1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-01-24 10:56:23 +01:00

Kotlin conversion: PasswordBasedSecretKeyRingProtector

This commit is contained in:
Paul Schaub 2023-08-31 17:40:37 +02:00
parent b125333c89
commit b9c601b996
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 63 additions and 78 deletions

View file

@ -1,78 +0,0 @@
// SPDX-FileCopyrightText: 2018 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.key.protection;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.bouncycastle.openpgp.PGPKeyRing;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
import org.pgpainless.util.Passphrase;
/**
* Provides {@link PBESecretKeyDecryptor} and {@link PBESecretKeyEncryptor} objects while getting the passphrases
* from a {@link SecretKeyPassphraseProvider} and using settings from an {@link KeyRingProtectionSettings}.
*/
public class PasswordBasedSecretKeyRingProtector extends BaseSecretKeyRingProtector {
public PasswordBasedSecretKeyRingProtector(@Nonnull SecretKeyPassphraseProvider passphraseProvider) {
super(passphraseProvider);
}
/**
* Constructor.
* Passphrases for keys are sourced from the {@code passphraseProvider} and decryptors/encryptors are constructed
* following the settings given in {@code settings}.
*
* @param settings S2K settings etc.
* @param passphraseProvider provider which provides passphrases.
*/
public PasswordBasedSecretKeyRingProtector(@Nonnull KeyRingProtectionSettings settings, @Nonnull SecretKeyPassphraseProvider passphraseProvider) {
super(passphraseProvider, settings);
}
public static PasswordBasedSecretKeyRingProtector forKey(PGPKeyRing keyRing, Passphrase passphrase) {
SecretKeyPassphraseProvider passphraseProvider = new SecretKeyPassphraseProvider() {
@Override
@Nullable
public Passphrase getPassphraseFor(long keyId) {
return hasPassphrase(keyId) ? passphrase : null;
}
@Override
public boolean hasPassphrase(long keyId) {
return keyRing.getPublicKey(keyId) != null;
}
};
return new PasswordBasedSecretKeyRingProtector(passphraseProvider);
}
public static PasswordBasedSecretKeyRingProtector forKey(PGPSecretKey key, Passphrase passphrase) {
return forKeyId(key.getPublicKey().getKeyID(), passphrase);
}
public static PasswordBasedSecretKeyRingProtector forKeyId(long singleKeyId, Passphrase passphrase) {
SecretKeyPassphraseProvider passphraseProvider = new SecretKeyPassphraseProvider() {
@Nullable
@Override
public Passphrase getPassphraseFor(long keyId) {
if (keyId == singleKeyId) {
return passphrase;
}
return null;
}
@Override
public boolean hasPassphrase(long keyId) {
return keyId == singleKeyId;
}
};
return new PasswordBasedSecretKeyRingProtector(passphraseProvider);
}
}

View file

@ -0,0 +1,63 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.key.protection
import org.bouncycastle.openpgp.PGPKeyRing
import org.bouncycastle.openpgp.PGPSecretKey
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider
import org.pgpainless.util.Passphrase
/**
* Provides [PBESecretKeyDecryptor] and [PBESecretKeyEncryptor] objects while getting the passphrases
* from a [SecretKeyPassphraseProvider] and using settings from an [KeyRingProtectionSettings].
*/
class PasswordBasedSecretKeyRingProtector : BaseSecretKeyRingProtector {
constructor(passphraseProvider: SecretKeyPassphraseProvider): super(passphraseProvider)
/**
* Constructor.
* Passphrases for keys are sourced from the `passphraseProvider` and decryptors/encryptors are constructed
* following the settings given in `settings`.
*
* @param settings S2K settings etc.
* @param passphraseProvider provider which provides passphrases.
*/
constructor(settings: KeyRingProtectionSettings,
passphraseProvider: SecretKeyPassphraseProvider): super(passphraseProvider, settings)
companion object {
@JvmStatic
fun forKey(keyRing: PGPKeyRing, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector {
return object : SecretKeyPassphraseProvider {
override fun getPassphraseFor(keyId: Long): Passphrase? {
return if (hasPassphrase(keyId)) passphrase else null
}
override fun hasPassphrase(keyId: Long): Boolean {
return keyRing.getPublicKey(keyId) != null
}
}.let { PasswordBasedSecretKeyRingProtector(it) }
}
@JvmStatic
fun forKey(key: PGPSecretKey, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector =
forKeyId(key.publicKey.keyID, passphrase)
@JvmStatic
fun forKeyId(singleKeyId: Long, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector {
return object : SecretKeyPassphraseProvider {
override fun getPassphraseFor(keyId: Long): Passphrase? {
return if (hasPassphrase(keyId)) passphrase else null
}
override fun hasPassphrase(keyId: Long): Boolean {
return keyId == singleKeyId
}
}.let { PasswordBasedSecretKeyRingProtector(it) }
}
}
}