Package org.pgpainless.key.protection.fixes

Class S2KUsageFix

java.lang.Object
org.pgpainless.key.protection.fixes.S2KUsageFix
public final class S2KUsageFix extends Object
Repair class to fix keys which use S2K usage of value SecretKeyPacket.USAGE_CHECKSUM. The method replaceUsageChecksumWithUsageSha1(PGPSecretKeyRing, SecretKeyRingProtector) ensures that such keys are encrypted using S2K usage SecretKeyPacket.USAGE_SHA1 instead.
See Also:

  • Method Details

    • replaceUsageChecksumWithUsageSha1

      public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
      Repair method for keys which use S2K usage 
      USAGE_CHECKSUM
      which is deemed insecure. This method fixes the private keys by changing them to 
      USAGE_SHA1
      instead.
      Parameters:
      keys - keys
      protector - protector to unlock and re-lock affected private keys
      Returns:
      fixed key ring
      Throws:
      org.bouncycastle.openpgp.PGPException - in case of a PGP error.

    • replaceUsageChecksumWithUsageSha1

      public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector, boolean skipKeysWithMissingPassphrase) throws org.bouncycastle.openpgp.PGPException
      Repair method for keys which use S2K usage 
      USAGE_CHECKSUM
      which is deemed insecure. This method fixes the private keys by changing them to 
      USAGE_SHA1
      instead.
      Parameters:
      keys - keys
      protector - protector to unlock and re-lock affected private keys
      skipKeysWithMissingPassphrase - if set to true, missing subkey passphrases will cause the subkey to stay unaffected.
      Returns:
      fixed key ring
      Throws:
      org.bouncycastle.openpgp.PGPException - in case of a PGP error.