mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Allow for revocation attributes to be passed in when revoking subkey directly
This commit is contained in:
parent
0edd8b616f
commit
8305fcf0ee
2 changed files with 76 additions and 8 deletions
|
@ -258,19 +258,24 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint, SecretKeyRingProtector protector)
|
public SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint,
|
||||||
|
SecretKeyRingProtector protector,
|
||||||
|
RevocationAttributes revocationAttributes)
|
||||||
throws PGPException {
|
throws PGPException {
|
||||||
return revokeSubKey(fingerprint.getKeyId(), protector);
|
return revokeSubKey(fingerprint.getKeyId(), protector, revocationAttributes);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SecretKeyRingEditorInterface revokeSubKey(long subKeyId, SecretKeyRingProtector protector) throws PGPException {
|
public SecretKeyRingEditorInterface revokeSubKey(long subKeyId,
|
||||||
|
SecretKeyRingProtector protector,
|
||||||
|
RevocationAttributes revocationAttributes)
|
||||||
|
throws PGPException {
|
||||||
PGPPublicKey revokeeSubKey = secretKeyRing.getPublicKey(subKeyId);
|
PGPPublicKey revokeeSubKey = secretKeyRing.getPublicKey(subKeyId);
|
||||||
if (revokeeSubKey == null) {
|
if (revokeeSubKey == null) {
|
||||||
throw new NoSuchElementException("No subkey with id " + Long.toHexString(subKeyId) + " found.");
|
throw new NoSuchElementException("No subkey with id " + Long.toHexString(subKeyId) + " found.");
|
||||||
}
|
}
|
||||||
|
|
||||||
secretKeyRing = revokeSubKey(protector, revokeeSubKey);
|
secretKeyRing = revokeSubKey(protector, revokeeSubKey, revocationAttributes);
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -302,9 +307,11 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
return revocationCertificate;
|
return revocationCertificate;
|
||||||
}
|
}
|
||||||
|
|
||||||
private PGPSecretKeyRing revokeSubKey(SecretKeyRingProtector protector, PGPPublicKey revokeeSubKey)
|
private PGPSecretKeyRing revokeSubKey(SecretKeyRingProtector protector,
|
||||||
|
PGPPublicKey revokeeSubKey,
|
||||||
|
RevocationAttributes revocationAttributes)
|
||||||
throws PGPException {
|
throws PGPException {
|
||||||
PGPSignature subKeyRevocation = generateRevocation(protector, revokeeSubKey, null);
|
PGPSignature subKeyRevocation = generateRevocation(protector, revokeeSubKey, revocationAttributes);
|
||||||
revokeeSubKey = PGPPublicKey.addCertification(revokeeSubKey, subKeyRevocation);
|
revokeeSubKey = PGPPublicKey.addCertification(revokeeSubKey, subKeyRevocation);
|
||||||
|
|
||||||
// Inject revoked public key into key ring
|
// Inject revoked public key into key ring
|
||||||
|
|
|
@ -117,7 +117,26 @@ public interface SecretKeyRingEditorInterface {
|
||||||
* @param fingerprint fingerprint of the subkey to be revoked
|
* @param fingerprint fingerprint of the subkey to be revoked
|
||||||
* @return the builder
|
* @return the builder
|
||||||
*/
|
*/
|
||||||
SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint, SecretKeyRingProtector secretKeyRingProtector) throws PGPException;
|
default SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint,
|
||||||
|
SecretKeyRingProtector secretKeyRingProtector)
|
||||||
|
throws PGPException {
|
||||||
|
return revokeSubKey(fingerprint, secretKeyRingProtector, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Revoke the subkey binding signature of a subkey.
|
||||||
|
* The subkey with the provided fingerprint will be revoked.
|
||||||
|
* If no suitable subkey is found, a {@link java.util.NoSuchElementException} will be thrown.
|
||||||
|
*
|
||||||
|
* @param fingerprint fingerprint of the subkey to be revoked
|
||||||
|
* @param secretKeyRingProtector protector to unlock the primary key
|
||||||
|
* @param revocationAttributes reason for the revocation
|
||||||
|
* @return the builder
|
||||||
|
*/
|
||||||
|
SecretKeyRingEditorInterface revokeSubKey(OpenPgpV4Fingerprint fingerprint,
|
||||||
|
SecretKeyRingProtector secretKeyRingProtector,
|
||||||
|
RevocationAttributes revocationAttributes)
|
||||||
|
throws PGPException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Revoke the subkey binding signature of a subkey.
