Split KeyFlagSelectionStrategies up into Has{Any|All}KeyFlagsSelectionStrategy

pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java

@@ -441,6 +441,12 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
                 new EncryptionKeySelectionStrategy(flags));
     }
 
+    SecretKeySelectionStrategy signingKeySelector() {
+        return new And.SecKeySelectionStrategy(
+                new NoRevocation.SecKeySelectionStrategy(),
+                new SignatureKeySelectionStrategy());
+    }
+
     private static KeyFlag[] mapPurposeToKeyFlags(EncryptionStream.Purpose purpose) {
         KeyFlag[] flags;
         switch (purpose) {
@@ -458,10 +464,4 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
         }
         return flags;
     }
-
-    SecretKeySelectionStrategy signingKeySelector() {
-        return new And.SecKeySelectionStrategy(
-                new NoRevocation.SecKeySelectionStrategy(),
-                new SignatureKeySelectionStrategy());
-    }
 }

pgpainless-core/src/main/java/org/pgpainless/key/selection/key/impl/EncryptionKeySelectionStrategy.java

@@ -15,6 +15,8 @@
  */
 package org.pgpainless.key.selection.key.impl;
 
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import javax.annotation.Nonnull;
 
 import org.bouncycastle.openpgp.PGPPublicKey;
@@ -26,14 +28,26 @@ import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
  */
 public class EncryptionKeySelectionStrategy extends PublicKeySelectionStrategy {
 
-    private final HasKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
+    public static final Logger LOGGER = Logger.getLogger(EncryptionKeySelectionStrategy.class.getName());
+
+    private final HasAnyKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
 
     public EncryptionKeySelectionStrategy(KeyFlag... flags) {
-        this.keyFlagSelector = new HasKeyFlagSelectionStrategy.PublicKey(flags);
+        this.keyFlagSelector = new HasAnyKeyFlagSelectionStrategy.PublicKey(flags);
     }
 
     @Override
     public boolean accept(@Nonnull PGPPublicKey key) {
-        return key.isEncryptionKey() && keyFlagSelector.accept(key);
+        boolean isEncryptionKey = key.isEncryptionKey();
+        boolean hasAppropriateKeyFlags = keyFlagSelector.accept(key);
+
+        if (!isEncryptionKey) {
+            LOGGER.log(Level.FINE, "Key algorithm is not suitable of encryption.");
+        }
+        if (!hasAppropriateKeyFlags) {
+            LOGGER.log(Level.FINE, "Key " + Long.toHexString(key.getKeyID()) + " does not carry ");
+        }
+
+        return isEncryptionKey && hasAppropriateKeyFlags;
     }
 }

pgpainless-core/src/main/java/org/pgpainless/key/selection/key/impl/HasAllKeyFlagSelectionStrategy.java

@@ -24,7 +24,10 @@ import org.pgpainless.algorithm.KeyFlag;
 import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
 import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
 
-public class HasKeyFlagSelectionStrategy {
+/**
+ * Selection Strategy that accepts a key if it carries all of the specified key flags.
+ */
+public class HasAllKeyFlagSelectionStrategy {
 
     public static class PublicKey extends PublicKeySelectionStrategy {
 

pgpainless-core/src/main/java/org/pgpainless/key/selection/key/impl/HasAnyKeyFlagSelectionStrategy.java

@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Paul Schaub.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.pgpainless.key.selection.key.impl;
+
+import java.util.Iterator;
+
+import org.bouncycastle.openpgp.PGPPublicKey;
+import org.bouncycastle.openpgp.PGPSecretKey;
+import org.bouncycastle.openpgp.PGPSignature;
+import org.pgpainless.algorithm.KeyFlag;
+import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
+import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
+
+/**
+ * Selection Strategies that accept a key if it carries at least one of the given key flags.
+ */
+public class HasAnyKeyFlagSelectionStrategy {
+
+    public static class PublicKey extends PublicKeySelectionStrategy {
+
+        private final int keyFlagMask;
+
+        public PublicKey(KeyFlag... flags) {
+            this(KeyFlag.toBitmask(flags));
+        }
+
+        public PublicKey(int mask) {
+            this.keyFlagMask = mask;
+        }
+
+        @Override
+        public boolean accept(PGPPublicKey key) {
+            Iterator<PGPSignature> signatures = key.getSignatures();
+            int flags = signatures.next().getHashedSubPackets().getKeyFlags();
+            return (keyFlagMask & flags) != 0;
+        }
+    }
+
+    public static class SecretKey extends SecretKeySelectionStrategy {
+
+        private final int keyFlagMask;
+
+        public SecretKey(KeyFlag... flags) {
+            this(KeyFlag.toBitmask(flags));
+        }
+
+        public SecretKey(int mask) {
+            this.keyFlagMask = mask;
+        }
+
+        @Override
+        public boolean accept(PGPSecretKey key) {
+            Iterator<PGPSignature> signatures = key.getPublicKey().getSignatures();
+            int flags = signatures.next().getHashedSubPackets().getKeyFlags();
+            return (keyFlagMask & flags) != 0;
+        }
+    }
+}

pgpainless-core/src/test/java/org/pgpainless/key/selection/key/KeyFlagBasedSelectionStrategyTest.java

