1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-25 12:27:58 +01:00

Improve visibility by hiding methods

This commit is contained in:
Paul Schaub 2024-02-21 22:57:09 +01:00
parent 3fee627be9
commit 9215987f24
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -5,7 +5,7 @@
package org.pgpainless.key.generation package org.pgpainless.key.generation
import java.io.InputStream import java.io.InputStream
import java.util.Date import java.util.*
import openpgp.formatUTC import openpgp.formatUTC
import org.bouncycastle.bcpg.attr.ImageAttribute import org.bouncycastle.bcpg.attr.ImageAttribute
import org.bouncycastle.extensions.plusCertification import org.bouncycastle.extensions.plusCertification
@ -58,6 +58,7 @@ class OpenPgpKeyGenerator internal constructor() {
* @param preferences suite of algorithm preferences and enabled features * @param preferences suite of algorithm preferences and enabled features
*/ */
@JvmStatic @JvmStatic
@JvmOverloads
fun buildV4Key( fun buildV4Key(
policy: Policy = PGPainless.getPolicy(), policy: Policy = PGPainless.getPolicy(),
creationTime: Date = Date(), creationTime: Date = Date(),
@ -80,12 +81,12 @@ abstract class DefinePrimaryKey<O : DefineSubkeys<O>>
internal constructor(val policy: Policy, val creationTime: Date, val preferences: AlgorithmSuite) { internal constructor(val policy: Policy, val creationTime: Date, val preferences: AlgorithmSuite) {
// If set to true, no default direct-key signature will be added to the key // If set to true, no default direct-key signature will be added to the key
internal var skipDefaultDirectKeySignature = false protected var skipDefaultDirectKeySignature = false
// The key flags are set with the setPrimaryKey method // The key flags are set with the setPrimaryKey method
// It can be reused (e.g. by the v4 builder) to populate direct-key and self-certification // It can be reused (e.g. by the v4 builder) to populate direct-key and self-certification
// signatures with the intended key flags. // signatures with the intended key flags.
internal var keyFlags: List<KeyFlag>? = null protected var keyFlags: List<KeyFlag>? = null
/** /**
* Callback to set preferences on the key and user-ids, such as algorithm preferences, features * Callback to set preferences on the key and user-ids, such as algorithm preferences, features
@ -93,14 +94,14 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* *
* @return callback * @return callback
*/ */
internal abstract fun preferencesSubpackets(): SelfSignatureSubpackets.Callback protected abstract fun preferencesSubpackets(): SelfSignatureSubpackets.Callback
/** /**
* Builder-provided subpackets for direct-key signatures. * Builder-provided subpackets for direct-key signatures.
* *
* @return callback * @return callback
*/ */
internal fun directKeySignatureSubpackets() = preferencesSubpackets() protected fun directKeySignatureSubpackets() = preferencesSubpackets()
/** /**
* Builder-provided subpackets for UserID binding signatures. * Builder-provided subpackets for UserID binding signatures.
@ -108,7 +109,9 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* @param primaryKey primary key * @param primaryKey primary key
* @return callback * @return callback
*/ */
internal abstract fun userIdSubpackets(primaryKey: PGPKeyPair): SelfSignatureSubpackets.Callback protected abstract fun userIdSubpackets(
primaryKey: PGPKeyPair
): SelfSignatureSubpackets.Callback
/** /**
* Builder-provided subpackets for UserAttribute binding signatures. * Builder-provided subpackets for UserAttribute binding signatures.
@ -116,7 +119,7 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* @param primaryKey primary key * @param primaryKey primary key
* @return callback * @return callback
*/ */
internal abstract fun userAttributeSubpackets( protected abstract fun userAttributeSubpackets(
primaryKey: PGPKeyPair primaryKey: PGPKeyPair
): SelfSignatureSubpackets.Callback ): SelfSignatureSubpackets.Callback
@ -125,14 +128,14 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* *
* @return primary key * @return primary key
*/ */
internal abstract fun generatePrimaryKey(type: KeyType, creationTime: Date): PGPKeyPair protected abstract fun generatePrimaryKey(type: KeyType, creationTime: Date): PGPKeyPair
/** /**
* Apply a [ApplyToPrimaryKey] instance to the given [PGPKeyPair]. * Apply a [ApplyToPrimaryKey] instance to the given [PGPKeyPair].
