mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Start reusing new signature builder in SecretKeyRingEditor
This commit is contained in:
parent
44169ecf64
commit
c31fda95f9
3 changed files with 20 additions and 25 deletions
|
@ -52,6 +52,8 @@ import org.pgpainless.key.protection.passphrase_provider.SolitaryPassphraseProvi
|
||||||
import org.pgpainless.key.util.KeyRingUtils;
|
import org.pgpainless.key.util.KeyRingUtils;
|
||||||
import org.pgpainless.key.util.RevocationAttributes;
|
import org.pgpainless.key.util.RevocationAttributes;
|
||||||
import org.pgpainless.signature.SignatureUtils;
|
import org.pgpainless.signature.SignatureUtils;
|
||||||
|
import org.pgpainless.signature.builder.SelfSignatureBuilder;
|
||||||
|
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
|
||||||
import org.pgpainless.util.Passphrase;
|
import org.pgpainless.util.Passphrase;
|
||||||
|
|
||||||
|
@ -73,6 +75,13 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public SecretKeyRingEditorInterface addUserId(String userId, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
|
public SecretKeyRingEditorInterface addUserId(String userId, SecretKeyRingProtector secretKeyRingProtector) throws PGPException {
|
||||||
|
return addUserId(userId, null, secretKeyRingProtector);
|
||||||
|
}
|
||||||
|
|
||||||
|
public SecretKeyRingEditorInterface addUserId(
|
||||||
|
String userId,
|
||||||
|
@Nullable SelfSignatureSubpackets.Callback signatureSubpacketCallback,
|
||||||
|
SecretKeyRingProtector protector) throws PGPException {
|
||||||
userId = sanitizeUserId(userId);
|
userId = sanitizeUserId(userId);
|
||||||
|
|
||||||
List<PGPSecretKey> secretKeyList = new ArrayList<>();
|
List<PGPSecretKey> secretKeyList = new ArrayList<>();
|
||||||
|
@ -81,10 +90,15 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
// add user-id certificate to primary key
|
// add user-id certificate to primary key
|
||||||
PGPSecretKey primaryKey = secretKeyIterator.next();
|
PGPSecretKey primaryKey = secretKeyIterator.next();
|
||||||
PGPPublicKey publicKey = primaryKey.getPublicKey();
|
PGPPublicKey publicKey = primaryKey.getPublicKey();
|
||||||
PGPPrivateKey privateKey = UnlockSecretKey.unlockSecretKey(primaryKey, secretKeyRingProtector);
|
|
||||||
publicKey = addUserIdToPubKey(userId, privateKey, publicKey);
|
|
||||||
primaryKey = PGPSecretKey.replacePublicKey(primaryKey, publicKey);
|
|
||||||
|
|
||||||
|
SelfSignatureBuilder builder = new SelfSignatureBuilder(primaryKey, protector);
|
||||||
|
builder.setSignatureType(SignatureType.POSITIVE_CERTIFICATION);
|
||||||
|
builder.applyCallback(signatureSubpacketCallback);
|
||||||
|
PGPSignature signature = builder.build(publicKey, userId);
|
||||||
|
|
||||||
|
publicKey = PGPPublicKey.addCertification(publicKey,
|
||||||
|
userId, signature);
|
||||||
|
primaryKey = PGPSecretKey.replacePublicKey(primaryKey, publicKey);
|
||||||
secretKeyList.add(primaryKey);
|
secretKeyList.add(primaryKey);
|
||||||
|
|
||||||
while (secretKeyIterator.hasNext()) {
|
while (secretKeyIterator.hasNext()) {
|
||||||
|
@ -96,21 +110,6 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static PGPPublicKey addUserIdToPubKey(String userId, PGPPrivateKey privateKey, PGPPublicKey publicKey) throws PGPException {
|
|
||||||
if (privateKey.getKeyID() != publicKey.getKeyID()) {
|
|
||||||
throw new IllegalArgumentException("Key-ID mismatch!");
|
|
||||||
}
|
|
||||||
// Create signature with new user-id and add it to the public key
|
|
||||||
PGPSignatureGenerator signatureGenerator = SignatureUtils.getSignatureGeneratorFor(publicKey);
|
|
||||||
signatureGenerator.init(SignatureType.POSITIVE_CERTIFICATION.getCode(), privateKey);
|
|
||||||
|
|
||||||
PGPSignature userIdSignature = signatureGenerator.generateCertification(userId, publicKey);
|
|
||||||
publicKey = PGPPublicKey.addCertification(publicKey,
|
|
||||||
userId, userIdSignature);
|
|
||||||
|
|
||||||
return publicKey;
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO: Move to utility class?
