PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-23 12:52:07 +01:00
Code Issues Releases Wiki Activity

Fix: Respect user requested keyflags when adding a subkey.

Browse source
This commit is contained in:
Paul Schaub 2021-06-24 14:11:18 +02:00
parent 8fffa3079a
commit 548bfff93f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 18 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpec.java
View file

@ -42,7 +42,7 @@ public class KeySpec {
} }
@Nullable @Nullable
PGPSignatureSubpacketVector getSubpackets() { public PGPSignatureSubpacketVector getSubpackets() {
return subpacketGenerator != null ? subpacketGenerator.generate() : null; return subpacketGenerator != null ? subpacketGenerator.generate() : null;
} }

8
pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.java
View file

@ -167,12 +167,16 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
PGPSecretKey secretSubKey = generateSubKey(keySpec, subKeyPassphrase); PGPSecretKey secretSubKey = generateSubKey(keySpec, subKeyPassphrase);
SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector
.forKey(secretSubKey, subKeyPassphrase); .forKey(secretSubKey, subKeyPassphrase);
PGPSignatureSubpacketVector hashedSubpackets = keySpec.getSubpackets();
PGPSignatureSubpacketVector unhashedSubpackets = null;
return addSubKey(secretSubKey, subKeyProtector, secretKeyRingProtector); return addSubKey(secretSubKey, hashedSubpackets, unhashedSubpackets, subKeyProtector, secretKeyRingProtector);
} }
@Override @Override
public SecretKeyRingEditorInterface addSubKey(PGPSecretKey secretSubKey, public SecretKeyRingEditorInterface addSubKey(PGPSecretKey secretSubKey,
PGPSignatureSubpacketVector hashedSubpackets,
PGPSignatureSubpacketVector unhashedSubpackets,
SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector subKeyProtector,
SecretKeyRingProtector keyRingProtector) SecretKeyRingProtector keyRingProtector)
throws PGPException { throws PGPException {
@ -196,7 +200,7 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
PGPKeyRingGenerator keyRingGenerator = new PGPKeyRingGenerator( PGPKeyRingGenerator keyRingGenerator = new PGPKeyRingGenerator(
secretKeyRing, ringDecryptor, digestCalculator, contentSignerBuilder, subKeyEncryptor); secretKeyRing, ringDecryptor, digestCalculator, contentSignerBuilder, subKeyEncryptor);
keyRingGenerator.addSubKey(subKeyPair); keyRingGenerator.addSubKey(subKeyPair, hashedSubpackets, unhashedSubpackets);
secretKeyRing = keyRingGenerator.generateSecretKeyRing(); secretKeyRing = keyRingGenerator.generateSecretKeyRing();
return this; return this;

6
pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditorInterface.java
View file

@ -25,6 +25,7 @@ import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKey; import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.OpenPgpV4Fingerprint;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.protection.KeyRingProtectionSettings; import org.pgpainless.key.protection.KeyRingProtectionSettings;
@ -99,7 +100,10 @@ public interface SecretKeyRingEditorInterface {
SecretKeyRingProtector secretKeyRingProtector) SecretKeyRingProtector secretKeyRingProtector)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException; throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException;
SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey, SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector) SecretKeyRingEditorInterface addSubKey(PGPSecretKey subKey,
PGPSignatureSubpacketVector hashedSubpackets,
PGPSignatureSubpacketVector unhashedSubpackets,
SecretKeyRingProtector subKeyProtector, SecretKeyRingProtector keyRingProtector)
throws PGPException; throws PGPException;
/** /**

6
pgpainless-core/src/test/java/org/pgpainless/key/modification/AddSubKeyTest.java
View file

@ -15,12 +15,14 @@
*/ */
package org.pgpainless.key.modification; package org.pgpainless.key.modification;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotEquals; import static org.junit.jupiter.api.Assertions.assertNotEquals;
import java.io.IOException; import java.io.IOException;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator; import java.util.Iterator;
import java.util.List; import java.util.List;
@ -38,6 +40,7 @@ import org.pgpainless.key.TestKeys;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.ecc.EllipticCurve; import org.pgpainless.key.generation.type.ecc.EllipticCurve;
import org.pgpainless.key.generation.type.ecc.ecdsa.ECDSA; import org.pgpainless.key.generation.type.ecc.ecdsa.ECDSA;
import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector; import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.SecretKeyRingProtector;
import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.key.protection.UnlockSecretKey;
@ -78,5 +81,8 @@ public class AddSubKeyTest {
SecretKeyRingProtector protector = SecretKeyRingProtector.unlockAllKeysWith( SecretKeyRingProtector protector = SecretKeyRingProtector.unlockAllKeysWith(
Passphrase.fromPassword("subKeyPassphrase"), secretKeys); Passphrase.fromPassword("subKeyPassphrase"), secretKeys);
PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(subKey, protector); PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(subKey, protector);
KeyRingInfo info = new KeyRingInfo(secretKeys);
assertEquals(Collections.singletonList(KeyFlag.SIGN_DATA), info.getKeyFlagsOf(subKeyId));
} }
} }