mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-27 06:42:05 +01:00
Allow for setting of expiration date during key generation
This commit is contained in:
parent
83117c99cb
commit
f2f7305fec
3 changed files with 30 additions and 0 deletions
|
@ -66,6 +66,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
private String userId;
|
private String userId;
|
||||||
private final Set<String> additionalUserIds = new LinkedHashSet<>();
|
private final Set<String> additionalUserIds = new LinkedHashSet<>();
|
||||||
private Passphrase passphrase;
|
private Passphrase passphrase;
|
||||||
|
private Date expirationDate = null;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||||
|
@ -288,6 +289,16 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
|
|
||||||
class WithAdditionalUserIdOrPassphraseImpl implements WithAdditionalUserIdOrPassphrase {
|
class WithAdditionalUserIdOrPassphraseImpl implements WithAdditionalUserIdOrPassphrase {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate) {
|
||||||
|
Date now = new Date();
|
||||||
|
if (now.after(expirationDate)) {
|
||||||
|
throw new IllegalArgumentException("Expiration date must be in the future.");
|
||||||
|
}
|
||||||
|
KeyRingBuilder.this.expirationDate = expirationDate;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId) {
|
public WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId) {
|
||||||
String trimmed = userId.trim();
|
String trimmed = userId.trim();
|
||||||
|
@ -341,6 +352,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
signatureGenerator = new PGPSignatureGenerator(signer);
|
signatureGenerator = new PGPSignatureGenerator(signer);
|
||||||
PGPSignatureSubpacketGenerator hashedSubPacketGenerator = certKeySpec.getSubpacketGenerator();
|
PGPSignatureSubpacketGenerator hashedSubPacketGenerator = certKeySpec.getSubpacketGenerator();
|
||||||
hashedSubPacketGenerator.setPrimaryUserID(false, true);
|
hashedSubPacketGenerator.setPrimaryUserID(false, true);
|
||||||
|
if (expirationDate != null) {
|
||||||
|
SignatureSubpacketGeneratorUtil.setExpirationDateInSubpacketGenerator(
|
||||||
|
expirationDate, new Date(), hashedSubPacketGenerator);
|
||||||
|
}
|
||||||
PGPSignatureSubpacketVector hashedSubPackets = hashedSubPacketGenerator.generate();
|
PGPSignatureSubpacketVector hashedSubPackets = hashedSubPacketGenerator.generate();
|
||||||
|
|
||||||
// Generator which the user can get the key pair from
|
// Generator which the user can get the key pair from
|
||||||
|
|
|
@ -17,6 +17,7 @@ package org.pgpainless.key.generation;
|
||||||
|
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.Date;
|
||||||
import javax.annotation.Nonnull;
|
import javax.annotation.Nonnull;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
@ -60,6 +61,14 @@ public interface KeyRingBuilderInterface {
|
||||||
return withAdditionalUserId(userId.toString());
|
return withAdditionalUserId(userId.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set an expiration date for the key.
|
||||||
|
*
|
||||||
|
* @param expirationDate date on which the key will expire.
|
||||||
|
* @return builder
|
||||||
|
*/
|
||||||
|
WithAdditionalUserIdOrPassphrase setExpirationDate(@Nonnull Date expirationDate);
|
||||||
|
|
||||||
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId);
|
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull String userId);
|
||||||
|
|
||||||
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull byte[] userId);
|
WithAdditionalUserIdOrPassphrase withAdditionalUserId(@Nonnull byte[] userId);
|
||||||
|
|
|
@ -22,6 +22,7 @@ import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.Date;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
|
|
||||||
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
||||||
|
@ -39,6 +40,8 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
|
||||||
|
Date now = new Date();
|
||||||
|
Date expiration = new Date(now.getTime() + 1000 * 5);
|
||||||
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing()
|
||||||
.withPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._3072))
|
.withPrimaryKey(KeySpec.getBuilder(KeyType.RSA(RsaLength._3072))
|
||||||
.withKeyFlags(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS)
|
.withKeyFlags(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA, KeyFlag.ENCRYPT_COMMS)
|
||||||
|
@ -47,10 +50,13 @@ public class GenerateKeyWithAdditionalUserIdTest {
|
||||||
.withAdditionalUserId("additional@user.id")
|
.withAdditionalUserId("additional@user.id")
|
||||||
.withAdditionalUserId("additional2@user.id")
|
.withAdditionalUserId("additional2@user.id")
|
||||||
.withAdditionalUserId("\ttrimThis@user.id ")
|
.withAdditionalUserId("\ttrimThis@user.id ")
|
||||||
|
.setExpirationDate(expiration)
|
||||||
.withoutPassphrase()
|
.withoutPassphrase()
|
||||||
.build();
|
.build();
|
||||||
PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys);
|
PGPPublicKeyRing publicKeys = KeyRingUtils.publicKeyRingFrom(secretKeys);
|
||||||
|
|
||||||
|
assertEquals(expiration.getTime(), PGPainless.inspectKeyRing(publicKeys).getExpirationDate().getTime(), 2);
|
||||||
|
|
||||||
Iterator<String> userIds = publicKeys.getPublicKey().getUserIDs();
|
Iterator<String> userIds = publicKeys.getPublicKey().getUserIDs();
|
||||||
assertEquals("primary@user.id", userIds.next());
|
assertEquals("primary@user.id", userIds.next());
|
||||||
assertEquals("additional@user.id", userIds.next());
|
assertEquals("additional@user.id", userIds.next());
|
||||||
|
|
Loading…
Reference in a new issue