From 9883d1537bc92857fe0afebe661f5badd6fb1764 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Thu, 27 May 2021 15:52:43 +0200 Subject: [PATCH] Move EncryptionPurpose to own class --- .../main/java/org/pgpainless/PGPainless.java | 5 +-- .../algorithm/EncryptionPurpose.java | 33 +++++++++++++++++++ .../encryption_signing/EncryptionBuilder.java | 5 +-- .../encryption_signing/EncryptionOptions.java | 11 ++++--- .../encryption_signing/EncryptionStream.java | 17 ---------- .../org/pgpainless/key/info/KeyRingInfo.java | 6 ++-- .../encryption_signing/SigningTest.java | 3 +- ...ncryptCommsStorageFlagsDifferentiated.java | 4 +-- .../weird_keys/TestTwoSubkeysEncryption.java | 5 +-- 9 files changed, 55 insertions(+), 34 deletions(-) create mode 100644 pgpainless-core/src/main/java/org/pgpainless/algorithm/EncryptionPurpose.java diff --git a/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java b/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java index 151da048..defc771b 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java +++ b/pgpainless-core/src/main/java/org/pgpainless/PGPainless.java @@ -22,6 +22,7 @@ import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.pgpainless.algorithm.CompressionAlgorithm; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.decryption_verification.DecryptionBuilder; import org.pgpainless.decryption_verification.DecryptionStream; @@ -71,7 +72,7 @@ public class PGPainless { * Create an {@link EncryptionStream}, which can be used to encrypt and/or sign data using OpenPGP. * This method assumes that the stream will be used to encrypt data for communication purposes. * If you instead want to encrypt data that will be saved on disk (eg. a backup), use - * {@link #encryptAndOrSign(EncryptionStream.Purpose)} and chose an appropriate purpose. + * {@link #encryptAndOrSign(EncryptionPurpose)} and chose an appropriate purpose. * * @return builder */ @@ -85,7 +86,7 @@ public class PGPainless { * @param purpose how will the data be used? * @return builder */ - public static EncryptionBuilder encryptAndOrSign(EncryptionStream.Purpose purpose) { + public static EncryptionBuilder encryptAndOrSign(EncryptionPurpose purpose) { return new EncryptionBuilder(purpose); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/algorithm/EncryptionPurpose.java b/pgpainless-core/src/main/java/org/pgpainless/algorithm/EncryptionPurpose.java new file mode 100644 index 00000000..aab57fe6 --- /dev/null +++ b/pgpainless-core/src/main/java/org/pgpainless/algorithm/EncryptionPurpose.java @@ -0,0 +1,33 @@ +/* + * Copyright 2021 Paul Schaub. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.pgpainless.algorithm; + +public enum EncryptionPurpose { + /** + * The stream will encrypt communication that goes over the wire. + * Eg. EMail, Chat... + */ + COMMUNICATIONS, + /** + * The stream will encrypt data that is stored on disk. + * Eg. Encrypted backup... + */ + STORAGE, + /** + * The stream will use keys with either flags to encrypt the data. + */ + STORAGE_AND_COMMUNICATIONS +} diff --git a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java index 2bbbccb9..45fb373b 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java +++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java @@ -30,6 +30,7 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.algorithm.DocumentSignatureType; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.negotiation.SymmetricKeyAlgorithmNegotiator; import org.pgpainless.decryption_verification.OpenPgpMetadata; @@ -47,10 +48,10 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { private OpenPgpMetadata.FileInfo fileInfo; public EncryptionBuilder() { - this.encryptionOptions = new EncryptionOptions(EncryptionStream.Purpose.COMMUNICATIONS); + this.encryptionOptions = new EncryptionOptions(EncryptionPurpose.COMMUNICATIONS); } - public EncryptionBuilder(@Nonnull EncryptionStream.Purpose purpose) { + public EncryptionBuilder(@Nonnull EncryptionPurpose purpose) { this.encryptionOptions = new EncryptionOptions(purpose); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java index ab91b99e..7c8542a3 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java +++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionOptions.java @@ -29,6 +29,7 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator; import org.bouncycastle.openpgp.operator.PGPKeyEncryptionMethodGenerator; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.implementation.ImplementationFactory; import org.pgpainless.key.SubkeyIdentifier; @@ -64,7 +65,7 @@ import org.pgpainless.util.Passphrase; */ public class EncryptionOptions { - private final EncryptionStream.Purpose purpose; + private final EncryptionPurpose purpose; private final Set encryptionMethods = new LinkedHashSet<>(); private final Set encryptionKeys = new LinkedHashSet<>(); private final Map keyRingInfo = new HashMap<>(); @@ -78,10 +79,10 @@ public class EncryptionOptions { * or {@link org.pgpainless.algorithm.KeyFlag#ENCRYPT_STORAGE}. */ public EncryptionOptions() { - this(EncryptionStream.Purpose.STORAGE_AND_COMMUNICATIONS); + this(EncryptionPurpose.STORAGE_AND_COMMUNICATIONS); } - public EncryptionOptions(EncryptionStream.Purpose purpose) { + public EncryptionOptions(EncryptionPurpose purpose) { this.purpose = purpose; } @@ -92,7 +93,7 @@ public class EncryptionOptions { * @return encryption options */ public static EncryptionOptions encryptCommunications() { - return new EncryptionOptions(EncryptionStream.Purpose.COMMUNICATIONS); + return new EncryptionOptions(EncryptionPurpose.COMMUNICATIONS); } /** @@ -102,7 +103,7 @@ public class EncryptionOptions { * @return encryption options */ public static EncryptionOptions encryptDataAtRest() { - return new EncryptionOptions(EncryptionStream.Purpose.STORAGE); + return new EncryptionOptions(EncryptionPurpose.STORAGE); } /** diff --git a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java index 55e0f244..92294462 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java +++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java @@ -46,23 +46,6 @@ import org.pgpainless.util.ArmoredOutputStreamFactory; */ public final class EncryptionStream extends OutputStream { - public enum Purpose { - /** - * The stream will encrypt communication that goes over the wire. - * Eg. EMail, Chat... - */ - COMMUNICATIONS, - /** - * The stream will encrypt data that is stored on disk. - * Eg. Encrypted backup... - */ - STORAGE, - /** - * The stream will use keys with either flags to encrypt the data. - */ - STORAGE_AND_COMMUNICATIONS - } - private static final Logger LOGGER = Logger.getLogger(EncryptionStream.class.getName()); private static final Level LEVEL = Level.FINE; diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java b/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java index c76a8e10..482d344d 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java @@ -41,11 +41,11 @@ import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSignature; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.CompressionAlgorithm; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.HashAlgorithm; import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.algorithm.PublicKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm; -import org.pgpainless.encryption_signing.EncryptionStream; import org.pgpainless.exception.KeyValidationException; import org.pgpainless.key.OpenPgpV4Fingerprint; import org.pgpainless.key.SubkeyIdentifier; @@ -691,7 +691,7 @@ public class KeyRingInfo { * @param purpose purpose (encrypt data at rest / communications) * @return encryption subkeys */ - public @Nonnull List getEncryptionSubkeys(EncryptionStream.Purpose purpose) { + public @Nonnull List getEncryptionSubkeys(EncryptionPurpose purpose) { Iterator subkeys = keys.getPublicKeys(); List encryptionKeys = new ArrayList<>(); while (subkeys.hasNext()) { @@ -737,7 +737,7 @@ public class KeyRingInfo { * @param purpose encryption purpose * @return encryption subkeys */ - public @Nonnull List getEncryptionSubkeys(String userId, EncryptionStream.Purpose purpose) { + public @Nonnull List getEncryptionSubkeys(String userId, EncryptionPurpose purpose) { if (userId != null) { if (!isUserIdValid(userId)) { throw new KeyValidationException(userId, getLatestUserIdCertification(userId), getUserIdRevocation(userId)); diff --git a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/SigningTest.java b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/SigningTest.java index 7e49c78e..018df270 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/SigningTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/SigningTest.java @@ -37,6 +37,7 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.DocumentSignatureType; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.decryption_verification.DecryptionStream; import org.pgpainless.decryption_verification.OpenPgpMetadata; import org.pgpainless.implementation.ImplementationFactory; @@ -64,7 +65,7 @@ public class SigningTest { PGPPublicKeyRingCollection keys = new PGPPublicKeyRingCollection(Arrays.asList(julietKeys, romeoKeys)); ByteArrayOutputStream out = new ByteArrayOutputStream(); - EncryptionStream encryptionStream = PGPainless.encryptAndOrSign(EncryptionStream.Purpose.STORAGE) + EncryptionStream encryptionStream = PGPainless.encryptAndOrSign(EncryptionPurpose.STORAGE) .onOutputStream(out) .toRecipients(keys) .and() diff --git a/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestEncryptCommsStorageFlagsDifferentiated.java b/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestEncryptCommsStorageFlagsDifferentiated.java index a4e648dd..2728933e 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestEncryptCommsStorageFlagsDifferentiated.java +++ b/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestEncryptCommsStorageFlagsDifferentiated.java @@ -27,9 +27,9 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.algorithm.KeyFlag; import org.pgpainless.encryption_signing.EncryptionBuilderInterface; -import org.pgpainless.encryption_signing.EncryptionStream; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.rsa.RsaLength; @@ -52,7 +52,7 @@ public class TestEncryptCommsStorageFlagsDifferentiated { PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys); ByteArrayOutputStream out = new ByteArrayOutputStream(); - EncryptionBuilderInterface.ToRecipients builder = PGPainless.encryptAndOrSign(EncryptionStream.Purpose.COMMUNICATIONS) + EncryptionBuilderInterface.ToRecipients builder = PGPainless.encryptAndOrSign(EncryptionPurpose.COMMUNICATIONS) .onOutputStream(out); // since the key does not carry the flag ENCRYPT_COMMS, it cannot be used by the stream. diff --git a/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestTwoSubkeysEncryption.java b/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestTwoSubkeysEncryption.java index 750d1e23..766afdee 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestTwoSubkeysEncryption.java +++ b/pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestTwoSubkeysEncryption.java @@ -28,6 +28,7 @@ import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.util.io.Streams; import org.junit.jupiter.api.Test; import org.pgpainless.PGPainless; +import org.pgpainless.algorithm.EncryptionPurpose; import org.pgpainless.encryption_signing.EncryptionOptions; import org.pgpainless.encryption_signing.EncryptionResult; import org.pgpainless.encryption_signing.EncryptionStream; @@ -58,10 +59,10 @@ public class TestTwoSubkeysEncryption { PGPSecretKeyRing twoSuitableSubkeysKeyRing = WeirdKeys.getTwoCryptSubkeysKey(); PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(twoSuitableSubkeysKeyRing); ByteArrayOutputStream out = new ByteArrayOutputStream(); - EncryptionStream encryptionStream = PGPainless.encryptAndOrSign(EncryptionStream.Purpose.STORAGE) + EncryptionStream encryptionStream = PGPainless.encryptAndOrSign(EncryptionPurpose.STORAGE) .onOutputStream(out) .withOptions( - ProducerOptions.encrypt(new EncryptionOptions(EncryptionStream.Purpose.STORAGE_AND_COMMUNICATIONS) + ProducerOptions.encrypt(new EncryptionOptions(EncryptionPurpose.STORAGE_AND_COMMUNICATIONS) .addRecipient(publicKeys, EncryptionOptions.encryptToAllCapableSubkeys()) ) .setAsciiArmor(false)