mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-14 00:12:06 +01:00
Add AEAD algorithms to AlgorithmSuite and allow setting / overriding preferrences in KeySpecBuilder
This commit is contained in:
parent
678f296b5c
commit
601e635604
4 changed files with 83 additions and 19 deletions
|
@ -26,7 +26,14 @@ public final class AEADAlgorithmCombination {
|
|||
private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
|
||||
@Nonnull AEADAlgorithm aeadAlgorithm) {
|
||||
this.aeadAlgorithm = aeadAlgorithm;
|
||||
this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
|
||||
this.symmetricKeyAlgorithm = requireNotUnencrypted(symmetricKeyAlgorithm);
|
||||
}
|
||||
|
||||
private static SymmetricKeyAlgorithm requireNotUnencrypted(SymmetricKeyAlgorithm algorithm) {
|
||||
if (algorithm == SymmetricKeyAlgorithm.NULL) {
|
||||
throw new IllegalArgumentException("Symmetric Key Algorithm MUST NOT be NULL (unencrypted).");
|
||||
}
|
||||
return algorithm;
|
||||
}
|
||||
|
||||
@Nonnull
|
||||
|
|
|
@ -4,6 +4,7 @@
|
|||
|
||||
package org.pgpainless.algorithm;
|
||||
|
||||
import javax.annotation.Nonnull;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.LinkedHashSet;
|
||||
|
@ -16,33 +17,71 @@ import java.util.Set;
|
|||
*/
|
||||
public class AlgorithmSuite {
|
||||
|
||||
private static final List<SymmetricKeyAlgorithm> defaultSymmetricAlgorithms = Arrays.asList(
|
||||
SymmetricKeyAlgorithm.AES_256,
|
||||
SymmetricKeyAlgorithm.AES_192,
|
||||
SymmetricKeyAlgorithm.AES_128);
|
||||
private static final List<HashAlgorithm> defaultHashAlgorithms = Arrays.asList(
|
||||
HashAlgorithm.SHA512,
|
||||
HashAlgorithm.SHA384,
|
||||
HashAlgorithm.SHA256,
|
||||
HashAlgorithm.SHA224);
|
||||
private static final List<CompressionAlgorithm> defaultCompressionAlgorithms = Arrays.asList(
|
||||
CompressionAlgorithm.ZLIB,
|
||||
CompressionAlgorithm.BZIP2,
|
||||
CompressionAlgorithm.ZIP,
|
||||
CompressionAlgorithm.UNCOMPRESSED);
|
||||
private static final List<AEADAlgorithmCombination> defaultAEADAlgorithms = Arrays.asList(
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.OCB),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.EAX),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.GCM),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.OCB),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.EAX),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.GCM),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.OCB),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.EAX),
|
||||
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.GCM));
|
||||
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
|
||||
Arrays.asList(
|
||||
SymmetricKeyAlgorithm.AES_256,
|
||||
SymmetricKeyAlgorithm.AES_192,
|
||||
SymmetricKeyAlgorithm.AES_128),
|
||||
Arrays.asList(
|
||||
HashAlgorithm.SHA512,
|
||||
HashAlgorithm.SHA384,
|
||||
HashAlgorithm.SHA256,
|
||||
HashAlgorithm.SHA224),
|
||||
Arrays.asList(
|
||||
CompressionAlgorithm.ZLIB,
|
||||
CompressionAlgorithm.BZIP2,
|
||||
CompressionAlgorithm.ZIP,
|
||||
CompressionAlgorithm.UNCOMPRESSED)
|
||||
);
|
||||
defaultSymmetricAlgorithms,
|
||||
defaultHashAlgorithms,
|
||||
defaultCompressionAlgorithms,
|
||||
defaultAEADAlgorithms);
|
||||
|
||||
private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
|
||||
private final Set<HashAlgorithm> hashAlgorithms;
|
||||
private final Set<CompressionAlgorithm> compressionAlgorithms;
|
||||
private final Set<AEADAlgorithmCombination> aeadAlgorithms;
|
||||
|
||||
public AlgorithmSuite(List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
||||
List<HashAlgorithm> hashAlgorithms,
|
||||
List<CompressionAlgorithm> compressionAlgorithms) {
|
||||
/**
|
||||
* Create a new AlgorithmSuite.
|
||||
*
|
||||
* @deprecated use {@link AlgorithmSuite#AlgorithmSuite(List, List, List, List)} instead.
|
||||
* @param symmetricKeyAlgorithms preferred symmetric algorithms
|
||||
* @param hashAlgorithms preferred hash algorithms
|
||||
* @param compressionAlgorithms preferred compression algorithms
|
||||
*/
|
||||
@Deprecated
|
||||
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
||||
@Nonnull List<HashAlgorithm> hashAlgorithms,
|
||||
@Nonnull List<CompressionAlgorithm> compressionAlgorithms) {
|
||||
this(symmetricKeyAlgorithms, hashAlgorithms, compressionAlgorithms, defaultAEADAlgorithms);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new AlgorithmSuite.
|
||||
* @param symmetricKeyAlgorithms preferred symmetric algorithms
|
||||
* @param hashAlgorithms preferred hash algorithms
|
||||
* @param compressionAlgorithms preferred compression algorithms
|
||||
* @param aeadAlgorithms preferred AEAD algorithm combinations
|
||||
*/
|
||||
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
||||
@Nonnull List<HashAlgorithm> hashAlgorithms,
|
||||
@Nonnull List<CompressionAlgorithm> compressionAlgorithms,
|
||||
@Nonnull List<AEADAlgorithmCombination> aeadAlgorithms) {
|
||||
this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
|
||||
this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
|
||||
this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
|
||||
this.aeadAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(aeadAlgorithms));
|
||||
}
|
||||
|
||||
public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
|
||||
|
@ -57,7 +96,12 @@ public class AlgorithmSuite {
|
|||
return new LinkedHashSet<>(compressionAlgorithms);
|
||||
}
|
||||
|
||||
public Set<AEADAlgorithmCombination> getAEADAlgorithms() {
|
||||
return new LinkedHashSet<>(aeadAlgorithms);
|
||||
}
|
||||
|
||||
public static AlgorithmSuite getDefaultAlgorithmSuite() {
|
||||
return defaultAlgorithmSuite;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -11,6 +11,7 @@ import java.util.Set;
|
|||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.AEADAlgorithmCombination;
|
||||
import org.pgpainless.algorithm.AlgorithmSuite;
|
||||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||
import org.pgpainless.algorithm.Feature;
|
||||
|
@ -32,6 +33,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
|||
private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
|
||||
private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
|
||||
private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
|
||||
private Set<AEADAlgorithmCombination> preferredAEADAlgorithms = algorithmSuite.getAEADAlgorithms();
|
||||
private Date keyCreationDate;
|
||||
|
||||
KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
|
||||
|
@ -73,6 +75,13 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
|||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeySpecBuilder overridePreferredAEADAlgorithms(
|
||||
@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms) {
|
||||
this.preferredAEADAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredAEADAlgorithms));
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
|
||||
this.keyCreationDate = creationDate;
|
||||
|
@ -85,6 +94,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
|||
this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
|
||||
this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
|
||||
this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
|
||||
this.hashedSubpackets.setPreferredAEADCiphersuites(preferredAEADAlgorithms);
|
||||
this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);
|
||||
|
||||
return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);
|
||||
|
|
|
@ -6,6 +6,7 @@ package org.pgpainless.key.generation;
|
|||
|
||||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.pgpainless.algorithm.AEADAlgorithmCombination;
|
||||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||
import org.pgpainless.algorithm.HashAlgorithm;
|
||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
|
@ -20,6 +21,8 @@ public interface KeySpecBuilderInterface {
|
|||
|
||||
KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);
|
||||
|
||||
KeySpecBuilder overridePreferredAEADAlgorithms(@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms);
|
||||
|
||||
KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);
|
||||
|
||||
KeySpec build();
|
||||
|
|
Loading…
Reference in a new issue