1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 03:17:58 +01:00

Kotlin conversion: BaseSecretKeyRingProtector

This commit is contained in:
Paul Schaub 2023-08-31 17:26:13 +02:00
parent 5fce443ad9
commit a8bc929f24
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 40 additions and 70 deletions

View file

@ -1,70 +0,0 @@
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.key.protection;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
import org.pgpainless.util.Passphrase;
import javax.annotation.Nullable;
/**
* Basic {@link SecretKeyRingProtector} implementation that respects the users {@link KeyRingProtectionSettings} when
* encrypting keys.
*/
public class BaseSecretKeyRingProtector implements SecretKeyRingProtector {
private final SecretKeyPassphraseProvider passphraseProvider;
private final KeyRingProtectionSettings protectionSettings;
/**
* Constructor that uses the given {@link SecretKeyPassphraseProvider} to retrieve passphrases and PGPainless'
* default {@link KeyRingProtectionSettings}.
*
* @param passphraseProvider provider for passphrases
*/
public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider) {
this(passphraseProvider, KeyRingProtectionSettings.secureDefaultSettings());
}
/**
* Constructor that uses the given {@link SecretKeyPassphraseProvider} and {@link KeyRingProtectionSettings}.
*
* @param passphraseProvider provider for passphrases
* @param protectionSettings protection settings
*/
public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider, KeyRingProtectionSettings protectionSettings) {
this.passphraseProvider = passphraseProvider;
this.protectionSettings = protectionSettings;
}
@Override
public boolean hasPassphraseFor(long keyId) {
return passphraseProvider.hasPassphrase(keyId);
}
@Override
@Nullable
public PBESecretKeyDecryptor getDecryptor(long keyId) throws PGPException {
Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
return passphrase == null || passphrase.isEmpty() ? null :
ImplementationFactory.getInstance().getPBESecretKeyDecryptor(passphrase);
}
@Override
@Nullable
public PBESecretKeyEncryptor getEncryptor(long keyId) throws PGPException {
Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
return passphrase == null || passphrase.isEmpty() ? null :
ImplementationFactory.getInstance().getPBESecretKeyEncryptor(
protectionSettings.getEncryptionAlgorithm(),
protectionSettings.getHashAlgorithm(),
protectionSettings.getS2kCount(),
passphrase);
}
}

View file

@ -0,0 +1,40 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.key.protection
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor
import org.pgpainless.implementation.ImplementationFactory
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider
/**
* Basic [SecretKeyRingProtector] implementation that respects the users [KeyRingProtectionSettings] when encrypting keys.
*/
open class BaseSecretKeyRingProtector(
private val passphraseProvider: SecretKeyPassphraseProvider,
private val protectionSettings: KeyRingProtectionSettings
) : SecretKeyRingProtector {
constructor(passphraseProvider: SecretKeyPassphraseProvider):
this(passphraseProvider, KeyRingProtectionSettings.secureDefaultSettings())
override fun hasPassphraseFor(keyId: Long): Boolean = passphraseProvider.hasPassphrase(keyId)
override fun getDecryptor(keyId: Long): PBESecretKeyDecryptor? =
passphraseProvider.getPassphraseFor(keyId)?.let {
if (it.isEmpty) null
else ImplementationFactory.getInstance().getPBESecretKeyDecryptor(it)
}
override fun getEncryptor(keyId: Long): PBESecretKeyEncryptor? =
passphraseProvider.getPassphraseFor(keyId)?.let {
if (it.isEmpty) null
else ImplementationFactory.getInstance().getPBESecretKeyEncryptor(
protectionSettings.encryptionAlgorithm,
protectionSettings.hashAlgorithm,
protectionSettings.s2kCount,
it)
}
}