Source code

001// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
002//
003// SPDX-License-Identifier: Apache-2.0
004
005package org.pgpainless.signature.builder;
006
007import javax.annotation.Nullable;
008
009import org.bouncycastle.openpgp.PGPException;
010import org.bouncycastle.openpgp.PGPPublicKey;
011import org.bouncycastle.openpgp.PGPSecretKey;
012import org.bouncycastle.openpgp.PGPSignature;
013import org.bouncycastle.openpgp.PGPSignatureGenerator;
014import org.pgpainless.algorithm.SignatureType;
015import org.pgpainless.key.protection.SecretKeyRingProtector;
016import org.pgpainless.signature.subpackets.RevocationSignatureSubpackets;
017
018public class RevocationSignatureBuilder extends AbstractSignatureBuilder<RevocationSignatureBuilder> {
019
020    public RevocationSignatureBuilder(SignatureType signatureType, PGPSecretKey signingKey, SecretKeyRingProtector protector) throws PGPException {
021        super(signatureType, signingKey, protector);
022        getHashedSubpackets().setRevocable(true, false);
023    }
024
025    @Override
026    protected boolean isValidSignatureType(SignatureType type) {
027        switch (type) {
028            case KEY_REVOCATION:
029            case SUBKEY_REVOCATION:
030            case CERTIFICATION_REVOCATION:
031                return true;
032            default:
033                return false;
034        }
035    }
036
037    public RevocationSignatureSubpackets getHashedSubpackets() {
038        return hashedSubpackets;
039    }
040
041    public RevocationSignatureSubpackets getUnhashedSubpackets() {
042        return unhashedSubpackets;
043    }
044
045    public void applyCallback(@Nullable RevocationSignatureSubpackets.Callback callback) {
046        if (callback != null) {
047            callback.modifyHashedSubpackets(getHashedSubpackets());
048            callback.modifyUnhashedSubpackets(getUnhashedSubpackets());
049        }
050    }
051
052    public PGPSignature build(PGPPublicKey revokeeSubkey) throws PGPException {
053        PGPSignatureGenerator signatureGenerator = buildAndInitSignatureGenerator();
054        if (signatureType == SignatureType.KEY_REVOCATION) {
055            if (revokeeSubkey.getKeyID() != publicSigningKey.getKeyID()) {
056                throw new IllegalArgumentException("Signature type is KEY_REVOCATION, but provided revokeeSubkey is != signingPublicKey.");
057            }
058            return signatureGenerator.generateCertification(publicSigningKey);
059        } else {
060            return signatureGenerator.generateCertification(publicSigningKey, revokeeSubkey);
061        }
062    }
063
064    public PGPSignature build(String revokeeUserId) throws PGPException {
065        PGPSignatureGenerator signatureGenerator = buildAndInitSignatureGenerator();
066        if (signatureType != SignatureType.CERTIFICATION_REVOCATION) {
067            throw new IllegalArgumentException("Signature type is != CERTIFICATION_REVOCATION.");
068        }
069        return signatureGenerator.generateCertification(revokeeUserId, publicSigningKey);
070    }
071}