java.lang.Object
- org.pgpainless.key.protection.fixes.S2KUsageFix

```
public final class S2KUsageFix
extends Object
```
Repair class to fix keys which use S2K usage of value SecretKeyPacket.USAGE_CHECKSUM. The method replaceUsageChecksumWithUsageSha1(PGPSecretKeyRing, SecretKeyRingProtector) ensures that such keys are encrypted using S2K usage SecretKeyPacket.USAGE_SHA1 instead.

See Also:

Related PGPainless Bug Report, Related PGPainless Feature Request, Related upstream BC bug report

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static org.bouncycastle.openpgp.PGPSecretKeyRing`	`replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector)`	Repair method for keys which use S2K usage
`static org.bouncycastle.openpgp.PGPSecretKeyRing`	`replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector, boolean skipKeysWithMissingPassphrase)`	Repair method for keys which use S2K usage

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

replaceUsageChecksumWithUsageSha1

public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys,
                                                                                          SecretKeyRingProtector protector)
                                                                                   throws org.bouncycastle.openpgp.PGPException

Repair method for keys which use S2K usage

USAGE_CHECKSUM

which is deemed insecure. This method fixes the private keys by changing them to

USAGE_SHA1

instead.

Parameters:: keys - keys; protector - protector to unlock and re-lock affected private keys
Returns:: fixed key ring
Throws:: org.bouncycastle.openpgp.PGPException - in case of a PGP error.

replaceUsageChecksumWithUsageSha1

public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys,
                                                                                          SecretKeyRingProtector protector,
                                                                                          boolean skipKeysWithMissingPassphrase)
                                                                                   throws org.bouncycastle.openpgp.PGPException

Repair method for keys which use S2K usage

USAGE_CHECKSUM

which is deemed insecure. This method fixes the private keys by changing them to

USAGE_SHA1

instead.

Parameters:: keys - keys; protector - protector to unlock and re-lock affected private keys; skipKeysWithMissingPassphrase - if set to true, missing subkey passphrases will cause the subkey to stay unaffected.
Returns:: fixed key ring
Throws:: org.bouncycastle.openpgp.PGPException - in case of a PGP error.

Class S2KUsageFix

Method Summary

Methods inherited from class java.lang.Object

Method Detail

replaceUsageChecksumWithUsageSha1

replaceUsageChecksumWithUsageSha1