mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-27 13:28:00 +01:00
Remove deprecated encryption API
This commit is contained in:
parent
ab347dab43
commit
b6eed91f47
7 changed files with 39 additions and 456 deletions
|
@ -23,84 +23,26 @@ import java.util.Set;
|
|||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||
import org.pgpainless.algorithm.DocumentSignatureType;
|
||||
import org.pgpainless.algorithm.EncryptionPurpose;
|
||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
import org.pgpainless.algorithm.negotiation.SymmetricKeyAlgorithmNegotiator;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.exception.KeyValidationException;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
|
||||
public class EncryptionBuilder implements EncryptionBuilderInterface {
|
||||
|
||||
private OutputStream outputStream;
|
||||
private EncryptionOptions encryptionOptions;
|
||||
private SigningOptions signingOptions = new SigningOptions();
|
||||
private ProducerOptions options;
|
||||
private OpenPgpMetadata.FileInfo fileInfo;
|
||||
|
||||
public EncryptionBuilder() {
|
||||
this.encryptionOptions = new EncryptionOptions(EncryptionPurpose.COMMUNICATIONS);
|
||||
}
|
||||
|
||||
public EncryptionBuilder(@Nonnull EncryptionPurpose purpose) {
|
||||
this.encryptionOptions = new EncryptionOptions(purpose);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo) {
|
||||
public WithOptions onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo) {
|
||||
this.outputStream = outputStream;
|
||||
this.fileInfo = fileInfo;
|
||||
return new ToRecipientsOrNoEncryptionImpl();
|
||||
return new WithOptionsImpl();
|
||||
}
|
||||
|
||||
class ToRecipientsImpl implements ToRecipients {
|
||||
|
||||
@Override
|
||||
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key) {
|
||||
encryptionOptions.addRecipient(key);
|
||||
return new AdditionalRecipientsImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key, @Nonnull String userId) {
|
||||
encryptionOptions.addRecipient(key, userId);
|
||||
return new AdditionalRecipientsImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRingCollection keys, @Nonnull String userId) {
|
||||
for (PGPPublicKeyRing ring : keys) {
|
||||
encryptionOptions.addRecipient(ring, userId);
|
||||
}
|
||||
return new AdditionalRecipientsImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalRecipients toRecipients(@Nonnull PGPPublicKeyRingCollection keys) {
|
||||
for (PGPPublicKeyRing ring : keys) {
|
||||
encryptionOptions.addRecipient(ring);
|
||||
}
|
||||
return new AdditionalRecipientsImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalRecipients forPassphrase(Passphrase passphrase) {
|
||||
encryptionOptions.addPassphrase(passphrase);
|
||||
return new AdditionalRecipientsImpl();
|
||||
}
|
||||
}
|
||||
|
||||
class ToRecipientsOrNoEncryptionImpl extends ToRecipientsImpl implements ToRecipientsOrNoEncryption {
|
||||
|
||||
class WithOptionsImpl implements WithOptions {
|
||||
@Override
|
||||
public EncryptionStream withOptions(ProducerOptions options) throws PGPException, IOException {
|
||||
if (options == null) {
|
||||
|
@ -108,152 +50,6 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
|
|||
}
|
||||
return new EncryptionStream(outputStream, options, fileInfo);
|
||||
}
|
||||
|
||||
@Override
|
||||
public SignWithOrDontSign doNotEncrypt() {
|
||||
EncryptionBuilder.this.encryptionOptions = null;
|
||||
return new SignWithOrDontSignImpl();
|
||||
}
|
||||
}
|
||||
|
||||
class AdditionalRecipientsImpl implements AdditionalRecipients {
|
||||
@Override
|
||||
public ToRecipientsOrSign and() {
|
||||
return new ToRecipientsOrSignImpl();
|
||||
}
|
||||
}
|
||||
|
||||
class ToRecipientsOrSignImpl extends ToRecipientsImpl implements ToRecipientsOrSign {
|
||||
|
||||
@Override
|
||||
public Armor doNotSign() {
|
||||
EncryptionBuilder.this.signingOptions = null;
|
||||
return new ArmorImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRing... keyRings) throws KeyValidationException, PGPException {
|
||||
return new SignWithImpl().signWith(decryptor, keyRings);
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings) throws PGPException {
|
||||
return new SignWithImpl().signWith(decryptor, keyRings);
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException {
|
||||
return new SignWithImpl().signInlineWith(secretKeyDecryptor, signingKey, userId, signatureType);
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException {
|
||||
return new SignWithImpl().signDetachedWith(secretKeyDecryptor, signingKey, userId, signatureType);
|
||||
}
|
||||
}
|
||||
|
||||
class SignWithOrDontSignImpl extends SignWithImpl implements SignWithOrDontSign {
|
||||
|
||||
@Override
|
||||
public Armor doNotSign() {
|
||||
return new ArmorImpl();
|
||||
}
|
||||
}
|
||||
|
||||
class SignWithImpl implements SignWith {
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor,
|
||||
@Nonnull PGPSecretKeyRing... keyRings)
|
||||
throws KeyValidationException, PGPException {
|
||||
for (PGPSecretKeyRing secretKeyRing : keyRings) {
|
||||
signingOptions.addInlineSignature(decryptor, secretKeyRing, DocumentSignatureType.BINARY_DOCUMENT);
|
||||
}
|
||||
return new AdditionalSignWithImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings)
|
||||
throws KeyValidationException, PGPException {
|
||||
for (PGPSecretKeyRing key : keyRings) {
|
||||
signingOptions.addInlineSignature(decryptor, key, DocumentSignatureType.BINARY_DOCUMENT);
|
||||
}
|
||||
return new AdditionalSignWithImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor,
|
||||
@Nonnull PGPSecretKeyRing signingKey,
|
||||
String userId,
|
||||
DocumentSignatureType signatureType)
|
||||
throws KeyValidationException, PGPException {
|
||||
signingOptions.addInlineSignature(secretKeyDecryptor, signingKey, userId, signatureType);
|
||||
return new AdditionalSignWithImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor,
|
||||
@Nonnull PGPSecretKeyRing signingKey,
|
||||
String userId,
|
||||
DocumentSignatureType signatureType)
|
||||
throws PGPException, KeyValidationException {
|
||||
signingOptions.addDetachedSignature(secretKeyDecryptor, signingKey, userId, signatureType);
|
||||
return new AdditionalSignWithImpl();
|
||||
}
|
||||
}
|
||||
|
||||
class AdditionalSignWithImpl implements AdditionalSignWith {
|
||||
|
||||
@Override
|
||||
public SignWith and() {
|
||||
return new SignWithImpl();
|
||||
}
|
||||
|
||||
@Override
|
||||
public EncryptionStream asciiArmor() throws IOException, PGPException {
|
||||
return new ArmorImpl().asciiArmor();
|
||||
}
|
||||
|
||||
@Override
|
||||
public EncryptionStream noArmor() throws IOException, PGPException {
|
||||
return new ArmorImpl().noArmor();
|
||||
}
|
||||
}
|
||||
|
||||
class ArmorImpl implements Armor {
|
||||
|
||||
@Override
|
||||
public EncryptionStream asciiArmor() throws IOException, PGPException {
|
||||
assignProducerOptions();
|
||||
options.setAsciiArmor(true);
|
||||
return build();
|
||||
}
|
||||
|
||||
@Override
|
||||
public EncryptionStream noArmor() throws IOException, PGPException {
|
||||
assignProducerOptions();
|
||||
options.setAsciiArmor(false);
|
||||
return build();
|
||||
}
|
||||
|
||||
private EncryptionStream build() throws IOException, PGPException {
|
||||
return new EncryptionStream(
|
||||
EncryptionBuilder.this.outputStream,
|
||||
EncryptionBuilder.this.options,
|
||||
fileInfo);
|
||||
}
|
||||
|
||||
private void assignProducerOptions() {
|
||||
if (encryptionOptions != null && signingOptions != null) {
|
||||
options = ProducerOptions.signAndEncrypt(encryptionOptions, signingOptions);
|
||||
} else if (encryptionOptions != null) {
|
||||
options = ProducerOptions.encrypt(encryptionOptions);
|
||||
} else if (signingOptions != null) {
|
||||
options = ProducerOptions.sign(signingOptions);
|
||||
} else {
|
||||
options = ProducerOptions.noEncryptionNoSigning();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -21,16 +21,8 @@ import java.util.Date;
|
|||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||
import org.pgpainless.algorithm.DocumentSignatureType;
|
||||
import org.pgpainless.algorithm.StreamEncoding;
|
||||
import org.pgpainless.decryption_verification.OpenPgpMetadata;
|
||||
import org.pgpainless.exception.KeyValidationException;
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
|
||||
public interface EncryptionBuilderInterface {
|
||||
|
||||
|
@ -41,7 +33,7 @@ public interface EncryptionBuilderInterface {
|
|||
* @param outputStream output stream of the plain data.
