1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 22:32:07 +01:00

Remove RSA_SIGN and RSA_ENCRYPT as they are deprecated

This change removes two mechanisms that are deprecated in RFC 4880. The
spec explicitly mentions that "RSA Encrypt-Only (2) and RSA Sign-Only
are deprecated and SHOULD NOT be generated" [0].

The remaining RSA_GENERAL key type was renamed to just RSA for ease of
use for developers.

[0]: https://tools.ietf.org/html/rfc4880#section-9.1
This commit is contained in:
Wiktor Kwapisiewicz 2020-10-30 11:43:21 +01:00
parent 63d6ab743c
commit e30d0f6293
No known key found for this signature in database
GPG key ID: B97A1EE09DB417EC
8 changed files with 17 additions and 80 deletions

View file

@ -64,7 +64,7 @@ Take for example a look at this delicious key:
.withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE) .withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE)
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withMasterKey( .withMasterKey(
KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._8192)) KeySpec.getBuilder(RSA.withLength(RsaLength._8192))
.withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER) .withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER)
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withPrimaryUserId("Juliet <juliet@montague.lit>") .withPrimaryUserId("Juliet <juliet@montague.lit>")

View file

@ -57,7 +57,7 @@ import org.pgpainless.key.collection.PGPKeyRing;
import org.pgpainless.key.generation.type.ECDH; import org.pgpainless.key.generation.type.ECDH;
import org.pgpainless.key.generation.type.ECDSA; import org.pgpainless.key.generation.type.ECDSA;
import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.RSA_GENERAL; import org.pgpainless.key.generation.type.RSA;
import org.pgpainless.key.generation.type.curve.EllipticCurve; import org.pgpainless.key.generation.type.curve.EllipticCurve;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
import org.pgpainless.provider.ProviderFactory; import org.pgpainless.provider.ProviderFactory;
@ -108,7 +108,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
WithAdditionalUserIdOrPassphrase builder = this WithAdditionalUserIdOrPassphrase builder = this
.withMasterKey( .withMasterKey(
KeySpec.getBuilder(RSA_GENERAL.withLength(length)) KeySpec.getBuilder(RSA.withLength(length))
.withDefaultKeyFlags() .withDefaultKeyFlags()
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withPrimaryUserId(userId); .withPrimaryUserId(userId);

View file

@ -22,16 +22,19 @@ import java.security.spec.RSAKeyGenParameterSpec;
import org.pgpainless.algorithm.PublicKeyAlgorithm; import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
public class RSA_GENERAL implements KeyType { /**
* Key type that specifies the RSA_GENERAL algorithm.
*/
public class RSA implements KeyType {
private final RsaLength length; private final RsaLength length;
RSA_GENERAL(@Nonnull RsaLength length) { RSA(@Nonnull RsaLength length) {
this.length = length; this.length = length;
} }
public static RSA_GENERAL withLength(@Nonnull RsaLength length) { public static RSA withLength(@Nonnull RsaLength length) {
return new RSA_GENERAL(length); return new RSA(length);
} }
@Override @Override

View file

@ -1,33 +0,0 @@
/*
* Copyright 2018 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless.key.generation.type;
import javax.annotation.Nonnull;
import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.key.generation.type.length.RsaLength;
public class RSA_ENCRYPT extends RSA_GENERAL {
RSA_ENCRYPT(@Nonnull RsaLength length) {
super(length);
}
@Override
public PublicKeyAlgorithm getAlgorithm() {
return PublicKeyAlgorithm.RSA_ENCRYPT;
}
}

View file

@ -1,33 +0,0 @@
/*
* Copyright 2018 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless.key.generation.type;
import javax.annotation.Nonnull;
import org.pgpainless.algorithm.PublicKeyAlgorithm;
import org.pgpainless.key.generation.type.length.RsaLength;
public class RSA_SIGN extends RSA_GENERAL {
RSA_SIGN(@Nonnull RsaLength length) {
super(length);
}
@Override
public PublicKeyAlgorithm getAlgorithm() {
return PublicKeyAlgorithm.RSA_SIGN;
}
}

View file

@ -47,7 +47,7 @@ import org.pgpainless.key.TestKeys;
import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.collection.PGPKeyRing;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.ElGamal_GENERAL; import org.pgpainless.key.generation.type.ElGamal_GENERAL;
import org.pgpainless.key.generation.type.RSA_GENERAL; import org.pgpainless.key.generation.type.RSA;
import org.pgpainless.key.generation.type.length.ElGamalLength; import org.pgpainless.key.generation.type.length.ElGamalLength;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
import org.pgpainless.key.protection.SecretKeyRingProtector; import org.pgpainless.key.protection.SecretKeyRingProtector;
@ -74,7 +74,7 @@ public class EncryptDecryptTest {
PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072); PGPKeyRing sender = PGPainless.generateKeyRing().simpleRsaKeyRing("romeo@montague.lit", RsaLength._3072);
PGPKeyRing recipient = PGPainless.generateKeyRing() PGPKeyRing recipient = PGPainless.generateKeyRing()
.withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms()) .withSubKey(KeySpec.getBuilder(ElGamal_GENERAL.withLength(ElGamalLength._3072)).withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS).withDefaultAlgorithms())
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms()) .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._4096)).withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER).withDefaultAlgorithms())
.withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build(); .withPrimaryUserId("juliet@capulet.lit").withoutPassphrase().build();
encryptDecryptForSecretKeyRings(sender, recipient); encryptDecryptForSecretKeyRings(sender, recipient);

View file

@ -29,7 +29,7 @@ import org.bouncycastle.openpgp.PGPException;
import org.junit.Test; import org.junit.Test;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.collection.PGPKeyRing;
import org.pgpainless.key.generation.type.RSA_SIGN; import org.pgpainless.key.generation.type.RSA;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
public class GenerateKeyWithAdditionalUserIdTest { public class GenerateKeyWithAdditionalUserIdTest {
@ -37,7 +37,7 @@ public class GenerateKeyWithAdditionalUserIdTest {
@Test @Test
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException { public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
PGPKeyRing keyRing = PGPainless.generateKeyRing() PGPKeyRing keyRing = PGPainless.generateKeyRing()
.withMasterKey(KeySpec.getBuilder(RSA_SIGN.withLength(RsaLength._3072)) .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072))
.withDefaultKeyFlags() .withDefaultKeyFlags()
.withDefaultAlgorithms()) .withDefaultAlgorithms())
.withPrimaryUserId("primary@user.id") .withPrimaryUserId("primary@user.id")

View file

@ -38,7 +38,7 @@ import org.junit.Test;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.collection.PGPKeyRing;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.RSA_GENERAL; import org.pgpainless.key.generation.type.RSA;
import org.pgpainless.key.generation.type.length.RsaLength; import org.pgpainless.key.generation.type.length.RsaLength;
public class BCUtilTest { public class BCUtilTest {
@ -50,8 +50,8 @@ public class BCUtilTest {
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException,
IOException { IOException {
PGPKeyRing ring = PGPainless.generateKeyRing() PGPKeyRing ring = PGPainless.generateKeyRing()
.withSubKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) .withSubKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
.withMasterKey(KeySpec.getBuilder(RSA_GENERAL.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms()) .withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072)).withDefaultKeyFlags().withDefaultAlgorithms())
.withPrimaryUserId("donald@duck.tails").withoutPassphrase().build(); .withPrimaryUserId("donald@duck.tails").withoutPassphrase().build();
PGPSecretKeyRing sec = ring.getSecretKeys(); PGPSecretKeyRing sec = ring.getSecretKeys();
PGPPublicKeyRing pub = ring.getPublicKeys(); PGPPublicKeyRing pub = ring.getPublicKeys();