From 8131daa6380ed752c4d31cd6a40650d9ac5b9817 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Sun, 28 Sep 2014 14:40:49 +0200 Subject: move can.*() methods to CanonicalizedPublicKey, where they belong --- .../keychain/pgp/CanonicalizedPublicKey.java | 83 ++++++++++++++++++++-- .../keychain/pgp/UncachedKeyRing.java | 9 ++- .../keychain/pgp/UncachedPublicKey.java | 72 ------------------- 3 files changed, 83 insertions(+), 81 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java index 7a63a7a42..d0808d446 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java @@ -18,7 +18,11 @@ package org.sufficientlysecure.keychain.pgp; +import org.spongycastle.bcpg.SignatureSubpacketTags; +import org.spongycastle.bcpg.sig.KeyFlags; import org.spongycastle.openpgp.PGPPublicKey; +import org.spongycastle.openpgp.PGPSignature; +import org.spongycastle.openpgp.PGPSignatureSubpacketVector; import org.spongycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator; import org.sufficientlysecure.keychain.util.IterableIterator; @@ -36,6 +40,7 @@ public class CanonicalizedPublicKey extends UncachedPublicKey { // this is the parent key ring final KeyRing mRing; + private Integer mCacheUsage = null; CanonicalizedPublicKey(KeyRing ring, PGPPublicKey key) { super(key); @@ -46,12 +51,82 @@ public class CanonicalizedPublicKey extends UncachedPublicKey { return new IterableIterator(mPublicKey.getUserIDs()); } - public KeyRing getKeyRing() { - return mRing; - } - JcePublicKeyKeyEncryptionMethodGenerator getPubKeyEncryptionGenerator() { return new JcePublicKeyKeyEncryptionMethodGenerator(mPublicKey); } + public boolean canSign() { + // if key flags subpacket is available, honor it! + if (getKeyUsage() != null) { + return (getKeyUsage() & KeyFlags.SIGN_DATA) != 0; + } + + if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) { + return true; + } + + return false; + } + + /** + * Get all key usage flags. + * If at least one key flag subpacket is present return these. + * If no subpacket is present it returns null. + */ + @SuppressWarnings("unchecked") + public Integer getKeyUsage() { + if (mCacheUsage == null) { + for (PGPSignature sig : new IterableIterator(mPublicKey.getSignatures())) { + if (mPublicKey.isMasterKey() && sig.getKeyID() != mPublicKey.getKeyID()) { + continue; + } + + PGPSignatureSubpacketVector hashed = sig.getHashedSubPackets(); + if (hashed != null && hashed.getSubpacket(SignatureSubpacketTags.KEY_FLAGS) != null) { + // init if at least one key flag subpacket has been found + if (mCacheUsage == null) { + mCacheUsage = 0; + } + mCacheUsage |= hashed.getKeyFlags(); + } + } + } + return mCacheUsage; + } + + public boolean canCertify() { + // if key flags subpacket is available, honor it! + if (getKeyUsage() != null) { + return (getKeyUsage() & KeyFlags.CERTIFY_OTHER) != 0; + } + + if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) { + return true; + } + + return false; + } + + public boolean canEncrypt() { + // if key flags subpacket is available, honor it! + if (getKeyUsage() != null) { + return (getKeyUsage() & (KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE)) != 0; + } + + // RSA_GENERAL, RSA_ENCRYPT, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, ECDH + if (UncachedKeyRing.isEncryptionAlgo(mPublicKey.getAlgorithm())) { + return true; + } + + return false; + } + + public boolean canAuthenticate() { + // if key flags subpacket is available, honor it! + if (getKeyUsage() != null) { + return (getKeyUsage() & KeyFlags.AUTHENTICATION) != 0; + } + + return false; + } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java index b4842b0a5..8651760c0 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java @@ -22,7 +22,6 @@ import org.spongycastle.bcpg.ArmoredOutputStream; import org.spongycastle.bcpg.PublicKeyAlgorithmTags; import org.spongycastle.bcpg.SignatureSubpacketTags; import org.spongycastle.bcpg.sig.KeyFlags; -import org.spongycastle.openpgp.PGPKeyFlags; import org.spongycastle.openpgp.PGPKeyRing; import org.spongycastle.openpgp.PGPObjectFactory; import org.spongycastle.openpgp.PGPPublicKey; @@ -626,7 +625,7 @@ public class UncachedKeyRing { zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) { int flags = ((KeyFlags) zert.getHashedSubPackets() .getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags(); - if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) { + if ((flags & KeyFlags.SIGN_DATA) == KeyFlags.SIGN_DATA) { needsPrimaryBinding = true; } } else { @@ -727,13 +726,13 @@ public class UncachedKeyRing { int flags = ((KeyFlags) selfCert.getHashedSubPackets().getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags(); int algo = key.getAlgorithm(); // If this is a signing key, but not a signing algorithm, warn the user - if (!isSigningAlgo(algo) && (flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) { + if (!isSigningAlgo(algo) && (flags & KeyFlags.SIGN_DATA) == KeyFlags.SIGN_DATA) { log.add(LogType.MSG_KC_SUB_ALGO_BAD_SIGN, indent); } // If this is an encryption key, but not an encryption algorithm, warn the user if (!isEncryptionAlgo(algo) && ( - (flags & PGPKeyFlags.CAN_ENCRYPT_COMMS) == PGPKeyFlags.CAN_ENCRYPT_COMMS - || (flags & PGPKeyFlags.CAN_ENCRYPT_STORAGE) == PGPKeyFlags.CAN_ENCRYPT_STORAGE + (flags & KeyFlags.ENCRYPT_STORAGE) == KeyFlags.ENCRYPT_STORAGE + || (flags & KeyFlags.ENCRYPT_COMMS) == KeyFlags.ENCRYPT_COMMS )) { log.add(LogType.MSG_KC_SUB_ALGO_BAD_ENCRYPT, indent); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java index 74af9fc97..345c00579 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java @@ -39,7 +39,6 @@ import java.util.Iterator; public class UncachedPublicKey { protected final PGPPublicKey mPublicKey; - private Integer mCacheUsage = null; public UncachedPublicKey(PGPPublicKey key) { mPublicKey = key; @@ -228,77 +227,6 @@ public class UncachedPublicKey { return getAlgorithm() == PGPPublicKey.ECDH || getAlgorithm() == PGPPublicKey.ECDSA; } - /** - * Get all key usage flags. - * If at least one key flag subpacket is present return these. - * If no subpacket is present it returns null. - */ - @SuppressWarnings("unchecked") - public Integer getKeyUsage() { - if (mCacheUsage == null) { - for (PGPSignature sig : new IterableIterator(mPublicKey.getSignatures())) { - if (mPublicKey.isMasterKey() && sig.getKeyID() != mPublicKey.getKeyID()) { - continue; - } - - PGPSignatureSubpacketVector hashed = sig.getHashedSubPackets(); - if (hashed != null && hashed.getSubpacket(SignatureSubpacketTags.KEY_FLAGS) != null) { - // init if at least one key flag subpacket has been found - if (mCacheUsage == null) { - mCacheUsage = 0; - } - mCacheUsage |= hashed.getKeyFlags(); - } - } - } - return mCacheUsage; - } - - public boolean canCertify() { - // if key flags subpacket is available, honor it! - if (getKeyUsage() != null) { - return (getKeyUsage() & KeyFlags.CERTIFY_OTHER) != 0; - } - - return false; - } - - public boolean canSign() { - // if key flags subpacket is available, honor it! - if (getKeyUsage() != null) { - return (getKeyUsage() & KeyFlags.SIGN_DATA) != 0; - } - - if (UncachedKeyRing.isSigningAlgo(mPublicKey.getAlgorithm())) { - return true; - } - - return false; - } - - public boolean canEncrypt() { - // if key flags subpacket is available, honor it! - if (getKeyUsage() != null) { - return (getKeyUsage() & (KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE)) != 0; - } - - // RSA_GENERAL, RSA_ENCRYPT, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, ECDH - if (UncachedKeyRing.isEncryptionAlgo(mPublicKey.getAlgorithm())) { - return true; - } - - return false; - } - - public boolean canAuthenticate() { - // if key flags subpacket is available, honor it! - if (getKeyUsage() != null) { - return (getKeyUsage() & KeyFlags.AUTHENTICATION) != 0; - } - - return false; - } - public byte[] getFingerprint() { return mPublicKey.getFingerprint(); } -- cgit v1.2.3