mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-01-24 10:56:23 +01:00
Kotlin conversion: PasswordBasedSecretKeyRingProtector
This commit is contained in:
parent
b125333c89
commit
b9c601b996
2 changed files with 63 additions and 78 deletions
|
@ -1,78 +0,0 @@
|
||||||
// SPDX-FileCopyrightText: 2018 Paul Schaub <vanitasvitae@fsfe.org>
|
|
||||||
//
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
package org.pgpainless.key.protection;
|
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
|
||||||
import javax.annotation.Nullable;
|
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPKeyRing;
|
|
||||||
import org.bouncycastle.openpgp.PGPSecretKey;
|
|
||||||
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
|
|
||||||
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
|
|
||||||
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
|
|
||||||
import org.pgpainless.util.Passphrase;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provides {@link PBESecretKeyDecryptor} and {@link PBESecretKeyEncryptor} objects while getting the passphrases
|
|
||||||
* from a {@link SecretKeyPassphraseProvider} and using settings from an {@link KeyRingProtectionSettings}.
|
|
||||||
*/
|
|
||||||
public class PasswordBasedSecretKeyRingProtector extends BaseSecretKeyRingProtector {
|
|
||||||
|
|
||||||
public PasswordBasedSecretKeyRingProtector(@Nonnull SecretKeyPassphraseProvider passphraseProvider) {
|
|
||||||
super(passphraseProvider);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Constructor.
|
|
||||||
* Passphrases for keys are sourced from the {@code passphraseProvider} and decryptors/encryptors are constructed
|
|
||||||
* following the settings given in {@code settings}.
|
|
||||||
*
|
|
||||||
* @param settings S2K settings etc.
|
|
||||||
* @param passphraseProvider provider which provides passphrases.
|
|
||||||
*/
|
|
||||||
public PasswordBasedSecretKeyRingProtector(@Nonnull KeyRingProtectionSettings settings, @Nonnull SecretKeyPassphraseProvider passphraseProvider) {
|
|
||||||
super(passphraseProvider, settings);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static PasswordBasedSecretKeyRingProtector forKey(PGPKeyRing keyRing, Passphrase passphrase) {
|
|
||||||
SecretKeyPassphraseProvider passphraseProvider = new SecretKeyPassphraseProvider() {
|
|
||||||
@Override
|
|
||||||
@Nullable
|
|
||||||
public Passphrase getPassphraseFor(long keyId) {
|
|
||||||
return hasPassphrase(keyId) ? passphrase : null;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean hasPassphrase(long keyId) {
|
|
||||||
return keyRing.getPublicKey(keyId) != null;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
return new PasswordBasedSecretKeyRingProtector(passphraseProvider);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static PasswordBasedSecretKeyRingProtector forKey(PGPSecretKey key, Passphrase passphrase) {
|
|
||||||
return forKeyId(key.getPublicKey().getKeyID(), passphrase);
|
|
||||||
}
|
|
||||||
|
|
||||||
public static PasswordBasedSecretKeyRingProtector forKeyId(long singleKeyId, Passphrase passphrase) {
|
|
||||||
SecretKeyPassphraseProvider passphraseProvider = new SecretKeyPassphraseProvider() {
|
|
||||||
@Nullable
|
|
||||||
@Override
|
|
||||||
public Passphrase getPassphraseFor(long keyId) {
|
|
||||||
if (keyId == singleKeyId) {
|
|
||||||
return passphrase;
|
|
||||||
}
|
|
||||||
return null;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean hasPassphrase(long keyId) {
|
|
||||||
return keyId == singleKeyId;
|
|
||||||
}
|
|
||||||
};
|
|
||||||
return new PasswordBasedSecretKeyRingProtector(passphraseProvider);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.key.protection
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPKeyRing
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKey
|
||||||
|
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider
|
||||||
|
import org.pgpainless.util.Passphrase
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provides [PBESecretKeyDecryptor] and [PBESecretKeyEncryptor] objects while getting the passphrases
|
||||||
|
* from a [SecretKeyPassphraseProvider] and using settings from an [KeyRingProtectionSettings].
|
||||||
|
*/
|
||||||
|
class PasswordBasedSecretKeyRingProtector : BaseSecretKeyRingProtector {
|
||||||
|
|
||||||
|
constructor(passphraseProvider: SecretKeyPassphraseProvider): super(passphraseProvider)
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Constructor.
|
||||||
|
* Passphrases for keys are sourced from the `passphraseProvider` and decryptors/encryptors are constructed
|
||||||
|
* following the settings given in `settings`.
|
||||||
|
*
|
||||||
|
* @param settings S2K settings etc.
|
||||||
|
* @param passphraseProvider provider which provides passphrases.
|
||||||
|
*/
|
||||||
|
constructor(settings: KeyRingProtectionSettings,
|
||||||
|
passphraseProvider: SecretKeyPassphraseProvider): super(passphraseProvider, settings)
|
||||||
|
|
||||||
|
companion object {
|
||||||
|
@JvmStatic
|
||||||
|
fun forKey(keyRing: PGPKeyRing, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector {
|
||||||
|
return object : SecretKeyPassphraseProvider {
|
||||||
|
|
||||||
|
override fun getPassphraseFor(keyId: Long): Passphrase? {
|
||||||
|
return if (hasPassphrase(keyId)) passphrase else null
|
||||||
|
}
|
||||||
|
|
||||||
|
override fun hasPassphrase(keyId: Long): Boolean {
|
||||||
|
return keyRing.getPublicKey(keyId) != null
|
||||||
|
}
|
||||||
|
}.let { PasswordBasedSecretKeyRingProtector(it) }
|
||||||
|
}
|
||||||
|
|
||||||
|
@JvmStatic
|
||||||
|
fun forKey(key: PGPSecretKey, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector =
|
||||||
|
forKeyId(key.publicKey.keyID, passphrase)
|
||||||
|
|
||||||
|
@JvmStatic
|
||||||
|
fun forKeyId(singleKeyId: Long, passphrase: Passphrase): PasswordBasedSecretKeyRingProtector {
|
||||||
|
return object : SecretKeyPassphraseProvider {
|
||||||
|
override fun getPassphraseFor(keyId: Long): Passphrase? {
|
||||||
|
return if (hasPassphrase(keyId)) passphrase else null
|
||||||
|
}
|
||||||
|
|
||||||
|
override fun hasPassphrase(keyId: Long): Boolean {
|
||||||
|
return keyId == singleKeyId
|
||||||
|
}
|
||||||
|
}.let { PasswordBasedSecretKeyRingProtector(it) }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue