1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 22:32:07 +01:00

Introduce Policy class for default algorithms

This commit is contained in:
Paul Schaub 2021-01-22 16:50:08 +01:00
parent 39ab6ebddf
commit 7864add645
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
3 changed files with 63 additions and 3 deletions

View file

@ -155,4 +155,8 @@ public class PGPainless {
public static byte[] decryptWithPassword(@Nonnull byte[] data, @Nonnull Passphrase password) throws IOException, PGPException { public static byte[] decryptWithPassword(@Nonnull byte[] data, @Nonnull Passphrase password) throws IOException, PGPException {
return SymmetricEncryptorDecryptor.symmetricallyDecrypt(data, password); return SymmetricEncryptorDecryptor.symmetricallyDecrypt(data, password);
} }
public static Policy getPolicy() {
return Policy.getInstance();
}
} }

View file

@ -0,0 +1,56 @@
/*
* Copyright 2021 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
public final class Policy {
private static Policy INSTANCE;
private HashAlgorithm signatureHashAlgorithm = HashAlgorithm.SHA512;
private SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.AES_256;
private Policy() {
}
public static Policy getInstance() {
if (INSTANCE == null) {
INSTANCE = new Policy();
}
return INSTANCE;
}
public void setDefaultSignatureHashAlgorithm(HashAlgorithm hashAlgorithm) {
if (hashAlgorithm == null) {
throw new IllegalArgumentException("HashAlgorithm cannot be null.");
}
this.signatureHashAlgorithm = hashAlgorithm;
}
public HashAlgorithm getDefaultSignatureHashAlgorithm() {
return signatureHashAlgorithm;
}
public void setDefaultKeyEncryptionAlgorithm(SymmetricKeyAlgorithm symmetricKeyAlgorithm) {
this.symmetricKeyAlgorithm = symmetricKeyAlgorithm;
}
public SymmetricKeyAlgorithm getDefaultSymmetricKeyAlgorithm() {
return symmetricKeyAlgorithm;
}
}

View file

@ -43,10 +43,10 @@ import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor; import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder; import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator; import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.SignatureType; import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.ecc.EllipticCurve; import org.pgpainless.key.generation.type.ecc.EllipticCurve;
@ -329,14 +329,14 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
private PGPContentSignerBuilder buildContentSigner(PGPKeyPair certKey) { private PGPContentSignerBuilder buildContentSigner(PGPKeyPair certKey) {
return ImplementationFactory.getInstance().getPGPContentSignerBuilder( return ImplementationFactory.getInstance().getPGPContentSignerBuilder(
certKey.getPublicKey().getAlgorithm(), certKey.getPublicKey().getAlgorithm(),
HashAlgorithm.SHA512.getAlgorithmId()); PGPainless.getPolicy().getDefaultSignatureHashAlgorithm().getAlgorithmId());
} }
private PBESecretKeyEncryptor buildSecretKeyEncryptor() { private PBESecretKeyEncryptor buildSecretKeyEncryptor() {
PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ? PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ?
null : // unencrypted key pair, otherwise AES-256 encrypted null : // unencrypted key pair, otherwise AES-256 encrypted
ImplementationFactory.getInstance().getPBESecretKeyEncryptor( ImplementationFactory.getInstance().getPBESecretKeyEncryptor(
SymmetricKeyAlgorithm.AES_256, digestCalculator, passphrase); PGPainless.getPolicy().getDefaultSymmetricKeyAlgorithm(), digestCalculator, passphrase);
return encryptor; return encryptor;
} }