1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-14 16:32:06 +01:00

Migrate further to extension methods

This commit is contained in:
Paul Schaub 2023-09-12 22:07:17 +02:00
parent 543862d797
commit 945aa585a0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 23 additions and 30 deletions

View file

@ -9,6 +9,7 @@ import org.bouncycastle.bcpg.BCPGInputStream
import org.bouncycastle.bcpg.UnsupportedPacketVersionException
import org.bouncycastle.extensions.getPublicKeyFor
import org.bouncycastle.extensions.getSecretKeyFor
import org.bouncycastle.extensions.issuerKeyId
import org.bouncycastle.extensions.unlock
import org.bouncycastle.openpgp.*
import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory
@ -26,7 +27,6 @@ import org.pgpainless.implementation.ImplementationFactory
import org.pgpainless.key.SubkeyIdentifier
import org.pgpainless.key.util.KeyRingUtils
import org.pgpainless.policy.Policy
import org.pgpainless.signature.SignatureUtils
import org.pgpainless.signature.consumer.CertificateValidator
import org.pgpainless.signature.consumer.OnePassSignatureCheck
import org.pgpainless.signature.consumer.SignatureCheck
@ -197,7 +197,7 @@ class OpenPgpMessageInputStream(
return
}
val keyId = SignatureUtils.determineIssuerKeyId(signature)
val keyId = signature.issuerKeyId
if (isSigForOps) {
LOGGER.debug("Signature Packet corresponding to One-Pass-Signature by key ${keyId.openPgpKeyId()} at depth ${layerMetadata.depth} encountered.")
signatures.leaveNesting() // TODO: Only leave nesting if all OPSs of the nesting layer are dealt with
@ -632,7 +632,7 @@ class OpenPgpMessageInputStream(
fun addDetachedSignature(signature: PGPSignature) {
val check = initializeSignature(signature)
val keyId = SignatureUtils.determineIssuerKeyId(signature)
val keyId = signature.issuerKeyId
if (check != null) {
detachedSignatures.add(check)
} else {
@ -644,7 +644,7 @@ class OpenPgpMessageInputStream(
fun addPrependedSignature(signature: PGPSignature) {
val check = initializeSignature(signature)
val keyId = SignatureUtils.determineIssuerKeyId(signature)
val keyId = signature.issuerKeyId
if (check != null) {
prependedSignatures.add(check)
} else {
@ -682,7 +682,7 @@ class OpenPgpMessageInputStream(
fun addCorrespondingOnePassSignature(signature: PGPSignature, layer: Layer, policy: Policy) {
var found = false
val keyId = SignatureUtils.determineIssuerKeyId(signature)
val keyId = signature.issuerKeyId
for ((i, check) in onePassSignatures.withIndex().reversed()) {
if (check.onePassSignature.keyID != keyId) {
continue

View file

@ -14,17 +14,12 @@ import org.pgpainless.key.OpenPgpFingerprint
import org.pgpainless.key.SubkeyIdentifier
import org.pgpainless.key.util.KeyRingUtils
import org.pgpainless.policy.Policy
import org.pgpainless.signature.SignatureUtils
import org.pgpainless.signature.SignatureUtils.Companion.isHardRevocation
import org.pgpainless.signature.SignatureUtils.Companion.isSignatureExpired
import org.pgpainless.signature.consumer.SignaturePicker
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil.Companion.getKeyExpirationTimeAsDate
import org.pgpainless.util.DateUtil
import org.slf4j.LoggerFactory
import java.security.Key
import java.util.*
import kotlin.NoSuchElementException
class KeyRingInfo(
val keys: PGPKeyRing,
@ -237,7 +232,7 @@ class KeyRingInfo(
if (publicKey.keyID == keyId) return primaryKeyExpirationDate
val subkey = getPublicKey(keyId) ?: throw NoSuchElementException("No subkey with key-ID ${keyId.openPgpKeyId()} found.")
val bindingSig = getCurrentSubkeyBindingSignature(keyId) ?: throw AssertionError("Subkey has no valid binding signature.")
return SignatureUtils.getKeyExpirationDate(subkey.creationTime, bindingSig)
return bindingSig.getKeyExpirationDate(subkey.creationTime)
}
/**
@ -560,7 +555,7 @@ class KeyRingInfo(
// Primary key -> Check Primary Key Revocation
if (publicKey.keyID == this.publicKey.keyID) {
return if (signatures.primaryKeyRevocation != null && isHardRevocation(signatures.primaryKeyRevocation)) {
return if (signatures.primaryKeyRevocation != null && signatures.primaryKeyRevocation.isHardRevocation) {
false
} else signatures.primaryKeyRevocation == null
}
@ -570,18 +565,18 @@ class KeyRingInfo(
val revocation = signatures.subkeyRevocations[keyId]
// No valid binding
if (binding == null || isSignatureExpired(binding)) {
if (binding == null || binding.isExpired(referenceDate)) {
return false
}
// Revocation
return if (revocation != null) {
if (isHardRevocation(revocation)) {
if (revocation.isHardRevocation) {
// Subkey is hard revoked
false
} else {
// Key is soft-revoked, not yet re-bound
(isSignatureExpired(revocation) || !revocation.creationTime.after(binding.creationTime))
(revocation.isExpired(referenceDate) || !revocation.creationTime.after(binding.creationTime))
}
} else true
}

