mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 04:42:06 +01:00
Add KeyRing class and remove non-functional util methods
This commit is contained in:
parent
743fbf5ee4
commit
ded635b354
11 changed files with 262 additions and 83 deletions
|
@ -0,0 +1,40 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 Paul Schaub.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.pgpainless.pgpainless.key.collection;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
|
||||||
|
public class PGPKeyRing {
|
||||||
|
|
||||||
|
private PGPPublicKeyRing publicKeys;
|
||||||
|
private PGPSecretKeyRing secretKeys;
|
||||||
|
|
||||||
|
public PGPKeyRing(PGPPublicKeyRing publicKeys, PGPSecretKeyRing secretKeys) {
|
||||||
|
this.publicKeys = publicKeys;
|
||||||
|
this.secretKeys = secretKeys;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PGPPublicKeyRing getPublicKeys() {
|
||||||
|
return publicKeys;
|
||||||
|
}
|
||||||
|
|
||||||
|
public PGPSecretKeyRing getSecretKeys() {
|
||||||
|
return secretKeys;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -33,6 +33,7 @@ import org.bouncycastle.openpgp.PGPEncryptedData;
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPKeyPair;
|
import org.bouncycastle.openpgp.PGPKeyPair;
|
||||||
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
|
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
|
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
|
||||||
|
@ -44,6 +45,7 @@ import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBu
|
||||||
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
|
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
|
||||||
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
|
import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
|
||||||
import org.pgpainless.pgpainless.algorithm.KeyFlag;
|
import org.pgpainless.pgpainless.algorithm.KeyFlag;
|
||||||
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.ECDH;
|
import org.pgpainless.pgpainless.key.generation.type.ECDH;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.ECDSA;
|
import org.pgpainless.pgpainless.key.generation.type.ECDSA;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.KeyType;
|
import org.pgpainless.pgpainless.key.generation.type.KeyType;
|
||||||
|
@ -71,7 +73,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
* @throws NoSuchProviderException
|
* @throws NoSuchProviderException
|
||||||
* @throws InvalidAlgorithmParameterException
|
* @throws InvalidAlgorithmParameterException
|
||||||
*/
|
*/
|
||||||
public PGPSecretKeyRing simpleRsaKeyRing(String userId, RsaLength length)
|
public PGPKeyRing simpleRsaKeyRing(String userId, RsaLength length)
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
||||||
return withMasterKey(
|
return withMasterKey(
|
||||||
KeySpec.getBuilder(RSA_GENERAL.withLength(length))
|
KeySpec.getBuilder(RSA_GENERAL.withLength(length))
|
||||||
|
@ -94,7 +96,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
* @throws NoSuchProviderException
|
* @throws NoSuchProviderException
|
||||||
* @throws InvalidAlgorithmParameterException
|
* @throws InvalidAlgorithmParameterException
|
||||||
*/
|
*/
|
||||||
public PGPSecretKeyRing simpleEcKeyRing(String userId)
|
public PGPKeyRing simpleEcKeyRing(String userId)
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
||||||
return withSubKey(
|
return withSubKey(
|
||||||
KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
|
KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
|
||||||
|
@ -160,7 +162,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
class BuildImpl implements Build {
|
class BuildImpl implements Build {
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public PGPSecretKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
|
public PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
|
||||||
InvalidAlgorithmParameterException {
|
InvalidAlgorithmParameterException {
|
||||||
|
|
||||||
// Hash Calculator
|
// Hash Calculator
|
||||||
|
@ -206,7 +208,9 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return ringGenerator.generateSecretKeyRing();
|
PGPPublicKeyRing publicKeys = ringGenerator.generatePublicKeyRing();
|
||||||
|
PGPSecretKeyRing secretKeys = ringGenerator.generateSecretKeyRing();
|
||||||
|
return new PGPKeyRing(publicKeys, secretKeys);
|
||||||
}
|
}
|
||||||
|
|
||||||
private PGPKeyPair generateKeyPair(KeySpec spec)
|
private PGPKeyPair generateKeyPair(KeySpec spec)
|
||||||
|
|
|
@ -20,7 +20,7 @@ import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.NoSuchProviderException;
|
import java.security.NoSuchProviderException;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
|
|
||||||
public interface KeyRingBuilderInterface {
|
public interface KeyRingBuilderInterface {
|
||||||
|
|
||||||
|
@ -47,7 +47,7 @@ public interface KeyRingBuilderInterface {
|
||||||
|
|
||||||
interface Build {
|
interface Build {
|
||||||
|
|
||||||
PGPSecretKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
|
PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
|
||||||
InvalidAlgorithmParameterException;
|
InvalidAlgorithmParameterException;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,7 @@ import org.pgpainless.pgpainless.util.MultiMap;
|
||||||
/**
|
/**
|
||||||
* Interface that describes a selection strategy for OpenPGP keys.
|
* Interface that describes a selection strategy for OpenPGP keys.
|
||||||
* @param <K> Type of the Key
|
* @param <K> Type of the Key
|
||||||
* @param <R> Type of the KeyRing
|
* @param <R> Type of the PGPKeyRing
|
||||||
* @param <O> Type that describes the owner of this key
|
* @param <O> Type that describes the owner of this key
|
||||||
*/
|
*/
|
||||||
public interface KeySelectionStrategy<K, R, O> {
|
public interface KeySelectionStrategy<K, R, O> {
|
||||||
|
|
|
@ -19,11 +19,9 @@ import java.io.ByteArrayInputStream;
|
||||||
import java.io.ByteArrayOutputStream;
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.List;
|
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
import java.util.logging.Logger;
|
import java.util.logging.Logger;
|
||||||
|
@ -63,33 +61,18 @@ public class BCUtil {
|
||||||
return new PGPSecretKeyRingCollection(Arrays.asList(rings));
|
return new PGPSecretKeyRingCollection(Arrays.asList(rings));
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
PGPSecretKeyRing -> PGPPublicKeyRing
|
|
||||||
*/
|
|
||||||
|
|
||||||
public static PGPPublicKeyRing publicKeyRingFromSecretKeyRing(PGPSecretKeyRing secring) {
|
|
||||||
List<PGPPublicKey> list = new ArrayList<>();
|
|
||||||
for (Iterator<PGPPublicKey> i = secring.getPublicKeys(); i.hasNext(); ) {
|
|
||||||
PGPPublicKey k = i.next();
|
|
||||||
list.add(k);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new PGPPublicKeyRing(list);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
PGPXxxKeyRingCollection -> PGPXxxKeyRing
|
PGPXxxKeyRingCollection -> PGPXxxKeyRing
|
||||||
*/
|
*/
|
||||||
|
|
||||||
public static PGPSecretKeyRing getKeyRingFromCollection(PGPSecretKeyRingCollection collection, Long id)
|
public static PGPSecretKeyRing getKeyRingFromCollection(PGPSecretKeyRingCollection collection, Long id)
|
||||||
throws PGPException {
|
throws PGPException, IOException {
|
||||||
PGPSecretKeyRing uncleanedRing = collection.getSecretKeyRing(id);
|
PGPSecretKeyRing uncleanedRing = collection.getSecretKeyRing(id);
|
||||||
PGPPublicKeyRing publicKeys = publicKeyRingFromSecretKeyRing(uncleanedRing);
|
|
||||||
|
|
||||||
// Determine ids of signed keys
|
// Determine ids of signed keys
|
||||||
Set<Long> signedKeyIds = new HashSet<>();
|
Set<Long> signedKeyIds = new HashSet<>();
|
||||||
signedKeyIds.add(id); // Add the signing key itself
|
signedKeyIds.add(id); // Add the signing key itself
|
||||||
Iterator<PGPPublicKey> signedPubKeys = publicKeys.getKeysWithSignaturesBy(id);
|
Iterator<PGPPublicKey> signedPubKeys = uncleanedRing.getKeysWithSignaturesBy(id);
|
||||||
while (signedPubKeys.hasNext()) {
|
while (signedPubKeys.hasNext()) {
|
||||||
signedKeyIds.add(signedPubKeys.next().getKeyID());
|
signedKeyIds.add(signedPubKeys.next().getKeyID());
|
||||||
}
|
}
|
||||||
|
@ -275,12 +258,12 @@ public class BCUtil {
|
||||||
|
|
||||||
PGPPublicKey masterOne = getMasterKeyFrom(one);
|
PGPPublicKey masterOne = getMasterKeyFrom(one);
|
||||||
if (masterOne == null) {
|
if (masterOne == null) {
|
||||||
throw new IllegalArgumentException("First KeyRing has no master key");
|
throw new IllegalArgumentException("First PGPKeyRing has no master key");
|
||||||
}
|
}
|
||||||
|
|
||||||
PGPPublicKey masterOther = getMasterKeyFrom(other);
|
PGPPublicKey masterOther = getMasterKeyFrom(other);
|
||||||
if (masterOther == null) {
|
if (masterOther == null) {
|
||||||
throw new IllegalArgumentException("Other KeyRing has no master key");
|
throw new IllegalArgumentException("Other PGPKeyRing has no master key");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (masterOne.getKeyID() != masterOther.getKeyID() ||
|
if (masterOne.getKeyID() != masterOther.getKeyID() ||
|
||||||
|
|
|
@ -37,6 +37,9 @@ import org.bouncycastle.openpgp.PGPSecretKey;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
|
import org.pgpainless.pgpainless.key.generation.KeySpec;
|
||||||
|
import org.pgpainless.pgpainless.key.generation.type.RSA_GENERAL;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.pgpainless.key.generation.type.length.RsaLength;
|
||||||
import org.pgpainless.pgpainless.util.BCUtil;
|
import org.pgpainless.pgpainless.util.BCUtil;
|
||||||
|
|
||||||
|
@ -48,29 +51,32 @@ public class BCUtilTest extends AbstractPGPainlessTest {
|
||||||
public void keyRingToCollectionTest()
|
public void keyRingToCollectionTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing sec = PGPainless.generateKeyRing().simpleEcKeyRing("donald@duck.tails");
|
PGPKeyRing ring = PGPainless.generateKeyRing()
|
||||||
PGPPublicKeyRing pub = BCUtil.publicKeyRingFromSecretKeyRing(sec);
|
.withSubKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
||||||
|
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
||||||
|
.withPrimaryUserId("donald@duck.tails").withoutPassphrase().build();
|
||||||
|
PGPSecretKeyRing sec = ring.getSecretKeys();
|
||||||
|
PGPPublicKeyRing pub = ring.getPublicKeys();
|
||||||
|
|
||||||
LOGGER.log(Level.INFO, "Main ID: " + sec.getPublicKey().getKeyID() + " " + pub.getPublicKey().getKeyID());
|
LOGGER.log(Level.INFO, "Main ID: " + sec.getPublicKey().getKeyID() + " " + pub.getPublicKey().getKeyID());
|
||||||
|
|
||||||
int secSize = 0;
|
int secSize = 1;
|
||||||
Iterator<PGPPublicKey> secPubIt = sec.getPublicKeys();
|
Iterator<PGPPublicKey> secPubIt = sec.getPublicKeys();
|
||||||
while (secPubIt.hasNext()) {
|
while (secPubIt.hasNext()) {
|
||||||
PGPPublicKey k = secPubIt.next();
|
PGPPublicKey k = secPubIt.next();
|
||||||
LOGGER.log(Level.INFO, "" + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey());
|
LOGGER.log(Level.INFO, secSize + " " + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey());
|
||||||
secSize++;
|
secSize++;
|
||||||
}
|
}
|
||||||
|
|
||||||
LOGGER.log(Level.INFO, "After BCUtil.publicKeyRingFromSecretKeyRing()");
|
LOGGER.log(Level.INFO, "After BCUtil.publicKeyRingFromSecretKeyRing()");
|
||||||
int pubSize = 0;
|
int pubSize = 1;
|
||||||
Iterator<PGPPublicKey> pubPubIt = pub.getPublicKeys();
|
Iterator<PGPPublicKey> pubPubIt = pub.getPublicKeys();
|
||||||
while (pubPubIt.hasNext()) {
|
while (pubPubIt.hasNext()) {
|
||||||
PGPPublicKey k = pubPubIt.next();
|
PGPPublicKey k = pubPubIt.next();
|
||||||
LOGGER.log(Level.INFO, "" + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey());
|
LOGGER.log(Level.INFO, pubSize + " " + k.getKeyID() + " " + k.isEncryptionKey() + " " + k.isMasterKey());
|
||||||
pubSize++;
|
pubSize++;
|
||||||
}
|
}
|
||||||
|
|
||||||
LOGGER.log(Level.INFO, " Pub: " + pubSize + " Sec: " + secSize);
|
|
||||||
assertEquals(secSize, pubSize);
|
assertEquals(secSize, pubSize);
|
||||||
|
|
||||||
PGPSecretKeyRingCollection secCol = BCUtil.keyRingsToKeyRingCollection(sec);
|
PGPSecretKeyRingCollection secCol = BCUtil.keyRingsToKeyRingCollection(sec);
|
||||||
|
@ -101,11 +107,11 @@ public class BCUtilTest extends AbstractPGPainlessTest {
|
||||||
@Test
|
@Test
|
||||||
public void removeUnsignedKeysTest()
|
public void removeUnsignedKeysTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
|
||||||
PGPSecretKeyRing alice = PGPainless.generateKeyRing().simpleRsaKeyRing("alice@wonderland.lit", RsaLength._1024);
|
PGPKeyRing alice = PGPainless.generateKeyRing().simpleRsaKeyRing("alice@wonderland.lit", RsaLength._1024);
|
||||||
PGPSecretKeyRing mallory = PGPainless.generateKeyRing().simpleEcKeyRing("mallory@mall.ory");
|
PGPKeyRing mallory = PGPainless.generateKeyRing().simpleEcKeyRing("mallory@mall.ory");
|
||||||
|
|
||||||
PGPSecretKey subKey = null;
|
PGPSecretKey subKey = null;
|
||||||
Iterator<PGPSecretKey> sit = mallory.getSecretKeys();
|
Iterator<PGPSecretKey> sit = mallory.getSecretKeys().getSecretKeys();
|
||||||
while (sit.hasNext()) {
|
while (sit.hasNext()) {
|
||||||
PGPSecretKey s = sit.next();
|
PGPSecretKey s = sit.next();
|
||||||
if (!s.isMasterKey()) {
|
if (!s.isMasterKey()) {
|
||||||
|
@ -116,12 +122,12 @@ public class BCUtilTest extends AbstractPGPainlessTest {
|
||||||
|
|
||||||
assertNotNull(subKey);
|
assertNotNull(subKey);
|
||||||
|
|
||||||
PGPSecretKeyRing alice_mallory = PGPSecretKeyRing.insertSecretKey(alice, subKey);
|
PGPSecretKeyRing alice_mallory = PGPSecretKeyRing.insertSecretKey(alice.getSecretKeys(), subKey);
|
||||||
|
|
||||||
// Check, if alice_mallory contains mallory's key
|
// Check, if alice_mallory contains mallory's key
|
||||||
assertNotNull(alice_mallory.getSecretKey(subKey.getKeyID()));
|
assertNotNull(alice_mallory.getSecretKey(subKey.getKeyID()));
|
||||||
|
|
||||||
PGPSecretKeyRing cleaned = BCUtil.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKey());
|
PGPSecretKeyRing cleaned = BCUtil.removeUnassociatedKeysFromKeyRing(alice_mallory, alice.getPublicKeys().getPublicKey());
|
||||||
assertNull(cleaned.getSecretKey(subKey.getKeyID()));
|
assertNull(cleaned.getSecretKey(subKey.getKeyID()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -129,12 +135,13 @@ public class BCUtilTest extends AbstractPGPainlessTest {
|
||||||
public void removeUnsignedKeysECTest()
|
public void removeUnsignedKeysECTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().simpleEcKeyRing("alice@wonderland.lit");
|
PGPKeyRing ring = PGPainless.generateKeyRing().simpleEcKeyRing("alice@wonderland.lit");
|
||||||
PGPSecretKeyRing secCleaned = BCUtil.removeUnassociatedKeysFromKeyRing(secretKeys, secretKeys.getPublicKey());
|
PGPPublicKeyRing publicKeys = ring.getPublicKeys();
|
||||||
|
PGPSecretKeyRing secretKeys = ring.getSecretKeys();
|
||||||
|
PGPSecretKeyRing secCleaned = ring.getSecretKeys();
|
||||||
|
|
||||||
assertTrue(Arrays.equals(secretKeys.getEncoded(), secCleaned.getEncoded()));
|
assertTrue(Arrays.equals(secretKeys.getEncoded(), secCleaned.getEncoded()));
|
||||||
|
|
||||||
PGPPublicKeyRing publicKeys = BCUtil.publicKeyRingFromSecretKeyRing(secretKeys);
|
|
||||||
PGPPublicKeyRing pubCleaned = BCUtil.removeUnassociatedKeysFromKeyRing(publicKeys, publicKeys.getPublicKey());
|
PGPPublicKeyRing pubCleaned = BCUtil.removeUnassociatedKeysFromKeyRing(publicKeys, publicKeys.getPublicKey());
|
||||||
|
|
||||||
assertTrue(Arrays.equals(publicKeys.getEncoded(), pubCleaned.getEncoded()));
|
assertTrue(Arrays.equals(publicKeys.getEncoded(), pubCleaned.getEncoded()));
|
||||||
|
|
|
@ -0,0 +1,132 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2018 Paul Schaub.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.pgpainless.pgpainless;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
|
import java.security.KeyPair;
|
||||||
|
import java.security.KeyPairGenerator;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.NoSuchProviderException;
|
||||||
|
import java.security.Security;
|
||||||
|
import java.util.Date;
|
||||||
|
|
||||||
|
import org.bouncycastle.bcpg.CompressionAlgorithmTags;
|
||||||
|
import org.bouncycastle.bcpg.HashAlgorithmTags;
|
||||||
|
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
|
||||||
|
import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
|
||||||
|
import org.bouncycastle.bcpg.sig.Features;
|
||||||
|
import org.bouncycastle.bcpg.sig.KeyFlags;
|
||||||
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
|
import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPKeyPair;
|
||||||
|
import org.bouncycastle.openpgp.PGPKeyRingGenerator;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
|
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
|
||||||
|
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
|
||||||
|
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
|
||||||
|
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
|
||||||
|
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
|
||||||
|
import org.bouncycastle.openpgp.operator.jcajce.JcaPGPKeyPair;
|
||||||
|
import org.junit.Test;
|
||||||
|
|
||||||
|
public class BouncycastleExportSubkeys {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testExportImport() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, PGPException, IOException {
|
||||||
|
Security.addProvider(new BouncyCastleProvider());
|
||||||
|
|
||||||
|
KeyPairGenerator generator;
|
||||||
|
KeyPair pair;
|
||||||
|
|
||||||
|
// Generate master key
|
||||||
|
|
||||||
|
generator = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
|
||||||
|
generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));
|
||||||
|
|
||||||
|
pair = generator.generateKeyPair();
|
||||||
|
PGPKeyPair pgpMasterKey = new JcaPGPKeyPair(PublicKeyAlgorithmTags.ECDSA, pair, new Date());
|
||||||
|
|
||||||
|
PGPSignatureSubpacketGenerator subPackets = new PGPSignatureSubpacketGenerator();
|
||||||
|
subPackets.setKeyFlags(false, KeyFlags.AUTHENTICATION & KeyFlags.CERTIFY_OTHER & KeyFlags.SIGN_DATA);
|
||||||
|
subPackets.setPreferredCompressionAlgorithms(false, new int[] {
|
||||||
|
SymmetricKeyAlgorithmTags.AES_256,
|
||||||
|
SymmetricKeyAlgorithmTags.AES_128,
|
||||||
|
SymmetricKeyAlgorithmTags.AES_128});
|
||||||
|
subPackets.setPreferredHashAlgorithms(false, new int[] {
|
||||||
|
HashAlgorithmTags.SHA512,
|
||||||
|
HashAlgorithmTags.SHA384,
|
||||||
|
HashAlgorithmTags.SHA256,
|
||||||
|
HashAlgorithmTags.SHA224});
|
||||||
|
subPackets.setPreferredCompressionAlgorithms(false, new int[] {
|
||||||
|
CompressionAlgorithmTags.ZLIB,
|
||||||
|
CompressionAlgorithmTags.BZIP2,
|
||||||
|
CompressionAlgorithmTags.ZIP,
|
||||||
|
CompressionAlgorithmTags.UNCOMPRESSED});
|
||||||
|
subPackets.setFeature(false, Features.FEATURE_MODIFICATION_DETECTION);
|
||||||
|
|
||||||
|
// Generate sub key
|
||||||
|
|
||||||
|
generator = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
|
||||||
|
generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));
|
||||||
|
|
||||||
|
pair = generator.generateKeyPair();
|
||||||
|
PGPKeyPair pgpSubKey = new JcaPGPKeyPair(PublicKeyAlgorithmTags.ECDH, pair, new Date());
|
||||||
|
|
||||||
|
// Assemble key
|
||||||
|
|
||||||
|
PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder()
|
||||||
|
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
|
||||||
|
.build()
|
||||||
|
.get(HashAlgorithmTags.SHA1);
|
||||||
|
|
||||||
|
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||||
|
pgpMasterKey.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512)
|
||||||
|
.setProvider(BouncyCastleProvider.PROVIDER_NAME);
|
||||||
|
|
||||||
|
PGPKeyRingGenerator pgpGenerator = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION,
|
||||||
|
pgpMasterKey, "alice@wonderland.lit", calculator, subPackets.generate(), null,
|
||||||
|
signerBuilder, null);
|
||||||
|
|
||||||
|
// Add sub key
|
||||||
|
|
||||||
|
subPackets.setKeyFlags(false, KeyFlags.ENCRYPT_STORAGE & KeyFlags.ENCRYPT_COMMS);
|
||||||
|
|
||||||
|
pgpGenerator.addSubKey(pgpSubKey, subPackets.generate(), null);
|
||||||
|
|
||||||
|
// Generate SecretKeyRing
|
||||||
|
|
||||||
|
PGPSecretKeyRing secretKeys = pgpGenerator.generateSecretKeyRing();
|
||||||
|
PGPPublicKeyRing publicKeys = pgpGenerator.generatePublicKeyRing();
|
||||||
|
|
||||||
|
// Test
|
||||||
|
|
||||||
|
/*
|
||||||
|
ByteArrayOutputStream outputStream = new ByteArrayOutputStream(2048);
|
||||||
|
outputStream.write(secretKeys.getEncoded());
|
||||||
|
|
||||||
|
PGPPublicKeyRing publicKeys = new PGPPublicKeyRing(outputStream.toByteArray(), new BcKeyFingerprintCalculator());
|
||||||
|
|
||||||
|
Iterator<PGPPublicKey> iterator = secretKeys.getPublicKeys();
|
||||||
|
while (iterator.hasNext()) {
|
||||||
|
assertNotNull(publicKeys.getPublicKey(iterator.next().getKeyID()));
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
}
|
||||||
|
}
|
|
@ -42,6 +42,7 @@ import org.pgpainless.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||||
import org.pgpainless.pgpainless.decryption_verification.DecryptionStream;
|
import org.pgpainless.pgpainless.decryption_verification.DecryptionStream;
|
||||||
import org.pgpainless.pgpainless.decryption_verification.PainlessResult;
|
import org.pgpainless.pgpainless.decryption_verification.PainlessResult;
|
||||||
import org.pgpainless.pgpainless.encryption_signing.EncryptionStream;
|
import org.pgpainless.pgpainless.encryption_signing.EncryptionStream;
|
||||||
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.pgpainless.key.generation.KeySpec;
|
import org.pgpainless.pgpainless.key.generation.KeySpec;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.ElGamal_GENERAL;
|
import org.pgpainless.pgpainless.key.generation.type.ElGamal_GENERAL;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.RSA_GENERAL;
|
import org.pgpainless.pgpainless.key.generation.type.RSA_GENERAL;
|
||||||
|
@ -71,8 +72,8 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
public void freshKeysRsaToElGamalTest()
|
public void freshKeysRsaToElGamalTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing()
|
PGPKeyRing recipient = PGPainless.generateKeyRing()
|
||||||
.withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms())
|
.withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms())
|
||||||
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms())
|
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms())
|
||||||
.withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build();
|
.withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build();
|
||||||
|
@ -84,8 +85,8 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
public void freshKeysRsaToRsaTest()
|
public void freshKeysRsaToRsaTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._4096);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._4096);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("juliet@capulet.lit", RsaLength._4096);
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("juliet@capulet.lit", RsaLength._4096);
|
||||||
|
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
@ -93,8 +94,8 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
@Test
|
@Test
|
||||||
public void freshKeysEcToEcTest() throws IOException, PGPException, NoSuchAlgorithmException, NoSuchProviderException,
|
public void freshKeysEcToEcTest() throws IOException, PGPException, NoSuchAlgorithmException, NoSuchProviderException,
|
||||||
InvalidAlgorithmParameterException {
|
InvalidAlgorithmParameterException {
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("romeo@montague.lit");
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("romeo@montague.lit");
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("juliet@capulet.lit");
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("juliet@capulet.lit");
|
||||||
|
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
@ -103,8 +104,8 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
public void freshKeysEcToRsaTest()
|
public void freshKeysEcToRsaTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("romeo@montague.lit");
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("romeo@montague.lit");
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("juliet@capulet.lit", RsaLength._4096);
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("juliet@capulet.lit", RsaLength._4096);
|
||||||
|
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
@ -113,18 +114,20 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
public void freshKeysRsaToEcTest()
|
public void freshKeysRsaToEcTest()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._4096);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._4096);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("juliet@capulet.lit");
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("juliet@capulet.lit");
|
||||||
|
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Ignore
|
@Ignore
|
||||||
private void encryptDecryptForSecretKeyRings(PGPSecretKeyRing sender, PGPSecretKeyRing recipient)
|
private void encryptDecryptForSecretKeyRings(PGPKeyRing sender, PGPKeyRing recipient)
|
||||||
throws PGPException,
|
throws PGPException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPPublicKeyRing recipientPub = BCUtil.publicKeyRingFromSecretKeyRing(recipient);
|
PGPSecretKeyRing recipientSec = recipient.getSecretKeys();
|
||||||
PGPPublicKeyRing senderPub = BCUtil.publicKeyRingFromSecretKeyRing(sender);
|
PGPSecretKeyRing senderSec = sender.getSecretKeys();
|
||||||
|
PGPPublicKeyRing recipientPub = recipient.getPublicKeys();
|
||||||
|
PGPPublicKeyRing senderPub = sender.getPublicKeys();
|
||||||
|
|
||||||
SecretKeyRingProtector keyDecryptor = new UnprotectedKeysProtector();
|
SecretKeyRingProtector keyDecryptor = new UnprotectedKeysProtector();
|
||||||
|
|
||||||
|
@ -136,19 +139,19 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
.onOutputStream(envelope)
|
.onOutputStream(envelope)
|
||||||
.toRecipients(recipientPub)
|
.toRecipients(recipientPub)
|
||||||
.usingSecureAlgorithms()
|
.usingSecureAlgorithms()
|
||||||
.signWith(keyDecryptor, sender)
|
.signWith(keyDecryptor, senderSec)
|
||||||
.noArmor();
|
.noArmor();
|
||||||
|
|
||||||
PainlessResult encryptionResult = encryptor.getResult();
|
PainlessResult encryptionResult = encryptor.getResult();
|
||||||
|
|
||||||
assertFalse(encryptionResult.getAllSignatureKeyFingerprints().isEmpty());
|
assertFalse(encryptionResult.getAllSignatureKeyFingerprints().isEmpty());
|
||||||
for (long keyId : encryptionResult.getAllSignatureKeyFingerprints()) {
|
for (long keyId : encryptionResult.getAllSignatureKeyFingerprints()) {
|
||||||
assertTrue(BCUtil.keyRingContainsKeyWithId(sender, keyId));
|
assertTrue(BCUtil.keyRingContainsKeyWithId(senderPub, keyId));
|
||||||
}
|
}
|
||||||
|
|
||||||
assertFalse(encryptionResult.getRecipientKeyIds().isEmpty());
|
assertFalse(encryptionResult.getRecipientKeyIds().isEmpty());
|
||||||
for (long keyId : encryptionResult.getRecipientKeyIds()) {
|
for (long keyId : encryptionResult.getRecipientKeyIds()) {
|
||||||
assertTrue(BCUtil.keyRingContainsKeyWithId(recipient, keyId));
|
assertTrue(BCUtil.keyRingContainsKeyWithId(recipientPub, keyId));
|
||||||
}
|
}
|
||||||
|
|
||||||
assertEquals(SymmetricKeyAlgorithm.AES_256, encryptionResult.getSymmetricKeyAlgorithm());
|
assertEquals(SymmetricKeyAlgorithm.AES_256, encryptionResult.getSymmetricKeyAlgorithm());
|
||||||
|
@ -157,8 +160,8 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
encryptor.close();
|
encryptor.close();
|
||||||
