mirror of
https://codeberg.org/PGPainless/sop-java.git
synced 2024-11-26 17:12:08 +01:00
Kotlin conversion: Decrypt
This commit is contained in:
parent
39c222dfc8
commit
91a861b5c3
2 changed files with 169 additions and 193 deletions
|
@ -1,193 +0,0 @@
|
||||||
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
|
||||||
//
|
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
|
||||||
|
|
||||||
package sop.operation;
|
|
||||||
|
|
||||||
import sop.DecryptionResult;
|
|
||||||
import sop.ReadyWithResult;
|
|
||||||
import sop.SessionKey;
|
|
||||||
import sop.exception.SOPGPException;
|
|
||||||
import sop.util.UTF8Util;
|
|
||||||
|
|
||||||
import java.io.ByteArrayInputStream;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.io.InputStream;
|
|
||||||
import java.util.Date;
|
|
||||||
|
|
||||||
public interface Decrypt {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Makes the SOP consider signatures before this date invalid.
|
|
||||||
*
|
|
||||||
* @param timestamp timestamp
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if this option is not supported
|
|
||||||
*/
|
|
||||||
Decrypt verifyNotBefore(Date timestamp)
|
|
||||||
throws SOPGPException.UnsupportedOption;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Makes the SOP consider signatures after this date invalid.
|
|
||||||
*
|
|
||||||
* @param timestamp timestamp
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if this option is not supported
|
|
||||||
*/
|
|
||||||
Decrypt verifyNotAfter(Date timestamp)
|
|
||||||
throws SOPGPException.UnsupportedOption;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Adds one or more verification cert.
|
|
||||||
*
|
|
||||||
* @param cert input stream containing the cert(s)
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the {@link InputStream} doesn't provide an OpenPGP certificate
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedAsymmetricAlgo if the cert uses an unsupported asymmetric algorithm
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
Decrypt verifyWithCert(InputStream cert)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.UnsupportedAsymmetricAlgo,
|
|
||||||
IOException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Adds one or more verification cert.
|
|
||||||
*
|
|
||||||
* @param cert byte array containing the cert(s)
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the byte array doesn't contain an OpenPGP certificate
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedAsymmetricAlgo if the cert uses an unsupported asymmetric algorithm
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
default Decrypt verifyWithCert(byte[] cert)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.UnsupportedAsymmetricAlgo,
|
|
||||||
IOException {
|
|
||||||
return verifyWithCert(new ByteArrayInputStream(cert));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Tries to decrypt with the given session key.
|
|
||||||
*
|
|
||||||
* @param sessionKey session key
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if this option is not supported
|
|
||||||
*/
|
|
||||||
Decrypt withSessionKey(SessionKey sessionKey)
|
|
||||||
throws SOPGPException.UnsupportedOption;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Tries to decrypt with the given password.
|
|
||||||
*
|
|
||||||
* @param password password
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.PasswordNotHumanReadable if the password is not human-readable
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if this option is not supported
|
|
||||||
*/
|
|
||||||
Decrypt withPassword(String password)
|
|
||||||
throws SOPGPException.PasswordNotHumanReadable,
|
|
||||||
SOPGPException.UnsupportedOption;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Adds one or more decryption key.
|
|
||||||
*
|
|
||||||
* @param key input stream containing the key(s)
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the {@link InputStream} does not provide an OpenPGP key
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedAsymmetricAlgo if the key uses an unsupported asymmetric algorithm
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
Decrypt withKey(InputStream key)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.UnsupportedAsymmetricAlgo,
|
|
||||||
IOException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Adds one or more decryption key.
|
|
||||||
*
|
|
||||||
* @param key byte array containing the key(s)
|
|
||||||
* @return builder instance
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the byte array does not contain an OpenPGP key
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedAsymmetricAlgo if the key uses an unsupported asymmetric algorithm
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
default Decrypt withKey(byte[] key)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.UnsupportedAsymmetricAlgo,
|
|
||||||
IOException {
|
|
||||||
return withKey(new ByteArrayInputStream(key));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provide the decryption password for the secret key.
|
|
||||||
*
|
|
||||||
* @param password password
|
|
||||||
* @return builder instance
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if the implementation does not support key passwords
|
|
||||||
* @throws sop.exception.SOPGPException.PasswordNotHumanReadable if the password is not human-readable
|
|
||||||
*/
|
|
||||||
default Decrypt withKeyPassword(String password)
|
|
||||||
throws SOPGPException.UnsupportedOption,
|
|
||||||
SOPGPException.PasswordNotHumanReadable {
|
|
||||||
return withKeyPassword(password.getBytes(UTF8Util.UTF8));
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Provide the decryption password for the secret key.
|
|
||||||
*
|
|
||||||
* @param password password
|
|
||||||
* @return builder instance
|
|
||||||
* @throws sop.exception.SOPGPException.UnsupportedOption if the implementation does not support key passwords
|
|
||||||
* @throws sop.exception.SOPGPException.PasswordNotHumanReadable if the password is not human-readable
|
|
||||||
*/
|
|
||||||
Decrypt withKeyPassword(byte[] password)
|
|
||||||
throws SOPGPException.UnsupportedOption,
|
|
||||||
SOPGPException.PasswordNotHumanReadable;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Decrypts the given ciphertext, returning verification results and plaintext.
|
|
||||||
* @param ciphertext ciphertext
|
|
||||||
* @return ready with result
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the {@link InputStream} does not provide an OpenPGP message
|
|
||||||
* @throws sop.exception.SOPGPException.MissingArg if an argument required for decryption was not provided
|
|
||||||
* @throws sop.exception.SOPGPException.CannotDecrypt in case decryption fails for some reason
|
|
||||||
* @throws sop.exception.SOPGPException.KeyIsProtected if the decryption key cannot be unlocked (e.g. missing passphrase)
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
ReadyWithResult<DecryptionResult> ciphertext(InputStream ciphertext)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.MissingArg,
|
|
||||||
SOPGPException.CannotDecrypt,
|
|
||||||
SOPGPException.KeyIsProtected,
|
|
||||||
IOException;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Decrypts the given ciphertext, returning verification results and plaintext.
|
|
||||||
* @param ciphertext ciphertext
|
|
||||||
* @return ready with result
|
|
||||||
*
|
|
||||||
* @throws sop.exception.SOPGPException.BadData if the byte array does not contain an encrypted OpenPGP message
|
|
||||||
* @throws sop.exception.SOPGPException.MissingArg in case of missing decryption method (password or key required)
|
|
||||||
* @throws sop.exception.SOPGPException.CannotDecrypt in case decryption fails for some reason
|
|
||||||
* @throws sop.exception.SOPGPException.KeyIsProtected if the decryption key cannot be unlocked (e.g. missing passphrase)
|
|
||||||
* @throws IOException in case of an IO error
|
|
||||||
*/
|
|
||||||
default ReadyWithResult<DecryptionResult> ciphertext(byte[] ciphertext)
|
|
||||||
throws SOPGPException.BadData,
|
|
||||||
SOPGPException.MissingArg,
|
|
||||||
SOPGPException.CannotDecrypt,
|
|
||||||
SOPGPException.KeyIsProtected,
|
|
||||||
IOException {
|
|
||||||
return ciphertext(new ByteArrayInputStream(ciphertext));
|
|
||||||
}
|
|
||||||
}
|
|
169
sop-java/src/main/kotlin/sop/operation/Decrypt.kt
Normal file
169
sop-java/src/main/kotlin/sop/operation/Decrypt.kt
Normal file
|
@ -0,0 +1,169 @@
|
||||||
|
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package sop.operation
|
||||||
|
|
||||||
|
import java.io.IOException
|
||||||
|
import java.io.InputStream
|
||||||
|
import java.util.*
|
||||||
|
import sop.DecryptionResult
|
||||||
|
import sop.ReadyWithResult
|
||||||
|
import sop.SessionKey
|
||||||
|
import sop.exception.SOPGPException.*
|
||||||
|
import sop.util.UTF8Util
|
||||||
|
|
||||||
|
interface Decrypt {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Makes the SOP consider signatures before this date invalid.
|
||||||
|
*
|
||||||
|
* @param timestamp timestamp
|
||||||
|
* @return builder instance
|
||||||
|
* @throws UnsupportedOption if this option is not supported
|
||||||
|
*/
|
||||||
|
@Throws(UnsupportedOption::class) fun verifyNotBefore(timestamp: Date): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Makes the SOP consider signatures after this date invalid.
|
||||||
|
*
|
||||||
|
* @param timestamp timestamp
|
||||||
|
* @return builder instance
|
||||||
|
* @throws UnsupportedOption if this option is not supported
|
||||||
|
*/
|
||||||
|
@Throws(UnsupportedOption::class) fun verifyNotAfter(timestamp: Date): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds one or more verification cert.
|
||||||
|
*
|
||||||
|
* @param cert input stream containing the cert(s)
|
||||||
|
* @return builder instance
|
||||||
|
* @throws BadData if the [InputStream] doesn't provide an OpenPGP certificate
|
||||||
|
* @throws UnsupportedAsymmetricAlgo if the cert uses an unsupported asymmetric algorithm
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(BadData::class, UnsupportedAsymmetricAlgo::class, IOException::class)
|
||||||
|
fun verifyWithCert(cert: InputStream): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds one or more verification cert.
|
||||||
|
*
|
||||||
|
* @param cert byte array containing the cert(s)
|
||||||
|
* @return builder instance
|
||||||
|
* @throws BadData if the byte array doesn't contain an OpenPGP certificate
|
||||||
|
* @throws UnsupportedAsymmetricAlgo if the cert uses an unsupported asymmetric algorithm
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(BadData::class, UnsupportedAsymmetricAlgo::class, IOException::class)
|
||||||
|
fun verifyWithCert(cert: ByteArray): Decrypt = verifyWithCert(cert.inputStream())
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tries to decrypt with the given session key.
|
||||||
|
*
|
||||||
|
* @param sessionKey session key
|
||||||
|
* @return builder instance
|
||||||
|
* @throws UnsupportedOption if this option is not supported
|
||||||
|
*/
|
||||||
|
@Throws(UnsupportedOption::class) fun withSessionKey(sessionKey: SessionKey): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tries to decrypt with the given password.
|
||||||
|
*
|
||||||
|
* @param password password
|
||||||
|
* @return builder instance
|
||||||
|
* @throws PasswordNotHumanReadable if the password is not human-readable
|
||||||
|
* @throws UnsupportedOption if this option is not supported
|
||||||
|
*/
|
||||||
|
@Throws(PasswordNotHumanReadable::class, UnsupportedOption::class)
|
||||||
|
fun withPassword(password: String): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds one or more decryption key.
|
||||||
|
*
|
||||||
|
* @param key input stream containing the key(s)
|
||||||
|
* @return builder instance
|
||||||
|
* @throws BadData if the [InputStream] does not provide an OpenPGP key
|
||||||
|
* @throws UnsupportedAsymmetricAlgo if the key uses an unsupported asymmetric algorithm
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(BadData::class, UnsupportedAsymmetricAlgo::class, IOException::class)
|
||||||
|
fun withKey(key: InputStream): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds one or more decryption key.
|
||||||
|
*
|
||||||
|
* @param key byte array containing the key(s)
|
||||||
|
* @return builder instance
|
||||||
|
* @throws BadData if the byte array does not contain an OpenPGP key
|
||||||
|
* @throws UnsupportedAsymmetricAlgo if the key uses an unsupported asymmetric algorithm
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(BadData::class, UnsupportedAsymmetricAlgo::class, IOException::class)
|
||||||
|
fun withKey(key: ByteArray): Decrypt {
|
||||||
|
return withKey(key.inputStream())
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provide the decryption password for the secret key.
|
||||||
|
*
|
||||||
|
* @param password password
|
||||||
|
* @return builder instance
|
||||||
|
* @throws UnsupportedOption if the implementation does not support key passwords
|
||||||
|
* @throws PasswordNotHumanReadable if the password is not human-readable
|
||||||
|
*/
|
||||||
|
@Throws(UnsupportedOption::class, PasswordNotHumanReadable::class)
|
||||||
|
fun withKeyPassword(password: String): Decrypt {
|
||||||
|
return withKeyPassword(password.toByteArray(UTF8Util.UTF8))
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Provide the decryption password for the secret key.
|
||||||
|
*
|
||||||
|
* @param password password
|
||||||
|
* @return builder instance
|
||||||
|
* @throws UnsupportedOption if the implementation does not support key passwords
|
||||||
|
* @throws PasswordNotHumanReadable if the password is not human-readable
|
||||||
|
*/
|
||||||
|
@Throws(UnsupportedOption::class, PasswordNotHumanReadable::class)
|
||||||
|
fun withKeyPassword(password: ByteArray): Decrypt
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decrypts the given ciphertext, returning verification results and plaintext.
|
||||||
|
*
|
||||||
|
* @param ciphertext ciphertext
|
||||||
|
* @return ready with result
|
||||||
|
* @throws BadData if the [InputStream] does not provide an OpenPGP message
|
||||||
|
* @throws MissingArg if an argument required for decryption was not provided
|
||||||
|
* @throws CannotDecrypt in case decryption fails for some reason
|
||||||
|
* @throws KeyIsProtected if the decryption key cannot be unlocked (e.g. missing passphrase)
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(
|
||||||
|
BadData::class,
|
||||||
|
MissingArg::class,
|
||||||
|
CannotDecrypt::class,
|
||||||
|
KeyIsProtected::class,
|
||||||
|
IOException::class)
|
||||||
|
fun ciphertext(ciphertext: InputStream): ReadyWithResult<DecryptionResult>
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Decrypts the given ciphertext, returning verification results and plaintext.
|
||||||
|
*
|
||||||
|
* @param ciphertext ciphertext
|
||||||
|
* @return ready with result
|
||||||
|
* @throws BadData if the byte array does not contain an encrypted OpenPGP message
|
||||||
|
* @throws MissingArg in case of missing decryption method (password or key required)
|
||||||
|
* @throws CannotDecrypt in case decryption fails for some reason
|
||||||
|
* @throws KeyIsProtected if the decryption key cannot be unlocked (e.g. missing passphrase)
|
||||||
|
* @throws IOException in case of an IO error
|
||||||
|
*/
|
||||||
|
@Throws(
|
||||||
|
BadData::class,
|
||||||
|
MissingArg::class,
|
||||||
|
CannotDecrypt::class,
|
||||||
|
KeyIsProtected::class,
|
||||||
|
IOException::class)
|
||||||
|
fun ciphertext(ciphertext: ByteArray): ReadyWithResult<DecryptionResult> {
|
||||||
|
return ciphertext(ciphertext.inputStream())
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue