PGPainless/pgpainless
PGPainless
/
pgpainless
mirror of https://github.com/pgpainless/pgpainless.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,200 Commits 76 Branches 114 Tags 11 MiB
Commit Graph

764 Commits

Author SHA1 Message Date
Paul Schaub 29dc20d0bc Add EncryptionResult.isEncryptedFor(certificate) 2022-03-15 17:02:02 +01:00
Paul Schaub ecfa3823fb Add utility method to remove secret subkey from key ring 
This might be useful for offline primary keys
 2022-03-15 17:01:50 +01:00
Paul Schaub d4d29553ec
Add decryption example 2022-03-15 15:10:23 +01:00
Paul Schaub ffdbd21491 Implement configuration option for SignerUserId subpacket verification level. 
By default we ignore SignerUserId subpackets on signatures.
This behavior can be changed by calling Policy.setSignerUserIdValidationLevel().
Right now, STRICT and DISABLED are available as options, but it may make sense to implement
another option PARTIALLY, which will accept signatures made by key with user-id 'A <foo@bar>'
but where the sig contains a signer user id of value 'foo@bar' for example.
 2022-03-14 11:10:12 +01:00
Paul Schaub 661c043cdc
DFix KeyRingInfo.getValidAndExpiredUserIds considering unbound user-ids as valid 2022-03-13 16:52:57 +01:00
Paul Schaub 26c804b2dd
Add comment about hash algorithm header 2022-03-13 15:12:38 +01:00
Paul Schaub 6b9b956c2c
Add OpenPgpFingerprint.parse(String) 2022-03-10 12:22:02 +01:00
Paul Schaub 8f473b513f
Add support for OpenPGP v5 fingerprints. 
Obviously we need support for key.getFingerprint() in BC, but once
that is there, this should magically start working.
 2022-03-10 12:01:12 +01:00
Paul Schaub 0824bbd37c
Add investigative test for signers user-ids 2022-03-09 21:05:17 +01:00
Paul Schaub 26d79679f0
Fix crash when validating unmatched signer's user-id subpacket 
TODO: We might want to deprecate Signer's UserID subpackets completely and ignore them.
See results of sequoias test suite once PR below gets merged.
https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/merge_requests/28
 2022-03-09 21:05:00 +01:00
Paul Schaub b34866b012
Make SigningOptions.getSigningMethods package visible 2022-03-09 21:03:31 +01:00
Paul Schaub db02106518
Fix typo 2022-03-07 14:57:00 +01:00
Paul Schaub 3fe78ab12a
Fix NPE when validating broken signature 2022-03-07 14:56:56 +01:00
Paul Schaub f1f7dec8b6
Fix accidental verification of thirdparty user-id revocations using primary key 2022-03-07 14:56:37 +01:00
Paul Schaub fc65bb4496
Raise readable error message when trying to encrypt for key without acceptable self-sigs 2022-03-07 14:55:45 +01:00
Paul Schaub 9d160ef047
Reject subkeys with predating binding signatures 2022-03-07 12:17:45 +01:00
Paul Schaub 5d3646cd36
Add missing @throws documentation 2022-03-07 11:27:21 +01:00
Paul Schaub 10e72f6773
Allow custom key creation dates during generation 2022-03-07 11:08:59 +01:00
Paul Schaub a6dcf027c0
Add and document PGPainless.inspectKeyRing(key, date) 2022-03-07 10:36:20 +01:00
Paul Schaub a7d1f09b5c
Document SimpleDateFormat not thread-safe 2022-03-07 10:26:24 +01:00
Paul Schaub 126cc9df70
Make toSecondsPrecision() more readable and improv performance 2022-03-07 10:24:08 +01:00
Paul Schaub 5b9e72d42c
Add KeyRingInfo.isUsableForEncryption() 2022-03-06 14:58:36 +01:00
Paul Schaub 1949cc5eea
Fix generics of CertificationSubpackets callback 2022-03-02 11:15:07 +01:00
Paul Schaub 35dd4f9a67
Fix unused import 2022-03-01 17:37:24 +01:00
Paul Schaub 63b39c56bd
Fix README 2022-03-01 17:18:20 +01:00
Paul Schaub d55d6a1686
Improve RegExs for extracting email addresses from keys 
Based on https://github.com/pgpainless/pgpainless/pull/257/
Thanks @bratkartoffel for the initial proposed changes
 2022-03-01 12:14:09 +01:00
feri a1deb531a4 trim comment lines. 2022-02-24 17:46:45 +01:00
feri 7a77d0847a Support multiline comments in ProducerOption.setComment(). 2022-02-24 17:46:45 +01:00
Paul Schaub fc33e56ad8
Some clarifications in javadoc 2022-02-24 01:08:23 +01:00
feri 928fa12b51
Add new ProducerOption setComment() for Ascii armored EncryptionStreams. (#254) 
* Add new ProducerOption setComment() for Ascii armored EncryptionStreams.
