mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-27 06:42:05 +01:00
Switch simpleEcKeyRing over to curve25519
This commit is contained in:
parent
79b2d42f9c
commit
fbb4061164
1 changed files with 51 additions and 12 deletions
|
@ -50,8 +50,9 @@ import org.pgpainless.algorithm.KeyFlag;
|
||||||
import org.pgpainless.algorithm.SignatureType;
|
import org.pgpainless.algorithm.SignatureType;
|
||||||
import org.pgpainless.implementation.ImplementationFactory;
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
import org.pgpainless.key.generation.type.KeyType;
|
import org.pgpainless.key.generation.type.KeyType;
|
||||||
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
|
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
|
||||||
import org.pgpainless.key.generation.type.rsa.RsaLength;
|
import org.pgpainless.key.generation.type.rsa.RsaLength;
|
||||||
|
import org.pgpainless.key.generation.type.xdh.XDHCurve;
|
||||||
import org.pgpainless.key.util.UserId;
|
import org.pgpainless.key.util.UserId;
|
||||||
import org.pgpainless.provider.ProviderFactory;
|
import org.pgpainless.provider.ProviderFactory;
|
||||||
import org.pgpainless.util.Passphrase;
|
import org.pgpainless.util.Passphrase;
|
||||||
|
@ -66,6 +67,15 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
private final Set<String> additionalUserIds = new LinkedHashSet<>();
|
private final Set<String> additionalUserIds = new LinkedHashSet<>();
|
||||||
private Passphrase passphrase;
|
private Passphrase passphrase;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a simple, unencrypted RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||||
|
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||||
|
*
|
||||||
|
* @param userId user id.
|
||||||
|
* @param length length in bits.
|
||||||
|
*
|
||||||
|
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||||
|
*/
|
||||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length)
|
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length)
|
||||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||||
return simpleRsaKeyRing(userId.toString(), length);
|
return simpleRsaKeyRing(userId.toString(), length);
|
||||||
|
@ -85,9 +95,19 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
return simpleRsaKeyRing(userId, length, null);
|
return simpleRsaKeyRing(userId, length, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength rsaLength, String password)
|
/**
|
||||||
|
* Creates a simple RSA KeyPair of length {@code length} with user-id {@code userId}.
|
||||||
|
* The KeyPair consists of a single RSA master key which is used for signing, encryption and certification.
|
||||||
|
*
|
||||||
|
* @param userId user id.
|
||||||
|
* @param length length in bits.
|
||||||
|
* @param password Password of the key. Can be null for unencrypted keys.
|
||||||
|
*
|
||||||
|
* @return {@link PGPSecretKeyRing} containing the KeyPair.
|
||||||
|
*/
|
||||||
|
public PGPSecretKeyRing simpleRsaKeyRing(@Nonnull UserId userId, @Nonnull RsaLength length, String password)
|
||||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||||
return simpleRsaKeyRing(userId.toString(), rsaLength, password);
|
return simpleRsaKeyRing(userId.toString(), length, password);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -116,15 +136,24 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||||
|
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||||
|
* The XDH subkey is used for encryption and decryption of messages.
|
||||||
|
*
|
||||||
|
* @param userId user-id
|
||||||
|
*
|
||||||
|
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||||
|
*/
|
||||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId)
|
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId)
|
||||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||||
return simpleEcKeyRing(userId.toString());
|
return simpleEcKeyRing(userId.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates an unencrypted key ring consisting of an ECDSA master key and an ECDH sub-key.
|
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||||
* The ECDSA master key is used for signing messages and certifying the sub key.
|
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||||
* The ECDH sub-key is used for encryption of messages.
|
* The XDH subkey is used for encryption and decryption of messages.
|
||||||
*
|
*
|
||||||
* @param userId user-id
|
* @param userId user-id
|
||||||
*
|
*
|
||||||
|
@ -135,15 +164,25 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
return simpleEcKeyRing(userId, null);
|
return simpleEcKeyRing(userId, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates a key ring consisting of an ed25519 EdDSA primary key and a curve25519 XDH subkey.
|
||||||
|
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||||
|
* The XDH subkey is used for encryption and decryption of messages.
|
||||||
|
*
|
||||||
|
* @param userId user-id
|
||||||
|
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||||
|
*
|
||||||
|
* @return {@link PGPSecretKeyRing} containing the key pairs.
|
||||||
|
*/
|
||||||
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId, String password)
|
public PGPSecretKeyRing simpleEcKeyRing(@Nonnull UserId userId, String password)
|
||||||
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
|
||||||
return simpleEcKeyRing(userId.toString(), password);
|
return simpleEcKeyRing(userId.toString(), password);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates a key ring consisting of an ECDSA master key and an ECDH sub-key.
|
* Creates a key ring consisting of an ed25519 EdDSA primary key and a X25519 XDH subkey.
|
||||||
* The ECDSA master key is used for signing messages and certifying the sub key.
|
* The EdDSA primary key is used for signing messages and certifying the sub key.
|
||||||
* The ECDH sub-key is used for encryption of messages.
|
* The XDH subkey is used for encryption and decryption of messages.
|
||||||
*
|
*
|
||||||
* @param userId user-id
|
* @param userId user-id
|
||||||
* @param password Password of the private key. Can be null for an unencrypted key.
|
* @param password Password of the private key. Can be null for an unencrypted key.
|
||||||
|
@ -154,12 +193,12 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
|
||||||
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
|
||||||
WithAdditionalUserIdOrPassphrase builder = this
|
WithAdditionalUserIdOrPassphrase builder = this
|
||||||
.withSubKey(
|
.withSubKey(
|
||||||
KeySpec.getBuilder(KeyType.ECDH(EllipticCurve._P256))
|
KeySpec.getBuilder(KeyType.XDH(XDHCurve._X25519))
|
||||||
.withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
|
.withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withMasterKey(
|
.withMasterKey(
|
||||||
KeySpec.getBuilder(KeyType.ECDSA(EllipticCurve._P256))
|
KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519))
|
||||||
.withKeyFlags(KeyFlag.AUTHENTICATION, KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)
|
.withKeyFlags(KeyFlag.CERTIFY_OTHER, KeyFlag.SIGN_DATA)
|
||||||
.withDefaultAlgorithms())
|
.withDefaultAlgorithms())
|
||||||
.withPrimaryUserId(userId);
|
.withPrimaryUserId(userId);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue