Merge branch '2013-openpgp-pgpsignaturesubpacketgenerator' into 'main'

PGPSignatureSubpacketGenerator: setXYZ() now removes duplicates.

See merge request root/bc-java!77

Author: dghgit

pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureSubpacketGenerator.java

@@ -69,10 +69,7 @@ public PGPSignatureSubpacketGenerator(PGPSignatureSubpacketVector sigSubV)
      */
     public void setRevocable(boolean isCritical, boolean isRevocable)
     {
-        if (contains(SignatureSubpacketTags.REVOCABLE))
-        {
-            throw new IllegalStateException("Revocable exists in the Signature Subpacket Generator");
-        }
+        removePacketsOfType(SignatureSubpacketTags.REVOCABLE);
         packets.add(new Revocable(isCritical, isRevocable));
     }
 
@@ -97,21 +94,19 @@ public void setExportable(boolean isExportable)
      */
     public void setExportable(boolean isCritical, boolean isExportable)
     {
-        if (contains(SignatureSubpacketTags.EXPORTABLE))
-        {
-            throw new IllegalStateException("Exportable Certification exists in the Signature Subpacket Generator");
-        }
+        removePacketsOfType(SignatureSubpacketTags.EXPORTABLE);
         packets.add(new Exportable(isCritical, isExportable));
     }
 
     /**
      * Specify the set of features of the key.
      *
      * @param isCritical true if should be treated as critical, false otherwise.
-     * @param feature    features
+     * @param feature    features bitmap
      */
     public void setFeature(boolean isCritical, byte feature)
     {
+        removePacketsOfType(SignatureSubpacketTags.FEATURES);
         packets.add(new Features(isCritical, feature));
     }
 
@@ -126,6 +121,7 @@ public void setFeature(boolean isCritical, byte feature)
      */
     public void setTrust(boolean isCritical, int depth, int trustAmount)
     {
+        removePacketsOfType(SignatureSubpacketTags.TRUST_SIG);
         packets.add(new TrustSignature(isCritical, depth, trustAmount));
     }
 
@@ -150,6 +146,7 @@ public void setKeyExpirationTime(long seconds)
      */
     public void setKeyExpirationTime(boolean isCritical, long seconds)
     {
+        removePacketsOfType(SignatureSubpacketTags.KEY_EXPIRE_TIME);
         packets.add(new KeyExpirationTime(isCritical, seconds));
     }
 
@@ -175,6 +172,7 @@ public void setSignatureExpirationTime(long seconds)
      */
     public void setSignatureExpirationTime(boolean isCritical, long seconds)
     {
+        removePacketsOfType(SignatureSubpacketTags.EXPIRE_TIME);
         packets.add(new SignatureExpirationTime(isCritical, seconds));
     }
 
@@ -200,6 +198,7 @@ public void setSignatureCreationTime(Date date)
      */
     public void setSignatureCreationTime(boolean isCritical, Date date)
     {
+        removePacketsOfType(SignatureSubpacketTags.CREATION_TIME);
         packets.add(new SignatureCreationTime(isCritical, date));
     }
 
@@ -212,6 +211,7 @@ public void setSignatureCreationTime(boolean isCritical, Date date)
      */
     public void setPreferredHashAlgorithms(boolean isCritical, int[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_HASH_ALGS);
         packets.add(new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_HASH_ALGS, isCritical,
             algorithms));
     }
@@ -225,6 +225,7 @@ public void setPreferredHashAlgorithms(boolean isCritical, int[] algorithms)
      */
     public void setPreferredSymmetricAlgorithms(boolean isCritical, int[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_SYM_ALGS);
         packets.add(new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_SYM_ALGS, isCritical,
             algorithms));
     }
@@ -238,6 +239,7 @@ public void setPreferredSymmetricAlgorithms(boolean isCritical, int[] algorithms
      */
     public void setPreferredCompressionAlgorithms(boolean isCritical, int[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_COMP_ALGS);
         packets.add(new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_COMP_ALGS, isCritical,
             algorithms));
     }
@@ -254,6 +256,7 @@ public void setPreferredCompressionAlgorithms(boolean isCritical, int[] algorith
     @Deprecated
     public void setPreferredAEADAlgorithms(boolean isCritical, int[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_AEAD_ALGORITHMS);
         packets.add(new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_AEAD_ALGORITHMS, isCritical,
             algorithms));
     }
@@ -268,6 +271,7 @@ public void setPreferredAEADAlgorithms(boolean isCritical, int[] algorithms)
      */
     public void setPreferredAEADCiphersuites(boolean isCritical, PreferredAEADCiphersuites.Combination[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_AEAD_ALGORITHMS);
         packets.add(new PreferredAEADCiphersuites(isCritical, algorithms));
     }
 
