Class S2KUsageFix
java.lang.Object
org.pgpainless.key.protection.fixes.S2KUsageFix
Repair class to fix keys which use S2K usage of value
SecretKeyPacket.USAGE_CHECKSUM
.
The method replaceUsageChecksumWithUsageSha1(PGPSecretKeyRing, SecretKeyRingProtector)
ensures
that such keys are encrypted using S2K usage SecretKeyPacket.USAGE_SHA1
instead.-
Method Summary
Modifier and TypeMethodDescriptionstatic org.bouncycastle.openpgp.PGPSecretKeyRing
replaceUsageChecksumWithUsageSha1
(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector) Repair method for keys which use S2K usagestatic org.bouncycastle.openpgp.PGPSecretKeyRing
replaceUsageChecksumWithUsageSha1
(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector, boolean skipKeysWithMissingPassphrase) Repair method for keys which use S2K usage
-
Method Details
-
replaceUsageChecksumWithUsageSha1
public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException Repair method for keys which use S2K usageUSAGE_CHECKSUM
which is deemed insecure. This method fixes the private keys by changing them toUSAGE_SHA1
instead.- Parameters:
keys
- keysprotector
- protector to unlock and re-lock affected private keys- Returns:
- fixed key ring
- Throws:
org.bouncycastle.openpgp.PGPException
- in case of a PGP error.
-
replaceUsageChecksumWithUsageSha1
public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector, boolean skipKeysWithMissingPassphrase) throws org.bouncycastle.openpgp.PGPException Repair method for keys which use S2K usageUSAGE_CHECKSUM
which is deemed insecure. This method fixes the private keys by changing them toUSAGE_SHA1
instead.- Parameters:
keys
- keysprotector
- protector to unlock and re-lock affected private keysskipKeysWithMissingPassphrase
- if set to true, missing subkey passphrases will cause the subkey to stay unaffected.- Returns:
- fixed key ring
- Throws:
org.bouncycastle.openpgp.PGPException
- in case of a PGP error.
-