67 lines
2.5 KiB
Java
67 lines
2.5 KiB
Java
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package org.pgpainless.key.protection;
|
|
|
|
import org.bouncycastle.openpgp.PGPException;
|
|
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
|
|
import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
|
|
import org.pgpainless.implementation.ImplementationFactory;
|
|
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
|
|
import org.pgpainless.util.Passphrase;
|
|
|
|
import javax.annotation.Nullable;
|
|
|
|
/**
|
|
* Basic {@link SecretKeyRingProtector} implementation that respects the users {@link SaltedAndIteratedS2K} when
|
|
* encrypting keys.
|
|
*/
|
|
public class BaseSecretKeyRingProtector implements SecretKeyRingProtector {
|
|
|
|
private final SecretKeyPassphraseProvider passphraseProvider;
|
|
private final KeyRingProtectionSettings protectionSettings;
|
|
|
|
/**
|
|
* Constructor that uses the given {@link SecretKeyPassphraseProvider} to retrieve passphrases and PGPainless'
|
|
* default {@link SaltedAndIteratedS2K}.
|
|
*
|
|
* @param passphraseProvider provider for passphrases
|
|
*/
|
|
public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider) {
|
|
this(passphraseProvider, KeyRingProtectionSettings.saltedAndIterated());
|
|
}
|
|
|
|
/**
|
|
* Constructor that uses the given {@link SecretKeyPassphraseProvider} and {@link SaltedAndIteratedS2K}.
|
|
*
|
|
* @param passphraseProvider provider for passphrases
|
|
* @param protectionSettings protection settings
|
|
*/
|
|
public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider, KeyRingProtectionSettings protectionSettings) {
|
|
this.passphraseProvider = passphraseProvider;
|
|
this.protectionSettings = protectionSettings;
|
|
}
|
|
|
|
@Override
|
|
public boolean hasPassphraseFor(Long keyId) {
|
|
return passphraseProvider.hasPassphrase(keyId);
|
|
}
|
|
|
|
@Override
|
|
@Nullable
|
|
public PBESecretKeyDecryptor getDecryptor(Long keyId) throws PGPException {
|
|
Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
|
|
return passphrase == null || passphrase.isEmpty() ? null :
|
|
ImplementationFactory.getInstance().getPBESecretKeyDecryptor(passphrase);
|
|
}
|
|
|
|
@Override
|
|
@Nullable
|
|
public PBESecretKeyEncryptor getEncryptor(Long keyId) throws PGPException {
|
|
Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
|
|
return passphrase == null || passphrase.isEmpty() ? null :
|
|
protectionSettings.getEncryptor(passphrase);
|
|
}
|
|
}
|