Menu
▾
▴
[Cryptix-commits] projects/openpgp/src/cryptix/pki KeyBundle.java
|
From: <ed...@bo...> - 2003-08-23 02:22:17
|
edwin 03/08/22 22:22:11
Modified: openpgp CHANGELOG.TXT
openpgp/src/cryptix/openpgp PGPCertificate.java
PGPKeyBundle.java
openpgp/src/cryptix/openpgp/examples
GenerateAndWriteKey.java
openpgp/src/cryptix/openpgp/provider PGPCertificateImpl.java
PGPKeyBundleImpl.java
openpgp/src/cryptix/pki KeyBundle.java
Log:
PGPCertificate/PGPCertificateImpl
- added a getPacket() method
KeyBundle/PGPKeyBundle/PGPKeyBundleImpl
- added methods to add private (sub) keys without passwords
- added methods to add public keys and principals directly,
without adding a full Certificate
- changed to order of the parameters for addPrivateKey to be
consistent with addPrivateSubKey
Revision Changes Path
1.20 +16 -5 projects/openpgp/CHANGELOG.TXT
Index: CHANGELOG.TXT
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/CHANGELOG.TXT,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- CHANGELOG.TXT 16 Feb 2003 11:08:23 -0000 1.19
+++ CHANGELOG.TXT 23 Aug 2003 02:22:11 -0000 1.20
@@ -1,12 +1,23 @@
???????? snapshot
-- Snapshots are now compiled on JDK 1.2, so that they continue to work on that
- version of the JDK. Due to a Sun API change, a library compiled on JDK 1.3 or
- higher would not work on JDK 1.2.
-- Change the getEncoded() method of a PGP certificate to encode the
+Incompatible changes
+- Changed the order of the arguments for the addPrivateKey method in KeyBundle
+ to be more consistent with addPrivateSubKey in PGPKeyBundle. Any application
+ that generates keys will probably have to be changed as a result of this.
+- Changed the getEncoded() method of a PGP Certificate to encode the
public key and principal that are signed as well. This is more like
what other Certificate implementations do, and it also allows one to
construct a KeyBundle from the returned data again.
-- Fix the clone() method of PGPKeyBundleImpl.
+Bugsfixes/new features
+- Snapshots are now compiled on JDK 1.2, so that they continue to work on that
+ version of the JDK. Due to a Sun API change, a library compiled on JDK 1.3 or
+ higher would not work on JDK 1.2.
+- Added methods to KeyBundle and PGPKeyBundle to allow storage of private keys
+ without encrypting them.
+- Added methods to KeyBundle to add public (sub) keys and principals (userid's)
+ without adding full certificates, as this is allowed/needed in some cases.
+- Included better error messages for when the Unlimited Strength Jurisdiction
+ Policy Files are not installed.
+- Fixed the clone() method of PGPKeyBundleImpl.
20030205 snapshot
- API change: added cryptix.pki.ExtendedCertificate, which adds a few common
1.3 +13 -2 projects/openpgp/src/cryptix/openpgp/PGPCertificate.java
Index: PGPCertificate.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/PGPCertificate.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- PGPCertificate.java 3 Feb 2003 15:04:00 -0000 1.2
+++ PGPCertificate.java 23 Aug 2003 02:22:11 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Id: PGPCertificate.java,v 1.2 2003/02/03 15:04:00 edwin Exp $
+/* $Id: PGPCertificate.java,v 1.3 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2003 The Cryptix Foundation Limited.
* All rights reserved.
@@ -12,6 +12,8 @@
package cryptix.openpgp;
+import cryptix.openpgp.packet.PGPSignaturePacket;
+
import cryptix.pki.ExtendedCertificate;
import cryptix.pki.KeyID;
@@ -26,7 +28,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public abstract class PGPCertificate extends ExtendedCertificate {
@@ -46,6 +48,15 @@
// Added abstract methods
// ..........................................................................
+
+
+ /**
+ * Return the contained signature packet.
+ *
+ * <p>Note: packets are part of the low-level API. Normally you don't need
+ * to use this method as other options are available.</p>
+ */
+ public abstract PGPSignaturePacket getPacket();
/**
1.4 +10 -2 projects/openpgp/src/cryptix/openpgp/PGPKeyBundle.java
Index: PGPKeyBundle.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/PGPKeyBundle.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PGPKeyBundle.java 7 Aug 2001 03:16:33 -0000 1.3
+++ PGPKeyBundle.java 23 Aug 2003 02:22:11 -0000 1.4
@@ -1,4 +1,4 @@
-/* $Id: PGPKeyBundle.java,v 1.3 2001/08/07 03:16:33 edwin Exp $
+/* $Id: PGPKeyBundle.java,v 1.4 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -28,7 +28,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.3 $
+ * @version $Revision: 1.4 $
*/
public abstract class PGPKeyBundle extends KeyBundle {
@@ -81,6 +81,14 @@
PublicKey pubsubkey,
char[] passphrase,
SecureRandom sr)
+ throws KeyBundleException;
+
+
+ /**
+ * Adds a private subkey to the keybundle, without encrypting it.
+ */
+ public abstract boolean addPrivateSubKey (PrivateKey privsubkey,
+ PublicKey pubsubkey)
throws KeyBundleException;
1.2 +4 -4 projects/openpgp/src/cryptix/openpgp/examples/GenerateAndWriteKey.java
Index: GenerateAndWriteKey.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/examples/GenerateAndWriteKey.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- GenerateAndWriteKey.java 7 Aug 2001 05:22:37 -0000 1.1
+++ GenerateAndWriteKey.java 23 Aug 2003 02:22:11 -0000 1.2
@@ -1,4 +1,4 @@
-/* $Id: GenerateAndWriteKey.java,v 1.1 2001/08/07 05:22:37 edwin Exp $
+/* $Id: GenerateAndWriteKey.java,v 1.2 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -44,7 +44,7 @@
* Detailed example for generating two PGP keys and writing them to disk.
*
* @author Edwin Woudt <ed...@cr...>
- * @version $Revision: 1.1 $
+ * @version $Revision: 1.2 $
*/
public class GenerateAndWriteKey {
@@ -241,7 +241,7 @@
//**********************************************************************
try {
- simplePrivateKey.addPrivateKey(pubkey, privkey,
+ simplePrivateKey.addPrivateKey(privkey, pubkey,
"TestingPassphrase".toCharArray(), sr);
} catch (KeyBundleException kbe) {
@@ -285,7 +285,7 @@
Certificate cert = certbuilder.build(pubkey, userid, privkey, sr);
complexPublicKey.addCertificate(cert);
complexPrivateKey.addCertificate(cert);
- complexPrivateKey.addPrivateKey(pubkey, privkey,
+ complexPrivateKey.addPrivateKey(privkey, pubkey,
"TestingPassphrase".toCharArray(), sr);
} catch (Exception e) {
1.5 +14 -2 projects/openpgp/src/cryptix/openpgp/provider/PGPCertificateImpl.java
Index: PGPCertificateImpl.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPCertificateImpl.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- PGPCertificateImpl.java 16 Feb 2003 11:07:19 -0000 1.4
+++ PGPCertificateImpl.java 23 Aug 2003 02:22:11 -0000 1.5
@@ -1,4 +1,4 @@
-/* $Id: PGPCertificateImpl.java,v 1.4 2003/02/16 11:07:19 edwin Exp $
+/* $Id: PGPCertificateImpl.java,v 1.5 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -70,7 +70,7 @@
* An OpenPGP Certificate.
*
* @author Edwin Woudt <ed...@cr...>
- * @version $Revision: 1.4 $
+ * @version $Revision: 1.5 $
*/
public class PGPCertificateImpl extends PGPCertificate {
@@ -342,6 +342,18 @@
// Methods from cryptix.openpgp.PGPCertificate
// ..........................................................................
+
+
+ /**
+ * Return the contained signature packet.
+ *
+ * <p>Note: packets are part of the low-level API. Normally you don't need
+ * to use this method as other options are available.</p>
+ */
+ public PGPSignaturePacket getPacket()
+ {
+ return pkt;
+ }
/**
1.4 +118 -30 projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java
Index: PGPKeyBundleImpl.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/openpgp/provider/PGPKeyBundleImpl.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- PGPKeyBundleImpl.java 14 Feb 2003 12:37:32 -0000 1.3
+++ PGPKeyBundleImpl.java 23 Aug 2003 02:22:11 -0000 1.4
@@ -1,4 +1,4 @@
-/* $Id: PGPKeyBundleImpl.java,v 1.3 2003/02/14 12:37:32 edwin Exp $
+/* $Id: PGPKeyBundleImpl.java,v 1.4 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -68,7 +68,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.3 $
+ * @version $Revision: 1.4 $
*/
public class PGPKeyBundleImpl extends PGPKeyBundle {
@@ -144,12 +144,12 @@
if (privpkt != null) {
if (privSubkeys.size() != subkeys.size()) {
- throw new RuntimeException(
+ throw new KeyBundleException(
"Not all private subkeys present.");
}
} else {
if (privSubkeys.size() != 0) {
- throw new RuntimeException(
+ throw new KeyBundleException(
"There are private subkeys present, but no private "+
"main key.");
}
@@ -172,7 +172,7 @@
baos.write(subject.getEncoded());
it2 = ((Vector)principalsToCertificates.get(subject)).iterator();
while (it2.hasNext()) {
- baos.write(((PGPCertificate)it2.next()).getEncoded());
+ ((PGPCertificate)it2.next()).getPacket().encode(baos);
}
}
@@ -193,8 +193,6 @@
} catch (IOException ioe) {
throw new KeyBundleException(""+ioe);
- } catch (CertificateEncodingException cee) {
- throw new KeyBundleException(""+cee);
}
}
@@ -272,12 +270,76 @@
/**
+ * Adds a principal.