|
* Revoke the subkey binding signature of a subkey.
|
||||||
|
@ -127,13 +146,48 @@ public interface SecretKeyRingEditorInterface {
|
||||||
* @param subKeyId id of the subkey
|
* @param subKeyId id of the subkey
|
||||||
* @return the builder
|
* @return the builder
|
||||||
*/
|
*/
|
||||||
SecretKeyRingEditorInterface revokeSubKey(long subKeyId, SecretKeyRingProtector secretKeyRingProtector) throws PGPException;
|
default SecretKeyRingEditorInterface revokeSubKey(long subKeyId,
|
||||||
|
SecretKeyRingProtector secretKeyRingProtector)
|
||||||
|
throws PGPException {
|
||||||
|
return revokeSubKey(subKeyId, secretKeyRingProtector, null);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Revoke the subkey binding signature of a subkey.
|
||||||
|
* The subkey with the provided key-id will be revoked.
|
||||||
|
* If no suitable subkey is found, q {@link java.util.NoSuchElementException} will be thrown.
|
||||||
|
*
|
||||||
|
* @param subKeyId id of the subkey
|
||||||
|
* @param secretKeyRingProtector protector to unlock the primary key
|
||||||
|
* @param revocationAttributes reason for the revocation
|
||||||
|
* @return the builder
|
||||||
|
*/
|
||||||
|
SecretKeyRingEditorInterface revokeSubKey(long subKeyId,
|
||||||
|
SecretKeyRingProtector secretKeyRingProtector,
|
||||||
|
RevocationAttributes revocationAttributes)
|
||||||
|
throws PGPException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a detached revocation certificate, which can be used to revoke the specified key.
|
||||||
|
*
|
||||||
|
* @param fingerprint fingerprint of the key to be revoked. Can be primary or sub key.
|
||||||
|
* @param secretKeyRingProtector protector to unlock the primary key.
|
||||||
|
* @param revocationAttributes reason for the revocation
|
||||||
|
* @return revocation certificate
|
||||||
|
*/
|
||||||
PGPSignature createRevocationCertificate(OpenPgpV4Fingerprint fingerprint,
|
PGPSignature createRevocationCertificate(OpenPgpV4Fingerprint fingerprint,
|
||||||
SecretKeyRingProtector secretKeyRingProtector,
|
SecretKeyRingProtector secretKeyRingProtector,
|
||||||
RevocationAttributes revocationAttributes)
|
RevocationAttributes revocationAttributes)
|
||||||
throws PGPException;
|
throws PGPException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a detached revocation certificate, which can be used to revoke the specified key.
|
||||||
|
*
|
||||||
|
* @param subKeyId id of the key to be revoked. Can be primary or sub key.
|
||||||
|
* @param secretKeyRingProtector protector to unlock the primary key.
|
||||||
|
* @param revocationAttributes reason for the revocation
|
||||||
|
* @return revocation certificate
|
||||||
|
*/
|
||||||
PGPSignature createRevocationCertificate(long subKeyId,
|
PGPSignature createRevocationCertificate(long subKeyId,
|
||||||
SecretKeyRingProtector secretKeyRingProtector,
|
SecretKeyRingProtector secretKeyRingProtector,
|
||||||
RevocationAttributes revocationAttributes)
|
RevocationAttributes revocationAttributes)
|
||||||
|
@ -149,6 +203,13 @@ public interface SecretKeyRingEditorInterface {
|
||||||
return changePassphraseFromOldPassphrase(oldPassphrase, KeyRingProtectionSettings.secureDefaultSettings());
|
return changePassphraseFromOldPassphrase(oldPassphrase, KeyRingProtectionSettings.secureDefaultSettings());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Change the passphrase of the whole key ring.
|
||||||
|
*
|
||||||
|
* @param oldPassphrase old passphrase or null, if the key was unprotected
|
||||||
|
* @param oldProtectionSettings custom settings for the old passphrase
|
||||||
|
* @return next builder step
|
||||||
|
*/
|
||||||
WithKeyRingEncryptionSettings changePassphraseFromOldPassphrase(@Nullable Passphrase oldPassphrase,
|
WithKeyRingEncryptionSettings changePassphraseFromOldPassphrase(@Nullable Passphrase oldPassphrase,
|
||||||
@Nonnull KeyRingProtectionSettings oldProtectionSettings);
|
@Nonnull KeyRingProtectionSettings oldProtectionSettings);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue