1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 11:27:57 +01:00

SOP: Allow generation of keys without user-ids

This commit is contained in:
Paul Schaub 2022-12-13 17:02:53 +01:00
parent 19e484b552
commit b6724d485c
3 changed files with 32 additions and 37 deletions

View file

@ -7,6 +7,7 @@ package org.pgpainless.key.generation;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
@ -38,9 +39,9 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length) public PGPSecretKeyRing simpleRsaKeyRing(@Nullable UserId userId, @Nonnull RsaLength length)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleRsaKeyRing(userId.toString(), length); return simpleRsaKeyRing(userId == null ? null : userId.toString(), length);
} }
/** /**
@ -56,7 +57,7 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length) public PGPSecretKeyRing simpleRsaKeyRing(@Nullable String userId, @Nonnull RsaLength length)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleRsaKeyRing(userId, length, Passphrase.emptyPassphrase()); return simpleRsaKeyRing(userId, length, Passphrase.emptyPassphrase());
} }
@ -75,9 +76,9 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length, String password) public PGPSecretKeyRing simpleRsaKeyRing(@Nullable UserId userId, @Nonnull RsaLength length, @Nullable String password)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleRsaKeyRing(userId.toString(), length, password); return simpleRsaKeyRing(userId == null ? null : userId.toString(), length, password);
} }
/** /**
@ -94,7 +95,7 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length, String password) public PGPSecretKeyRing simpleRsaKeyRing(@Nullable String userId, @Nonnull RsaLength length, @Nullable String password)
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
Passphrase passphrase = Passphrase.emptyPassphrase(); Passphrase passphrase = Passphrase.emptyPassphrase();
if (!isNullOrEmpty(password)) { if (!isNullOrEmpty(password)) {
@ -103,12 +104,14 @@ public final class KeyRingTemplates {
return simpleRsaKeyRing(userId, length, passphrase); return simpleRsaKeyRing(userId, length, passphrase);
} }
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length, @Nonnull Passphrase passphrase) public PGPSecretKeyRing simpleRsaKeyRing(@Nullable String userId, @Nonnull RsaLength length, @Nonnull Passphrase passphrase)
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
KeyRingBuilder builder = PGPainless.buildKeyRing() KeyRingBuilder builder = PGPainless.buildKeyRing()
.setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(length), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS)) .setPrimaryKey(KeySpec.getBuilder(KeyType.RSA(length), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS))
.addUserId(userId)
.setPassphrase(passphrase); .setPassphrase(passphrase);
if (userId != null) {
builder.addUserId(userId);
}
return builder.build(); return builder.build();
} }
@ -125,9 +128,9 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId) public PGPSecretKeyRing simpleEcKeyRing(@Nullable UserId userId)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleEcKeyRing(userId.toString()); return simpleEcKeyRing(userId == null ? null : userId.toString());
} }
/** /**
@ -143,7 +146,7 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId) public PGPSecretKeyRing simpleEcKeyRing(@Nullable String userId)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleEcKeyRing(userId, Passphrase.emptyPassphrase()); return simpleEcKeyRing(userId, Passphrase.emptyPassphrase());
} }
@ -162,9 +165,9 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId, String password) public PGPSecretKeyRing simpleEcKeyRing(@Nullable UserId userId, String password)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
return simpleEcKeyRing(userId.toString(), password); return simpleEcKeyRing(userId == null ? null : userId.toString(), password);
} }
/** /**
@ -181,7 +184,7 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId, String password) public PGPSecretKeyRing simpleEcKeyRing(@Nullable String userId, String password)
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
Passphrase passphrase = Passphrase.emptyPassphrase(); Passphrase passphrase = Passphrase.emptyPassphrase();
if (!isNullOrEmpty(password)) { if (!isNullOrEmpty(password)) {
@ -190,13 +193,15 @@ public final class KeyRingTemplates {
return simpleEcKeyRing(userId, passphrase); return simpleEcKeyRing(userId, passphrase);
} }
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull String userId, @Nonnull Passphrase passphrase) public PGPSecretKeyRing simpleEcKeyRing(@Nullable String userId, @Nonnull Passphrase passphrase)
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
KeyRingBuilder builder = PGPainless.buildKeyRing() KeyRingBuilder builder = PGPainless.buildKeyRing()
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)) .setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA))
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)) .addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
.addUserId(userId)
.setPassphrase(passphrase); .setPassphrase(passphrase);
if (userId != null) {
builder.addUserId(userId);
}
return builder.build(); return builder.build();
} }
@ -211,8 +216,8 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing modernKeyRing(String userId) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { public PGPSecretKeyRing modernKeyRing(@Nullable String userId) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
return modernKeyRing(userId, (Passphrase) null); return modernKeyRing(userId, Passphrase.emptyPassphrase());
} }
/** /**
@ -227,21 +232,21 @@ public final class KeyRingTemplates {
* @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider * @throws NoSuchAlgorithmException in case of missing algorithm implementation in the crypto provider
* @throws PGPException in case of an OpenPGP related error * @throws PGPException in case of an OpenPGP related error
*/ */
public PGPSecretKeyRing modernKeyRing(String userId, String password) public PGPSecretKeyRing modernKeyRing(@Nullable String userId, @Nullable String password)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException { throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
Passphrase passphrase = (password != null ? Passphrase.fromPassword(password) : null); Passphrase passphrase = (password != null ? Passphrase.fromPassword(password) : Passphrase.emptyPassphrase());
return modernKeyRing(userId, passphrase); return modernKeyRing(userId, passphrase);
} }
public PGPSecretKeyRing modernKeyRing(String userId, Passphrase passphrase) public PGPSecretKeyRing modernKeyRing(@Nullable String userId, @Nonnull Passphrase passphrase)
throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException { throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
KeyRingBuilder builder = PGPainless.buildKeyRing() KeyRingBuilder builder = PGPainless.buildKeyRing()
.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER)) .setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER))
.addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)) .addSubkey(KeySpec.getBuilder(KeyType.XDH(XDHSpec._X25519), KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS))
.addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA)) .addSubkey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.SIGN_DATA))
.addUserId(userId); .setPassphrase(passphrase);
if (passphrase != null && !passphrase.isEmpty()) { if (userId != null) {
builder.setPassphrase(passphrase); builder.addUserId(userId);
} }
return builder.build(); return builder.build();
} }

View file

@ -28,7 +28,7 @@ public class GenerateKeyImpl implements GenerateKey {
private boolean armor = true; private boolean armor = true;
private final Set<String> userIds = new LinkedHashSet<>(); private final Set<String> userIds = new LinkedHashSet<>();
private Passphrase passphrase; private Passphrase passphrase = Passphrase.emptyPassphrase();
@Override @Override
public GenerateKey noArmor() { public GenerateKey noArmor() {
@ -51,15 +51,12 @@ public class GenerateKeyImpl implements GenerateKey {
@Override @Override
public Ready generate() throws SOPGPException.MissingArg, SOPGPException.UnsupportedAsymmetricAlgo { public Ready generate() throws SOPGPException.MissingArg, SOPGPException.UnsupportedAsymmetricAlgo {
Iterator<String> userIdIterator = userIds.iterator(); Iterator<String> userIdIterator = userIds.iterator();
if (!userIdIterator.hasNext()) {
throw new SOPGPException.MissingArg("Missing user-id.");
}
Passphrase passphraseCopy = new Passphrase(passphrase.getChars()); // generateKeyRing clears the original passphrase Passphrase passphraseCopy = new Passphrase(passphrase.getChars()); // generateKeyRing clears the original passphrase
PGPSecretKeyRing key; PGPSecretKeyRing key;
try { try {
String primaryUserId = userIdIterator.hasNext() ? userIdIterator.next() : null;
key = PGPainless.generateKeyRing() key = PGPainless.generateKeyRing()
.modernKeyRing(userIdIterator.next(), passphrase); .modernKeyRing(primaryUserId, passphrase);
if (userIdIterator.hasNext()) { if (userIdIterator.hasNext()) {
SecretKeyRingEditorInterface editor = PGPainless.modifyKeyRing(key); SecretKeyRingEditorInterface editor = PGPainless.modifyKeyRing(key);

View file

@ -7,7 +7,6 @@ package org.pgpainless.sop;
import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse; import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.IOException; import java.io.IOException;
@ -22,7 +21,6 @@ import org.pgpainless.key.info.KeyRingInfo;
import org.pgpainless.key.protection.UnlockSecretKey; import org.pgpainless.key.protection.UnlockSecretKey;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
import sop.SOP; import sop.SOP;
import sop.exception.SOPGPException;
public class GenerateKeyTest { public class GenerateKeyTest {
@ -33,11 +31,6 @@ public class GenerateKeyTest {
sop = new SOPImpl(); sop = new SOPImpl();
} }
@Test
public void testMissingUserId() {
assertThrows(SOPGPException.MissingArg.class, () -> sop.generateKey().generate());
}
@Test @Test
public void generateKey() throws IOException { public void generateKey() throws IOException {
byte[] bytes = sop.generateKey() byte[] bytes = sop.generateKey()