@@ -280,6 +284,7 @@ public void setPreferredAEADCiphersuites(boolean isCritical, PreferredAEADCipher
      */
     public void setPreferredAEADCiphersuites(PreferredAEADCiphersuites.Builder builder)
     {
+        removePacketsOfType(SignatureSubpacketTags.PREFERRED_AEAD_ALGORITHMS);
         packets.add(builder.build());
     }
 
@@ -300,6 +305,7 @@ public void setPreferredAEADCiphersuites(PreferredAEADCiphersuites.Builder build
     @Deprecated
     public void setPreferredLibrePgpEncryptionModes(boolean isCritical, int[] algorithms)
     {
+        removePacketsOfType(SignatureSubpacketTags.LIBREPGP_PREFERRED_ENCRYPTION_MODES);
         packets.add(new LibrePGPPreferredEncryptionModes(isCritical, algorithms));
     }
 
@@ -309,8 +315,22 @@ public void setPreferredLibrePgpEncryptionModes(boolean isCritical, int[] algori
      *
      * @param isCritical true if the subpacket should be treated as critical
      * @param uri        key server URI
+     * @deprecated use {@link #addPreferredKeyServer(boolean, String)} instead.
      */
+    @Deprecated
     public void setPreferredKeyServer(boolean isCritical, String uri)
+    {
+        addPreferredKeyServer(isCritical, uri);
+    }
+
+    /**
+     * Specify a preferred key server for the signed user-id / key.
+     * Note, that the key server might also be a http/ftp etc. URI pointing to the key itself.
+     *
+     * @param isCritical true if the subpacket should be treated as critical
+     * @param uri        key server URI
+     */
+    public void addPreferredKeyServer(boolean isCritical, String uri)
     {
         packets.add(new PreferredKeyServer(isCritical, uri));
     }
@@ -341,6 +361,7 @@ public void setKeyFlags(int flags)
      */
     public void setKeyFlags(boolean isCritical, int flags)
     {
+        removePacketsOfType(SignatureSubpacketTags.KEY_FLAGS);
         packets.add(new KeyFlags(isCritical, flags));
     }
 
@@ -443,6 +464,7 @@ public void addEmbeddedSignature(boolean isCritical, PGPSignature pgpSignature)
 
     public void setPrimaryUserID(boolean isCritical, boolean isPrimaryUserID)
     {
+        removePacketsOfType(SignatureSubpacketTags.PRIMARY_USER_ID);
         packets.add(new PrimaryUserID(isCritical, isPrimaryUserID));
     }
 
@@ -485,6 +507,7 @@ public void addNotationData(boolean isCritical, boolean isHumanReadable, String
      */
     public void setRevocationReason(boolean isCritical, byte reason, String description)
     {
+        removePacketsOfType(SignatureSubpacketTags.REVOCATION_REASON);
         packets.add(new RevocationReason(isCritical, reason, description));
     }
 
@@ -523,6 +546,7 @@ public void addRevocationKey(boolean isCritical, int keyAlgorithm, byte[] finger
      */
     public void setIssuerKeyID(boolean isCritical, long keyID)
     {
+        removePacketsOfType(SignatureSubpacketTags.ISSUER_KEY_ID);
         packets.add(new IssuerKeyID(isCritical, keyID));
     }
 
@@ -536,6 +560,7 @@ public void setIssuerKeyID(boolean isCritical, long keyID)
      */
     public void setSignatureTarget(boolean isCritical, int publicKeyAlgorithm, int hashAlgorithm, byte[] hashData)
     {
+        removePacketsOfType(SignatureSubpacketTags.SIGNATURE_TARGET);
         packets.add(new SignatureTarget(isCritical, publicKeyAlgorithm, hashAlgorithm, hashData));
     }
 
@@ -558,6 +583,7 @@ public void setIssuerFingerprint(boolean isCritical, PGPSecretKey secretKey)
      */
     public void setIssuerFingerprint(boolean isCritical, PGPPublicKey publicKey)
     {
+        removePacketsOfType(SignatureSubpacketTags.ISSUER_FINGERPRINT);
         packets.add(new IssuerFingerprint(isCritical, publicKey.getVersion(), publicKey.getFingerprint()));
     }
 

