mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-30 00:02:06 +01:00
Add overloaded method for user-id revocation using SelectUserId
This commit is contained in:
parent
16e283f3a6
commit
cc16a3da88
3 changed files with 83 additions and 1 deletions
|
@ -72,6 +72,7 @@ import org.pgpainless.signature.subpackets.SignatureSubpacketsHelper;
|
||||||
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
|
||||||
import org.pgpainless.util.CollectionUtils;
|
import org.pgpainless.util.CollectionUtils;
|
||||||
import org.pgpainless.util.Passphrase;
|
import org.pgpainless.util.Passphrase;
|
||||||
|
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||||
|
|
||||||
public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
|
|
||||||
|
@ -391,12 +392,25 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
|
||||||
return doRevokeUserId(userId, secretKeyRingProtector, subpacketCallback);
|
return doRevokeUserId(userId, secretKeyRingProtector, subpacketCallback);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public SecretKeyRingEditorInterface revokeUserIds(SelectUserId userIdSelector, SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketsCallback) throws PGPException {
|
||||||
|
List<String> selected = userIdSelector.selectUserIds(secretKeyRing);
|
||||||
|
if (selected.isEmpty()) {
|
||||||
|
throw new NoSuchElementException("No matching user-ids found on the key.");
|
||||||
|
}
|
||||||
|
|
||||||
|
for (String userId : selected) {
|
||||||
|
doRevokeUserId(userId, secretKeyRingProtector, subpacketsCallback);
|
||||||
|
}
|
||||||
|
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
private SecretKeyRingEditorInterface doRevokeUserId(String userId,
|
private SecretKeyRingEditorInterface doRevokeUserId(String userId,
|
||||||
SecretKeyRingProtector protector,
|
SecretKeyRingProtector protector,
|
||||||
@Nullable RevocationSignatureSubpackets.Callback callback)
|
@Nullable RevocationSignatureSubpackets.Callback callback)
|
||||||
throws PGPException {
|
throws PGPException {
|
||||||
PGPSecretKey primarySecretKey = secretKeyRing.getSecretKey();
|
PGPSecretKey primarySecretKey = secretKeyRing.getSecretKey();
|
||||||
PGPPublicKey primaryPublicKey = primarySecretKey.getPublicKey();
|
|
||||||
RevocationSignatureBuilder signatureBuilder = new RevocationSignatureBuilder(
|
RevocationSignatureBuilder signatureBuilder = new RevocationSignatureBuilder(
|
||||||
SignatureType.CERTIFICATION_REVOCATION,
|
SignatureType.CERTIFICATION_REVOCATION,
|
||||||
primarySecretKey,
|
primarySecretKey,
|
||||||
|
|
|
@ -25,6 +25,7 @@ import org.pgpainless.key.util.UserId;
|
||||||
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
|
import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
|
||||||
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
import org.pgpainless.signature.subpackets.SelfSignatureSubpackets;
|
||||||
import org.pgpainless.util.Passphrase;
|
import org.pgpainless.util.Passphrase;
|
||||||
|
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||||
|
|
||||||
public interface SecretKeyRingEditorInterface {
|
public interface SecretKeyRingEditorInterface {
|
||||||
|
|
||||||
|
@ -207,6 +208,11 @@ public interface SecretKeyRingEditorInterface {
|
||||||
@Nullable RevocationSignatureSubpackets.Callback subpacketCallback)
|
@Nullable RevocationSignatureSubpackets.Callback subpacketCallback)
|
||||||
throws PGPException;
|
throws PGPException;
|
||||||
|
|
||||||
|
SecretKeyRingEditorInterface revokeUserIds(SelectUserId userIdSelector,
|
||||||
|
SecretKeyRingProtector secretKeyRingProtector,
|
||||||
|
@Nullable RevocationSignatureSubpackets.Callback subpacketsCallback)
|
||||||
|
throws PGPException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the expiration date for the primary key of the key ring.
|
* Set the expiration date for the primary key of the key ring.
|
||||||
* If the key is supposed to never expire, then an expiration date of null is expected.
|
* If the key is supposed to never expire, then an expiration date of null is expected.
|
||||||
|
|
|
@ -0,0 +1,62 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.key.modification;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.pgpainless.PGPainless;
|
||||||
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
|
import org.pgpainless.util.selection.userid.SelectUserId;
|
||||||
|
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.NoSuchElementException;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
|
public class RevokeUserIdsTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void revokeWithSelectUserId() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||||
|
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||||
|
.modernKeyRing("Alice <alice@pgpainless.org>", null);
|
||||||
|
SecretKeyRingProtector protector = SecretKeyRingProtector.unprotectedKeys();
|
||||||
|
|
||||||
|
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
||||||
|
.addUserId("Allice <alice@example.org>", protector)
|
||||||
|
.addUserId("Alice <alice@example.org>", protector)
|
||||||
|
.done();
|
||||||
|
|
||||||
|
KeyRingInfo info = PGPainless.inspectKeyRing(secretKeys);
|
||||||
|
assertTrue(info.isUserIdValid("Alice <alice@pgpainless.org>"));
|
||||||
|
assertTrue(info.isUserIdValid("Allice <alice@example.org>"));
|
||||||
|
assertTrue(info.isUserIdValid("Alice <alice@example.org>"));
|
||||||
|
|
||||||
|
secretKeys = PGPainless.modifyKeyRing(secretKeys)
|
||||||
|
.revokeUserIds(SelectUserId.containsEmailAddress("alice@example.org"), protector, null)
|
||||||
|
.done();
|
||||||
|
|
||||||
|
info = PGPainless.inspectKeyRing(secretKeys);
|
||||||
|
assertTrue(info.isUserIdValid("Alice <alice@pgpainless.org>"));
|
||||||
|
assertFalse(info.isUserIdValid("Allice <alice@example.org>"));
|
||||||
|
assertFalse(info.isUserIdValid("Alice <alice@example.org>"));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void emptySelectionYieldsNoSuchElementException() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
|
||||||
|
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||||
|
.modernKeyRing("Alice <alice@pgpainless.org>", null);
|
||||||
|
|
||||||
|
assertThrows(NoSuchElementException.class, () ->
|
||||||
|
PGPainless.modifyKeyRing(secretKeys).revokeUserIds(
|
||||||
|
SelectUserId.containsEmailAddress("alice@example.org"),
|
||||||
|
SecretKeyRingProtector.unprotectedKeys(),
|
||||||
|
null));
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue