From e30d0f62934c54f9d0954a606d5c0128e0db41fd Mon Sep 17 00:00:00 2001 From: Wiktor Kwapisiewicz Date: Fri, 30 Oct 2020 11:43:21 +0100 Subject: [PATCH] Remove RSA_SIGN and RSA_ENCRYPT as they are deprecated This change removes two mechanisms that are deprecated in RFC 4880. The spec explicitly mentions that "RSA Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be generated" [0]. The remaining RSA_GENERAL key type was renamed to just RSA for ease of use for developers. [0]: https://tools.ietf.org/html/rfc4880#section-9.1 --- README.md | 2 +- .../key/generation/KeyRingBuilder.java | 4 +-- .../type/{RSA_GENERAL.java => RSA.java} | 11 ++++--- .../key/generation/type/RSA_ENCRYPT.java | 33 ------------------- .../key/generation/type/RSA_SIGN.java | 33 ------------------- .../EncryptDecryptTest.java | 4 +-- .../GenerateKeyWithAdditionalUserIdTest.java | 4 +-- .../java/org/pgpainless/util/BCUtilTest.java | 6 ++-- 8 files changed, 17 insertions(+), 80 deletions(-) rename pgpainless-core/src/main/java/org/pgpainless/key/generation/type/{RSA_GENERAL.java => RSA.java} (85%) delete mode 100644 pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_ENCRYPT.java delete mode 100644 pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_SIGN.java diff --git a/README.md b/README.md index d82c0285..f8edfe73 100644 --- a/README.md +++ b/README.md @@ -64,7 +64,7 @@ Take for example a look at this delicious key: .withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE) .withDefaultAlgorithms()) .withMasterKey( - KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._8192)) + KeySpec.getBuilder(RSA.withLength(RsaLength._8192)) .withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER) .withDefaultAlgorithms()) .withPrimaryUserId("Juliet ") diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java index 220c5cb7..ea7b4047 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java @@ -57,7 +57,7 @@ import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.generation.type.ECDH; import org.pgpainless.key.generation.type.ECDSA; import org.pgpainless.key.generation.type.KeyType; -import org.pgpainless.key.generation.type.RSA_GENERAL; +import org.pgpainless.key.generation.type.RSA; import org.pgpainless.key.generation.type.curve.EllipticCurve; import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.provider.ProviderFactory; @@ -108,7 +108,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { WithAdditionalUserIdOrPassphrase builder = this .withMasterKey( - KeySpec.getBuilder(RSA_GENERAL.withLength(length)) + KeySpec.getBuilder(RSA.withLength(length)) .withDefaultKeyFlags() .withDefaultAlgorithms()) .withPrimaryUserId(userId); diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_GENERAL.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA.java similarity index 85% rename from pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_GENERAL.java rename to pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA.java index 6a0ee6b8..5db1a982 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_GENERAL.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA.java @@ -22,16 +22,19 @@ import java.security.spec.RSAKeyGenParameterSpec; import org.pgpainless.algorithm.PublicKeyAlgorithm; import org.pgpainless.key.generation.type.length.RsaLength; -public class RSA_GENERAL implements KeyType { +/** + * Key type that specifies the RSA_GENERAL algorithm. + */ +public class RSA implements KeyType { private final RsaLength length; - RSA_GENERAL(@Nonnull RsaLength length) { + RSA(@Nonnull RsaLength length) { this.length = length; } - public static RSA_GENERAL withLength(@Nonnull RsaLength length) { - return new RSA_GENERAL(length); + public static RSA withLength(@Nonnull RsaLength length) { + return new RSA(length); } @Override diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_ENCRYPT.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_ENCRYPT.java deleted file mode 100644 index e1c547a7..00000000 --- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_ENCRYPT.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright 2018 Paul Schaub. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.pgpainless.key.generation.type; - -import javax.annotation.Nonnull; - -import org.pgpainless.algorithm.PublicKeyAlgorithm; -import org.pgpainless.key.generation.type.length.RsaLength; - -public class RSA_ENCRYPT extends RSA_GENERAL { - - RSA_ENCRYPT(@Nonnull RsaLength length) { - super(length); - } - - @Override - public PublicKeyAlgorithm getAlgorithm() { - return PublicKeyAlgorithm.RSA_ENCRYPT; - } -} diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_SIGN.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_SIGN.java deleted file mode 100644 index 525bd297..00000000 --- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/type/RSA_SIGN.java +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright 2018 Paul Schaub. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.pgpainless.key.generation.type; - -import javax.annotation.Nonnull; - -import org.pgpainless.algorithm.PublicKeyAlgorithm; -import org.pgpainless.key.generation.type.length.RsaLength; - -public class RSA_SIGN extends RSA_GENERAL { - - RSA_SIGN(@Nonnull RsaLength length) { - super(length); - } - - @Override - public PublicKeyAlgorithm getAlgorithm() { - return PublicKeyAlgorithm.RSA_SIGN; - } -} diff --git a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java index 981bad98..81d1ebc3 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/encryption_signing/EncryptDecryptTest.java @@ -47,7 +47,7 @@ import org.pgpainless.key.TestKeys; import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.ElGamal_GENERAL; -import org.pgpainless.key.generation.type.RSA_GENERAL; +import org.pgpainless.key.generation.type.RSA; import org.pgpainless.key.generation.type.length.ElGamalLength; import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.protection.SecretKeyRingProtector; @@ -74,7 +74,7 @@ public class EncryptDecryptTest { PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072); PGPKeyRing recipient = PGPainless.generateKeyRing() .withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms()) - .withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms()) + .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms()) .withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build(); encryptDecryptForSecretKeyRings(sender, recipient); diff --git a/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithAdditionalUserIdTest.java b/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithAdditionalUserIdTest.java index 6ab82bb0..7a8a6e5b 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithAdditionalUserIdTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/key/generation/GenerateKeyWithAdditionalUserIdTest.java @@ -29,7 +29,7 @@ import org.bouncycastle.openpgp.PGPException; import org.junit.Test; import org.pgpainless.PGPainless; import org.pgpainless.key.collection.PGPKeyRing; -import org.pgpainless.key.generation.type.RSA_SIGN; +import org.pgpainless.key.generation.type.RSA; import org.pgpainless.key.generation.type.length.RsaLength; public class GenerateKeyWithAdditionalUserIdTest { @@ -37,7 +37,7 @@ public class GenerateKeyWithAdditionalUserIdTest { @Test public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException { PGPKeyRing keyRing = PGPainless.generateKeyRing() - .withMasterKey(KeySpec.getBuilder(RSA_SIGN.withLength(RsaLength._3072)) + .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)) .withDefaultKeyFlags() .withDefaultAlgorithms()) .withPrimaryUserId("primary@user.id") diff --git a/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java b/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java index e8cd491d..0fcb0b3b 100644 --- a/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java +++ b/pgpainless-core/src/test/java/org/pgpainless/util/BCUtilTest.java @@ -38,7 +38,7 @@ import org.junit.Test; import org.pgpainless.PGPainless; import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.generation.KeySpec; -import org.pgpainless.key.generation.type.RSA_GENERAL; +import org.pgpainless.key.generation.type.RSA; import org.pgpainless.key.generation.type.length.RsaLength; public class BCUtilTest { @@ -50,8 +50,8 @@ public class BCUtilTest { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException { PGPKeyRing ring = PGPainless.generateKeyRing() - .withSubKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) - .withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) + .withSubKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) + .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) .withPrimaryUserId("donald@duck.tails").withoutPassphrase().build(); PGPSecretKeyRing sec = ring.getSecretKeys(); PGPPublicKeyRing pub = ring.getPublicKeys();