* *
* @return altered [PGPKeyPair] * @return altered [PGPKeyPair]
*/ */
internal abstract fun applyToPrimaryKey( protected abstract fun applyToPrimaryKey(
primaryKey: PGPKeyPair, primaryKey: PGPKeyPair,
applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)? applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)?
): PGPKeyPair ): PGPKeyPair
@ -154,11 +157,22 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* @param applyToPrimaryKey function block to apply to the primary key * @param applyToPrimaryKey function block to apply to the primary key
* @return subkey builder * @return subkey builder
*/ */
abstract fun setPrimaryKey( @JvmOverloads
fun setPrimaryKey(
type: KeyType, type: KeyType,
keyFlags: List<KeyFlag>? = listOf(KeyFlag.CERTIFY_OTHER), keyFlags: List<KeyFlag>? = listOf(KeyFlag.CERTIFY_OTHER),
creationTime: Date = this.creationTime, creationTime: Date = this.creationTime,
applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)? = null applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)? = null
): O = doSetPrimaryKey(type, keyFlags, creationTime, applyToPrimaryKey)
fun setPrimaryKey(type: KeyType, applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)?): O =
setPrimaryKey(type, listOf(KeyFlag.CERTIFY_OTHER), this.creationTime, applyToPrimaryKey)
protected abstract fun doSetPrimaryKey(
type: KeyType,
keyFlags: List<KeyFlag>?,
creationTime: Date,
applyToPrimaryKey: (ApplyToPrimaryKey.() -> PGPKeyPair)?
): O ): O
/** /**
@ -166,7 +180,7 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* *
* @param algorithm hash algorithm * @param algorithm hash algorithm
*/ */
internal open fun sanitizeHashAlgorithm(algorithm: HashAlgorithm) { protected open fun sanitizeHashAlgorithm(algorithm: HashAlgorithm) {
// Do nothing // Do nothing
} }
@ -176,9 +190,196 @@ internal constructor(val policy: Policy, val creationTime: Date, val preferences
* @param bindingTime signature creation time * @param bindingTime signature creation time
* @param primaryKey primary key * @param primaryKey primary key
*/ */
internal open fun sanitizeBindingTime(bindingTime: Date, primaryKey: PGPKeyPair) { protected open fun sanitizeBindingTime(bindingTime: Date, primaryKey: PGPKeyPair) {
// Do nothing // Do nothing
} }
/**
* Function that can be applied to the primary key.
*
* @param keyPair primary key pair
* @param builder builder instance that generated the primary key
*/
abstract class ApplyToPrimaryKey
internal constructor(var keyPair: PGPKeyPair, val builder: DefinePrimaryKey<*>) {
/**
* Add a UserID to the primary key.
*
* @param userId UserID to be bound to the primary key
* @param subpacketsCallback callback to modify the binding signatures subpackets Note: The
* user-provided changes are applied over builder-provided subpackets
* @param certificationType type of the certification signature. Defaults to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addUserId(
userId: CharSequence,
subpacketsCallback: SelfSignatureSubpackets.Callback = builder.preferencesSubpackets(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
val callback = builder.userIdSubpackets(keyPair).then(subpacketsCallback)
return doAddUserId(userId, callback, certificationType, hashAlgorithm, bindingTime)
}
/**
* Actually add a UserID to the primary key.
*
* @param userId UserId
* @param subpacketsCallback callback to modify the subpackets of the binding signature with
* @param certificationType signature type of the binding signature (certification level)
* @param hashAlgorithm hash algorithm to be used to calculate the signature
* @param bindingTime creation time of the binding signature
* @return modified primary key
*/
protected abstract fun doAddUserId(
userId: CharSequence,
subpacketsCallback: SelfSignatureSubpackets.Callback,
certificationType: CertificationType,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/**
* Add a UserAttribute to the primary key.
*
* @param userAttribute UserAttribute to be bound to the primary key
* @param subpacketsCallback user-provided callback to modify the binding signature
* subpackets Note: The user-provided changes are applied over subpackets provided by the
* builder
* @param certificationType type of the binding signature. Default to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addUserAttribute(
userAttribute: PGPUserAttributeSubpacketVector,
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
val callback = builder.userAttributeSubpackets(keyPair).then(subpacketsCallback)
return doAddUserAttribute(
userAttribute, callback, certificationType, hashAlgorithm, bindingTime)
}
/**
* Actually add the UserAttribute to the primary key.
*
* @param userAttribute UserAttribute to be added to the primary key
* @param subpacketsCallback callback to modify the subpackets of the binding signature with
* @param certificationType signature type (certification level)
* @param hashAlgorithm hash algorithm to calculate the binding signature with
* @param bindingTime creation time of the binding signature
* @return modified primary key
*/
protected abstract fun doAddUserAttribute(
userAttribute: PGPUserAttributeSubpacketVector,
subpacketsCallback: SelfSignatureSubpackets.Callback,
certificationType: CertificationType,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/**
* Add a JPEG image as UserAttribute to the primary key. This may for example be a profile
* picture of the key owner.
*
* @param jpegInputStream input stream containing the JPEG encoded image
* @param subpacketsCallback callback to modify the subpackets of the binding signature
* @param certificationType type of the binding signature. Defaults to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addImageAttribute(
jpegInputStream: InputStream,
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair =
addUserAttribute(
PGPUserAttributeSubpacketVectorGenerator()
.apply {
setImageAttribute(ImageAttribute.JPEG, Streams.readAll(jpegInputStream))
}
.generate(),
subpacketsCallback,
certificationType,
hashAlgorithm,
bindingTime)
/**
* Add a DirectKeySignature to the primary key. Such a signature usually carries information
* that applies to the whole OpenPGP key, such as algorithm preferences etc.
*
* @param subpacketsCallback callback to modify the direct-key signatures subpackets with
* Note, that the user-provided changed subpackets are applied over builder-provided
* subpackets.
* @param hashAlgorithm hash algorithm to calculate the signature with
* @param bindingTime signature creation time
* @return modified primary key
*/
fun addDirectKeySignature(
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
skipDefaultSignature()
val callback = builder.directKeySignatureSubpackets().then(subpacketsCallback)
return doAddDirectKeySignature(callback, hashAlgorithm, bindingTime)
}
/**
* Actually add a direct-key signature to the primary key.
*
* @param subpacketsCallback callback to modify the direct-key signatures subpackets with
* @param hashAlgorithm hash algorithm to calculate the signature with
* @param bindingTime creation time for the direct-key signature
* @return modified primary key
*/
protected abstract fun doAddDirectKeySignature(
subpacketsCallback: SelfSignatureSubpackets.Callback,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/** Do not add the default direct-key signature automatically. */
fun skipDefaultSignature(): PGPKeyPair {
builder.skipDefaultDirectKeySignature = true
return keyPair
}
/**
* Schedule the execution of another [ApplyToPrimaryKey] function instance right after this
* one has been executed.
*
* @param other second instance
* @return modified key pair after this and [other] have been executed
*/
abstract fun then(other: (ApplyToPrimaryKey.() -> PGPKeyPair)?): PGPKeyPair
}
} }
/** Implementation of [DefinePrimaryKey] build for version 4 OpenPGP keys. */ /** Implementation of [DefinePrimaryKey] build for version 4 OpenPGP keys. */
@ -229,6 +430,7 @@ internal constructor(
* @param applyToSubkey function to apply to the subkey. Used to add binding signatures. * @param applyToSubkey function to apply to the subkey. Used to add binding signatures.
* @return this * @return this
*/ */
@JvmOverloads
fun addSubkey( fun addSubkey(
type: KeyType, type: KeyType,
creationTime: Date = this.creationTime, creationTime: Date = this.creationTime,
@ -249,7 +451,7 @@ internal constructor(
* @param applyToSubkey function block * @param applyToSubkey function block
* @return modified subkey * @return modified subkey
*/ */
internal abstract fun applyToSubkey( protected abstract fun applyToSubkey(
subkey: PGPKeyPair, subkey: PGPKeyPair,
applyToSubkey: (ApplyToSubkey.() -> PGPKeyPair)? applyToSubkey: (ApplyToSubkey.() -> PGPKeyPair)?
