mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Remove RSA_SIGN and RSA_ENCRYPT as they are deprecated
This change removes two mechanisms that are deprecated in RFC 4880. The spec explicitly mentions that "RSA Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be generated" [0]. The remaining RSA_GENERAL key type was renamed to just RSA for ease of use for developers. [0]: https://tools.ietf.org/html/rfc4880#section-9.1
This commit is contained in:
parent
63d6ab743c
commit
e30d0f6293
8 changed files with 17 additions and 80 deletions
|
@ -64,7 +64,7 @@ Take for example a look at this delicious key:
|
||||||
.withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE)
|
.withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE)
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withMasterKey(
|
.withMasterKey(
|
||||||
KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._8192))
|
KeySpec.getBuilder(RSA.withLength(RsaLength._8192))
|
||||||
.withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER)
|
.withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER)
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withPrimaryUserId("Juliet <juliet@montague.lit>")
|
.withPrimaryUserId("Juliet <juliet@montague.lit>")
|
||||||
|
|
|
@ -57,7 +57,7 @@ import org.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.key.generation.type.ECDH;
|
import org.pgpainless.key.generation.type.ECDH;
|
||||||
import org.pgpainless.key.generation.type.ECDSA;
|
import org.pgpainless.key.generation.type.ECDSA;
|
||||||
import org.pgpainless.key.generation.type.KeyType;
|
import org.pgpainless.key.generation.type.KeyType;
|
||||||
import org.pgpainless.key.generation.type.RSA_GENERAL;
|
import org.pgpainless.key.generation.type.RSA;
|
||||||
import org.pgpainless.key.generation.type.curve.EllipticCurve;
|
import org.pgpainless.key.generation.type.curve.EllipticCurve;
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.key.generation.type.length.RsaLength;
|
||||||
import org.pgpainless.provider.ProviderFactory;
|
import org.pgpainless.provider.ProviderFactory;
|
||||||
|
@ -108,7 +108,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||||
WithAdditionalUserIdOrPassphrase builder = this
|
WithAdditionalUserIdOrPassphrase builder = this
|
||||||
.withMasterKey(
|
.withMasterKey(
|
||||||
KeySpec.getBuilder(RSA_GENERAL.withLength(length))
|
KeySpec.getBuilder(RSA.withLength(length))
|
||||||
.withDefaultKeyFlags()
|
.withDefaultKeyFlags()
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withPrimaryUserId(userId);
|
.withPrimaryUserId(userId);
|
||||||
|
|
|
@ -22,16 +22,19 @@ import java.security.spec.RSAKeyGenParameterSpec;
|
||||||
import org.pgpainless.algorithm.PublicKeyAlgorithm;
|
import org.pgpainless.algorithm.PublicKeyAlgorithm;
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.key.generation.type.length.RsaLength;
|
||||||
|
|
||||||
public class RSA_GENERAL implements KeyType {
|
/**
|
||||||
|
* Key type that specifies the RSA_GENERAL algorithm.
|
||||||
|
*/
|
||||||
|
public class RSA implements KeyType {
|
||||||
|
|
||||||
private final RsaLength length;
|
private final RsaLength length;
|
||||||
|
|
||||||
RSA_GENERAL(@Nonnull RsaLength length) {
|
RSA(@Nonnull RsaLength length) {
|
||||||
this.length = length;
|
this.length = length;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static RSA_GENERAL withLength(@Nonnull RsaLength length) {
|
public static RSA withLength(@Nonnull RsaLength length) {
|
||||||
return new RSA_GENERAL(length);
|
return new RSA(length);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
|
@ -1,33 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2018 Paul Schaub.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
package org.pgpainless.key.generation.type;
|
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
|
||||||
|
|
||||||
import org.pgpainless.algorithm.PublicKeyAlgorithm;
|
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
|
||||||
|
|
||||||
public class RSA_ENCRYPT extends RSA_GENERAL {
|
|
||||||
|
|
||||||
RSA_ENCRYPT(@Nonnull RsaLength length) {
|
|
||||||
super(length);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PublicKeyAlgorithm getAlgorithm() {
|
|
||||||
return PublicKeyAlgorithm.RSA_ENCRYPT;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,33 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2018 Paul Schaub.
|
|
||||||
*
|
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
* you may not use this file except in compliance with the License.
|
|
||||||
* You may obtain a copy of the License at
|
|
||||||
*
|
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
*
|
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
* See the License for the specific language governing permissions and
|
|
||||||
* limitations under the License.
|
|
||||||
*/
|
|
||||||
package org.pgpainless.key.generation.type;
|
|
||||||
|
|
||||||
import javax.annotation.Nonnull;
|
|
||||||
|
|
||||||
import org.pgpainless.algorithm.PublicKeyAlgorithm;
|
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
|
||||||
|
|
||||||
public class RSA_SIGN extends RSA_GENERAL {
|
|
||||||
|
|
||||||
RSA_SIGN(@Nonnull RsaLength length) {
|
|
||||||
super(length);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public PublicKeyAlgorithm getAlgorithm() {
|
|
||||||
return PublicKeyAlgorithm.RSA_SIGN;
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -47,7 +47,7 @@ import org.pgpainless.key.TestKeys;
|
||||||
import org.pgpainless.key.collection.PGPKeyRing;
|
import org.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.key.generation.KeySpec;
|
import org.pgpainless.key.generation.KeySpec;
|
||||||
import org.pgpainless.key.generation.type.ElGamal_GENERAL;
|
import org.pgpainless.key.generation.type.ElGamal_GENERAL;
|
||||||
import org.pgpainless.key.generation.type.RSA_GENERAL;
|
import org.pgpainless.key.generation.type.RSA;
|
||||||
import org.pgpainless.key.generation.type.length.ElGamalLength;
|
import org.pgpainless.key.generation.type.length.ElGamalLength;
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.key.generation.type.length.RsaLength;
|
||||||
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
|
@ -74,7 +74,7 @@ public class EncryptDecryptTest {
|
||||||
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
|
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
|
||||||
PGPKeyRing recipient = PGPainless.generateKeyRing()
|
PGPKeyRing recipient = PGPainless.generateKeyRing()
|
||||||
.withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms())
|
.withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms())
|
||||||
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms())
|
.withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms())
|
||||||
.withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build();
|
.withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build();
|
||||||
|
|
||||||
encryptDecryptForSecretKeyRings(sender, recipient);
|
encryptDecryptForSecretKeyRings(sender, recipient);
|
||||||
|
|
|
@ -29,7 +29,7 @@ import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.collection.PGPKeyRing;
|
import org.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.key.generation.type.RSA_SIGN;
|
import org.pgpainless.key.generation.type.RSA;
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.key.generation.type.length.RsaLength;
|
||||||
|
|
||||||
public class GenerateKeyWithAdditionalUserIdTest {
|
public class GenerateKeyWithAdditionalUserIdTest {
|
||||||
|
@ -37,7 +37,7 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
||||||
@Test
|
@Test
|
||||||
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||||
PGPKeyRing keyRing = PGPainless.generateKeyRing()
|
PGPKeyRing keyRing = PGPainless.generateKeyRing()
|
||||||
.withMasterKey(KeySpec.getBuilder(RSA_SIGN.withLength(RsaLength._3072))
|
.withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072))
|
||||||
.withDefaultKeyFlags()
|
.withDefaultKeyFlags()
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withPrimaryUserId("primary@user.id")
|
.withPrimaryUserId("primary@user.id")
|
||||||
|
|
|
@ -38,7 +38,7 @@ import org.junit.Test;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
import org.pgpainless.key.collection.PGPKeyRing;
|
import org.pgpainless.key.collection.PGPKeyRing;
|
||||||
import org.pgpainless.key.generation.KeySpec;
|
import org.pgpainless.key.generation.KeySpec;
|
||||||
import org.pgpainless.key.generation.type.RSA_GENERAL;
|
import org.pgpainless.key.generation.type.RSA;
|
||||||
import org.pgpainless.key.generation.type.length.RsaLength;
|
import org.pgpainless.key.generation.type.length.RsaLength;
|
||||||
|
|
||||||
public class BCUtilTest {
|
public class BCUtilTest {
|
||||||
|
@ -50,8 +50,8 @@ public class BCUtilTest {
|
||||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException,
|
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException,
|
||||||
IOException {
|
IOException {
|
||||||
PGPKeyRing ring = PGPainless.generateKeyRing()
|
PGPKeyRing ring = PGPainless.generateKeyRing()
|
||||||
.withSubKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
.withSubKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
||||||
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
.withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
|
||||||
.withPrimaryUserId("donald@duck.tails").withoutPassphrase().build();
|
.withPrimaryUserId("donald@duck.tails").withoutPassphrase().build();
|
||||||
PGPSecretKeyRing sec = ring.getSecretKeys();
|
PGPSecretKeyRing sec = ring.getSecretKeys();
|
||||||
PGPPublicKeyRing pub = ring.getPublicKeys();
|
PGPPublicKeyRing pub = ring.getPublicKeys();
|
||||||
|
|
Loading…
Reference in a new issue