1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 22:32:07 +01:00

Adding subkeys, generating keys: Verify subkeys comply to public key algorithm policy

This commit is contained in:
Paul Schaub 2021-12-02 14:18:21 +01:00
parent f5c3e7b23f
commit 8b1bdb98f1
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
14 changed files with 92 additions and 16 deletions

View file

@ -39,11 +39,13 @@ import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.algorithm.SignatureType; import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.policy.Policy;
import org.pgpainless.provider.ProviderFactory; import org.pgpainless.provider.ProviderFactory;
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets; import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
import org.pgpainless.signature.subpackets.SignatureSubpackets; import org.pgpainless.signature.subpackets.SignatureSubpackets;
@ -62,6 +64,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
@Override @Override
public KeyRingBuilder setPrimaryKey(@Nonnull KeySpec keySpec) { public KeyRingBuilder setPrimaryKey(@Nonnull KeySpec keySpec) {
verifyKeySpecCompliesToPolicy(keySpec, PGPainless.getPolicy());
verifyMasterKeyCanCertify(keySpec); verifyMasterKeyCanCertify(keySpec);
this.primaryKeySpec = keySpec; this.primaryKeySpec = keySpec;
return this; return this;
@ -69,6 +72,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
@Override @Override
public KeyRingBuilder addSubkey(@Nonnull KeySpec keySpec) { public KeyRingBuilder addSubkey(@Nonnull KeySpec keySpec) {
verifyKeySpecCompliesToPolicy(keySpec, PGPainless.getPolicy());
this.subkeySpecs.add(keySpec); this.subkeySpecs.add(keySpec);
return this; return this;
} }
@ -107,6 +111,16 @@ public class KeyRingBuilder implements KeyRingBuilderInterface<KeyRingBuilder> {
return this; return this;
} }
private void verifyKeySpecCompliesToPolicy(KeySpec keySpec, Policy policy) {
PublicKeyAlgorithm publicKeyAlgorithm = keySpec.getKeyType().getAlgorithm();
int bitStrength = keySpec.getKeyType().getBitStrength();
if (!policy.getPublicKeyAlgorithmPolicy().isAcceptable(publicKeyAlgorithm, bitStrength)) {
throw new IllegalArgumentException("Public key algorithm policy violation: " +
publicKeyAlgorithm + " with bit strength " + bitStrength + " is not acceptable.");
}
}
private void verifyMasterKeyCanCertify(KeySpec spec) { private void verifyMasterKeyCanCertify(KeySpec spec) {
if (!hasCertifyOthersFlag(spec)) { if (!hasCertifyOthersFlag(spec)) {
throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER"); throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER");

View file

@ -27,7 +27,7 @@ public class KeySpec {
} }
@Nonnull @Nonnull
KeyType getKeyType() { public KeyType getKeyType() {
return keyType; return keyType;
} }

View file

@ -33,6 +33,12 @@ public interface KeyType {
*/ */
PublicKeyAlgorithm getAlgorithm(); PublicKeyAlgorithm getAlgorithm();
/**
* Return the strength of the key in bits.
* @return
*/
int getBitStrength();
/** /**
* Return an implementation of {@link AlgorithmParameterSpec} that can be used to generate the key. * Return an implementation of {@link AlgorithmParameterSpec} that can be used to generate the key.
* *

View file

@ -15,22 +15,28 @@ import org.pgpainless.key.generation.type.xdh.XDHSpec;
* {@link XDHSpec} and {@link org.pgpainless.key.generation.type.eddsa.EdDSACurve}. * {@link XDHSpec} and {@link org.pgpainless.key.generation.type.eddsa.EdDSACurve}.
*/ */
public enum EllipticCurve { public enum EllipticCurve {
_P256("prime256v1"), // prime256v1 is equivalent to P-256, see https://tools.ietf.org/search/rfc4492#page-32 _P256("prime256v1", 256), // prime256v1 is equivalent to P-256, see https://tools.ietf.org/search/rfc4492#page-32
_P384("secp384r1"), // secp384r1 is equivalent to P-384, see https://tools.ietf.org/search/rfc4492#page-32 _P384("secp384r1", 384), // secp384r1 is equivalent to P-384, see https://tools.ietf.org/search/rfc4492#page-32
_P521("secp521r1"), // secp521r1 is equivalent to P-521, see https://tools.ietf.org/search/rfc4492#page-32 _P521("secp521r1", 521), // secp521r1 is equivalent to P-521, see https://tools.ietf.org/search/rfc4492#page-32
_SECP256K1("secp256k1"), _SECP256K1("secp256k1", 256),
_BRAINPOOLP256R1("brainpoolP256r1"), _BRAINPOOLP256R1("brainpoolP256r1", 256),
_BRAINPOOLP384R1("brainpoolP384r1"), _BRAINPOOLP384R1("brainpoolP384r1", 384),
_BRAINPOOLP512R1("brainpoolP512r1") _BRAINPOOLP512R1("brainpoolP512r1", 512)
; ;
private final String name; private final String name;
private final int bitStrength;
EllipticCurve(@Nonnull String name) { EllipticCurve(@Nonnull String name, int bitStrength) {
this.name = name; this.name = name;
this.bitStrength = bitStrength;
} }
public String getName() { public String getName() {
return name; return name;
} }
public int getBitStrength() {
return bitStrength;
}
} }

View file

@ -34,6 +34,11 @@ public final class ECDH implements KeyType {
return PublicKeyAlgorithm.ECDH; return PublicKeyAlgorithm.ECDH;
} }
@Override
public int getBitStrength() {
return curve.getBitStrength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new ECNamedCurveGenParameterSpec(curve.getName()); return new ECNamedCurveGenParameterSpec(curve.getName());

View file

@ -35,6 +35,11 @@ public final class ECDSA implements KeyType {
return PublicKeyAlgorithm.ECDSA; return PublicKeyAlgorithm.ECDSA;
} }
@Override
public int getBitStrength() {
return curve.getBitStrength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new ECNamedCurveGenParameterSpec(curve.getName()); return new ECNamedCurveGenParameterSpec(curve.getName());

View file

@ -35,6 +35,11 @@ public final class EdDSA implements KeyType {
return PublicKeyAlgorithm.EDDSA; return PublicKeyAlgorithm.EDDSA;
} }
@Override
public int getBitStrength() {
return curve.getBitStrength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new ECNamedCurveGenParameterSpec(curve.getName()); return new ECNamedCurveGenParameterSpec(curve.getName());

View file

@ -7,16 +7,22 @@ package org.pgpainless.key.generation.type.eddsa;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
public enum EdDSACurve { public enum EdDSACurve {
_Ed25519("ed25519"), _Ed25519("ed25519", 256),
; ;
final String name; final String name;
final int bitStrength;
EdDSACurve(@Nonnull String curveName) { EdDSACurve(@Nonnull String curveName, int bitStrength) {
this.name = curveName; this.name = curveName;
this.bitStrength = bitStrength;
} }
public String getName() { public String getName() {
return name; return name;
} }
public int getBitStrength() {
return bitStrength;
}
} }

View file

@ -36,6 +36,11 @@ public final class ElGamal implements KeyType {
return PublicKeyAlgorithm.ELGAMAL_ENCRYPT; return PublicKeyAlgorithm.ELGAMAL_ENCRYPT;
} }
@Override
public int getBitStrength() {
return length.getLength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new ElGamalParameterSpec(length.getP(), length.getG()); return new ElGamalParameterSpec(length.getP(), length.getG());

View file

@ -36,6 +36,11 @@ public class RSA implements KeyType {
return PublicKeyAlgorithm.RSA_GENERAL; return PublicKeyAlgorithm.RSA_GENERAL;
} }
@Override
public int getBitStrength() {
return length.getLength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new RSAKeyGenParameterSpec(length.getLength(), RSAKeyGenParameterSpec.F4); return new RSAKeyGenParameterSpec(length.getLength(), RSAKeyGenParameterSpec.F4);

View file

@ -32,6 +32,11 @@ public final class XDH implements KeyType {
return PublicKeyAlgorithm.ECDH; return PublicKeyAlgorithm.ECDH;
} }
@Override
public int getBitStrength() {
return spec.getBitStrength();
}
@Override @Override
public AlgorithmParameterSpec getAlgorithmSpec() { public AlgorithmParameterSpec getAlgorithmSpec() {
return new ECNamedCurveGenParameterSpec(spec.getName()); return new ECNamedCurveGenParameterSpec(spec.getName());

View file

@ -7,15 +7,17 @@ package org.pgpainless.key.generation.type.xdh;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
public enum XDHSpec { public enum XDHSpec {
_X25519("X25519", "curve25519"), _X25519("X25519", "curve25519", 256),
; ;
final String name; final String name;
final String curveName; final String curveName;
final int bitStrength;
XDHSpec(@Nonnull String name, @Nonnull String curveName) { XDHSpec(@Nonnull String name, @Nonnull String curveName, int bitStrength) {
this.name = name; this.name = name;
this.curveName = curveName; this.curveName = curveName;
this.bitStrength = bitStrength;
} }
public String getName() { public String getName() {
@ -25,4 +27,8 @@ public enum XDHSpec {
public String getCurveName() { public String getCurveName() {
return curveName; return curveName;
} }
public int getBitStrength() {
return bitStrength;
}
} }

View file

@ -70,6 +70,7 @@ import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
import org.pgpainless.signature.subpackets.SignatureSubpackets; import org.pgpainless.signature.subpackets.SignatureSubpackets;
import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper; import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil; import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
import org.pgpainless.util.BCUtil;
import org.pgpainless.util.CollectionUtils; import org.pgpainless.util.CollectionUtils;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
import org.pgpainless.util.selection.userid.SelectUserId; import org.pgpainless.util.selection.userid.SelectUserId;
@ -169,7 +170,6 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
@Nonnull Passphrase subKeyPassphrase, @Nonnull Passphrase subKeyPassphrase,
@Nonnull SecretKeyRingProtector secretKeyRingProtector) @Nonnull SecretKeyRingProtector secretKeyRingProtector)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(keySpec); PGPKeyPair keyPair = KeyRingBuilder.generateKeyPair(keySpec);
SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector SecretKeyRingProtector subKeyProtector = PasswordBasedSecretKeyRingProtector
@ -216,11 +216,19 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
@Nonnull SecretKeyRingProtector primaryKeyProtector, @Nonnull SecretKeyRingProtector primaryKeyProtector,
@Nonnull KeyFlag keyFlag, @Nonnull KeyFlag keyFlag,
KeyFlag... additionalKeyFlags) KeyFlag... additionalKeyFlags)
throws PGPException, IOException { throws PGPException, IOException, NoSuchAlgorithmException {
KeyFlag[] flags = concat(keyFlag, additionalKeyFlags); KeyFlag[] flags = concat(keyFlag, additionalKeyFlags);
PublicKeyAlgorithm subkeyAlgorithm = PublicKeyAlgorithm.fromId(subkey.getPublicKey().getAlgorithm()); PublicKeyAlgorithm subkeyAlgorithm = PublicKeyAlgorithm.fromId(subkey.getPublicKey().getAlgorithm());
SignatureSubpacketsUtil.assureKeyCanCarryFlags(subkeyAlgorithm); SignatureSubpacketsUtil.assureKeyCanCarryFlags(subkeyAlgorithm);
// check key against public key algorithm policy
PublicKeyAlgorithm publicKeyAlgorithm = PublicKeyAlgorithm.fromId(subkey.getPublicKey().getAlgorithm());
int bitStrength = BCUtil.getBitStrength(subkey.getPublicKey());
if (!PGPainless.getPolicy().getPublicKeyAlgorithmPolicy().isAcceptable(publicKeyAlgorithm, bitStrength)) {
throw new IllegalArgumentException("Public key algorithm policy violation: " +
publicKeyAlgorithm + " with bit strength " + bitStrength + " is not acceptable.");
}
PGPSecretKey primaryKey = secretKeyRing.getSecretKey(); PGPSecretKey primaryKey = secretKeyRing.getSecretKey();
KeyRingInfo info = PGPainless.inspectKeyRing(secretKeyRing); KeyRingInfo info = PGPainless.inspectKeyRing(secretKeyRing);
PublicKeyAlgorithm signingKeyAlgorithm = PublicKeyAlgorithm.fromId(primaryKey.getPublicKey().getAlgorithm()); PublicKeyAlgorithm signingKeyAlgorithm = PublicKeyAlgorithm.fromId(primaryKey.getPublicKey().getAlgorithm());

View file

@ -119,7 +119,7 @@ public interface SecretKeyRingEditorInterface {
@Nonnull SecretKeyRingProtector primaryKeyProtector, @Nonnull SecretKeyRingProtector primaryKeyProtector,
@Nonnull KeyFlag keyFlag, @Nonnull KeyFlag keyFlag,
KeyFlag... additionalKeyFlags) KeyFlag... additionalKeyFlags)
throws PGPException, IOException; throws PGPException, IOException, NoSuchAlgorithmException;
/** /**
* Revoke the key ring. * Revoke the key ring.