): PGPKeyPair ): PGPKeyPair
@ -260,7 +462,7 @@ internal constructor(
* @param type subkey type * @param type subkey type
* @param creationTime subkey creation time * @param creationTime subkey creation time
*/ */
internal abstract fun generateSubkey( protected abstract fun generateSubkey(
type: KeyType, type: KeyType,
creationTime: Date = this.creationTime creationTime: Date = this.creationTime
): PGPKeyPair ): PGPKeyPair
@ -271,9 +473,7 @@ internal constructor(
* @param protector protector to protect the OpenPGP key's secret components with * @param protector protector to protect the OpenPGP key's secret components with
* @return finished [PGPSecretKeyRing] * @return finished [PGPSecretKeyRing]
*/ */
abstract fun build( abstract fun build(protector: SecretKeyRingProtector): PGPSecretKeyRing
protector: SecretKeyRingProtector = SecretKeyRingProtector.unprotectedKeys()
): PGPSecretKeyRing
/** /**
* Finish the key generation and return the OpenPGP [PGPSecretKeyRing] protected with the given * Finish the key generation and return the OpenPGP [PGPSecretKeyRing] protected with the given
@ -284,12 +484,14 @@ internal constructor(
*/ */
fun build(passphrase: Passphrase) = build(SecretKeyRingProtector.unlockAnyKeyWith(passphrase)) fun build(passphrase: Passphrase) = build(SecretKeyRingProtector.unlockAnyKeyWith(passphrase))
fun build() = build(SecretKeyRingProtector.unprotectedKeys())
/** /**
* Sanitize the [HashAlgorithm] used for creating a signature by comparing it to the [Policy]. * Sanitize the [HashAlgorithm] used for creating a signature by comparing it to the [Policy].
* *
* @param algorithm hash algorithm * @param algorithm hash algorithm
*/ */
internal open fun sanitizeHashAlgorithm(algorithm: HashAlgorithm) { protected open fun sanitizeHashAlgorithm(algorithm: HashAlgorithm) {
// Do nothing // Do nothing
} }
@ -299,7 +501,7 @@ internal constructor(
* @param bindingTime creation time of the binding signature * @param bindingTime creation time of the binding signature
* @param subkey subkey * @param subkey subkey
*/ */
internal open fun sanitizeBindingTime(bindingTime: Date, subkey: PGPKeyPair) { protected open fun sanitizeBindingTime(bindingTime: Date, subkey: PGPKeyPair) {
// Do nothing // Do nothing
} }
@ -309,9 +511,53 @@ internal constructor(
* @param subkeyCreationTime creation time of the subkey * @param subkeyCreationTime creation time of the subkey
* @param primaryKey primary key * @param primaryKey primary key
*/ */
internal open fun sanitizeSubkeyCreationTime(subkeyCreationTime: Date, primaryKey: PGPKeyPair) { protected open fun sanitizeSubkeyCreationTime(
subkeyCreationTime: Date,
primaryKey: PGPKeyPair
) {
// Do nothing // Do nothing
} }
/**
* Function that can be applied to subkeys.
*
* @param primaryKey primary key pair
* @param subkey subkey pair
* @param builder builder instance that generated the subkey
*/
abstract class ApplyToSubkey
internal constructor(
val primaryKey: PGPKeyPair,
var subkey: PGPKeyPair,
val builder: DefineSubkeys<*>
) {
/**
* Add a binding signature to the subkey.
*
* @param subpacketsCallback callback to modify the binding signatures subpackets
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified subkey pair
*/
fun addBindingSignature(
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = subkey.publicKey.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, subkey)
return doAddBindingSignature(subpacketsCallback, hashAlgorithm, bindingTime)
}
abstract fun doAddBindingSignature(
subpacketsCallback: SelfSignatureSubpackets.Callback,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
}
} }
/** /**
@ -431,7 +677,7 @@ internal constructor(policy: Policy, creationTime: Date, preferences: AlgorithmS
}) })
} }
override fun setPrimaryKey( override fun doSetPrimaryKey(
type: KeyType, type: KeyType,
keyFlags: List<KeyFlag>?, keyFlags: List<KeyFlag>?,
creationTime: Date, creationTime: Date,
@ -507,7 +753,7 @@ internal constructor(policy: Policy, creationTime: Date, preferences: AlgorithmS
return preferencesSubpackets() return preferencesSubpackets()
} }
override fun setPrimaryKey( override fun doSetPrimaryKey(
type: KeyType, type: KeyType,
keyFlags: List<KeyFlag>?, keyFlags: List<KeyFlag>?,
creationTime: Date, creationTime: Date,
@ -643,192 +889,9 @@ internal constructor(
} }
} }
/**
* Function that can be applied to the primary key.
*
* @param keyPair primary key pair
* @param builder builder instance that generated the primary key
*/
abstract class ApplyToPrimaryKey
internal constructor(var keyPair: PGPKeyPair, val builder: DefinePrimaryKey<*>) {
/**
* Add a UserID to the primary key.
*
* @param userId UserID to be bound to the primary key
* @param subpacketsCallback callback to modify the binding signatures subpackets Note: The
* user-provided changes are applied over builder-provided subpackets
* @param certificationType type of the certification signature. Defaults to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addUserId(
userId: CharSequence,
subpacketsCallback: SelfSignatureSubpackets.Callback = builder.preferencesSubpackets(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
val callback = builder.userIdSubpackets(keyPair).then(subpacketsCallback)
return doAddUserId(userId, callback, certificationType, hashAlgorithm, bindingTime)
}
/**
* Actually add a UserID to the primary key.
*
* @param userId UserId
* @param subpacketsCallback callback to modify the subpackets of the binding signature with
* @param certificationType signature type of the binding signature (certification level)
* @param hashAlgorithm hash algorithm to be used to calculate the signature
* @param bindingTime creation time of the binding signature
* @return modified primary key
*/
internal abstract fun doAddUserId(
userId: CharSequence,
subpacketsCallback: SelfSignatureSubpackets.Callback,
certificationType: CertificationType,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/**
* Add a UserAttribute to the primary key.
*
* @param userAttribute UserAttribute to be bound to the primary key
* @param subpacketsCallback user-provided callback to modify the binding signature subpackets
* Note: The user-provided changes are applied over subpackets provided by the builder
* @param certificationType type of the binding signature. Default to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addUserAttribute(
userAttribute: PGPUserAttributeSubpacketVector,
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
val callback = builder.userAttributeSubpackets(keyPair).then(subpacketsCallback)
return doAddUserAttribute(
userAttribute, callback, certificationType, hashAlgorithm, bindingTime)
}
/**
* Actually add the UserAttribute to the primary key.
*
* @param userAttribute UserAttribute to be added to the primary key
* @param subpacketsCallback callback to modify the subpackets of the binding signature with
* @param certificationType signature type (certification level)
* @param hashAlgorithm hash algorithm to calculate the binding signature with
* @param bindingTime creation time of the binding signature
* @return modified primary key
*/
abstract fun doAddUserAttribute(
userAttribute: PGPUserAttributeSubpacketVector,
subpacketsCallback: SelfSignatureSubpackets.Callback,
certificationType: CertificationType,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/**
* Add a JPEG image as UserAttribute to the primary key. This may for example be a profile
* picture of the key owner.
*
* @param jpegInputStream input stream containing the JPEG encoded image
* @param subpacketsCallback callback to modify the subpackets of the binding signature
* @param certificationType type of the binding signature. Defaults to
* [CertificationType.POSITIVE]
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified key pair
*/
fun addImageAttribute(
jpegInputStream: InputStream,
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
certificationType: CertificationType = CertificationType.POSITIVE,
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair =
addUserAttribute(
PGPUserAttributeSubpacketVectorGenerator()
.apply { setImageAttribute(ImageAttribute.JPEG, Streams.readAll(jpegInputStream)) }
.generate(),
subpacketsCallback,
certificationType,
hashAlgorithm,
bindingTime)
/**
* Add a DirectKeySignature to the primary key. Such a signature usually carries information
* that applies to the whole OpenPGP key, such as algorithm preferences etc.
*
* @param subpacketsCallback callback to modify the direct-key signatures subpackets with Note,
* that the user-provided changed subpackets are applied over builder-provided subpackets.
* @param hashAlgorithm hash algorithm to calculate the signature with
* @param bindingTime signature creation time
* @return modified primary key
*/
fun addDirectKeySignature(
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = builder.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, keyPair)
skipDefaultSignature()
val callback = builder.directKeySignatureSubpackets().then(subpacketsCallback)
return doAddDirectKeySignature(callback, hashAlgorithm, bindingTime)
}
/**
* Actually add a direct-key signature to the primary key.
*
* @param subpacketsCallback callback to modify the direct-key signatures subpackets with
* @param hashAlgorithm hash algorithm to calculate the signature with
* @param bindingTime creation time for the direct-key signature
* @return modified primary key
*/
protected abstract fun doAddDirectKeySignature(
subpacketsCallback: SelfSignatureSubpackets.Callback,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
/** Do not add the default direct-key signature automatically. */
fun skipDefaultSignature(): PGPKeyPair {
builder.skipDefaultDirectKeySignature = true
return keyPair
}
/**
* Schedule the execution of another [ApplyToPrimaryKey] function instance right after this one
* has been executed.
