1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 06:12:06 +01:00

Add AEAD algorithms to AlgorithmSuite and allow setting / overriding preferrences in KeySpecBuilder

This commit is contained in:
Paul Schaub 2023-08-04 13:50:30 +02:00
parent 678f296b5c
commit 601e635604
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 83 additions and 19 deletions

View file

@ -26,7 +26,14 @@ public final class AEADAlgorithmCombination {
private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm, private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
@Nonnull AEADAlgorithm aeadAlgorithm) { @Nonnull AEADAlgorithm aeadAlgorithm) {
this.aeadAlgorithm = aeadAlgorithm; this.aeadAlgorithm = aeadAlgorithm;
this.symmetricKeyAlgorithm = symmetricKeyAlgorithm; this.symmetricKeyAlgorithm = requireNotUnencrypted(symmetricKeyAlgorithm);
}
private static SymmetricKeyAlgorithm requireNotUnencrypted(SymmetricKeyAlgorithm algorithm) {
if (algorithm == SymmetricKeyAlgorithm.NULL) {
throw new IllegalArgumentException("Symmetric Key Algorithm MUST NOT be NULL (unencrypted).");
}
return algorithm;
} }
@Nonnull @Nonnull

View file

@ -4,6 +4,7 @@
package org.pgpainless.algorithm; package org.pgpainless.algorithm;
import javax.annotation.Nonnull;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
@ -16,33 +17,71 @@ import java.util.Set;
*/ */
public class AlgorithmSuite { public class AlgorithmSuite {
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite( private static final List<SymmetricKeyAlgorithm> defaultSymmetricAlgorithms = Arrays.asList(
Arrays.asList(
SymmetricKeyAlgorithm.AES_256, SymmetricKeyAlgorithm.AES_256,
SymmetricKeyAlgorithm.AES_192, SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_128), SymmetricKeyAlgorithm.AES_128);
Arrays.asList( private static final List<HashAlgorithm> defaultHashAlgorithms = Arrays.asList(
HashAlgorithm.SHA512, HashAlgorithm.SHA512,
HashAlgorithm.SHA384, HashAlgorithm.SHA384,
HashAlgorithm.SHA256, HashAlgorithm.SHA256,
HashAlgorithm.SHA224), HashAlgorithm.SHA224);
Arrays.asList( private static final List<CompressionAlgorithm> defaultCompressionAlgorithms = Arrays.asList(
CompressionAlgorithm.ZLIB, CompressionAlgorithm.ZLIB,
CompressionAlgorithm.BZIP2, CompressionAlgorithm.BZIP2,
CompressionAlgorithm.ZIP, CompressionAlgorithm.ZIP,
CompressionAlgorithm.UNCOMPRESSED) CompressionAlgorithm.UNCOMPRESSED);
); private static final List<AEADAlgorithmCombination> defaultAEADAlgorithms = Arrays.asList(
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.GCM),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.GCM),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.OCB),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.EAX),
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.GCM));
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
defaultSymmetricAlgorithms,
defaultHashAlgorithms,
defaultCompressionAlgorithms,
defaultAEADAlgorithms);
private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms; private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
private final Set<HashAlgorithm> hashAlgorithms; private final Set<HashAlgorithm> hashAlgorithms;
private final Set<CompressionAlgorithm> compressionAlgorithms; private final Set<CompressionAlgorithm> compressionAlgorithms;
private final Set<AEADAlgorithmCombination> aeadAlgorithms;
public AlgorithmSuite(List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms, /**
List<HashAlgorithm> hashAlgorithms, * Create a new AlgorithmSuite.
List<CompressionAlgorithm> compressionAlgorithms) { *
* @deprecated use {@link AlgorithmSuite#AlgorithmSuite(List, List, List, List)} instead.
* @param symmetricKeyAlgorithms preferred symmetric algorithms
* @param hashAlgorithms preferred hash algorithms
* @param compressionAlgorithms preferred compression algorithms
*/
@Deprecated
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
@Nonnull List<HashAlgorithm> hashAlgorithms,
@Nonnull List<CompressionAlgorithm> compressionAlgorithms) {
this(symmetricKeyAlgorithms, hashAlgorithms, compressionAlgorithms, defaultAEADAlgorithms);
}
/**
* Create a new AlgorithmSuite.
* @param symmetricKeyAlgorithms preferred symmetric algorithms
* @param hashAlgorithms preferred hash algorithms
* @param compressionAlgorithms preferred compression algorithms
* @param aeadAlgorithms preferred AEAD algorithm combinations
*/
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
@Nonnull List<HashAlgorithm> hashAlgorithms,
@Nonnull List<CompressionAlgorithm> compressionAlgorithms,
@Nonnull List<AEADAlgorithmCombination> aeadAlgorithms) {
this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms)); this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms)); this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms)); this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
this.aeadAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(aeadAlgorithms));
} }
public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() { public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
@ -57,7 +96,12 @@ public class AlgorithmSuite {
return new LinkedHashSet<>(compressionAlgorithms); return new LinkedHashSet<>(compressionAlgorithms);
} }
public Set<AEADAlgorithmCombination> getAEADAlgorithms() {
return new LinkedHashSet<>(aeadAlgorithms);
}
public static AlgorithmSuite getDefaultAlgorithmSuite() { public static AlgorithmSuite getDefaultAlgorithmSuite() {
return defaultAlgorithmSuite; return defaultAlgorithmSuite;
} }
} }

View file

@ -11,6 +11,7 @@ import java.util.Set;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.AEADAlgorithmCombination;
import org.pgpainless.algorithm.AlgorithmSuite; import org.pgpainless.algorithm.AlgorithmSuite;
import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.Feature; import org.pgpainless.algorithm.Feature;
@ -32,6 +33,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms(); private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms(); private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms(); private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
private Set<AEADAlgorithmCombination> preferredAEADAlgorithms = algorithmSuite.getAEADAlgorithms();
private Date keyCreationDate; private Date keyCreationDate;
KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) { KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
@ -73,6 +75,13 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
return this; return this;
} }
@Override
public KeySpecBuilder overridePreferredAEADAlgorithms(
@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms) {
this.preferredAEADAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredAEADAlgorithms));
return this;
}
@Override @Override
public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) { public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
this.keyCreationDate = creationDate; this.keyCreationDate = creationDate;
@ -85,6 +94,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms); this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms); this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms); this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
this.hashedSubpackets.setPreferredAEADCiphersuites(preferredAEADAlgorithms);
this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION); this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);
return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate); return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);

View file

@ -6,6 +6,7 @@ package org.pgpainless.key.generation;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import org.pgpainless.algorithm.AEADAlgorithmCombination;
import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.CompressionAlgorithm;
import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
@ -20,6 +21,8 @@ public interface KeySpecBuilderInterface {
KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms); KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);
KeySpecBuilder overridePreferredAEADAlgorithms(@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms);
KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate); KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);
KeySpec build(); KeySpec build();