byte[] encryptedSecretMessage = envelope.toByteArray();
|
byte[] encryptedSecretMessage = envelope.toByteArray();
|
||||||
|
|
||||||
LOGGER.log(Level.INFO, "Sender: " + PublicKeyAlgorithm.fromId(sender.getPublicKey().getAlgorithm()) +
|
LOGGER.log(Level.INFO, "Sender: " + PublicKeyAlgorithm.fromId(senderPub.getPublicKey().getAlgorithm()) +
|
||||||
" Receiver: " + PublicKeyAlgorithm.fromId(recipient.getPublicKey().getAlgorithm()) +
|
" Receiver: " + PublicKeyAlgorithm.fromId(recipientPub.getPublicKey().getAlgorithm()) +
|
||||||
" Encrypted Length: " + encryptedSecretMessage.length);
|
" Encrypted Length: " + encryptedSecretMessage.length);
|
||||||
|
|
||||||
// Juliet trieth to comprehend Romeos words
|
// Juliet trieth to comprehend Romeos words
|
||||||
|
@ -166,7 +169,7 @@ public class EncryptDecryptTest extends AbstractPGPainlessTest {
|
||||||
ByteArrayInputStream envelopeIn = new ByteArrayInputStream(encryptedSecretMessage);
|
ByteArrayInputStream envelopeIn = new ByteArrayInputStream(encryptedSecretMessage);
|
||||||
DecryptionStream decryptor = PGPainless.createDecryptor()
|
DecryptionStream decryptor = PGPainless.createDecryptor()
|
||||||
.onInputStream(envelopeIn)
|
.onInputStream(envelopeIn)
|
||||||
.decryptWith(keyDecryptor, BCUtil.keyRingsToKeyRingCollection(recipient))
|
.decryptWith(keyDecryptor, BCUtil.keyRingsToKeyRingCollection(recipientSec))
|
||||||
.verifyWith(BCUtil.keyRingsToKeyRingCollection(senderPub))
|
.verifyWith(BCUtil.keyRingsToKeyRingCollection(senderPub))
|
||||||
.ignoreMissingPublicKeys()
|
.ignoreMissingPublicKeys()
|
||||||
.build();
|
.build();
|
||||||
|
|
|
@ -23,14 +23,16 @@ import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.NoSuchProviderException;
|
import java.security.NoSuchProviderException;
|
||||||
import java.security.Security;
|
import java.security.Security;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
|
import java.util.Iterator;
|
||||||
|
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
|
import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.pgpainless.pgpainless.util.BCUtil;
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
|
|
||||||
public class ImportExportKeyTest {
|
public class ImportExportKeyTest {
|
||||||
|
|
||||||
|
@ -50,12 +52,18 @@ public class ImportExportKeyTest {
|
||||||
public void test()
|
public void test()
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().simpleEcKeyRing("alice@bla.blub");
|
PGPKeyRing keyRing = PGPainless.generateKeyRing().simpleEcKeyRing("alice@bla.blub");
|
||||||
PGPPublicKeyRing publicKeys = BCUtil.publicKeyRingFromSecretKeyRing(secretKeys);
|
PGPSecretKeyRing secretKeys = keyRing.getSecretKeys();
|
||||||
|
PGPPublicKeyRing publicKeys = keyRing.getPublicKeys();
|
||||||
|
|
||||||
BcKeyFingerprintCalculator calc = new BcKeyFingerprintCalculator();
|
BcKeyFingerprintCalculator calc = new BcKeyFingerprintCalculator();
|
||||||
byte[] bytes = publicKeys.getEncoded();
|
byte[] bytes = publicKeys.getEncoded();
|
||||||
PGPPublicKeyRing parsed = new PGPPublicKeyRing(bytes, calc);
|
PGPPublicKeyRing parsed = new PGPPublicKeyRing(bytes, calc);
|
||||||
assertTrue(Arrays.equals(publicKeys.getEncoded(), parsed.getEncoded()));
|
assertTrue(Arrays.equals(publicKeys.getEncoded(), parsed.getEncoded()));
|
||||||
|
|
||||||
|
Iterator<PGPPublicKey> it = secretKeys.getPublicKeys();
|
||||||
|
assertTrue(it.hasNext());
|
||||||
|
it.next();
|
||||||
|
assertTrue(it.hasNext());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,10 +31,10 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.util.io.Streams;
|
import org.bouncycastle.util.io.Streams;
|
||||||
import org.junit.Ignore;
|
import org.junit.Ignore;
|
||||||
|
import org.pgpainless.pgpainless.key.collection.PGPKeyRing;
|
||||||
|
import org.pgpainless.pgpainless.key.generation.type.length.RsaLength;
|
||||||
import org.pgpainless.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
import org.pgpainless.pgpainless.key.protection.UnprotectedKeysProtector;
|
import org.pgpainless.pgpainless.key.protection.UnprotectedKeysProtector;
|
||||||
import org.pgpainless.pgpainless.key.generation.type.length.RsaLength;
|
|
||||||
import org.pgpainless.pgpainless.util.BCUtil;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class used to determine the length of cipher-text depending on used algorithms.
|
* Class used to determine the length of cipher-text depending on used algorithms.
|
||||||
|
@ -48,8 +48,8 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
LOGGER.log(Level.INFO, "\nEC -> EC");
|
LOGGER.log(Level.INFO, "\nEC -> EC");
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("simplejid@server.tld");
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("simplejid@server.tld");
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("otherjid@other.srv");
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("otherjid@other.srv");
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -59,8 +59,8 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
LOGGER.log(Level.INFO, "\nRSA-2048 -> RSA-2048");
|
LOGGER.log(Level.INFO, "\nRSA-2048 -> RSA-2048");
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._2048);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._2048);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._2048);
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._2048);
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -69,8 +69,8 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
LOGGER.log(Level.INFO, "\nRSA-4096 -> RSA-4096");
|
LOGGER.log(Level.INFO, "\nRSA-4096 -> RSA-4096");
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._4096);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._4096);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._4096);
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._4096);
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -78,8 +78,8 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
public void rsaEc() throws PGPException, IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException,
|
public void rsaEc() throws PGPException, IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException,
|
||||||
NoSuchProviderException {
|
NoSuchProviderException {
|
||||||
LOGGER.log(Level.INFO, "\nRSA-2048 -> EC");
|
LOGGER.log(Level.INFO, "\nRSA-2048 -> EC");
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._2048);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("simplejid@server.tld", RsaLength._2048);
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("otherjid@other.srv");
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleEcKeyRing("otherjid@other.srv");
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -88,17 +88,19 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
LOGGER.log(Level.INFO, "\nEC -> RSA-2048");
|
LOGGER.log(Level.INFO, "\nEC -> RSA-2048");
|
||||||
PGPSecretKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("simplejid@server.tld");
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleEcKeyRing("simplejid@server.tld");
|
||||||
PGPSecretKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._2048);
|
PGPKeyRing recipient = PGPainless.generateKeyRing().simpleRsaKeyRing("otherjid@other.srv", RsaLength._2048);
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Ignore
|
@Ignore
|
||||||
private void encryptDecryptForSecretKeyRings(PGPSecretKeyRing sender, PGPSecretKeyRing recipient)
|
private void encryptDecryptForSecretKeyRings(PGPKeyRing sender, PGPKeyRing recipient)
|
||||||
throws PGPException,
|
throws PGPException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPPublicKeyRing recipientPub = BCUtil.publicKeyRingFromSecretKeyRing(recipient);
|
PGPSecretKeyRing recipientSec = recipient.getSecretKeys();
|
||||||
PGPPublicKeyRing senderPub = BCUtil.publicKeyRingFromSecretKeyRing(sender);
|
PGPSecretKeyRing senderSec = sender.getSecretKeys();
|
||||||
|
PGPPublicKeyRing recipientPub = recipient.getPublicKeys();
|
||||||
|
PGPPublicKeyRing senderPub = sender.getPublicKeys();
|
||||||
|
|
||||||
SecretKeyRingProtector keyDecryptor = new UnprotectedKeysProtector();
|
SecretKeyRingProtector keyDecryptor = new UnprotectedKeysProtector();
|
||||||
|
|
||||||
|
@ -113,7 +115,7 @@ public class LengthTest extends AbstractPGPainlessTest {
|
||||||
.toRecipients(recipientPub)
|
.toRecipients(recipientPub)
|
||||||
// .doNotEncrypt()
|
// .doNotEncrypt()
|
||||||
.usingSecureAlgorithms()
|
.usingSecureAlgorithms()
|
||||||
.signWith(keyDecryptor, sender)
|
.signWith(keyDecryptor, senderSec)
|
||||||
.noArmor();
|
.noArmor();
|
||||||
|
|
||||||
Streams.pipeAll(new ByteArrayInputStream(secretMessage), encryptor);
|
Streams.pipeAll(new ByteArrayInputStream(secretMessage), encryptor);
|
||||||
|
|
|
@ -26,13 +26,13 @@ import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||||
import org.bouncycastle.util.io.Streams;
|
import org.bouncycastle.util.io.Streams;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.pgpainless.pgpainless.decryption_verification.DecryptionStream;
|
import org.pgpainless.pgpainless.decryption_verification.DecryptionStream;
|
||||||
import org.pgpainless.pgpainless.key.protection.UnprotectedKeysProtector;
|
import org.pgpainless.pgpainless.key.protection.UnprotectedKeysProtector;
|
||||||
import org.pgpainless.pgpainless.util.BCUtil;
|
|
||||||
|
|
||||||
public class TestKeysTest extends AbstractPGPainlessTest {
|
public class TestKeysTest extends AbstractPGPainlessTest {
|
||||||
|
|
||||||
|
@ -57,7 +57,7 @@ public class TestKeysTest extends AbstractPGPainlessTest {
|
||||||
DecryptionStream decryptor = PGPainless.createDecryptor()
|
DecryptionStream decryptor = PGPainless.createDecryptor()
|
||||||
.onInputStream(new ByteArrayInputStream(encryptedMessage.getBytes()))
|
.onInputStream(new ByteArrayInputStream(encryptedMessage.getBytes()))
|
||||||
.decryptWith(new UnprotectedKeysProtector(), new PGPSecretKeyRingCollection(Collections.singleton(juliet)))
|
.decryptWith(new UnprotectedKeysProtector(), new PGPSecretKeyRingCollection(Collections.singleton(juliet)))
|
||||||
.verifyWith(BCUtil.keyRingsToKeyRingCollection(BCUtil.publicKeyRingFromSecretKeyRing(juliet)))
|
.verifyWith(Collections.singleton(new PGPPublicKeyRing(Collections.singletonList(juliet.getPublicKey()))))
|
||||||
.ignoreMissingPublicKeys()
|
.ignoreMissingPublicKeys()
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue