mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-27 11:12:15 -05:00
move can.*() methods to CanonicalizedPublicKey, where they belong
This commit is contained in:
parent
706e60474d
commit
8131daa638
@ -80,7 +80,6 @@ public class ProviderHelperSaveTest {
|
||||
|
||||
UncachedKeyRing pub = readRingFromResource("/test-keys/mailvelope_07_no_key_flags.asc");
|
||||
long keyId = pub.getMasterKeyId();
|
||||
Assert.assertNull("key flags should be null", pub.getPublicKey().getKeyUsage());
|
||||
|
||||
mProviderHelper.savePublicKeyRing(pub);
|
||||
|
||||
|
@ -18,7 +18,11 @@
|
||||
|
||||
package org.sufficientlysecure.keychain.pgp;
|
||||
|
||||
import org.spongycastle.bcpg.SignatureSubpacketTags;
|
||||
import org.spongycastle.bcpg.sig.KeyFlags;
|
||||
import org.spongycastle.openpgp.PGPPublicKey;
|
||||
import org.spongycastle.openpgp.PGPSignature;
|
||||
import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
|
||||
import org.spongycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator;
|
||||
import org.sufficientlysecure.keychain.util.IterableIterator;
|
||||
|
||||
@ -36,6 +40,7 @@ public class CanonicalizedPublicKey extends UncachedPublicKey {
|
||||
|
||||
// this is the parent key ring
|
||||
final KeyRing mRing;
|
||||
private Integer mCacheUsage = null;
|
||||
|
||||
CanonicalizedPublicKey(KeyRing ring, PGPPublicKey key) {
|
||||
super(key);
|
||||
@ -46,12 +51,82 @@ public class CanonicalizedPublicKey extends UncachedPublicKey {
|
||||
return new IterableIterator<String>(mPublicKey.getUserIDs());
|
||||
}
|
||||
|
||||
public KeyRing getKeyRing() {
|
||||
return mRing;
|
||||
}
|
||||
|
||||
JcePublicKeyKeyEncryptionMethodGenerator getPubKeyEncryptionGenerator() {
|
||||
return new JcePublicKeyKeyEncryptionMethodGenerator(mPublicKey);
|
||||
}
|
||||
|
||||
public boolean canSign() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.SIGN_DATA) != 0;
|
||||
}
|
||||
|
||||
if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all key usage flags.
|
||||
* If at least one key flag subpacket is present return these.
|
||||
* If no subpacket is present it returns null.
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public Integer getKeyUsage() {
|
||||
if (mCacheUsage == null) {
|
||||
for (PGPSignature sig : new IterableIterator<PGPSignature>(mPublicKey.getSignatures())) {
|
||||
if (mPublicKey.isMasterKey() && sig.getKeyID() != mPublicKey.getKeyID()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
PGPSignatureSubpacketVector hashed = sig.getHashedSubPackets();
|
||||
if (hashed != null && hashed.getSubpacket(SignatureSubpacketTags.KEY_FLAGS) != null) {
|
||||
// init if at least one key flag subpacket has been found
|
||||
if (mCacheUsage == null) {
|
||||
mCacheUsage = 0;
|
||||
}
|
||||
mCacheUsage |= hashed.getKeyFlags();
|
||||
}
|
||||
}
|
||||
}
|
||||
return mCacheUsage;
|
||||
}
|
||||
|
||||
public boolean canCertify() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.CERTIFY_OTHER) != 0;
|
||||
}
|
||||
|
||||
if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean canEncrypt() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & (KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE)) != 0;
|
||||
}
|
||||
|
||||
// RSA_GENERAL, RSA_ENCRYPT, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, ECDH
|
||||
if (UncachedKeyRing.isEncryptionAlgo(mPublicKey.getAlgorithm())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean canAuthenticate() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.AUTHENTICATION) != 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -22,7 +22,6 @@ import org.spongycastle.bcpg.ArmoredOutputStream;
|
||||
import org.spongycastle.bcpg.PublicKeyAlgorithmTags;
|
||||
import org.spongycastle.bcpg.SignatureSubpacketTags;
|
||||
import org.spongycastle.bcpg.sig.KeyFlags;
|
||||
import org.spongycastle.openpgp.PGPKeyFlags;
|
||||
import org.spongycastle.openpgp.PGPKeyRing;
|
||||
import org.spongycastle.openpgp.PGPObjectFactory;
|
||||
import org.spongycastle.openpgp.PGPPublicKey;
|
||||
@ -626,7 +625,7 @@ public class UncachedKeyRing {
|
||||
zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) {
|
||||
int flags = ((KeyFlags) zert.getHashedSubPackets()
|
||||
.getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
|
||||
if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
|
||||
if ((flags & KeyFlags.SIGN_DATA) == KeyFlags.SIGN_DATA) {
|
||||
needsPrimaryBinding = true;
|
||||
}
|
||||
} else {
|
||||
@ -727,13 +726,13 @@ public class UncachedKeyRing {
|
||||
int flags = ((KeyFlags) selfCert.getHashedSubPackets().getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
|
||||
int algo = key.getAlgorithm();
|
||||
// If this is a signing key, but not a signing algorithm, warn the user
|
||||
if (!isSigningAlgo(algo) && (flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
|
||||
if (!isSigningAlgo(algo) && (flags & KeyFlags.SIGN_DATA) == KeyFlags.SIGN_DATA) {
|
||||
log.add(LogType.MSG_KC_SUB_ALGO_BAD_SIGN, indent);
|
||||
}
|
||||
// If this is an encryption key, but not an encryption algorithm, warn the user
|
||||
if (!isEncryptionAlgo(algo) && (
|
||||
(flags & PGPKeyFlags.CAN_ENCRYPT_COMMS) == PGPKeyFlags.CAN_ENCRYPT_COMMS
|
||||
|| (flags & PGPKeyFlags.CAN_ENCRYPT_STORAGE) == PGPKeyFlags.CAN_ENCRYPT_STORAGE
|
||||
(flags & KeyFlags.ENCRYPT_STORAGE) == KeyFlags.ENCRYPT_STORAGE
|
||||
|| (flags & KeyFlags.ENCRYPT_COMMS) == KeyFlags.ENCRYPT_COMMS
|
||||
)) {
|
||||
log.add(LogType.MSG_KC_SUB_ALGO_BAD_ENCRYPT, indent);
|
||||
}
|
||||
|
@ -39,7 +39,6 @@ import java.util.Iterator;
|
||||
|
||||
public class UncachedPublicKey {
|
||||
protected final PGPPublicKey mPublicKey;
|
||||
private Integer mCacheUsage = null;
|
||||
|
||||
public UncachedPublicKey(PGPPublicKey key) {
|
||||
mPublicKey = key;
|
||||
@ -228,77 +227,6 @@ public class UncachedPublicKey {
|
||||
return getAlgorithm() == PGPPublicKey.ECDH || getAlgorithm() == PGPPublicKey.ECDSA;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all key usage flags.
|
||||
* If at least one key flag subpacket is present return these.
|
||||
* If no subpacket is present it returns null.
|
||||
*/
|
||||
@SuppressWarnings("unchecked")
|
||||
public Integer getKeyUsage() {
|
||||
if (mCacheUsage == null) {
|
||||
for (PGPSignature sig : new IterableIterator<PGPSignature>(mPublicKey.getSignatures())) {
|
||||
if (mPublicKey.isMasterKey() && sig.getKeyID() != mPublicKey.getKeyID()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
PGPSignatureSubpacketVector hashed = sig.getHashedSubPackets();
|
||||
if (hashed != null && hashed.getSubpacket(SignatureSubpacketTags.KEY_FLAGS) != null) {
|
||||
// init if at least one key flag subpacket has been found
|
||||
if (mCacheUsage == null) {
|
||||
mCacheUsage = 0;
|
||||
}
|
||||
mCacheUsage |= hashed.getKeyFlags();
|
||||
}
|
||||
}
|
||||
}
|
||||
return mCacheUsage;
|
||||
}
|
||||
|
||||
public boolean canCertify() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.CERTIFY_OTHER) != 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean canSign() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.SIGN_DATA) != 0;
|
||||
}
|
||||
|
||||
if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean canEncrypt() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & (KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE)) != 0;
|
||||
}
|
||||
|
||||
// RSA_GENERAL, RSA_ENCRYPT, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, ECDH
|
||||
if (UncachedKeyRing.isEncryptionAlgo(mPublicKey.getAlgorithm())) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public boolean canAuthenticate() {
|
||||
// if key flags subpacket is available, honor it!
|
||||
if (getKeyUsage() != null) {
|
||||
return (getKeyUsage() & KeyFlags.AUTHENTICATION) != 0;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public byte[] getFingerprint() {
|
||||
return mPublicKey.getFingerprint();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user