mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 04:42:06 +01:00
Allow for setting of expiration date during key generation
This commit is contained in:
parent
83117c99cb
commit
f2f7305fec
3 changed files with 30 additions and 0 deletions
|
@ -66,6 +66,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
|||
private String userId;
|
||||
private final Set<String> additionalUserIds = new LinkedHashSet<>();
|
||||
private Passphrase passphrase;
|
||||
private Date expirationDate = null;
|
||||
|
||||
/**
|
||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||
|
@ -288,6 +289,16 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
|||
|
||||
class WithAdditionalUserIdOrPassphraseImpl implements WithAdditionalUserIdOrPassphrase {
|
||||
|
||||
@Override
|
||||
public WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate) {
|
||||
Date now = new Date();
|
||||
if (now.after(expirationDate)) {
|
||||
throw new IllegalArgumentException("Expiration date must be in the future.");
|
||||
}
|
||||
KeyRingBuilder.this.expirationDate = expirationDate;
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId) {
|
||||
String trimmed = userId.trim();
|
||||
|
@ -341,6 +352,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
|||
signatureGenerator = new PGPSignatureGenerator(signer);
|
||||
PGPSignatureSubpacketGenerator hashedSubPacketGenerator = certKeySpec.getSubpacketGenerator();
|
||||
hashedSubPacketGenerator.setPrimaryUserID(false, true);
|
||||
if (expirationDate != null) {
|
||||
SignatureSubpacketGeneratorUtil.setExpirationDateInSubpacketGenerator(
|
||||
expirationDate, new Date(), hashedSubPacketGenerator);
|
||||
}
|
||||
PGPSignatureSubpacketVector hashedSubPackets = hashedSubPacketGenerator.generate();
|
||||
|
||||
// Generator which the user can get the key pair from
|
||||
|
|
|
@ -17,6 +17,7 @@ package org.pgpainless.key.generation;
|
|||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Date;
|
||||
import javax.annotation.Nonnull;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
|
@ -60,6 +61,14 @@ public interface KeyRingBuilderInterface {
|
|||
return withAdditionalUserId(userId.toString());
|
||||
}
|
||||
|
||||
/**
|
||||
* Set an expiration date for the key.
|
||||
*
|
||||
* @param expirationDate date on which the key will expire.
|
||||
* @return builder
|
||||
*/
|
||||
WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate);
|
||||
|
||||
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId);
|
||||
|
||||
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull byte[] userId);
|
||||
|
|
|
@ -22,6 +22,7 @@ import java.io.ByteArrayOutputStream;
|
|||
import java.io.IOException;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.Date;
|
||||
import java.util.Iterator;
|
||||
|
||||
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
||||
|
@ -39,6 +40,8 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
|||
|
||||
@Test
|
||||
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||
Date now = new Date();
|
||||
Date expiration = new Date(now.getTime() + 1000 * 5);
|
||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||
.withPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._3072))
|
||||
.withKeyFlags(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS)
|
||||
|
@ -47,10 +50,13 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
|||
.withAdditionalUserId("additional@user.id")
|
||||
.withAdditionalUserId("additional2@user.id")
|
||||
.withAdditionalUserId("\ttrimThis@user.id ")
|
||||
.setExpirationDate(expiration)
|
||||
.withoutPassphrase()
|
||||
.build();
|
||||
PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys);
|
||||
|
||||
assertEquals(expiration.getTime(), PGPainless.inspectKeyRing(publicKeys).getExpirationDate().getTime(), 2);
|
||||
|
||||
Iterator<String> userIds = publicKeys.getPublicKey().getUserIDs();
|
||||
assertEquals("primary@user.id", userIds.next());
|
||||
assertEquals("additional@user.id", userIds.next());
|
||||
|
|
Loading…
Reference in a new issue