|
||||
* @return api handle
|
||||
*/
|
||||
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream) {
|
||||
default WithOptions onOutputStream(@Nonnull OutputStream outputStream) {
|
||||
return onOutputStream(outputStream, OpenPgpMetadata.FileInfo.binaryStream());
|
||||
}
|
||||
/**
|
||||
|
@ -54,7 +46,7 @@ public interface EncryptionBuilderInterface {
|
|||
*
|
||||
* @deprecated use {@link #onOutputStream(OutputStream, OpenPgpMetadata.FileInfo)} instead.
|
||||
*/
|
||||
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, boolean forYourEyesOnly) {
|
||||
default WithOptions onOutputStream(@Nonnull OutputStream outputStream, boolean forYourEyesOnly) {
|
||||
return onOutputStream(outputStream, forYourEyesOnly ? OpenPgpMetadata.FileInfo.forYourEyesOnly() : OpenPgpMetadata.FileInfo.binaryStream());
|
||||
}
|
||||
|
||||
|
@ -69,7 +61,7 @@ public interface EncryptionBuilderInterface {
|
|||
*
|
||||
* @deprecated use {@link #onOutputStream(OutputStream, OpenPgpMetadata.FileInfo)} instead.
|
||||
*/
|
||||
default ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, String fileName, boolean forYourEyesOnly) {
|
||||
default WithOptions onOutputStream(@Nonnull OutputStream outputStream, String fileName, boolean forYourEyesOnly) {
|
||||
return onOutputStream(outputStream, new OpenPgpMetadata.FileInfo(forYourEyesOnly ? "_CONSOLE" : fileName, new Date(), StreamEncoding.BINARY));
|
||||
}
|
||||
|
||||
|
@ -81,9 +73,9 @@ public interface EncryptionBuilderInterface {
|
|||
* @param fileInfo file information
|
||||
* @return api handle
|
||||
*/
|
||||
ToRecipientsOrNoEncryption onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo);
|
||||
WithOptions onOutputStream(@Nonnull OutputStream outputStream, OpenPgpMetadata.FileInfo fileInfo);
|
||||
|
||||
interface ToRecipientsOrNoEncryption extends ToRecipients {
|
||||
interface WithOptions {
|
||||
|
||||
/**
|
||||
* Create an {@link EncryptionStream} with the given options (recipients, signers, algorithms...).
|
||||
|
@ -93,217 +85,5 @@ public interface EncryptionBuilderInterface {
|
|||
*/
|
||||
EncryptionStream withOptions(ProducerOptions options) throws PGPException, IOException;
|
||||
|
||||
/**
|
||||
* Instruct the {@link EncryptionStream} to not encrypt any data.
|
||||
*
|
||||
* @return api handle
|
||||
*/
|
||||
SignWithOrDontSign doNotEncrypt();
|
||||
}
|
||||
|
||||
interface ToRecipients {
|
||||
|
||||
/**
|
||||
* Encrypt for the given valid public key.
|
||||
* With this method, the recipient key is being addressed by key-id,
|
||||
* so this method prioritizes algorithm preferences from the keys direct-key signature.
|
||||
*
|
||||
* @param key recipient key for which the message will be encrypted.
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key);
|
||||
|
||||
/**
|
||||
* Encrypt for the given valid key using the provided user-id signature to determine preferences.
|
||||
*
|
||||
* @param key public key
|
||||
* @param userId user-id which is used to select the correct encryption parameters based on preferences.
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRing key, @Nonnull String userId);
|
||||
|
||||
/**
|
||||
* Encrypt for the first valid key in the provided keys collection which has a valid user-id that matches
|
||||
* the provided userId.
|
||||
* The user-id is also used to determine encryption preferences.
|
||||
*
|
||||
* @param keys collection of keys
|
||||
* @param userId user-id used to select the correct key
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalRecipients toRecipient(@Nonnull PGPPublicKeyRingCollection keys, @Nonnull String userId);
|
||||
|
||||
/**
|
||||
* Encrypt for all valid public keys in the provided collection.
|
||||
* If any key is not eligible for encryption (e.g. expired, revoked...),
|
||||
* an {@link IllegalArgumentException} will be thrown.
|
||||
*
|
||||
* @param keys collection of public keys
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalRecipients toRecipients(@Nonnull PGPPublicKeyRingCollection keys);
|
||||
|
||||
/**
|
||||
* Symmetrically encrypt the message using a passphrase.
|
||||
* Note that the passphrase MUST NOT be empty.
|
||||
*
|
||||
* @param passphrase passphrase
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalRecipients forPassphrase(Passphrase passphrase);
|
||||
|
||||
}
|
||||
|
||||
interface AdditionalRecipients {
|
||||
/**
|
||||
* Add an additional recipient key/passphrase or configure signing.
|
||||
*
|
||||
* @return api handle
|
||||
*/
|
||||
ToRecipientsOrSign and();
|
||||
}
|
||||
|
||||
// Allow additional recipient or signing configuration
|
||||
interface ToRecipientsOrSign extends ToRecipients, SignWithOrDontSign {
|
||||
}
|
||||
|
||||
// Allow signing configuration or no signing at all
|
||||
interface SignWithOrDontSign extends SignWith {
|
||||
/**
|
||||
* Do not sign the plain data at all.
|
||||
*
|
||||
* @return api handle
|
||||
*/
|
||||
Armor doNotSign();
|
||||
}
|
||||
|
||||
interface SignWith {
|
||||
|
||||
/**
|
||||
* Pass in a list of secret keys used for signing, along with a {@link SecretKeyRingProtector} used to unlock
|
||||
* the secret keys.
|
||||
*
|
||||
* @deprecated use {@link #signInlineWith(SecretKeyRingProtector, PGPSecretKeyRing)} instead.
|
||||
* @param decryptor {@link SecretKeyRingProtector} used to unlock the secret keys
|
||||
* @param keyRings secret keys used for signing
|
||||
* @return api handle
|
||||
*/
|
||||
@Deprecated
|
||||
AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRing... keyRings) throws KeyValidationException, PGPException;
|
||||
|
||||
/**
|
||||
* Sign inline using the passed in secret keys.
|
||||
*
|
||||
* @deprecated use {@link #signInlineWith(SecretKeyRingProtector, PGPSecretKeyRing)} instead.
|
||||
* @param decryptor for unlocking the secret keys
|
||||
* @param keyRings secret keys
|
||||
* @return api handle
|
||||
*/
|
||||
@Deprecated
|
||||
AdditionalSignWith signWith(@Nonnull SecretKeyRingProtector decryptor, @Nonnull PGPSecretKeyRingCollection keyRings) throws KeyValidationException, PGPException;
|
||||
|
||||
/**
|
||||
* Create an inline signature using the provided secret key.
|
||||
* The signature will be of type {@link DocumentSignatureType#BINARY_DOCUMENT}.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @return api handle
|
||||
*/
|
||||
default AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey) throws PGPException, KeyValidationException {
|
||||
return signInlineWith(secretKeyDecryptor, signingKey, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an inline signature using the provided secret key.
|
||||
* If userId is not null, the preferences of the matching user-id on the key will be used for signing.
|
||||
* The signature will be of type {@link DocumentSignatureType#BINARY_DOCUMENT}.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @param userId userId whose preferences shall be used for signing
|
||||
* @return api handle
|
||||
*/
|
||||
default AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId) throws PGPException, KeyValidationException {
|
||||
return signInlineWith(secretKeyDecryptor, signingKey, userId, DocumentSignatureType.BINARY_DOCUMENT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an inline signature using the provided secret key with the algorithm preferences of the provided user-id.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @param userId user-id whose preferences shall be used for signing
|
||||
* @param signatureType signature type
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalSignWith signInlineWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws KeyValidationException, PGPException;
|
||||
|
||||
/**
|
||||
* Create a detached signature using the provided secret key.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @return api handle
|
||||
*/
|
||||
default AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey) throws PGPException, KeyValidationException {
|
||||
return signDetachedWith(secretKeyDecryptor, signingKey, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a detached signature using the provided secret key with the algorithm preferences of the provided user-id.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @param userId user-id whose preferences shall be used for signing
|
||||
* @return api handle
|
||||
*/
|
||||
default AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId) throws PGPException, KeyValidationException {
|
||||
return signDetachedWith(secretKeyDecryptor, signingKey, userId, DocumentSignatureType.BINARY_DOCUMENT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a detached signature using the provided secret key with the algorithm preferences of the provided user-id.
|
||||
*
|
||||
* @param secretKeyDecryptor for unlocking the secret key
|
||||
* @param signingKey signing key
|
||||
* @param userId user-id whose preferences shall be used for signing
|
||||
* @param signatureType type of the signature
|
||||
* @return api handle
|
||||
*/
|
||||
AdditionalSignWith signDetachedWith(@Nonnull SecretKeyRingProtector secretKeyDecryptor, @Nonnull PGPSecretKeyRing signingKey, String userId, DocumentSignatureType signatureType) throws PGPException, KeyValidationException;
|
||||
}
|
||||
|
||||
interface AdditionalSignWith extends Armor {
|
||||
/**
|
||||
* Add an additional signing key/method.
|
||||
*
|
||||
* @return api handle
|
||||
*/
|
||||
SignWith and();
|
||||
}
|
||||
|
||||
interface Armor {
|
||||
|
||||
/**
|
||||
* Wrap the encrypted/signed output in an ASCII armor.
|
||||
* This can come in handy for sending the encrypted message via eg. email.
|
||||
*
|
||||
* @return encryption stream
|
||||
* @throws IOException in case some I/O error occurs
|
||||
* @throws PGPException in case of some malformed pgp data
|
||||
*/
|
||||
EncryptionStream asciiArmor() throws IOException, PGPException;
|
||||
|
||||
/**
|
||||
* Do not wrap the output in an ASCII armor.
|
||||
*
|
||||
* @return encryption stream
|
||||
* @throws IOException in case some I/O error occurs
|
||||
* @throws PGPException in case of some malformed pgp data
|
||||
*/
|
||||
EncryptionStream noArmor() throws IOException, PGPException;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -89,6 +89,10 @@ public final class SigningOptions {
|
|||
private final Map<SubkeyIdentifier, SigningMethod> signingMethods = new HashMap<>();
|
||||
private HashAlgorithm hashAlgorithmOverride;
|
||||
|
||||
public static SigningOptions get() {
|
||||
return new SigningOptions();
|
||||
}
|
||||
|
||||
/**
|
||||
* Add inline signatures with all secret key rings in the provided secret key ring collection.
|
||||
*
|
||||
|
|
|
@ -153,10 +153,10 @@ public class EncryptDecryptTest {
|
|||
|
||||
EncryptionStream encryptor = PGPainless.encryptAndOrSign()
|
||||
.onOutputStream(envelope)
|
||||
.toRecipient(recipientPub)
|
||||
.and()
|
||||
.signInlineWith(keyDecryptor, senderSec, null, DocumentSignatureType.BINARY_DOCUMENT)
|
||||
.noArmor();
|
||||
.withOptions(ProducerOptions.signAndEncrypt(
|
||||
EncryptionOptions.encryptCommunications().addRecipient(recipientPub),
|
||||
new SigningOptions().addInlineSignature(keyDecryptor, senderSec, DocumentSignatureType.BINARY_DOCUMENT)
|
||||
));
|
||||
|
||||
Streams.pipeAll(new ByteArrayInputStream(secretMessage), encryptor);
|
||||
encryptor.close();
|
||||
|
@ -205,9 +205,9 @@ public class EncryptDecryptTest {
|
|||
ByteArrayInputStream inputStream = new ByteArrayInputStream(data);
|
||||
ByteArrayOutputStream dummyOut = new ByteArrayOutputStream();
|
||||
EncryptionStream signer = PGPainless.encryptAndOrSign().onOutputStream(dummyOut)
|
||||
.doNotEncrypt()
|
||||
.signDetachedWith(keyRingProtector, signingKeys)
|
||||
.noArmor();
|
||||
.withOptions(ProducerOptions.sign(
|
||||
new SigningOptions().addDetachedSignature(keyRingProtector, signingKeys, DocumentSignatureType.BINARY_DOCUMENT)
|
||||
));
|
||||
Streams.pipeAll(inputStream, signer);
|
||||
signer.close();
|
||||
|
||||
|
@ -250,9 +250,10 @@ public class EncryptDecryptTest {
|
|||
ByteArrayInputStream inputStream = new ByteArrayInputStream(data);
|
||||
ByteArrayOutputStream signOut = new ByteArrayOutputStream();
|
||||
EncryptionStream signer = PGPainless.encryptAndOrSign().onOutputStream(signOut)
