Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encryption API 2.0 #123

Merged
merged 16 commits into from
May 25, 2021
Merged

Encryption API 2.0 #123

merged 16 commits into from
May 25, 2021

Conversation

vanitasvitae
Copy link
Member

@vanitasvitae vanitasvitae commented May 25, 2021
edited

I noticed, that the builder pattern for the encryption/signing API was a bit complex and inflexible.
Most importantly, the user was expected to define which algorithms to use when encrypting. Furthermore sign-only operations would not allow change of algorithms at all (see #75).

This PR introduces a new API which moves options for signing and encrypting into separate builders.
Instead of calling

        EncryptionStream encryptor = PGPainless.encryptAndOrSign()
                .onOutputStream(envelope)
                .toRecipients(recipientPub)
                .usingAlgorithms(SymmetricKeyAlgorithm.AES_256, HashAlgorithm.SHA512, CompressionAlgorithm.ZIP)
                .signWith(keyDecryptor, senderSec)
                .signBinaryDocument()
                .noArmor();

the API has been simplified to

        EncryptionOptions encOpt = new EncryptionOptions()
                .addRecipient(recipientPub);
        SigningOptions signOpt = new SigningOptions()
                .addInlineSignature(keyDecryptor, senderSec, type);

        EncryptionStream encryptor = PGPainless.encryptAndOrSign()
                .onOutputStream(envelope)
                .withOptions(ProducerOptions
                        .signAndEncrypt(encOpt, signOpt)
                        .setAsciiArmor(armor));

The new API evaluates the keys used to sign/encrypt and automatically negotiates algorithms.
It is still possible to use custom algorithms though:

        encOpts.overrideEncryptionAlgorithm(AES_128);
        signOpts.overrideHashAlgorithm(SHA_256);
        prodOpts.overrideCompressionAlgorithm(UNCOMPRESSED);

Default algorithms and fallbacks can be controlled via PGPainless.getPolicy().

Lastly the new API also allows control over which subkeys are used for encryption.
Instead of encrypting to all available encryption subkeys of a keyring, the API will now per default only encrypt to the first encryption capable subkey that is being found.
This behaviour can for example be modified by calling

        encOpts.addRecipient(aliceKey, EncryptionOptions.encryptToAllCapableSubkeys())

Other implementations are possible by implementing EncryptionKeySelector.

All in all, the new API should be way more flexible. We now have better separation of concerns, which should also make the implementation more maintainable and easier for external contributors to understand.

TODO:

  • squash

@tomholub
Copy link
Contributor

Thank you - this looks to be an improvement 👍

@vanitasvitae vanitasvitae merged commit 80a6baf into master May 25, 2021
@coveralls
Copy link

Pull Request Test Coverage Report for Build 501

  • 568 of 809 (70.21%) changed or added relevant lines in 33 files are covered.
  • 112 unchanged lines in 12 files lost coverage.
  • Overall coverage increased (+0.3%) to 74.237%
Changes Missing Coverage Covered Lines Changed/Added Lines %
pgpainless-core/src/main/java/org/pgpainless/signature/cleartext_signatures/MultiPassStrategy.java 0 1 0.0%
pgpainless-core/src/main/java/org/pgpainless/util/SignatureTree.java 0 1 0.0%
pgpainless-sop/src/main/java/org/pgpainless/sop/Print.java 5 6 83.33%
pgpainless-core/src/main/java/org/pgpainless/exception/KeyValidationException.java 0 2 0.0%
pgpainless-core/src/main/java/org/pgpainless/key/SubkeyIdentifier.java 2 4 50.0%
pgpainless-sop/src/main/java/org/pgpainless/sop/commands/Armor.java 0 2 0.0%
pgpainless-core/src/main/java/org/pgpainless/algorithm/negotiation/SymmetricKeyAlgorithmNegotiator.java 18 21 85.71%
pgpainless-sop/src/main/java/org/pgpainless/sop/SopKeyUtil.java 6 9 66.67%
pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionResult.java 30 34 88.24%
pgpainless-core/src/main/java/org/pgpainless/key/info/KeyAccessor.java 19 23 82.61%
Files with Coverage Reduction New Missed Lines %
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java 2 84.47%
pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionBuilder.java 2 76.67%
pgpainless-core/src/main/java/org/pgpainless/key/SubkeyIdentifier.java 2 40.0%
pgpainless-core/src/main/java/org/pgpainless/util/Passphrase.java 2 90.2%
pgpainless-core/src/main/java/org/pgpainless/util/selection/key/impl/NoRevocation.java 2 40.0%
pgpainless-core/src/main/java/org/pgpainless/util/selection/key/impl/SignatureKeySelectionStrategy.java 2 83.33%
pgpainless-sop/src/main/java/org/pgpainless/sop/Print.java 3 50.0%
pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java 4 83.58%
pgpainless-core/src/main/java/org/pgpainless/util/Tuple.java 6 0%
pgpainless-core/src/main/java/org/pgpainless/util/selection/key/impl/And.java 9 47.37%
Totals Coverage Status
Change from base Build 475: 0.3%
Covered Lines: 3674
Relevant Lines: 4949
💛 - Coveralls

@vanitasvitae vanitasvitae deleted the wipApi branch May 25, 2021 20:31
@vanitasvitae vanitasvitae mentioned this pull request Jun 5, 2021
Closed
@vanitasvitae vanitasvitae mentioned this pull request Jun 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vanitasvitae @tomholub @coveralls