1124c6fd15
Wip: Configure logback logging
2021-08-26 15:03:20 +02:00
4d6ca80e25
Debug signature verification using debug build of bcpg
2021-08-26 15:03:20 +02:00
200e00990b
Remove unused class and move detached sig initialization in own method
2021-08-23 14:27:02 +02:00
772f69788b
Refactor CleartextSignatureProcessor to allow reuse in DetachInbandSignatureAndMessage
2021-08-23 14:26:17 +02:00
829068d5a8
Switch from JUL logging to SLF4J
2021-08-23 14:20:25 +02:00
03efb5e14c
Rename verifySignatureCreationTimeIsInBounds method
2021-08-18 14:50:01 +02:00
3bee3e5916
Add README for signature package
2021-08-18 14:49:31 +02:00
3abb796220
Separate Signature verification methods out of SignatureValidator into SignatureVerifier
2021-08-18 14:28:36 +02:00
8c3b694a71
Refactoring
2021-08-18 13:19:43 +02:00
5a9b8a2c50
Verify notBefore and notAfter on any message signatures
2021-08-18 12:55:24 +02:00
099b160656
Native support for notBefore and notAfter signature creation time constraints
2021-08-17 14:47:07 +02:00
6a108cb8c0
SignatureValidityComparator: Remove member order
2021-08-15 15:46:41 +02:00
452ee3fb30
Do not hide member has with local variable
2021-08-15 15:46:41 +02:00
e368a8b16a
Reduce complexity of statements
2021-08-15 15:46:41 +02:00
6467217bd1
Make defaultDigestHashAlgorithm static
2021-08-15 15:46:41 +02:00
dd941fb293
Merge nested if-statements
2021-08-15 15:46:41 +02:00
28f6664b29
Change order of modifiers
2021-08-15 15:46:41 +02:00
09ffd527b5
Change constructor visibility of KeyAccessor
2021-08-15 15:46:41 +02:00
9ac0ee4043
Avoid hiding member with local variable
2021-08-15 15:46:41 +02:00
672acd38d0
ProviderFactory: Avoid accessing subclass in parent class initialization
2021-08-15 15:46:41 +02:00
adc69caa51
ImplementationFactory: Avoid accessing subclass in parent class initialization
2021-08-15 15:46:41 +02:00
8539157405
Move builder() method above Builder class
2021-08-15 15:46:41 +02:00
54a4625fed
fix comments and javadoc
2021-08-15 15:46:41 +02:00
c11f334fa4
Policy: Use EnumMap for improved performance
2021-08-15 15:46:41 +02:00
e5b15fe0c2
Use String-formatting in Logger statements
2021-08-15 15:46:41 +02:00
485666c72a
Change static variable names
2021-08-15 15:46:41 +02:00
20b3080e94
getBitStrenght: Throw NoSuchAlgorithmException for unknown curves
2021-08-15 15:46:41 +02:00
ccc62e090c
Make DateUtil thread-safe
2021-08-15 15:46:41 +02:00
bb27fddc89
Remove default constructor of NotationRegistry
2021-08-15 15:46:41 +02:00
ab951fcf03
InputStreams: overwrite read(b, off, len) for improved performance
2021-08-15 15:46:41 +02:00
5eb470862e
Remove OpenPgpMetadata.FileInfo subclass
2021-08-15 15:46:41 +02:00
2bd71617bd
PGPException is not thrown during secret key reading
2021-08-15 15:46:41 +02:00
6251e01d57
Make classes final where sensible
2021-08-15 15:46:41 +02:00
1ce6632f18
Rename KeyValidationException -> KeyValidationError
2021-08-15 15:46:41 +02:00
66293bf333
Add documentation to ArmoredOutputStreamFactory
2021-08-15 13:41:07 +02:00
fd867bbfbe
Allow customization of ASCII armor comment and version headers
2021-08-14 13:56:16 +02:00
a678ff1b6e
Add documentation to classes related to verification of cleartext signed data
2021-08-14 11:39:13 +02:00
468159b2ad
Add documentation to SignatureSubpacketsUtil
2021-08-14 11:19:40 +02:00
3c68840a29
Add documentation to SignatureUtils methods
2021-08-14 11:09:51 +02:00
50e7fd96b8
Fix javadoc issues
2021-08-08 18:13:48 +02:00
cae099eabe
Properly evaluate key expiration dates
2021-08-08 16:58:32 +02:00
944d79b009
Rearrange armored input stream workaround code
2021-08-08 15:58:12 +02:00
1983cfb4ac
ArmoredInputStreams: Properly catch ignorable IOExceptions caused by missing CRC sums
2021-08-08 15:35:05 +02:00
089b81b070
Improve parsing of data containing invalid signatures
...
