1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-30 00:02:06 +01:00

Easier generation of simple keys with password

This commit is contained in:
Paul Schaub 2020-01-12 20:32:55 +01:00
parent 700f9cbca4
commit 750d93b009
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -16,7 +16,6 @@
package org.pgpainless.key.generation; package org.pgpainless.key.generation;
import javax.annotation.Nonnull;
import java.nio.charset.Charset; import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair; import java.security.KeyPair;
@ -25,6 +24,7 @@ import java.security.NoSuchAlgorithmException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPEncryptedData; import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
@ -62,11 +62,12 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
private Passphrase passphrase; private Passphrase passphrase;
/** /**
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}. * Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification. * The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
* *
* @param userId user id. * @param userId user id.
* @param length length in bits. * @param length length in bits.
*
* @return {@link PGPSecretKeyRing} containing the KeyPair. * @return {@link PGPSecretKeyRing} containing the KeyPair.
* *
* @throws PGPException * @throws PGPException
@ -74,15 +75,56 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* @throws InvalidAlgorithmParameterException * @throws InvalidAlgorithmParameterException
*/ */
public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length) public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleRsaKeyRing(userId, length, null);
}
/**
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
*
* @param userId user id.
* @param length length in bits.
* @param password Password of the key. Can be null for unencrypted keys.
*
* @return {@link PGPSecretKeyRing} containing the KeyPair.
*
* @throws PGPException
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
*/
public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length, String password)
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return this WithPassphrase builder = this
.withMasterKey( .withMasterKey(
KeySpec.getBuilder(RSA_GENERAL.withLength(length)) KeySpec.getBuilder(RSA_GENERAL.withLength(length))
.withDefaultKeyFlags() .withDefaultKeyFlags()
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withPrimaryUserId(userId) .withPrimaryUserId(userId);
.withoutPassphrase()
.build(); if (password == null) {
return builder.withoutPassphrase().build();
} else {
return builder.withPassphrase(new Passphrase(password.toCharArray())).build();
}
}
/**
* Creates an unencrypted key ring consisting of an ECDSA master key and an ECDH sub-key.
* The ECDSA master key is used for signing messages and certifying the sub key.
* The ECDH sub-key is used for encryption of messages.
*
* @param userId user-id
*
* @return {@link PGPSecretKeyRing} containing the key pairs.
*
* @throws PGPException
* @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException
*/
public PGPKeyRing simpleEcKeyRing(@Nonnull String userId)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleEcKeyRing(userId, null);
} }
/** /**
@ -91,15 +133,17 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* The ECDH sub-key is used for encryption of messages. * The ECDH sub-key is used for encryption of messages.
* *
* @param userId user-id * @param userId user-id
* @param password Password of the private key. Can be null for an unencrypted key.
*
* @return {@link PGPSecretKeyRing} containing the key pairs. * @return {@link PGPSecretKeyRing} containing the key pairs.
* *
* @throws PGPException * @throws PGPException
* @throws NoSuchAlgorithmException * @throws NoSuchAlgorithmException
* @throws InvalidAlgorithmParameterException * @throws InvalidAlgorithmParameterException
*/ */
public PGPKeyRing simpleEcKeyRing(@Nonnull String userId) public PGPKeyRing simpleEcKeyRing(@Nonnull String userId, String password)
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return this WithPassphrase builder = this
.withSubKey( .withSubKey(
KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256)) KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
.withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS) .withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
@ -108,9 +152,13 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
KeySpec.getBuilder(ECDSA.fromCurve(EllipticCurve._P256)) KeySpec.getBuilder(ECDSA.fromCurve(EllipticCurve._P256))
.withKeyFlags(KeyFlag.AUTHENTICATION, KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA) .withKeyFlags(KeyFlag.AUTHENTICATION, KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withPrimaryUserId(userId) .withPrimaryUserId(userId);
.withoutPassphrase()
.build(); if (password == null) {
return builder.withoutPassphrase().build();
} else {
return builder.withPassphrase(new Passphrase(password.toCharArray())).build();
}
} }
@Override @Override