Class S2KUsageFix

java.lang.Object
org.pgpainless.key.protection.fixes.S2KUsageFix

public final class S2KUsageFix extends Object
Repair class to fix keys which use S2K usage of value SecretKeyPacket.USAGE_CHECKSUM. The method replaceUsageChecksumWithUsageSha1(PGPSecretKeyRing, SecretKeyRingProtector) ensures that such keys are encrypted using S2K usage SecretKeyPacket.USAGE_SHA1 instead.
See Also:
  • Method Details

    • replaceUsageChecksumWithUsageSha1

      public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
      Repair method for keys which use S2K usage
      USAGE_CHECKSUM
      which is deemed insecure. This method fixes the private keys by changing them to
      USAGE_SHA1
      instead.
      Parameters:
      keys - keys
      protector - protector to unlock and re-lock affected private keys
      Returns:
      fixed key ring
      Throws:
      org.bouncycastle.openpgp.PGPException - in case of a PGP error.
    • replaceUsageChecksumWithUsageSha1

      public static org.bouncycastle.openpgp.PGPSecretKeyRing replaceUsageChecksumWithUsageSha1(org.bouncycastle.openpgp.PGPSecretKeyRing keys, SecretKeyRingProtector protector, boolean skipKeysWithMissingPassphrase) throws org.bouncycastle.openpgp.PGPException
      Repair method for keys which use S2K usage
      USAGE_CHECKSUM
      which is deemed insecure. This method fixes the private keys by changing them to
      USAGE_SHA1
      instead.
      Parameters:
      keys - keys
      protector - protector to unlock and re-lock affected private keys
      skipKeysWithMissingPassphrase - if set to true, missing subkey passphrases will cause the subkey to stay unaffected.
      Returns:
      fixed key ring
      Throws:
      org.bouncycastle.openpgp.PGPException - in case of a PGP error.