From 7864add645a643e7a9b8f26e7111fd4e9e92d22e Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Fri, 22 Jan 2021 16:50:08 +0100
Subject: [PATCH] Introduce Policy class for default algorithms

---
 .../main/java/org/pgpainless/PGPainless.java  |  4 ++
 .../src/main/java/org/pgpainless/Policy.java  | 56 +++++++++++++++++++
 .../key/generation/KeyRingBuilder.java        |  6 +-
 3 files changed, 63 insertions(+), 3 deletions(-)
 create mode 100644 pgpainless-core/src/main/java/org/pgpainless/Policy.java

diff --git a/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java b/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java
index 92cfeefb..40b08891 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java
@@ -155,4 +155,8 @@ public class PGPainless {
     public static byte[] decryptWithPassword(@Nonnull byte[] data, @Nonnull Passphrase password) throws IOException, PGPException {
         return SymmetricEncryptorDecryptor.symmetricallyDecrypt(data, password);
     }
+
+    public static Policy getPolicy() {
+        return Policy.getInstance();
+    }
 }
diff --git a/pgpainless-core/src/main/java/org/pgpainless/Policy.java b/pgpainless-core/src/main/java/org/pgpainless/Policy.java
new file mode 100644
index 00000000..3880f3ee
--- /dev/null
+++ b/pgpainless-core/src/main/java/org/pgpainless/Policy.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2021 Paul Schaub.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.pgpainless;
+
+import org.pgpainless.algorithm.HashAlgorithm;
+import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
+
+public final class Policy {
+
+    private static Policy INSTANCE;
+
+    private HashAlgorithm signatureHashAlgorithm = HashAlgorithm.SHA512;
+    private SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.AES_256;
+
+    private Policy() {
+    }
+
+    public static Policy getInstance() {
+        if (INSTANCE == null) {
+            INSTANCE = new Policy();
+        }
+        return INSTANCE;
+    }
+
+    public void setDefaultSignatureHashAlgorithm(HashAlgorithm hashAlgorithm) {
+        if (hashAlgorithm == null) {
+            throw new IllegalArgumentException("HashAlgorithm cannot be null.");
+        }
+        this.signatureHashAlgorithm = hashAlgorithm;
+    }
+
+    public HashAlgorithm getDefaultSignatureHashAlgorithm() {
+        return signatureHashAlgorithm;
+    }
+
+    public void setDefaultKeyEncryptionAlgorithm(SymmetricKeyAlgorithm symmetricKeyAlgorithm) {
+        this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
+    }
+
+    public SymmetricKeyAlgorithm getDefaultSymmetricKeyAlgorithm() {
+        return symmetricKeyAlgorithm;
+    }
+}
diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
index d1a4db28..a4f67bf4 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
@@ -43,10 +43,10 @@ import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
 import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
 import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
 import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
+import org.pgpainless.PGPainless;
 import org.pgpainless.algorithm.HashAlgorithm;
 import org.pgpainless.algorithm.KeyFlag;
 import org.pgpainless.algorithm.SignatureType;
-import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
 import org.pgpainless.implementation.ImplementationFactory;
 import org.pgpainless.key.generation.type.KeyType;
 import org.pgpainless.key.generation.type.ecc.EllipticCurve;
@@ -329,14 +329,14 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
             private PGPContentSignerBuilder buildContentSigner(PGPKeyPair certKey) {
                 return ImplementationFactory.getInstance().getPGPContentSignerBuilder(
                         certKey.getPublicKey().getAlgorithm(),
-                        HashAlgorithm.SHA512.getAlgorithmId());
+                        PGPainless.getPolicy().getDefaultSignatureHashAlgorithm().getAlgorithmId());
             }
 
             private PBESecretKeyEncryptor buildSecretKeyEncryptor() {
                 PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ?
                         null : // unencrypted key pair, otherwise AES-256 encrypted
                         ImplementationFactory.getInstance().getPBESecretKeyEncryptor(
-                                SymmetricKeyAlgorithm.AES_256, digestCalculator, passphrase);
+                                PGPainless.getPolicy().getDefaultSymmetricKeyAlgorithm(), digestCalculator, passphrase);
                 return encryptor;
             }