Source code

001// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
002//
003// SPDX-License-Identifier: Apache-2.0
004
005package org.pgpainless.key.protection;
006
007import org.bouncycastle.openpgp.PGPException;
008import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
009import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
010import org.pgpainless.implementation.ImplementationFactory;
011import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
012import org.pgpainless.util.Passphrase;
013
014import javax.annotation.Nullable;
015
016public class BaseSecretKeyRingProtector implements SecretKeyRingProtector {
017
018    private final SecretKeyPassphraseProvider passphraseProvider;
019    private final KeyRingProtectionSettings protectionSettings;
020
021    public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider) {
022        this(passphraseProvider, KeyRingProtectionSettings.secureDefaultSettings());
023    }
024
025    public BaseSecretKeyRingProtector(SecretKeyPassphraseProvider passphraseProvider, KeyRingProtectionSettings protectionSettings) {
026        this.passphraseProvider = passphraseProvider;
027        this.protectionSettings = protectionSettings;
028    }
029
030    @Override
031    public boolean hasPassphraseFor(Long keyId) {
032        return passphraseProvider.hasPassphrase(keyId);
033    }
034
035    @Override
036    @Nullable
037    public PBESecretKeyDecryptor getDecryptor(Long keyId) throws PGPException {
038        Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
039        return passphrase == null || passphrase.isEmpty() ? null :
040                ImplementationFactory.getInstance().getPBESecretKeyDecryptor(passphrase);
041    }
042
043    @Override
044    @Nullable
045    public PBESecretKeyEncryptor getEncryptor(Long keyId) throws PGPException {
046        Passphrase passphrase = passphraseProvider.getPassphraseFor(keyId);
047        return passphrase == null || passphrase.isEmpty() ? null :
048                ImplementationFactory.getInstance().getPBESecretKeyEncryptor(
049                        protectionSettings.getEncryptionAlgorithm(),
050                        protectionSettings.getHashAlgorithm(),
051                        protectionSettings.getS2kCount(),
052                        passphrase);
053    }
054}