PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 14:22:05 +01:00
Code Issues Releases Wiki Activity

Verify that certification key has signing capable algorithm

Browse source
This commit is contained in:
Paul Schaub 2020-12-11 22:09:21 +01:00
parent c38477f277
commit aff2e6b9f0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
View file

@ -187,16 +187,23 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
} }
private void verifyMasterKeyCanCertify(KeySpec spec) { private void verifyMasterKeyCanCertify(KeySpec spec) {
if (!canCertifyOthers(spec)) { if (!hasCertifyOthersFlag(spec)) {
throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER"); throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER");
} }
if (!keyIsCertificationCapable(spec)) {
throw new IllegalArgumentException("Key algorithm " + spec.getKeyType().getName() + " is not capable of creating certifications.");
}
} }
private boolean canCertifyOthers(KeySpec keySpec) { private boolean hasCertifyOthersFlag(KeySpec keySpec) {
int flags = keySpec.getSubpackets().getKeyFlags(); int flags = keySpec.getSubpackets().getKeyFlags();
return KeyFlag.hasKeyFlag(flags, KeyFlag.CERTIFY_OTHER); return KeyFlag.hasKeyFlag(flags, KeyFlag.CERTIFY_OTHER);
} }
private boolean keyIsCertificationCapable(KeySpec keySpec) {
return keySpec.getKeyType().canCertify();
}
class WithPrimaryUserIdImpl implements WithPrimaryUserId { class WithPrimaryUserIdImpl implements WithPrimaryUserId {
@Override @Override