@@ -34,9 +34,10 @@ import org.pgpainless.key.generation.type.KeyType;
 import org.pgpainless.key.generation.type.ecc.EllipticCurve;
 import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
 import org.pgpainless.key.generation.type.xdh.XDHCurve;
-import org.pgpainless.key.selection.key.impl.HasKeyFlagSelectionStrategy;
+import org.pgpainless.key.selection.key.impl.HasAllKeyFlagSelectionStrategy;
+import org.pgpainless.key.selection.key.impl.HasAnyKeyFlagSelectionStrategy;
 
-public class HasKeyFlagsSelectionStrategyTest {
+public class KeyFlagBasedSelectionStrategyTest {
 
     @Test
     public void testKeyFlagSelectors() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
@@ -61,12 +62,14 @@ public class HasKeyFlagsSelectionStrategyTest {
         // ENCRYPT_COMMS
         PGPSecretKey s_encryptionKey = iterator.next();
 
-        HasKeyFlagSelectionStrategy.SecretKey s_certifyOther =
+        HasAllKeyFlagSelectionStrategy.SecretKey s_certifyOther =
-                new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
+                new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
-        HasKeyFlagSelectionStrategy.SecretKey s_encryptComms =
+        HasAllKeyFlagSelectionStrategy.SecretKey s_encryptComms =
-                new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
+                new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
-        HasKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
+        HasAllKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
-                new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
+                new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
+        HasAnyKeyFlagSelectionStrategy.SecretKey s_anyEncryptCommsEncryptStorage =
+                new HasAnyKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
 
         assertTrue(s_certifyOther.accept(s_primaryKey));
         assertFalse(s_certifyOther.accept(s_encryptionKey));
@@ -81,16 +84,22 @@ public class HasKeyFlagsSelectionStrategyTest {
         assertFalse(s_encryptCommsEncryptStorage.accept(s_primaryKey));
         assertFalse(s_encryptCommsEncryptStorage.accept(s_signingKey));
 
+        assertTrue(s_anyEncryptCommsEncryptStorage.accept(s_encryptionKey));
+        assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_primaryKey));
+        assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_signingKey));
+
         PGPPublicKey p_primaryKey = s_primaryKey.getPublicKey();
         PGPPublicKey p_encryptionKey = s_encryptionKey.getPublicKey();
         PGPPublicKey p_signingKey = s_signingKey.getPublicKey();
 
-        HasKeyFlagSelectionStrategy.PublicKey p_certifyOther =
+        HasAllKeyFlagSelectionStrategy.PublicKey p_certifyOther =
-                new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
+                new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
-        HasKeyFlagSelectionStrategy.PublicKey p_encryptComms =
+        HasAllKeyFlagSelectionStrategy.PublicKey p_encryptComms =
-                new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
+                new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
-        HasKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
+        HasAllKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
-                new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
+                new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
+        HasAnyKeyFlagSelectionStrategy.PublicKey p_anyEncryptCommsEncryptStorage =
+                new HasAnyKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
 
         assertTrue(p_certifyOther.accept(p_primaryKey));
         assertFalse(p_certifyOther.accept(p_encryptionKey));
@@ -104,5 +113,9 @@ public class HasKeyFlagsSelectionStrategyTest {
                 "Must not accept the key, as it only carries ENCRYPT_COMMS, but not ENCRYPT_STORAGE");
         assertFalse(p_encryptCommsEncryptStorage.accept(p_primaryKey));
         assertFalse(p_encryptCommsEncryptStorage.accept(p_signingKey));
+
+        assertTrue(p_anyEncryptCommsEncryptStorage.accept(p_encryptionKey));
+        assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_primaryKey));
+        assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_signingKey));
     }
 }

pgpainless-core/src/test/java/org/pgpainless/weird_keys/TestEncryptCommsStorageFlagsDifferentiated.java

@@ -56,6 +56,6 @@ public class TestEncryptCommsStorageFlagsDifferentiated {
                 .onOutputStream(out);
 
         // since the key does not carry the flag ENCRYPT_COMMS, it cannot be used by the stream.
-        assertThrows(IllegalStateException.class, () -> builder.toRecipients(publicKeys));
+        assertThrows(IllegalArgumentException.class, () -> builder.toRecipients(publicKeys));
     }
 }