+ *
+ * <p>Note: there is no need to call this method explicitly when
+ * addCertificate is used.</p>
+ */
+ public boolean addPrincipal (Principal princ)
+ throws KeyBundleException
+ {
+ if (!(princ instanceof PGPPrincipal)) {
+ throw new KeyBundleException("Invalid principal type");
+ }
+
+ if (! principals.contains(princ)) {
+ principals.add(princ);
+ return true;
+ }
+
+ return false;
+ }
+
+
+ /**
+ * Adds a public key.
+ *
+ * <p>Note: there is no need to call this method explicitly when
+ * addCertificate is used.</p>
+ */
+ public boolean addPublicKey (PublicKey pubkey)
+ throws KeyBundleException
+ {
+ if (!(pubkey instanceof PGPPublicKey)) {
+ throw new KeyBundleException("Invalid public key type");
+ }
+
+ if (mainkey == null) {
+ mainkey = (PGPPublicKey)pubkey;
+ return true;
+ } else {
+ throw new KeyBundleException(
+ "KeyBundle can only contain one main key.");
+ }
+ }
+
+
+ /**
* Adds a private key, encrypting it with a passphrase.
*/
- public boolean addPrivateKey (PublicKey pubkey, PrivateKey privkey,
+ public boolean addPrivateKey (PrivateKey privkey, PublicKey pubkey,
char[] passphrase, SecureRandom sr)
throws KeyBundleException
{
+ addPrivateKey(privkey, pubkey);
+
+ int s2kid = 3; // Iterated & Salted ### FIXME
+ int cipherid = 3; // CAST5 ### FIXME
+ int hashid = 2; // SHA-1 ### FIXME
+ privpkt.encrypt(passphrase, s2kid, cipherid, hashid, sr,
+ PGPAlgorithmFactory.getDefaultInstance());
+ privpkt.forgetSecretData();
+
+ return true;
+ }
+
+
+ /**
+ * Adds a private key, without encrypting it.
+ */
+ public boolean addPrivateKey (PrivateKey privkey, PublicKey pubkey)
+ throws KeyBundleException
+ {
if (! (privkey instanceof PGPPrivateKey)) {
throw new KeyBundleException("Invalid private key type");
}
@@ -314,13 +376,6 @@
PGPSecretKeyPacket pkt = (PGPSecretKeyPacket)pgpprivkey.getPacket();
privpkt = (PGPSecretKeyPacket)pkt.clone();
- int s2kid = 3; // Iterated & Salted ### FIXME
- int cipherid = 3; // CAST5 ### FIXME
- int hashid = 2; // SHA-1 ### FIXME
- privpkt.encrypt(passphrase, s2kid, cipherid, hashid, sr,
- PGPAlgorithmFactory.getDefaultInstance());
- privpkt.forgetSecretData();
-
return true;
}
@@ -682,6 +737,53 @@
char[] passphrase, SecureRandom sr)
throws KeyBundleException
{
+ PGPSecretSubKeyPacket pkt =
+ addPrivateSubKeyHelper(privsubkey, pubsubkey);
+
+ if (privSubkeys.containsKey(pubsubkey)) {
+ return false;
+ }
+
+ PGPSecretSubKeyPacket clone = (PGPSecretSubKeyPacket)pkt.clone();
+
+ int s2kid = 3; // Iterated & Salted ### FIXME
+ int cipherid = 3; // CAST5 ### FIXME
+ int hashid = 2; // SHA-1 ### FIXME
+ clone.encrypt(passphrase, s2kid, cipherid, hashid, sr,
+ PGPAlgorithmFactory.getDefaultInstance());
+ clone.forgetSecretData();
+
+ privSubkeys.put(pubsubkey, clone);
+
+ return true;
+ }
+
+
+ /**
+ * Adds a private subkey to the keybundle, without encrypting it.
+ */
+ public boolean addPrivateSubKey (PrivateKey privsubkey,
+ PublicKey pubsubkey)
+ throws KeyBundleException
+ {
+ PGPSecretSubKeyPacket pkt =
+ addPrivateSubKeyHelper(privsubkey, pubsubkey);
+
+ if (privSubkeys.containsKey(pubsubkey)) {
+ return false;
+ }
+
+ PGPSecretSubKeyPacket clone = (PGPSecretSubKeyPacket)pkt.clone();
+ privSubkeys.put(pubsubkey, clone);
+
+ return true;
+ }
+
+
+ private PGPSecretSubKeyPacket addPrivateSubKeyHelper(PrivateKey privsubkey,
+ PublicKey pubsubkey)
+ throws KeyBundleException
+ {
if (! (privsubkey instanceof PGPPrivateKey)) {
throw new KeyBundleException("Invalid private key type");
}
@@ -693,10 +795,6 @@
throw new KeyBundleException("Public key not found");
}
- if (privSubkeys.containsKey(pubsubkey)) {
- return false;
- }
-
PGPKeyPacket one = ((PGPPrivateKey)privsubkey).getPacket().clonePublic();
PGPKeyPacket two = ((PGPPublicKey)pubsubkey).getPacket();
@@ -712,18 +810,8 @@
PGPSecretSubKeyPacket pkt =
(PGPSecretSubKeyPacket)pgpprivkey.getPacket();
- PGPSecretSubKeyPacket clone = (PGPSecretSubKeyPacket)pkt.clone();
- int s2kid = 3; // Iterated & Salted ### FIXME
- int cipherid = 3; // CAST5 ### FIXME
- int hashid = 2; // SHA-1 ### FIXME
- clone.encrypt(passphrase, s2kid, cipherid, hashid, sr,
- PGPAlgorithmFactory.getDefaultInstance());
- clone.forgetSecretData();
-
- privSubkeys.put(pubsubkey, clone);
-
- return true;
+ return pkt;
}
1.3 +31 -4 projects/openpgp/src/cryptix/pki/KeyBundle.java
Index: KeyBundle.java
===================================================================
RCS file: /home/cryptix-cvs/cvsroot/projects/openpgp/src/cryptix/pki/KeyBundle.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- KeyBundle.java 4 Aug 2001 21:47:22 -0000 1.2
+++ KeyBundle.java 23 Aug 2003 02:22:11 -0000 1.3
@@ -1,4 +1,4 @@
-/* $Id: KeyBundle.java,v 1.2 2001/08/04 21:47:22 edwin Exp $
+/* $Id: KeyBundle.java,v 1.3 2003/08/23 02:22:11 edwin Exp $
*
* Copyright (C) 1999-2001 The Cryptix Foundation Limited.
* All rights reserved.
@@ -45,7 +45,7 @@
*
* @author Edwin Woudt <ed...@cr...>
* @author Ingo Luetkebohle
- * @version $Revision: 1.2 $
+ * @version $Revision: 1.3 $
*/
public abstract class KeyBundle {
@@ -182,15 +182,42 @@
* the public key and the principal, so that the implementation of the
* keybundle can add these automatically when needed.</p>
*/
- public abstract boolean addCertificate (Certificate cert)
+ public abstract boolean addCertificate(Certificate cert)
throws KeyBundleException;
/**
+ * Adds a principal.
+ *
+ * <p>Note: there is no need to call this method explicitly when
+ * addCertificate is used.</p>
+ */
+ public abstract boolean addPrincipal (Principal princ)
+ throws KeyBundleException;
+
+
+ /**
+ * Adds a public key.
+ *
+ * <p>Note: there is no need to call this method explicitly when
+ * addCertificate is used.</p>
+ */
+ public abstract boolean addPublicKey (PublicKey pubkey)
+ throws KeyBundleException;
+
+
+ /**
* Adds a private key, encrypting it with a passphrase.
*/
- public abstract boolean addPrivateKey (PublicKey pubkey, PrivateKey privkey,
+ public abstract boolean addPrivateKey (PrivateKey privkey, PublicKey pubkey,
char[] passphrase, SecureRandom sr)
+ throws KeyBundleException;
+
+
+ /**
+ * Adds a private key, without encrypting it.
+ */
+ public abstract boolean addPrivateKey (PrivateKey privkey, PublicKey pubkey)
throws KeyBundleException;
|
