mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 06:12:06 +01:00
Add AEAD algorithms to AlgorithmSuite and allow setting / overriding preferrences in KeySpecBuilder
This commit is contained in:
parent
678f296b5c
commit
601e635604
4 changed files with 83 additions and 19 deletions
|
@ -26,7 +26,14 @@ public final class AEADAlgorithmCombination {
|
||||||
private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
|
private AEADAlgorithmCombination(@Nonnull SymmetricKeyAlgorithm symmetricKeyAlgorithm,
|
||||||
@Nonnull AEADAlgorithm aeadAlgorithm) {
|
@Nonnull AEADAlgorithm aeadAlgorithm) {
|
||||||
this.aeadAlgorithm = aeadAlgorithm;
|
this.aeadAlgorithm = aeadAlgorithm;
|
||||||
this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
|
this.symmetricKeyAlgorithm = requireNotUnencrypted(symmetricKeyAlgorithm);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static SymmetricKeyAlgorithm requireNotUnencrypted(SymmetricKeyAlgorithm algorithm) {
|
||||||
|
if (algorithm == SymmetricKeyAlgorithm.NULL) {
|
||||||
|
throw new IllegalArgumentException("Symmetric Key Algorithm MUST NOT be NULL (unencrypted).");
|
||||||
|
}
|
||||||
|
return algorithm;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Nonnull
|
@Nonnull
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
|
|
||||||
package org.pgpainless.algorithm;
|
package org.pgpainless.algorithm;
|
||||||
|
|
||||||
|
import javax.annotation.Nonnull;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.LinkedHashSet;
|
import java.util.LinkedHashSet;
|
||||||
|
@ -16,33 +17,71 @@ import java.util.Set;
|
||||||
*/
|
*/
|
||||||
public class AlgorithmSuite {
|
public class AlgorithmSuite {
|
||||||
|
|
||||||
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
|
private static final List<SymmetricKeyAlgorithm> defaultSymmetricAlgorithms = Arrays.asList(
|
||||||
Arrays.asList(
|
|
||||||
SymmetricKeyAlgorithm.AES_256,
|
SymmetricKeyAlgorithm.AES_256,
|
||||||
SymmetricKeyAlgorithm.AES_192,
|
SymmetricKeyAlgorithm.AES_192,
|
||||||
SymmetricKeyAlgorithm.AES_128),
|
SymmetricKeyAlgorithm.AES_128);
|
||||||
Arrays.asList(
|
private static final List<HashAlgorithm> defaultHashAlgorithms = Arrays.asList(
|
||||||
HashAlgorithm.SHA512,
|
HashAlgorithm.SHA512,
|
||||||
HashAlgorithm.SHA384,
|
HashAlgorithm.SHA384,
|
||||||
HashAlgorithm.SHA256,
|
HashAlgorithm.SHA256,
|
||||||
HashAlgorithm.SHA224),
|
HashAlgorithm.SHA224);
|
||||||
Arrays.asList(
|
private static final List<CompressionAlgorithm> defaultCompressionAlgorithms = Arrays.asList(
|
||||||
CompressionAlgorithm.ZLIB,
|
CompressionAlgorithm.ZLIB,
|
||||||
CompressionAlgorithm.BZIP2,
|
CompressionAlgorithm.BZIP2,
|
||||||
CompressionAlgorithm.ZIP,
|
CompressionAlgorithm.ZIP,
|
||||||
CompressionAlgorithm.UNCOMPRESSED)
|
CompressionAlgorithm.UNCOMPRESSED);
|
||||||
);
|
private static final List<AEADAlgorithmCombination> defaultAEADAlgorithms = Arrays.asList(
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.OCB),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.EAX),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_256, AEADAlgorithm.GCM),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.OCB),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.EAX),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_192, AEADAlgorithm.GCM),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.OCB),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.EAX),
|
||||||
|
AEADAlgorithmCombination.from(SymmetricKeyAlgorithm.AES_128, AEADAlgorithm.GCM));
|
||||||
|
private static final AlgorithmSuite defaultAlgorithmSuite = new AlgorithmSuite(
|
||||||
|
defaultSymmetricAlgorithms,
|
||||||
|
defaultHashAlgorithms,
|
||||||
|
defaultCompressionAlgorithms,
|
||||||
|
defaultAEADAlgorithms);
|
||||||
|
|
||||||
private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
|
private final Set<SymmetricKeyAlgorithm> symmetricKeyAlgorithms;
|
||||||
private final Set<HashAlgorithm> hashAlgorithms;
|
private final Set<HashAlgorithm> hashAlgorithms;
|
||||||
private final Set<CompressionAlgorithm> compressionAlgorithms;
|
private final Set<CompressionAlgorithm> compressionAlgorithms;
|
||||||
|
private final Set<AEADAlgorithmCombination> aeadAlgorithms;
|
||||||
|
|
||||||
public AlgorithmSuite(List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
/**
|
||||||
List<HashAlgorithm> hashAlgorithms,
|
* Create a new AlgorithmSuite.
|
||||||
List<CompressionAlgorithm> compressionAlgorithms) {
|
*
|
||||||
|
* @deprecated use {@link AlgorithmSuite#AlgorithmSuite(List, List, List, List)} instead.
|
||||||
|
* @param symmetricKeyAlgorithms preferred symmetric algorithms
|
||||||
|
* @param hashAlgorithms preferred hash algorithms
|
||||||
|
* @param compressionAlgorithms preferred compression algorithms
|
||||||
|
*/
|
||||||
|
@Deprecated
|
||||||
|
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
||||||
|
@Nonnull List<HashAlgorithm> hashAlgorithms,
|
||||||
|
@Nonnull List<CompressionAlgorithm> compressionAlgorithms) {
|
||||||
|
this(symmetricKeyAlgorithms, hashAlgorithms, compressionAlgorithms, defaultAEADAlgorithms);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a new AlgorithmSuite.
|
||||||
|
* @param symmetricKeyAlgorithms preferred symmetric algorithms
|
||||||
|
* @param hashAlgorithms preferred hash algorithms
|
||||||
|
* @param compressionAlgorithms preferred compression algorithms
|
||||||
|
* @param aeadAlgorithms preferred AEAD algorithm combinations
|
||||||
|
*/
|
||||||
|
public AlgorithmSuite(@Nonnull List<SymmetricKeyAlgorithm> symmetricKeyAlgorithms,
|
||||||
|
@Nonnull List<HashAlgorithm> hashAlgorithms,
|
||||||
|
@Nonnull List<CompressionAlgorithm> compressionAlgorithms,
|
||||||
|
@Nonnull List<AEADAlgorithmCombination> aeadAlgorithms) {
|
||||||
this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
|
this.symmetricKeyAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(symmetricKeyAlgorithms));
|
||||||
this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
|
this.hashAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(hashAlgorithms));
|
||||||
this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
|
this.compressionAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(compressionAlgorithms));
|
||||||
|
this.aeadAlgorithms = Collections.unmodifiableSet(new LinkedHashSet<>(aeadAlgorithms));
|
||||||
}
|
}
|
||||||
|
|
||||||
public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
|
public Set<SymmetricKeyAlgorithm> getSymmetricKeyAlgorithms() {
|
||||||
|
@ -57,7 +96,12 @@ public class AlgorithmSuite {
|
||||||
return new LinkedHashSet<>(compressionAlgorithms);
|
return new LinkedHashSet<>(compressionAlgorithms);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Set<AEADAlgorithmCombination> getAEADAlgorithms() {
|
||||||
|
return new LinkedHashSet<>(aeadAlgorithms);
|
||||||
|
}
|
||||||
|
|
||||||
public static AlgorithmSuite getDefaultAlgorithmSuite() {
|
public static AlgorithmSuite getDefaultAlgorithmSuite() {
|
||||||
return defaultAlgorithmSuite;
|
return defaultAlgorithmSuite;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -11,6 +11,7 @@ import java.util.Set;
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
|
import org.pgpainless.algorithm.AEADAlgorithmCombination;
|
||||||
import org.pgpainless.algorithm.AlgorithmSuite;
|
import org.pgpainless.algorithm.AlgorithmSuite;
|
||||||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||||
import org.pgpainless.algorithm.Feature;
|
import org.pgpainless.algorithm.Feature;
|
||||||
|
@ -32,6 +33,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
||||||
private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
|
private Set<CompressionAlgorithm> preferredCompressionAlgorithms = algorithmSuite.getCompressionAlgorithms();
|
||||||
private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
|
private Set<HashAlgorithm> preferredHashAlgorithms = algorithmSuite.getHashAlgorithms();
|
||||||
private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
|
private Set<SymmetricKeyAlgorithm> preferredSymmetricAlgorithms = algorithmSuite.getSymmetricKeyAlgorithms();
|
||||||
|
private Set<AEADAlgorithmCombination> preferredAEADAlgorithms = algorithmSuite.getAEADAlgorithms();
|
||||||
private Date keyCreationDate;
|
private Date keyCreationDate;
|
||||||
|
|
||||||
KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
|
KeySpecBuilder(@Nonnull KeyType type, KeyFlag flag, KeyFlag... flags) {
|
||||||
|
@ -73,6 +75,13 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public KeySpecBuilder overridePreferredAEADAlgorithms(
|
||||||
|
@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms) {
|
||||||
|
this.preferredAEADAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredAEADAlgorithms));
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
|
public KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate) {
|
||||||
this.keyCreationDate = creationDate;
|
this.keyCreationDate = creationDate;
|
||||||
|
@ -85,6 +94,7 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
|
||||||
this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
|
this.hashedSubpackets.setPreferredCompressionAlgorithms(preferredCompressionAlgorithms);
|
||||||
this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
|
this.hashedSubpackets.setPreferredHashAlgorithms(preferredHashAlgorithms);
|
||||||
this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
|
this.hashedSubpackets.setPreferredSymmetricKeyAlgorithms(preferredSymmetricAlgorithms);
|
||||||
|
this.hashedSubpackets.setPreferredAEADCiphersuites(preferredAEADAlgorithms);
|
||||||
this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);
|
this.hashedSubpackets.setFeatures(Feature.MODIFICATION_DETECTION);
|
||||||
|
|
||||||
return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);
|
return new KeySpec(type, (SignatureSubpackets) hashedSubpackets, false, keyCreationDate);
|
||||||
|
|
|
@ -6,6 +6,7 @@ package org.pgpainless.key.generation;
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
|
||||||
|
import org.pgpainless.algorithm.AEADAlgorithmCombination;
|
||||||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||||
import org.pgpainless.algorithm.HashAlgorithm;
|
import org.pgpainless.algorithm.HashAlgorithm;
|
||||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||||
|
@ -20,6 +21,8 @@ public interface KeySpecBuilderInterface {
|
||||||
|
|
||||||
KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);
|
KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms);
|
||||||
|
|
||||||
|
KeySpecBuilder overridePreferredAEADAlgorithms(@Nonnull AEADAlgorithmCombination... preferredAEADAlgorithms);
|
||||||
|
|
||||||
KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);
|
KeySpecBuilder setKeyCreationDate(@Nonnull Date creationDate);
|
||||||
|
|
||||||
KeySpec build();
|
KeySpec build();
|
||||||
|
|
Loading…
Reference in a new issue