pg/src/test/java/org/bouncycastle/openpgp/test/PGPGeneralTest.java

@@ -30,13 +30,15 @@
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
 import org.bouncycastle.bcpg.attr.ImageAttribute;
+import org.bouncycastle.bcpg.sig.Exportable;
 import org.bouncycastle.bcpg.sig.Features;
 import org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint;
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.bcpg.sig.NotationData;
 import org.bouncycastle.bcpg.sig.PolicyURI;
 import org.bouncycastle.bcpg.sig.PreferredAEADCiphersuites;
 import org.bouncycastle.bcpg.sig.RegularExpression;
+import org.bouncycastle.bcpg.sig.Revocable;
 import org.bouncycastle.bcpg.sig.RevocationKey;
 import org.bouncycastle.bcpg.sig.RevocationKeyTags;
 import org.bouncycastle.bcpg.sig.RevocationReason;
@@ -2169,7 +2171,7 @@ public void testPGPSignatureSubpacketVector()
         isTrue("Trust should be null", trustSignature != null);
         isTrue("Trust level depth should be " + depth, trustSignature.getDepth() == depth);
         isTrue("Trust amount should be " + trustAmount, trustSignature.getTrustAmount() == trustAmount);
-        isTrue("Exporable should be false", !hashedPcks.isExportable());
+        isTrue("Exportable should be false", !hashedPcks.isExportable());
         isTrue(hashedPcks.getIssuerFingerprint().getKeyVersion() == publicKey.getVersion());
         isTrue("isPrimaryUserID should be true", hashedPcks.isPrimaryUserID());
 
@@ -2195,7 +2197,7 @@ public void testPGPSignatureSubpacketVector()
         isTrue("Trust should be null", trustSignature != null);
         isTrue("Trust level depth should be " + depth, trustSignature.getDepth() == depth);
         isTrue("Trust amount should be " + trustAmount, trustSignature.getTrustAmount() == trustAmount);
-        isTrue("Exporable should be false", !hashedPcks.isExportable());
+        isTrue("Exportable should be false", !hashedPcks.isExportable());
         isTrue(hashedPcks.getIssuerFingerprint().getKeyVersion() == publicKey.getVersion());
         isTrue("isPrimaryUserID should be true", hashedPcks.isPrimaryUserID());
 
@@ -2207,27 +2209,20 @@ public void testPGPSignatureSubpacketVector()
 
         hashedGen = new PGPSignatureSubpacketGenerator();
         hashedGen.setExportable(false, true);
-        try
-        {
-            hashedGen.setExportable(false, false);
-            fail("Duplicated settings for Exportable");
-        }
-        catch (IllegalStateException e)
-        {
-            isTrue("Exportable Certification exists in the Signature Subpacket Generator",
-                messageIs(e.getMessage(), "Exportable Certification exists in the Signature Subpacket Generator"));
-        }
+        hashedGen.setExportable(false, false);
+        isEquals("Calling setExportable multiple times MUST NOT introduce duplicates",
+                1, hashedGen.getSubpackets(SignatureSubpacketTags.EXPORTABLE).length);
+        Exportable exportable = (Exportable) hashedGen.getSubpackets(SignatureSubpacketTags.EXPORTABLE)[0];
+        isTrue("Last invocation of setExportable MUST take precedence.",
+                !exportable.isExportable());
+
         hashedGen.setRevocable(false, true);
-        try
-        {
-            hashedGen.setRevocable(false, false);
-            fail("Duplicated settings for Revocable");
-        }
-        catch (IllegalStateException e)
-        {
-            isTrue("Revocable exists in the Signature Subpacket Generator",
-                messageIs(e.getMessage(), "Revocable exists in the Signature Subpacket Generator"));
-        }
+        hashedGen.setRevocable(false, false);
+        isEquals("Calling setRevocable multiple times MUST NOT introduce duplicates.",
+                1, hashedGen.getSubpackets(SignatureSubpacketTags.REVOCABLE).length);
+        Revocable revocable = (Revocable) hashedGen.getSubpackets(SignatureSubpacketTags.REVOCABLE)[0];
+        isTrue("Last invocation of setRevocable MUST take precedence.",
+                !revocable.isRevocable());
 
         try
         {
@@ -2273,13 +2268,13 @@ public void testPGPSignatureSubpacketVector()
         hashedPcks = sig.getHashedSubPackets();
         isTrue("URL should be " + url, hashedPcks.getPolicyURI().getURI().equals(url));
         isTrue(areEqual(hashedPcks.getPolicyURI().getRawURI(), Strings.toUTF8ByteArray(url)));
-        isTrue("Exporable should be true", hashedPcks.isExportable());
-        isTrue("Test Singner User ID", hashedPcks.getSignerUserID().equals(""));
+        isTrue("Exportable should be false", !hashedPcks.isExportable());
+        isTrue("Test Signer User ID", hashedPcks.getSignerUserID().equals(""));
         isTrue("Test for empty description", hashedPcks.getRevocationReason().getRevocationDescription().equals(""));
         Features features = hashedPcks.getFeatures();
         isTrue(features.supportsSEIPDv2());
         isTrue(features.getFeatures() == Features.FEATURE_SEIPD_V2);
-        isTrue(hashedPcks.getRevocable().isRevocable());
+        isTrue("Revocable should be false", !hashedPcks.getRevocable().isRevocable());
     }
 
     public void testECNistCurves()