partial workaround for https://github.com/bcgit/bc-java/pull/1006
2021-08-05 15:18:33 +02:00
9a485a3354
Encrypt to all capable subkeys by default
2021-08-04 16:38:17 +02:00
2d76cb5c82
Fix partial length encoding of some messages
...
Fixes #160
I'm not yet sure, why this issue only happened with some keys and not others,
but this fix works for now.
2021-08-04 16:02:35 +02:00
16c3116518
Fix order and nested-ness of one-pass-signatures
...
Fixes #164
2021-08-04 15:42:25 +02:00
e4fdc3bc1e
SubkeyIdentifier: Throw NoSuchElementException for non-existent subkey
2021-08-01 17:23:17 +02:00
1327e08ac3
Add tests for SubkeyIdentifier
2021-08-01 17:19:04 +02:00
99ff6d537b
Prevent IllegalArgumentException for non-v4 issuer fingerprints
2021-08-01 16:11:47 +02:00
b674a412b5
Reformat issuer-fingerprint inclusion code
2021-08-01 16:03:30 +02:00
6a11e39d76
Add issuer-fingerprint to message signatures
2021-08-01 15:53:51 +02:00
5422468d73
Check key flags on binding sig to determine if backsig is required
2021-07-31 22:25:55 +02:00
e7ed0f76a3
Properly ignore marker packets when reading keys/sigs
2021-07-31 22:25:12 +02:00
fb16db5db4
Improve handling of signatures with missing issuerKeyId packets
2021-07-31 22:24:39 +02:00
311c842196
Revert introduction of StreamUtil
2021-07-31 20:40:31 +02:00
107e53c03e
Fully drain ArmoredInputStreams to verify CRC checksum.
...
Fixes #159 (for real this time)
2021-07-27 15:09:59 +02:00
fc311fe781
Workaround for #159 : Avoid to prevent swallowing IOExceptions
2021-07-26 16:19:30 +02:00
3e9979240b
Add javadoc to the SignatureValidator class
2021-07-22 15:28:24 +02:00
1f08815633
Explicitly reject non-self signatures when picking user-id self sigs
2021-07-22 15:28:24 +02:00
726d22b8d6
Change passphrase: Skip GNU_DUMMY_S2K keys
2021-07-19 15:05:03 +02:00
8cf5347b52
Base PGPainlessCLI on new sop-java module
...
* Rename pgpainless-sop -> pgpainless-cli
* Introduce sop-java (implementation-independent SOP API)
* Introduce sop-java-picocli (CLI frontend for sop-java)
* Introduce pgpainless-sop (implementation of sop-java using PGPainless)
* Rework pgpainless-cli (plugs pgpainless-sop into sop-java-picocli)
2021-07-15 17:03:56 +02:00
2ba782c451
Move file-related encryption-info into ProducerOptions
2021-07-10 12:22:47 +02:00
be4962c531
Fix KeyRingReader methods not ignoring marker packets
2021-07-10 11:48:39 +02:00
6a90c4303e
OpenPgpMetadat: identify verified sigs by SubkeyIdentifier
2021-07-04 13:08:24 +02:00
b4b84badc0
ImplementationFactory: override toString()
2021-07-03 12:44:21 +02:00
63c75f1f86
Rename TestUtil -> TestImplementationFactoryProvider
2021-07-03 12:42:12 +02:00
9ac4b30ec7
Delete unused NonEmptyList class
2021-07-03 12:24:08 +02:00
c8a281d6a4
Move UTC timestamp methods to DateUtil class
2021-07-03 12:23:24 +02:00
9b046a0cf1
Change SymmetricEncryptionAlgorithmNegotiator to return the 'best' avail. alg
2021-07-01 21:33:38 +02:00
cce0605ac3
Remove probably buggy, unused code
2021-07-01 18:55:21 +02:00
77fbd8763e
PGPainless.java: Add extractCertificate and asciiArmor methods
2021-07-01 17:15:25 +02:00
b6eed91f47
Remove deprecated encryption API
2021-06-29 16:43:37 +02:00
ab347dab43
Remove deprecated decryption API code
2021-06-29 16:15:36 +02:00
4947f17842
JUnit test the AlgorithmSuite class
2021-06-29 14:58:50 +02:00
733dcf0a7e
Remove deprecated method from PGPainless.java
2021-06-29 14:47:05 +02:00
dff47d17d1
Remove more unused methods and fix method name
2021-06-28 21:14:40 +02:00
02ddb71c07
Remove deprecated methods from PGPainless.java
2021-06-28 21:10:20 +02:00
9395fa80a2
Revert if-conditions to reduce indentation level
2021-06-28 21:06:12 +02:00
e13a2fce73
Solve some TODOs
2021-06-26 19:20:58 +02:00
715ae707ed
Merge branch 'decryptionAPI2'
2021-06-26 18:36:04 +02:00
e8311f0cc5
Add link to keylength.com
2021-06-26 18:33:41 +02:00
5c2910f6c1
Wip
2021-06-26 18:33:41 +02:00
41b8d15cec
CachingSecretKeyRingProtector: Add addPassphrase(OpenPgpV4Fingerprint, Passphrase)
2021-06-26 18:33:33 +02:00
dae5288456
Add KeyRingInfo.getVersion()
2021-06-26 16:30:54 +02:00
a6e5ca898f
Fix NPEs in KeyRingInfo.getExpirationDateForUse()
2021-06-24 15:09:59 +02:00
548bfff93f
Fix: Respect user requested keyflags when adding a subkey.
2021-06-24 14:11:18 +02:00
259f629b3c
Further deletion of unused selection classes
2021-06-23 19:39:10 +02:00
3c37072774
Remove unused Selection classes
2021-06-23 19:33:13 +02:00
df22c2a102
Remove duplicate code and throw NotYetImplementedExceptions where sensible
2021-06-16 15:49:43 +02:00
88891e1337
Remove usage of deprecated decryption/verification API in tests
2021-06-16 15:38:02 +02:00
715d055b41
Add documentation and deprecate old methods
2021-06-15 17:56:36 +02:00
8f425cd31d
Fix parsing of non-OpenPGP messages when handling detached signatures
2021-06-15 17:35:58 +02:00
70c4dcd1d2
Begin introducing new Decryption API
2021-06-15 17:08:40 +02:00
5bb4fd3687
Add PublicKeyAlgorithmPolicy to reject weak public keys
...
BCs PGPPublicKey.getBitStrenght() appears to fail to recognize some elliptic curves.
In such cases, bitStrength is reported as -1.
I added BCUtil.getBitStrength(publicKey) to manually determine the bit strenght by OID.
See https://github.com/bcgit/bc-java/issues/972 for an upstream bug report.
2021-06-11 16:20:29 +02:00
e587fc46b8
SOP: Ignore marker packets in certificates
2021-06-10 16:56:36 +02:00
6b99f0aadc
Add tests for PGPKeyRingCollection
2021-06-10 16:21:04 +02:00
ed8584df95
Add policy tests
2021-06-10 15:41:44 +02:00
e297dfd3c1
EncryptionOptions: Consistent exceptions
2021-06-10 15:04:08 +02:00
cc8a7826fc
Add KeyIdUtil with method to convert from 16 digit hex key-id to long
2021-06-10 13:36:44 +02:00
f7525dde65
Add get{,Un}HashedNotationData(sig, notationName) to SignatureSubpacketUtils
2021-06-10 13:35:55 +02:00
bedfef49fe
Add getSignatureDigestPrefix utility method to SignatureUtils
2021-06-10 13:35:09 +02:00
9b9064beae
Small code style fixes and optimizations
2021-06-10 12:42:48 +02:00
845779d40b
Avoid deprecated methods
2021-06-10 12:42:03 +02:00
27370fa925
Bump Bouncycastle to 1.69
2021-06-10 12:41:12 +02:00
ce4869e15a
UnlockSecretKey: Do not try to get decryptor for unencrypted keys
2021-05-31 15:38:47 +02:00
73f6c54fa2
More documentation
2021-05-31 15:33:42 +02:00
a871bc3a0c
Add documentation
2021-05-31 15:24:41 +02:00
1ad23366a7
Implement KeyRingInfo.getKeysWithFlag() and KeyRingInfo.getExpirationDateForUse()
2021-05-31 15:13:28 +02:00
8618d1faea
More tests
2021-05-31 13:59:56 +02:00
ccdcd49c58
Remove deprecated method withMasterKey from KeyRingBuilderInterface
2021-05-30 18:05:09 +02:00
82536eaa77
Improve support for PGP[Secret|Public]KeyRingCollections
2021-05-29 13:52:29 +02:00
1a5baa0fa4
Clean up BCUtils class
2021-05-29 12:43:31 +02:00
13c7572c8c
Restore functionality of MissingPublicKeyCallback + JUnit test it
2021-05-29 12:19:12 +02:00
fd0734b247
Remove legacy symmetric encryption code
2021-05-28 23:22:11 +02:00
ea03c66400
Throw MissingDecryptionMethodException when missing decryption key or -passphrase
2021-05-28 23:20:25 +02:00
77800f26e8
SecretKeyRingEditor: UserIDs only reside on primary keys
2021-05-28 23:14:20 +02:00
c255439ee2
Cleanse duplicated code
2021-05-28 22:37:16 +02:00
a23f2c4401
Delete SelectSignatureFromKey class
2021-05-28 22:21:03 +02:00
293442d699
Delete unused EvaluatedKeyRing class
2021-05-28 21:42:31 +02:00
6f0cf35e31
Delete redundant classes
2021-05-28 21:33:20 +02:00
b1deb75969
Deprecate PGPainless.encryptAndOrSign(purpose)
2021-05-27 15:57:21 +02:00
9883d1537b
Move EncryptionPurpose to own class
2021-05-27 15:52:43 +02:00
3edaa60b52
Make KeyRingInfo NPE-safe
2021-05-27 14:50:48 +02:00
e3749f5734
Add SigningOptions.add{Inline|Detached}Signatures(decryptor, pgpSecretKeyRingCollection, type)
2021-05-27 13:55:18 +02:00
8e6abe5d02
Add EncryptionOptions.addRecipients(PGPPublicKeyRingCollection)
2021-05-27 13:47:24 +02:00
e67854310d
Change visibilit of non-API methods to package
2021-05-27 13:47:04 +02:00
629ebbd46d
Add missing javadoc
2021-05-27 13:46:40 +02:00
80a6baf0b1
Move File-based MultiPassStrategy from factory method into own class
2021-05-25 22:23:08 +02:00
3cd64b61ca
Fix SOP encrypt-decrypt test
2021-05-25 16:25:22 +02:00
b0692b4dc5
Fix javadoc reference
2021-05-25 14:24:47 +02:00
5965742e5f
Document DocumentSignatureType
2021-05-25 14:24:47 +02:00
412b0aa119
Add SymmetricKeyAlgorithmNegotiator
2021-05-25 14:24:47 +02:00
821a49576f
AlgorithmSuite: Use LinkedHashSet instead of List
2021-05-25 14:24:47 +02:00
1550e4ff4e
Delete SelectPublicKey
2021-05-25 14:24:47 +02:00
4e63313c91
Do some first prototype algorithm negotiation
2021-05-25 14:24:38 +02:00
909f0e7be3
Work on KeyRingInfo
2021-05-25 14:24:26 +02:00
6cb9091b2a
Work on signaturePicker
2021-05-25 14:24:16 +02:00
a30767eb91
Fix tests
2021-05-25 14:24:10 +02:00
d70ee86468
Prevent plaintext encryption
2021-05-25 14:23:58 +02:00
803e507ae7
Add some comments
2021-05-25 14:23:58 +02:00
89a0adddd8
Reworking encryption/decryption API.
2021-05-25 14:23:42 +02:00
7e2c89b1b3
Trim passphrases
2021-05-20 12:41:51 +02:00
87e5fe71e5
Fix javadoc warning
2021-05-17 13:50:34 +02:00
197cfab0d6
Respect symmetric algorithm policy during decryption and throw UnacceptableAlgorithmException if policy is violated
2021-05-17 13:47:46 +02:00
03fb81a77e
Create separate symmetric key algorithm policies for encryption/decryption
2021-05-15 20:43:56 +02:00
3be7f12887
Remove SignatureValidationDateProvider
2021-05-15 20:30:21 +02:00
11b67ea6d2
Add documentation to Policy
2021-05-15 20:27:43 +02:00
225bc78ee1
Implement signature verification of cleartext-signatures
2021-05-15 18:44:03 +02:00
14ff0e9cc5
ArmorUtils: Add support for messageIds
2021-05-15 16:24:01 +02:00
937ec2aa86
Add HashAlgorithm.getAlgorithmName()
2021-05-15 16:23:35 +02:00
b05f6887bd
Better support for Armor headers
2021-05-15 15:57:42 +02:00
f2e89bae36
Remove deprecated/reserved hash algorithms and add algo names
2021-05-15 15:57:42 +02:00
9358e58fb3
Improve CachingSecretKeyRingProtector
2021-05-14 18:55:26 +02:00
95121e2a55
Get rid of redundant SecretKeyRingProtector implementations.
2021-05-14 18:37:47 +02:00
5a56949dd7
Throw WrongPassphraseException when wrong passphrase is provided to unlock secret key
2021-05-14 13:18:34 +02:00
32e1b0c838
KeyRingBuilder: Do not info-log exception when generated key has wrong length
2021-05-12 12:56:07 +02:00
892f452da8
Print fingerprint+user-id in comment headers of Armor
2021-05-08 14:02:44 +02:00
ec611d7c5f
OpenPgpV4Fingerprint: Support pretty print format
2021-05-08 14:01:42 +02:00
99be722875
Do not spaghetti
2021-05-03 14:11:59 +02:00
431a65517e
Add documentation to signature related classes
2021-05-03 13:37:47 +02:00
ec85f53bb6
Incorporate feedback from @IvanPizhenko. Thanks!
2021-04-30 10:23:12 +02:00
64cc9ecca4
Proper Signature Verification
2021-04-30 09:49:19 +02:00
6ee8a9416f
Prevent decryption of messages using SED instead of SEIP packets and create dedicated exceptions for MDC related errors
2021-04-27 12:27:25 +02:00
Ivan Pizhenko
eb47e5caa3
issue #107 Add method KeyRingInfo.isFullyEncrypted() ( #110 )
...
Add method KeyRingInfo.isFullyEncrypted()
Fixes #107
Co-authored-by: Ivan Pizhenko <IvanPizhenko@users.noreply.github.com>
2021-04-27 11:06:04 +02:00
0b3511486c
Add documentation to DecryptionStream(Interface)
2021-04-25 13:34:30 +02:00
7916bf77d1
Add javadoc to enums
2021-04-25 13:28:33 +02:00
2c4a3fca6a
Introduce OpenPgpMetadata.FileInfo class for setting/getting file name, mod date, encoding...
2021-04-25 00:28:48 +02:00
Den
491ab93c41
Modified Passphrase.fromPassword() to fit Kotlin needs ( #101 )
...
* Added @Nonnull annotation to Passphrase.fromPassword()
2021-04-10 14:32:24 +02:00
39e87f9ce4
Fix checkstyle issues
2021-04-10 13:09:32 +02:00
DenBond7
43647f3145
Added PGPKeyRingCollection. Added tests to KeyRingReaderTest to cover parsing of private/pub keys combinations.
2021-04-10 13:08:04 +02:00
6954c03f49
Fix checkstyle issue
2021-04-09 12:05:46 +02:00
cd19f91d77
Allow specification of file name and for-your-eyes-only flag
2021-04-07 21:31:12 +02:00
d082f126b3
Use more standards compliant way to determine if secret key is encrypted
2021-04-07 21:14:31 +02:00
ed43d3c6a9
Fix javadoc error
2021-03-23 01:26:51 +01:00
d0a162ce74
Merge branch 'parse_public_key_ring_collection_from_armored_source'
2021-03-23 01:06:37 +01:00
ce0bf970d6
KeyRingReader: Fix reading PGPKeyRingCollections
2021-03-23 01:05:45 +01:00
f427e3c7d0
Add documentation to SignatureSubpacket class
2021-03-21 20:15:18 +01:00
8c97b6ead1
In PasswordBasedSecretKeyRingProtector.forKey(ring, passphrase): Return passphrase also for subkeys
...
Fixes #97 , thanks @DenBond7
2021-03-18 21:28:08 +01:00
bfbb2ba31b
Fix checkstyle error
2021-03-05 12:32:21 +01:00
d5ac1301e0
Add primary key binding sigs to signing subkeys
2021-03-04 16:33:46 +01:00
bfab4b60f0
Introduce parametrized tests to also test the JceImplementationFactory
2021-02-25 23:27:08 +01:00
8c041e6856
Fix equality check in CallbackBasedKeyringProtector
2021-02-25 23:11:17 +01:00
e661908c5f
Fix NPE when creating SecretKeyEncryptor for key without S2K spec
2021-02-25 23:10:25 +01:00
577ee143b5
Add NotationRegistryTest
2021-02-25 19:57:18 +01:00
Ivan Pizhenko
57f7440039
Code review
2021-02-21 16:18:42 +02:00
Ivan Pizhenko
e5aaebe174
issue #91 Improve class UserId
2021-02-21 15:11:09 +02:00
81393a7285
Abort decryption process at a depth of 16 nested packets
2021-02-19 21:37:54 +01:00
217609679d
Add SignatureValidationUtil and NotationRegistry classes
2021-02-19 21:22:25 +01:00
ce5f8990ef
Add HashAlgorithmPolicy and SymmetricKeyAlgorithmPolicy
2021-02-19 19:51:44 +01:00
c75a192513
Use ArmoredOutputStreamFactory to hide version string in ascii armor
...
Partially fixes #82
2021-02-19 19:50:36 +01:00
ea89289852
Check MDC when stream is closed
2021-02-17 21:04:05 +01:00
d2a581de9b
Fix decryption of messages with Wildcard recipient
...
Fixes #76
2021-02-17 20:20:10 +01:00
506a8b18af
Reject NULL encryption algorithm when decrypting messages
...
Fixes #77
2021-02-17 20:07:54 +01:00
cb7f38f003
Do no emit an uncompressed compressed-data-packet
...
Fixes #74
2021-02-17 19:52:30 +01:00
d2202dcb0f
Retry key generation on invalid private key encoding length
...
Workaround for #70
2021-02-15 23:37:03 +01:00
f2f7305fec
Allow for setting of expiration date during key generation
2021-02-13 12:22:28 +01:00
651bb63175
Deprecate withMasterKey(spec) in favor of withPrimaryKey(spec)
2021-02-11 17:18:59 +01:00
10de44ebd3
Add modern key ring archetype
2021-02-11 17:10:22 +01:00
fbb4061164
Switch simpleEcKeyRing over to curve25519
2021-02-11 17:10:00 +01:00