View file

@ -10,16 +10,13 @@ import org.bouncycastle.extensions.*
import org.bouncycastle.openpgp.*
import org.bouncycastle.util.encoders.Hex
import org.bouncycastle.util.io.Streams
import org.pgpainless.algorithm.SignatureType
import org.pgpainless.implementation.ImplementationFactory
import org.pgpainless.key.OpenPgpFingerprint
import org.pgpainless.key.util.RevocationAttributes.Reason
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil
import org.pgpainless.util.ArmorUtils
import java.io.IOException
import java.io.InputStream
import java.util.*
import kotlin.math.sign
const val MAX_ITERATIONS = 10000
@ -36,21 +33,21 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method.",
ReplaceWith("signature.getKeyExpirationDate(keyCreationDate)"))
ReplaceWith("signature.getKeyExpirationDate(keyCreationDate)", "org.bouncycastle.extensions.getKeyExpirationDate"))
fun getKeyExpirationDate(keyCreationDate: Date, signature: PGPSignature): Date? {
return signature.getKeyExpirationDate(keyCreationDate)
}
/**
* Return the expiration date of the signature.
* If the signature has no expiration date, [datePlusSeconds] will return null.
* If the signature has no expiration date, this will return null.
*
* @param signature signature
* @return expiration date of the signature, or null if it does not expire.
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method.",
ReplaceWith("signature.signatureExpirationDate"))
ReplaceWith("signature.signatureExpirationDate", "org.bouncycastle.extensions.signatureExpirationDate"))
fun getSignatureExpirationDate(signature: PGPSignature): Date? = signature.signatureExpirationDate
/**
@ -65,7 +62,7 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of Date extension method.",
ReplaceWith("date.plusSeconds(seconds)"))
ReplaceWith("date.plusSeconds(seconds)", "openpgp.plusSeconds"))
fun datePlusSeconds(date: Date, seconds: Long): Date? {
return date.plusSeconds(seconds)
}
@ -79,7 +76,7 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method.",
ReplaceWith("signature.isExpired()"))
ReplaceWith("signature.isExpired()", "org.bouncycastle.extensions.isExpired"))
fun isSignatureExpired(signature: PGPSignature): Boolean {
return signature.isExpired()
}
@ -94,7 +91,7 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method.",
ReplaceWith("signature.isExpired(referenceTime)"))
ReplaceWith("signature.isExpired(referenceTime)", "org.bouncycastle.extensions.isExpired"))
fun isSignatureExpired(signature: PGPSignature, referenceTime: Date): Boolean {
return signature.isExpired(referenceTime)
}
@ -109,7 +106,7 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension function.",
ReplaceWith("signature.isHardRevocation()"))
ReplaceWith("signature.isHardRevocation", "org.bouncycastle.extensions.isHardRevocation"))
fun isHardRevocation(signature: PGPSignature): Boolean {
return signature.isHardRevocation
}
@ -179,7 +176,7 @@ class SignatureUtils {
*/
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method.",
ReplaceWith("signature.issuerKeyId"))
ReplaceWith("signature.issuerKeyId", "org.bouncycastle.extensions.issuerKeyId"))
fun determineIssuerKeyId(signature: PGPSignature): Long {
return signature.issuerKeyId
}
@ -197,14 +194,14 @@ class SignatureUtils {
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method",
ReplaceWith("signature.wasIssuedBy(fingerprint)"))
ReplaceWith("signature.wasIssuedBy(fingerprint)", "org.bouncycastle.extensions.wasIssuedBy"))
fun wasIssuedBy(fingerprint: ByteArray, signature: PGPSignature): Boolean {
return signature.wasIssuedBy(fingerprint)
}
@JvmStatic
@Deprecated("Deprecated in favor of PGPSignature extension method",
ReplaceWith("signature.wasIssuedBy(fingerprint)"))
ReplaceWith("signature.wasIssuedBy(fingerprint)", "org.bouncycastle.extensions.wasIssuedBy"))
fun wasIssuedBy(fingerprint: OpenPgpFingerprint, signature: PGPSignature): Boolean {
return signature.wasIssuedBy(fingerprint)
}

View file

@ -5,6 +5,7 @@
package org.pgpainless.signature.subpackets
import openpgp.openPgpKeyId
import openpgp.plusSeconds
import org.bouncycastle.bcpg.sig.*
import org.bouncycastle.openpgp.PGPPublicKey
import org.bouncycastle.openpgp.PGPSignature
@ -116,7 +117,7 @@ class SignatureSubpacketsUtil {
@JvmStatic
fun getSignatureExpirationTimeAsDate(signature: PGPSignature): Date? =
getSignatureExpirationTime(signature)?.let {
SignatureUtils.datePlusSeconds(signature.creationTime, it.time)
signature.creationTime.plusSeconds(it.time)
}
/**
@ -146,7 +147,7 @@ class SignatureSubpacketsUtil {
"Provided key (${signingKey.keyID.openPgpKeyId()}) did not create the signature (${signature.keyID.openPgpKeyId()})"
}.run {
getKeyExpirationTime(signature)?.let {
SignatureUtils.datePlusSeconds(signingKey.creationTime, it.time)
signingKey.creationTime.plusSeconds(it.time)
}
}