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException;
SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey, SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector)
SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey,
PGPSignatureSubpacketVector hashedSubpackets,
PGPSignatureSubpacketVector unhashedSubpackets,
SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector)
throws PGPException;
/**

View file

@ -15,12 +15,14 @@
*/
package org.pgpainless.key.modification;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotEquals;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
@ -38,6 +40,7 @@ import org.pgpainless.key.TestKeys;
import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
import org.pgpainless.key.generation.type.ecc.ecdsa.ECDSA;
import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey;
@ -78,5 +81,8 @@ public class AddSubKeyTest {
SecretKeyRingProtector protector = SecretKeyRingProtector.unlockAllKeysWith(
Passphrase.fromPassword("subKeyPassphrase"), secretKeys);
PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(subKey, protector);
KeyRingInfo info = new KeyRingInfo(secretKeys);
assertEquals(Collections.singletonList(KeyFlag.SIGN_DATA), info.getKeyFlagsOf(subKeyId));
}
}