Add AEAD algorithms to AlgorithmSuite and allow setting / overriding preferrences in KeySpecBuilder

2023-08-04 13:50:30 +02:00 · 2023-08-04 13:50:30 +02:00 · 601e635604
parent 678f296b5c
commit 601e635604
4 changed files with 83 additions and 19 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/algorithm/AEADAlgorithmCombination.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/algorithm/AEADAlgorithmCombination.java
@ -26,7 +26,14 @@ public final class AEADAlgorithmCombination {
    private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
                                    @Nonnull AEADAlgorithm aeadAlgorithm) {
        this.aeadAlgorithm = aeadAlgorithm;
-        this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
+        this.symmetricKeyAlgorithm = requireNotUnencrypted(symmetricKeyAlgorithm);
+    }
+
+    private static SymmetricKeyAlgorithm requireNotUnencrypted(SymmetricKeyAlgorithm algorithm) {
+        if (algorithm == SymmetricKeyAlgorithm.NULL) {
+            throw new IllegalArgumentException("Symmetric Key Algorithm MUST NOT be NULL (unencrypted).");
+        }
+        return algorithm;
    }

    @Nonnull
--- a/pgpainless-core/src/main/java/org/pgpainless/algorithm/AlgorithmSuite.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/algorithm/AlgorithmSuite.java
@ -4,6 +4,7 @@

 package org.pgpainless.algorithm;

+import javax.annotation.Nonnull;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.LinkedHashSet;
@ -16,33 +17,71 @@ import java.util.Set;
 */
 public class AlgorithmSuite {

+    private static final List<SymmetricKeyAlgorithm> defaultSymmetricAlgorithms = Arrays.asList(
+            SymmetricKeyAlgorithm.AES_256,
+            SymmetricKeyAlgorithm.AES_192,
+            SymmetricKeyAlgorithm.AES_128);
+    private static final List<HashAlgorithm> defaultHashAlgorithms = Arrays.asList(
+            HashAlgorithm.SHA512,
+            HashAlgorithm.SHA384,
+            HashAlgorithm.SHA256,
+            HashAlgorithm.SHA224);
+    private static final List<CompressionAlgorithm> defaultCompressionAlgorithms = Arrays.asList(
+            CompressionAlgorithm.ZLIB,
+            CompressionAlgorithm.BZIP2,
+            CompressionAlgorithm.ZIP,
+            CompressionAlgorithm.UNCOMPRESSED);
+    private static final List<AEADAlgorithmCombination> defaultAEADAlgorithms = Arrays.asList(
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.OCB),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.EAX),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.GCM),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.OCB),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.EAX),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.GCM),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.OCB),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.EAX),
+            AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.GCM));
    private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
-            Arrays.asList(
-                    SymmetricKeyAlgorithm.AES_256,
-                    SymmetricKeyAlgorithm.AES_192,
-                    SymmetricKeyAlgorithm.AES_128),
-            Arrays.asList(
-                    HashAlgorithm.SHA512,
-                    HashAlgorithm.SHA384,
-                    HashAlgorithm.SHA256,
-                    HashAlgorithm.SHA224),
-            Arrays.asList(
-                    CompressionAlgorithm.ZLIB,
-                    CompressionAlgorithm.BZIP2,
-                    CompressionAlgorithm.ZIP,
-                    CompressionAlgorithm.UNCOMPRESSED)
-    );
+            defaultSymmetricAlgorithms,
+            defaultHashAlgorithms,
+            defaultCompressionAlgorithms,
+            defaultAEADAlgorithms);

    private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
    private final Set<HashAlgorithm> hashAlgorithms;
    private final Set<CompressionAlgorithm> compressionAlgorithms;
+    private final Set<AEADAlgorithmCombination> aeadAlgorithms;

-    public AlgorithmSuite(List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
-                          List<HashAlgorithm> hashAlgorithms,
-                          List<CompressionAlgorithm> compressionAlgorithms) {
+    /**
+     * Create a new AlgorithmSuite.
+     *
+     * @deprecated use {@link AlgorithmSuite#AlgorithmSuite(List, List, List, List)} instead.
+     * @param symmetricKeyAlgorithms preferred symmetric algorithms
+     * @param hashAlgorithms preferred hash algorithms
+     * @param compressionAlgorithms preferred compression algorithms
+     */
+    @Deprecated
+    public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
+                          @Nonnull List<HashAlgorithm> hashAlgorithms,
+                          @Nonnull List<CompressionAlgorithm> compressionAlgorithms) {
+        this(symmetricKeyAlgorithms, hashAlgorithms, compressionAlgorithms, defaultAEADAlgorithms);
+    }
+
+    /**
+     * Create a new AlgorithmSuite.
+     * @param symmetricKeyAlgorithms preferred symmetric algorithms
+     * @param hashAlgorithms preferred hash algorithms
+     * @param compressionAlgorithms preferred compression algorithms
+     * @param aeadAlgorithms preferred AEAD algorithm combinations
+     */
+    public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
+                          @Nonnull List<HashAlgorithm> hashAlgorithms,
+                          @Nonnull List<CompressionAlgorithm> compressionAlgorithms,
+                          @Nonnull List<AEADAlgorithmCombination> aeadAlgorithms) {
        this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
        this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
        this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
+        this.aeadAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(aeadAlgorithms));
    }

    public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
@ -57,7 +96,12 @@ public class AlgorithmSuite {
        return new LinkedHashSet<>(compressionAlgorithms);
    }

+    public Set<AEADAlgorithmCombination> getAEADAlgorithms() {
+        return new LinkedHashSet<>(aeadAlgorithms);
+    }
+
    public static AlgorithmSuite getDefaultAlgorithmSuite() {
        return defaultAlgorithmSuite;
    }
+
 }
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilder.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilder.java
@ -11,6 +11,7 @@ import java.util.Set;
 import javax.annotation.Nonnull;

 import org.pgpainless.PGPainless;
+import org.pgpainless.algorithm.AEADAlgorithmCombination;
 import org.pgpainless.algorithm.AlgorithmSuite;
 import org.pgpainless.algorithm.CompressionAlgorithm;
 import org.pgpainless.algorithm.Feature;
@ -32,6 +33,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
    private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
    private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
    private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
+    private Set<AEADAlgorithmCombination> preferredAEADAlgorithms = algorithmSuite.getAEADAlgorithms();
    private Date keyCreationDate;

    KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
@ -73,6 +75,13 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
        return this;
    }

+    @Override
+    public KeySpecBuilder overridePreferredAEADAlgorithms(
+            @Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms) {
+        this.preferredAEADAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredAEADAlgorithms));
+        return this;
+    }
+
    @Override
    public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
        this.keyCreationDate = creationDate;
@ -85,6 +94,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
        this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
        this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
        this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
+        this.hashedSubpackets.setPreferredAEADCiphersuites(preferredAEADAlgorithms);
        this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);

        return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilderInterface.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilderInterface.java
@ -6,6 +6,7 @@ package org.pgpainless.key.generation;

 import javax.annotation.Nonnull;

+import org.pgpainless.algorithm.AEADAlgorithmCombination;
 import org.pgpainless.algorithm.CompressionAlgorithm;
 import org.pgpainless.algorithm.HashAlgorithm;
 import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
@ -20,6 +21,8 @@ public interface KeySpecBuilderInterface {

    KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);

+    KeySpecBuilder overridePreferredAEADAlgorithms(@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms);
+
    KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);

    KeySpec build();