Reintroduce and deprecate old AEAD preferences methods.

vanitasvitae · vanitasvitae · commit 0d93bbff758f · 2024-08-26T11:50:53.000+02:00
diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketInputStream.java b/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketInputStream.java
@@ -149,6 +149,7 @@ else if (flags[StreamUtil.flag_partial])
         case PREFERRED_COMP_ALGS:
         case PREFERRED_HASH_ALGS:
         case PREFERRED_SYM_ALGS:
+        case PREFERRED_ENCRYPTION_MODES:
             return new PreferredAlgorithms(type, isCritical, isLongLength, data);
         case PREFERRED_AEAD_ALGORITHMS:
             return new PreferredAEADCiphersuites(isCritical, isLongLength, data);
diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java b/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java
@@ -30,8 +30,8 @@ public interface SignatureSubpacketTags
     int SIGNATURE_TARGET = 31;     // signature target
     int EMBEDDED_SIGNATURE = 32;   // embedded signature
     int ISSUER_FINGERPRINT = 33;   // issuer key fingerprint
-//  public static final int PREFERRED_AEAD_ALGORITHMS = 34; // RESERVED since crypto-refresh-05
-int INTENDED_RECIPIENT_FINGERPRINT = 35;   // intended recipient fingerprint
+    int PREFERRED_ENCRYPTION_MODES = 34;       // draft-koch-openpgp-2015-rfc4880bis defines this packet for AEAD algorithms
+    int INTENDED_RECIPIENT_FINGERPRINT = 35;   // intended recipient fingerprint
     int ATTESTED_CERTIFICATIONS = 37;   // attested certifications (RESERVED)
     int KEY_BLOCK = 38;            // Key Block (RESERVED)
     int PREFERRED_AEAD_ALGORITHMS = 39;   // preferred AEAD algorithms
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureSubpacketGenerator.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureSubpacketGenerator.java
@@ -193,11 +193,27 @@ public void setPreferredCompressionAlgorithms(boolean isCritical, int[] algorith
 
     /**
      * Specify the preferred AEAD algorithms of this key.
+     * This method of defining encryption mode preferences was introduced and deprecated in
+     * draft-koch-openpgp-2015-rfc4880bis for OpenPGP v5 keys.
      *
-     * @param isCritical true if should be treated as critical, false otherwise.
+     * @param isCritical true, if this packet should be treated as critical, false otherwise.
+     * @param algorithms array of algorithms in descending preference
+     * @deprecated use {@link #setPreferredAEADCiphersuites(boolean, PreferredAEADCiphersuites.Combination[])} instead
+     */
+    @Deprecated
+    public void setPreferredAEADAlgorithms(boolean isCritical, int[] algorithms)
+    {
+        packets.add(new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_ENCRYPTION_MODES, isCritical,
+            algorithms));
+    }
+
+    /**
+     * Specify the preferred AEAD cipher suites of this key.
+     *
+     * @param isCritical true, if this packet should be treated as critical, false otherwise.
      * @param algorithms array of algorithms in descending preference
      */
-    public void setPreferredAEADAlgorithms(boolean isCritical, PreferredAEADCiphersuites.Combination[] algorithms)
+    public void setPreferredAEADCiphersuites(boolean isCritical, PreferredAEADCiphersuites.Combination[] algorithms)
     {
         packets.add(new PreferredAEADCiphersuites(isCritical, algorithms));
     }
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureSubpacketVector.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureSubpacketVector.java
@@ -286,7 +286,37 @@ public int[] getPreferredCompressionAlgorithms()
         return ((PreferredAlgorithms)p).getPreferences();
     }
 
-    public PreferredAEADCiphersuites getPreferredAEADAlgorithms()
+    /**
+     * Return an array containing the preferred AEAD encryption modes of the key.
+     * AEAD Encryption modes are defined in {@link org.bouncycastle.bcpg.AEADAlgorithmTags}.
+     * <br>
+     * This packet type is defined in draft-koch-openpgp-2015-rfc4880bis.
+     * Recipients should ignore this packet and assume the recipient to prefer OCB.
+     *
+     * @return encryption modes
+     * @deprecated use {@link #getPreferredAEADCiphersuites()} instead.
+     */
+    @Deprecated
+    public int[] getPreferredAEADAlgorithms()
+    {
+        SignatureSubpacket p = this.getSubpacket(SignatureSubpacketTags.PREFERRED_ENCRYPTION_MODES);
+
+        if (p == null)
+        {
+            return null;
+        }
+
+        PreferredAlgorithms packet = (PreferredAlgorithms) p;
+        return packet.getPreferences();
+    }
+
+    /**
+     * Return an array containing preferred AEAD ciphersuites of the key.
+     * AEAD cipher suites are pairs of a symmetric algorithm and an AEAD algorithm.
+     *
+     * @return AEAD cipher suites
+     */
+    public PreferredAEADCiphersuites getPreferredAEADCiphersuites()
     {
         SignatureSubpacket p = this.getSubpacket(SignatureSubpacketTags.PREFERRED_AEAD_ALGORITHMS);
 