|
// TODO: Move to utility class?
|
||||||
private String sanitizeUserId(String userId) {
|
private String sanitizeUserId(String userId) {
|
||||||
userId = userId.trim();
|
userId = userId.trim();
|
||||||
|
@ -149,11 +148,8 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
|
|
||||||
PGPDigestCalculator digestCalculator =
|
PGPDigestCalculator digestCalculator =
|
||||||
ImplementationFactory.getInstance().getPGPDigestCalculator(defaultDigestHashAlgorithm);
|
ImplementationFactory.getInstance().getPGPDigestCalculator(defaultDigestHashAlgorithm);
|
||||||
PGPContentSignerBuilder contentSignerBuilder = ImplementationFactory.getInstance()
|
PGPContentSignerBuilder contentSignerBuilder =
|
||||||
.getPGPContentSignerBuilder(
|
SignatureUtils.getPgpContentSignerBuilderForKey(primaryKey);
|
||||||
primaryKey.getAlgorithm(),
|
|
||||||
HashAlgorithm.SHA256.getAlgorithmId() // TODO: Why SHA256?
|
|
||||||
);
|
|
||||||
|
|
||||||
PGPPrivateKey privateSubKey = UnlockSecretKey.unlockSecretKey(secretSubKey, subKeyProtector);
|
PGPPrivateKey privateSubKey = UnlockSecretKey.unlockSecretKey(secretSubKey, subKeyProtector);
|
||||||
PGPKeyPair subKeyPair = new PGPKeyPair(secretSubKey.getPublicKey(), privateSubKey);
|
PGPKeyPair subKeyPair = new PGPKeyPair(secretSubKey.getPublicKey(), privateSubKey);
|
||||||
|
|
|
@ -82,7 +82,7 @@ public final class SignatureUtils {
|
||||||
* @param publicKey public key
|
* @param publicKey public key
|
||||||
* @return content signer builder
|
* @return content signer builder
|
||||||
*/
|
*/
|
||||||
private static PGPContentSignerBuilder getPgpContentSignerBuilderForKey(PGPPublicKey publicKey) {
|
public static PGPContentSignerBuilder getPgpContentSignerBuilderForKey(PGPPublicKey publicKey) {
|
||||||
Set<HashAlgorithm> hashAlgorithmSet = OpenPgpKeyAttributeUtil.getOrGuessPreferredHashAlgorithms(publicKey);
|
Set<HashAlgorithm> hashAlgorithmSet = OpenPgpKeyAttributeUtil.getOrGuessPreferredHashAlgorithms(publicKey);
|
||||||
|
|
||||||
HashAlgorithm hashAlgorithm = HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(PGPainless.getPolicy())
|
HashAlgorithm hashAlgorithm = HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(PGPainless.getPolicy())
|
||||||
|
|
|
@ -22,7 +22,6 @@ import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.info.KeyRingInfo;
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.signature.builder.CertificationSignatureBuilder;
|
|
||||||
import org.pgpainless.signature.builder.DirectKeySignatureBuilder;
|
import org.pgpainless.signature.builder.DirectKeySignatureBuilder;
|
||||||
import org.pgpainless.signature.builder.SelfSignatureBuilder;
|
import org.pgpainless.signature.builder.SelfSignatureBuilder;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue