1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-22 10:57:58 +01:00

Add AEAD algorithms to AlgorithmSuite and allow setting / overriding preferrences in KeySpecBuilder

This commit is contained in:
Paul Schaub 2023-08-04 13:50:30 +02:00
parent 678f296b5c
commit 601e635604
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 83 additions and 19 deletions

View file

@ -26,7 +26,14 @@ public final class AEADAlgorithmCombination {
private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
@Nonnull AEADAlgorithm aeadAlgorithm) {
this.aeadAlgorithm = aeadAlgorithm;
this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
this.symmetricKeyAlgorithm = requireNotUnencrypted(symmetricKeyAlgorithm);
}
private static SymmetricKeyAlgorithm requireNotUnencrypted(SymmetricKeyAlgorithm algorithm) {
if (algorithm == SymmetricKeyAlgorithm.NULL) {
throw new IllegalArgumentException("Symmetric Key Algorithm MUST NOT be NULL (unencrypted).");
}
return algorithm;
}
@Nonnull

View file

@ -4,6 +4,7 @@
package org.pgpainless.algorithm;
import javax.annotation.Nonnull;
import java.util.Arrays;
import java.util.Collections;
import java.util.LinkedHashSet;
@ -16,33 +17,71 @@ import java.util.Set;
*/
public class AlgorithmSuite {
private static final List<SymmetricKeyAlgorithm> defaultSymmetricAlgorithms = Arrays.asList(
SymmetricKeyAlgorithm.AES_256,
SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_128);
private static final List<HashAlgorithm> defaultHashAlgorithms = Arrays.asList(
HashAlgorithm.SHA512,
HashAlgorithm.SHA384,
HashAlgorithm.SHA256,
HashAlgorithm.SHA224);
private static final List<CompressionAlgorithm> defaultCompressionAlgorithms = Arrays.asList(
CompressionAlgorithm.ZLIB,
CompressionAlgorithm.BZIP2,
CompressionAlgorithm.ZIP,
CompressionAlgorithm.UNCOMPRESSED);
private static final List<AEADAlgorithmCombination> defaultAEADAlgorithms = Arrays.asList(
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.GCM),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.GCM),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.GCM));
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
Arrays.asList(
SymmetricKeyAlgorithm.AES_256,
SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_128),
Arrays.asList(
HashAlgorithm.SHA512,
HashAlgorithm.SHA384,
HashAlgorithm.SHA256,
HashAlgorithm.SHA224),
Arrays.asList(
CompressionAlgorithm.ZLIB,
CompressionAlgorithm.BZIP2,
CompressionAlgorithm.ZIP,
CompressionAlgorithm.UNCOMPRESSED)
);
defaultSymmetricAlgorithms,
defaultHashAlgorithms,
defaultCompressionAlgorithms,
defaultAEADAlgorithms);
private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
private final Set<HashAlgorithm> hashAlgorithms;
private final Set<CompressionAlgorithm> compressionAlgorithms;
private final Set<AEADAlgorithmCombination> aeadAlgorithms;
public AlgorithmSuite(List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
List<HashAlgorithm> hashAlgorithms,
List<CompressionAlgorithm> compressionAlgorithms) {
/**
* Create a new AlgorithmSuite.
*
* @deprecated use {@link AlgorithmSuite#AlgorithmSuite(List, List, List, List)} instead.
* @param symmetricKeyAlgorithms preferred symmetric algorithms
* @param hashAlgorithms preferred hash algorithms
* @param compressionAlgorithms preferred compression algorithms
*/
@Deprecated
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
@Nonnull List<HashAlgorithm> hashAlgorithms,
@Nonnull List<CompressionAlgorithm> compressionAlgorithms) {
this(symmetricKeyAlgorithms, hashAlgorithms, compressionAlgorithms, defaultAEADAlgorithms);
}
/**
* Create a new AlgorithmSuite.
* @param symmetricKeyAlgorithms preferred symmetric algorithms
* @param hashAlgorithms preferred hash algorithms
* @param compressionAlgorithms preferred compression algorithms
* @param aeadAlgorithms preferred AEAD algorithm combinations
*/
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
@Nonnull List<HashAlgorithm> hashAlgorithms,
@Nonnull List<CompressionAlgorithm> compressionAlgorithms,
@Nonnull List<AEADAlgorithmCombination> aeadAlgorithms) {
this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
this.aeadAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(aeadAlgorithms));
}
public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
@ -57,7 +96,12 @@ public class AlgorithmSuite {
return new LinkedHashSet<>(compressionAlgorithms);
}
public Set<AEADAlgorithmCombination> getAEADAlgorithms() {
return new LinkedHashSet<>(aeadAlgorithms);
}
public static AlgorithmSuite getDefaultAlgorithmSuite() {
return defaultAlgorithmSuite;
}
}

View file

@ -11,6 +11,7 @@ import java.util.Set;
import javax.annotation.Nonnull;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.AEADAlgorithmCombination;
import org.pgpainless.algorithm.AlgorithmSuite;
import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.Feature;
@ -32,6 +33,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
private Set<AEADAlgorithmCombination> preferredAEADAlgorithms = algorithmSuite.getAEADAlgorithms();
private Date keyCreationDate;
KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
@ -73,6 +75,13 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
return this;
}
@Override
public KeySpecBuilder overridePreferredAEADAlgorithms(
@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms) {
this.preferredAEADAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredAEADAlgorithms));
return this;
}
@Override
public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
this.keyCreationDate = creationDate;
@ -85,6 +94,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
this.hashedSubpackets.setPreferredAEADCiphersuites(preferredAEADAlgorithms);
this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);
return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);

View file

@ -6,6 +6,7 @@ package org.pgpainless.key.generation;
import javax.annotation.Nonnull;
import org.pgpainless.algorithm.AEADAlgorithmCombination;
import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
@ -20,6 +21,8 @@ public interface KeySpecBuilderInterface {
KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);
KeySpecBuilder overridePreferredAEADAlgorithms(@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms);
KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);
KeySpec build();