 2022-02-24 00:51:16 +01:00
Paul Schaub 1753cef10e Simplify handling of cleartext-signed data 2022-02-23 18:45:29 +01:00
Paul Schaub db58280db6
Change default criticality of signature subpackets to mirror those of sequoia 2022-02-19 17:07:56 +01:00
Paul Schaub 41ed056165
By default emit IssuerFingerprint signature subpackets as non-critical 2022-02-19 16:05:02 +01:00
Paul Schaub a3f9311d9a
Add some comments to messy DecryptionStreamFactory code 2022-02-19 14:48:17 +01:00
Paul Schaub 36c5ec8a28 Host javadoc on javadoc.io 2022-02-15 14:29:07 +01:00
Paul Schaub e8da3b30d8 Yet another patch for ASCII armor detection -.- 2022-02-15 14:23:03 +01:00
Paul Schaub f3cf3456ab ConsumerOptions.setIsCleartextSigned -> return this 2022-02-15 14:22:57 +01:00
Paul Schaub b33885c268 Remove accidental marking of buffered stream in PGPUtilWrapper 2022-02-15 14:22:49 +01:00
Paul Schaub 458b4f1f78 Fix detection of unarmored data in detached signature verification 2022-02-11 14:07:29 +01:00
Paul Schaub 9b270197c2 Add MIME StreamEncoding enum val 2022-01-15 02:46:42 +01:00
Paul Schaub bbc42fd8e4 Document workaround for BCs ECUtil.getCurveName() returning null for ed25519 keys 
See https://github.com/bcgit/bc-java/issues/1087
 2022-01-15 02:46:42 +01:00
Paul Schaub 01839728f0 Remove workaround for publicKey.getBitStrength() == -1 in BC 
see https://github.com/bcgit/bc-java/issues/972
 2022-01-15 02:46:41 +01:00
Paul Schaub e374951ed0 Remove ProofUtil. 
This does not belong here.
 2022-01-15 02:46:41 +01:00
Paul Schaub 5e0ca369bf Document workaround for https://github.com/bcgit/bc-java/pull/1085 2022-01-15 02:46:41 +01:00
Paul Schaub fa0e208c98 Workaround for BC not correctly parsing RevocationKey packets 2022-01-15 02:46:41 +01:00
Paul Schaub 88e3c61b20 RevocationSignatureBuilder: Allow for generation of external revocation signatures 2022-01-15 02:46:41 +01:00
Paul Schaub 5884c4afcd ArmorUtils: Add method to print single public keys 2022-01-15 02:46:41 +01:00
Paul Schaub 1447dfc642 Add SignatureUtils.wasIssuedBy 2022-01-15 02:46:41 +01:00
Paul Schaub 99496f80f5 Hex decode data in OpenPgpV4Fingerprint constructor 2022-01-15 02:46:41 +01:00
Paul Schaub d9e3c6ed91 Remove investigative test with expired key 2022-01-15 02:46:41 +01:00
Paul Schaub e7f583c1af Fix KeyRingInfo.get*Algorithm(keyId) 2022-01-15 02:45:21 +01:00
Paul Schaub 9de196d6c5 Fix test for algorithm preference extraction 2022-01-15 02:45:10 +01:00
Paul Schaub b58bdf8ff1 Fix KeyAccessor.ViaKeyId sourcing primary user-id signature 2022-01-15 00:59:54 +01:00
Paul Schaub b1bde161b4
Fix typos and wording 2021-12-28 13:53:25 +01:00
Paul Schaub ce7b69269b
Various code cleanup 2021-12-28 13:32:50 +01:00
Paul Schaub 59f1a85887
Fix more code issues 2021-12-28 12:30:52 +01:00
Paul Schaub e96d668ee2 Clean up code 2021-12-28 12:18:51 +01:00
Paul Schaub 6eac50c5b5 Add documentation to SessionKey 2021-12-28 01:42:12 +01:00
Paul Schaub f3b7286eaf Introduce and use DateUtil.toSecondsPrecision 2021-12-28 01:42:12 +01:00
Paul Schaub 2f44621657 Add documentation to CollectionUtils methods 2021-12-28 01:42:12 +01:00
Paul Schaub 376e234baf
Add documentation to SecretKeyRingEditor 2021-12-28 01:23:47 +01:00
Paul Schaub d0ef8581e8
Add RevokeUserIdsTest 2021-12-27 13:49:31 +01:00
Paul Schaub a0e9c1f555
Add SelectUserId.byEmail() 2021-12-27 13:36:13 +01:00
Paul Schaub 245376d7d0
Remove KeyRingUtils.deleteUserId() in favor of revoking SecretKeyRingEditor.removeUserId() methods 2021-12-27 13:35:58 +01:00
Paul Schaub 31b7d18183
Properly resolve earliest expiration date when primary user-id + direct-key sig have expiraiton 
Rename getPossiblyExpiredPrimaryUserId() method
 2021-12-23 17:10:44 +01:00
Paul Schaub 6c9c683c85
Rename method to getValidAndExpiredUserIds() 2021-12-22 12:42:31 +01:00
Paul Schaub 56e60e88f4
When no user-id is marked as primary: return first user-id 2021-12-22 12:40:40 +01:00
Paul Schaub 3aa9e2915a
Re-certify expired user-ids when changing key expiration date 2021-12-20 13:28:16 +01:00
Paul Schaub 710f961984 Rework key modification API. 
Fixes #225
 2021-12-20 13:01:58 +01:00
Paul Schaub 78b668880b
Delete unused TestImplementationFactoryProvider 2021-12-14 16:57:50 +01:00
Paul Schaub cf90c25afc
rename invocationContextProvider to TestAllImplementations 2021-12-14 16:56:29 +01:00
Paul Schaub c331dee6b1
Replace @ArgumentSource with @TestTemplate, @ExtendWith 2021-12-14 16:55:04 +01:00
Paul Schaub 2ebf4be39c
Replace @MethodSource annotation with @ArgumentsSource 2021-12-14 15:47:53 +01:00
Paul Schaub a66b45c3d2
Further sourcing of PGPObjectFactory from ImplementationProvider 2021-12-14 15:03:45 +01:00
Paul Schaub 60f7a9d9ec
Source PGPObjectFactory from ImplementationProvider 2021-12-14 14:43:16 +01:00
Paul Schaub 1681f3934f
Fix method name getCommentHeader 2021-12-14 14:42:53 +01:00
Paul Schaub bff2b3fbfe
Clarify nesting depth exceeded error message 2021-12-14 13:14:56 +01:00
Paul Schaub f8968fc075
Add test for CachingSecretKeyRingProtector.replacePassphrase(*) 2021-12-13 13:28:53 +01:00
Paul Schaub c4e3e27821
Fix replacePassphrase(secretKeys, passphrase) 2021-12-13 13:28:34 +01:00
Paul Schaub af8d04c66f
Threat Model: add remark about secure key storage 2021-12-13 13:21:18 +01:00
Paul Schaub 5108b81252
Add test to ensure PGPainless will refuse to decrypt message with incapable key 2021-12-13 12:43:08 +01:00
Paul Schaub 80e12db8b6
Prevent message decryption using non-encryption key 2021-12-13 12:27:32 +01:00
Paul Schaub e59a8884c1 SigningOptions: Replace arguments PGPSecretKeyRingCollection with Iterable<PGPSecretKeyRing> 2021-12-13 01:14:55 +01:00
Paul Schaub ba9de4b44a EncryptionOptions: replace arguments of type PGPPublicKeyRingCollection with Iterable<PGPPublicKeyRing> 2021-12-13 01:14:24 +01:00
Paul Schaub 710f676dc3 Rename MAX_RECURSION_DEPTH constant to avoid confusion 2021-12-13 01:03:20 +01:00
Paul Schaub 35462ab539
Add tests for PublicKeyParameterValidation 2021-12-09 13:25:23 +01:00
Paul Schaub 296f811b7f Merge branch 'KO' 2021-12-07 19:08:03 +01:00
Paul Schaub b3ec3333ce
CachingSecretKeyRingProtector: Prevent accidental passphrase override via addPassphrase() 2021-12-07 14:42:03 +01:00
Paul Schaub 82cbe467f2
Introduce iteration limit to prevent resource exhaustion when reading keys 2021-12-06 17:11:42 +01:00
Paul Schaub c4618617f6
Introduce iteration limit to prevent resource exhaustion when reading signatures 2021-12-06 17:11:23 +01:00
Paul Schaub af1d4f3e5b
Add ElGamal validation ported from openpgpjs 2021-12-06 16:43:27 +01:00
Paul Schaub 073cf870d2
Fix NPE when attempting to decrypt GNU_DUMMY_S2K keys 2021-12-06 15:07:34 +01:00
Paul Schaub a34cd77920
Add test keys 2021-12-06 15:02:31 +01:00
Paul Schaub d54a40196b
Fix NPE when attempting to decrypt GNU_DUMMY_S2K keys 2021-12-06 15:01:37 +01:00
Paul Schaub 601efd94f2
Fix typo 2021-12-03 14:20:36 +01:00
Paul Schaub 5485d490e2
Add threat model sketch to pgpainless-core/README 2021-12-03 13:07:38 +01:00
Paul Schaub fae5cd0efe
SOP: Fix signing using key with missing signing key 2021-12-02 15:10:53 +01:00
Paul Schaub 8d6aca0d04
Test modifyKeyRing().addSubkey() respects pk algorithm policy 2021-12-02 14:45:54 +01:00
Paul Schaub e7d0cf9c00
Fix BaseSecretKeyRingProtector misinterpreting empty passphrases 2021-12-02 14:44:03 +01:00
Paul Schaub 14c1cf013e
Add test to verify correct behavior of public key algorithm policy enforcement during key generation 2021-12-02 14:29:01 +01:00