|
||||
.doNotEncrypt()
|
||||
.signInlineWith(keyRingProtector, signingKeys)
|
||||
.asciiArmor();
|
||||
.withOptions(ProducerOptions.sign(
|
||||
SigningOptions.get()
|
||||
.addInlineSignature(keyRingProtector, signingKeys, DocumentSignatureType.BINARY_DOCUMENT)
|
||||
).setAsciiArmor(true));
|
||||
Streams.pipeAll(inputStream, signer);
|
||||
signer.close();
|
||||
|
||||
|
@ -328,9 +329,9 @@ public class EncryptDecryptTest {
|
|||
"-----END PGP PUBLIC KEY BLOCK-----\n";
|
||||
|
||||
PGPPublicKeyRing publicKeys = PGPainless.readKeyRing().publicKeyRing(key);
|
||||
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
|
||||
|
||||
assertThrows(IllegalArgumentException.class, () ->
|
||||
PGPainless.encryptAndOrSign().onOutputStream(outputStream)
|
||||
.toRecipient(publicKeys));
|
||||
EncryptionOptions.encryptCommunications()
|
||||
.addRecipient(publicKeys));
|
||||
}
|
||||
}
|
||||
|
|
|
@ -37,10 +37,8 @@ public class EncryptionStreamClosedTest {
|
|||
OutputStream out = new ByteArrayOutputStream();
|
||||
EncryptionStream stream = PGPainless.encryptAndOrSign()
|
||||
.onOutputStream(out)
|
||||
.forPassphrase(Passphrase.fromPassword("dummy"))
|
||||
.and()
|
||||
.doNotSign()
|
||||
.asciiArmor();
|
||||
.withOptions(ProducerOptions.encrypt(EncryptionOptions.encryptCommunications()
|
||||
.addPassphrase(Passphrase.fromPassword("dummy"))));
|
||||
|
||||
// No close() called => getResult throws
|
||||
assertThrows(IllegalStateException.class, stream::getResult);
|
||||
|
|
|
@ -67,10 +67,11 @@ public class FileInfoTest {
|
|||
ByteArrayOutputStream dataOut = new ByteArrayOutputStream();
|
||||
EncryptionStream encryptionStream = PGPainless.encryptAndOrSign()
|
||||
.onOutputStream(dataOut, fileInfo)
|
||||
.toRecipient(publicKeys)
|
||||
.and()
|
||||
.doNotSign()
|
||||
.noArmor();
|
||||
.withOptions(ProducerOptions.encrypt(
|
||||
EncryptionOptions
|
||||
.encryptCommunications()
|
||||
.addRecipient(publicKeys))
|
||||
);
|
||||
|
||||
Streams.pipeAll(dataIn, encryptionStream);
|
||||
encryptionStream.close();
|
||||
|
|
|
@ -37,8 +37,11 @@ import org.bouncycastle.util.io.Streams;
|
|||
import org.junit.jupiter.params.ParameterizedTest;
|
||||
import org.junit.jupiter.params.provider.MethodSource;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.DocumentSignatureType;
|
||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
import org.pgpainless.encryption_signing.EncryptionStream;
|
||||
import org.pgpainless.encryption_signing.ProducerOptions;
|
||||
import org.pgpainless.encryption_signing.SigningOptions;
|
||||
import org.pgpainless.implementation.ImplementationFactory;
|
||||
import org.pgpainless.key.protection.KeyRingProtectionSettings;
|
||||
import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector;
|
||||
|
@ -192,9 +195,9 @@ public class ChangeSecretKeyRingPassphraseTest {
|
|||
String dummyMessage = "dummy";
|
||||
ByteArrayOutputStream dummy = new ByteArrayOutputStream();
|
||||
EncryptionStream stream = PGPainless.encryptAndOrSign().onOutputStream(dummy)
|
||||
.doNotEncrypt()
|
||||
.signInlineWith(PasswordBasedSecretKeyRingProtector.forKey(keyRing, passphrase), keyRing)
|
||||
.noArmor();
|
||||
.withOptions(ProducerOptions.sign(SigningOptions.get()
|
||||
.addInlineSignature(PasswordBasedSecretKeyRingProtector.forKey(keyRing, passphrase),
|
||||
keyRing, DocumentSignatureType.BINARY_DOCUMENT)));
|
||||
|
||||
Streams.pipeAll(new ByteArrayInputStream(dummyMessage.getBytes()), stream);
|
||||
stream.close();
|
||||
|
|
Loading…
Reference in a new issue