*
* @param other second instance
* @return modified key pair after this and [other] have been executed
*/
abstract fun then(other: (ApplyToPrimaryKey.() -> PGPKeyPair)?): PGPKeyPair
}
/** Implementation of [ApplyToPrimaryKey] tailored to version 4 OpenPGP keys. */ /** Implementation of [ApplyToPrimaryKey] tailored to version 4 OpenPGP keys. */
class ApplyToPrimaryKeyV4 internal constructor(keyPair: PGPKeyPair, builder: DefinePrimaryKey<*>) : class ApplyToPrimaryKeyV4 internal constructor(keyPair: PGPKeyPair, builder: DefinePrimaryKey<*>) :
ApplyToPrimaryKey(keyPair, builder) { DefinePrimaryKey.ApplyToPrimaryKey(keyPair, builder) {
override fun doAddUserId( override fun doAddUserId(
userId: CharSequence, userId: CharSequence,
@ -895,7 +958,7 @@ class ApplyToPrimaryKeyV4 internal constructor(keyPair: PGPKeyPair, builder: Def
return SelfSignatureSubpackets.applyHashed { setSignatureCreationTime(bindingTime) } return SelfSignatureSubpackets.applyHashed { setSignatureCreationTime(bindingTime) }
} }
override fun then(other: (ApplyToPrimaryKey.() -> PGPKeyPair)?): PGPKeyPair { override fun then(other: (DefinePrimaryKey.ApplyToPrimaryKey.() -> PGPKeyPair)?): PGPKeyPair {
if (other != null) { if (other != null) {
keyPair = ApplyToPrimaryKeyV4(keyPair, builder).other() keyPair = ApplyToPrimaryKeyV4(keyPair, builder).other()
} }
@ -903,47 +966,6 @@ class ApplyToPrimaryKeyV4 internal constructor(keyPair: PGPKeyPair, builder: Def
} }
} }
/**
* Function that can be applied to subkeys.
*
* @param primaryKey primary key pair
* @param subkey subkey pair
* @param builder builder instance that generated the subkey
*/
abstract class ApplyToSubkey
internal constructor(
val primaryKey: PGPKeyPair,
var subkey: PGPKeyPair,
val builder: DefineSubkeys<*>
) {
/**
* Add a binding signature to the subkey.
*
* @param subpacketsCallback callback to modify the binding signatures subpackets
* @param hashAlgorithm hash algorithm to be used during signature calculation
* @param bindingTime creation time of the binding signature
* @return modified subkey pair
*/
fun addBindingSignature(
subpacketsCallback: SelfSignatureSubpackets.Callback = SelfSignatureSubpackets.nop(),
hashAlgorithm: HashAlgorithm =
builder.policy.certificationSignatureHashAlgorithmPolicy.defaultHashAlgorithm,
bindingTime: Date = subkey.publicKey.creationTime
): PGPKeyPair {
builder.sanitizeHashAlgorithm(hashAlgorithm)
builder.sanitizeBindingTime(bindingTime, subkey)
return doAddBindingSignature(subpacketsCallback, hashAlgorithm, bindingTime)
}
abstract fun doAddBindingSignature(
subpacketsCallback: SelfSignatureSubpackets.Callback,
hashAlgorithm: HashAlgorithm,
bindingTime: Date
): PGPKeyPair
}
/** /**
* Implementation of the [ApplyToSubkey] function tailored to OpenPGP v4 keys. * Implementation of the [ApplyToSubkey] function tailored to OpenPGP v4 keys.
* *
@ -953,7 +975,7 @@ internal constructor(
*/ */
class ApplyToSubkeyV4 class ApplyToSubkeyV4
internal constructor(primaryKey: PGPKeyPair, subkey: PGPKeyPair, builder: DefineSubkeys<*>) : internal constructor(primaryKey: PGPKeyPair, subkey: PGPKeyPair, builder: DefineSubkeys<*>) :
ApplyToSubkey(primaryKey, subkey, builder) { DefineSubkeys.ApplyToSubkey(primaryKey, subkey, builder) {
override fun doAddBindingSignature( override fun doAddBindingSignature(
subpacketsCallback: SelfSignatureSubpackets.Callback, subpacketsCallback: SelfSignatureSubpackets.Callback,