mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-30 00:02:06 +01:00
Verify that certification key has signing capable algorithm
This commit is contained in:
parent
c38477f277
commit
aff2e6b9f0
1 changed files with 9 additions and 2 deletions
|
@ -187,16 +187,23 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void verifyMasterKeyCanCertify(KeySpec spec) {
|
private void verifyMasterKeyCanCertify(KeySpec spec) {
|
||||||
if (!canCertifyOthers(spec)) {
|
if (!hasCertifyOthersFlag(spec)) {
|
||||||
throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER");
|
throw new IllegalArgumentException("Certification Key MUST have KeyFlag CERTIFY_OTHER");
|
||||||
}
|
}
|
||||||
|
if (!keyIsCertificationCapable(spec)) {
|
||||||
|
throw new IllegalArgumentException("Key algorithm " + spec.getKeyType().getName() + " is not capable of creating certifications.");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean canCertifyOthers(KeySpec keySpec) {
|
private boolean hasCertifyOthersFlag(KeySpec keySpec) {
|
||||||
int flags = keySpec.getSubpackets().getKeyFlags();
|
int flags = keySpec.getSubpackets().getKeyFlags();
|
||||||
return KeyFlag.hasKeyFlag(flags, KeyFlag.CERTIFY_OTHER);
|
return KeyFlag.hasKeyFlag(flags, KeyFlag.CERTIFY_OTHER);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean keyIsCertificationCapable(KeySpec keySpec) {
|
||||||
|
return keySpec.getKeyType().canCertify();
|
||||||
|
}
|
||||||
|
|
||||||
class WithPrimaryUserIdImpl implements WithPrimaryUserId {
|
class WithPrimaryUserIdImpl implements WithPrimaryUserId {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
Loading…
Reference in a new issue