mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-26 21:07:58 +01:00
Add overloaded method for user-id revocation using SelectUserId
This commit is contained in:
parent
16e283f3a6
commit
cc16a3da88
3 changed files with 83 additions and 1 deletions
|
@ -72,6 +72,7 @@ import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper;
|
|||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||
import org.pgpainless.util.CollectionUtils;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||
|
||||
public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||
|
||||
|
@ -391,12 +392,25 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
|||
return doRevokeUserId(userId, secretKeyRingProtector, subpacketCallback);
|
||||
}
|
||||
|
||||
@Override
|
||||
public SecretKeyRingEditorInterface revokeUserIds(SelectUserId userIdSelector, SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketsCallback) throws PGPException {
|
||||
List<String> selected = userIdSelector.selectUserIds(secretKeyRing);
|
||||
if (selected.isEmpty()) {
|
||||
throw new NoSuchElementException("No matching user-ids found on the key.");
|
||||
}
|
||||
|
||||
for (String userId : selected) {
|
||||
doRevokeUserId(userId, secretKeyRingProtector, subpacketsCallback);
|
||||
}
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
private SecretKeyRingEditorInterface doRevokeUserId(String userId,
|
||||
SecretKeyRingProtector protector,
|
||||
@Nullable RevocationSignatureSubpackets.Callback callback)
|
||||
throws PGPException {
|
||||
PGPSecretKey primarySecretKey = secretKeyRing.getSecretKey();
|
||||
PGPPublicKey primaryPublicKey = primarySecretKey.getPublicKey();
|
||||
RevocationSignatureBuilder signatureBuilder = new RevocationSignatureBuilder(
|
||||
SignatureType.CERTIFICATION_REVOCATION,
|
||||
primarySecretKey,
|
||||
|
|
|
@ -25,6 +25,7 @@ import org.pgpainless.key.util.UserId;
|
|||
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
|
||||
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||
|
||||
public interface SecretKeyRingEditorInterface {
|
||||
|
||||
|
@ -207,6 +208,11 @@ public interface SecretKeyRingEditorInterface {
|
|||
@Nullable RevocationSignatureSubpackets.Callback subpacketCallback)
|
||||
throws PGPException;
|
||||
|
||||
SecretKeyRingEditorInterface revokeUserIds(SelectUserId userIdSelector,
|
||||
SecretKeyRingProtector secretKeyRingProtector,
|
||||
@Nullable RevocationSignatureSubpackets.Callback subpacketsCallback)
|
||||
throws PGPException;
|
||||
|
||||
/**
|
||||
* Set the expiration date for the primary key of the key ring.
|
||||
* If the key is supposed to never expire, then an expiration date of null is expected.
|
||||
|
|
|
@ -0,0 +1,62 @@
|
|||
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||
//
|
||||
// SPDX-License-Identifier: Apache-2.0
|
||||
|
||||
package org.pgpainless.key.modification;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.key.info.KeyRingInfo;
|
||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.NoSuchElementException;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
public class RevokeUserIdsTest {
|
||||
|
||||
@Test
|
||||
public void revokeWithSelectUserId() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice <alice@pgpainless.org>", null);
|
||||
SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys();
|
||||
|
||||
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
||||
.addUserId("Allice <alice@example.org>", protector)
|
||||
.addUserId("Alice <alice@example.org>", protector)
|
||||
.done();
|
||||
|
||||
KeyRingInfo info = PGPainless.inspectKeyRing(secretKeys);
|
||||
assertTrue(info.isUserIdValid("Alice <alice@pgpainless.org>"));
|
||||
assertTrue(info.isUserIdValid("Allice <alice@example.org>"));
|
||||
assertTrue(info.isUserIdValid("Alice <alice@example.org>"));
|
||||
|
||||
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
||||
.revokeUserIds(SelectUserId.containsEmailAddress("alice@example.org"), protector, null)
|
||||
.done();
|
||||
|
||||
info = PGPainless.inspectKeyRing(secretKeys);
|
||||
assertTrue(info.isUserIdValid("Alice <alice@pgpainless.org>"));
|
||||
assertFalse(info.isUserIdValid("Allice <alice@example.org>"));
|
||||
assertFalse(info.isUserIdValid("Alice <alice@example.org>"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void emptySelectionYieldsNoSuchElementException() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
.modernKeyRing("Alice <alice@pgpainless.org>", null);
|
||||
|
||||
assertThrows(NoSuchElementException.class, () ->
|
||||
PGPainless.modifyKeyRing(secretKeys).revokeUserIds(
|
||||
SelectUserId.containsEmailAddress("alice@example.org"),
|
||||
SecretKeyRingProtector.unprotectedKeys(),
|
||||
null));
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue