diff --git a/lib/src/message/literal_message.dart b/lib/src/message/literal_message.dart index fff3d35f..73861b1f 100644 --- a/lib/src/message/literal_message.dart +++ b/lib/src/message/literal_message.dart @@ -9,6 +9,7 @@ import 'dart:typed_data'; import '../common/armor.dart'; import '../common/config.dart'; import '../common/helpers.dart'; +import '../enum/aead_algorithm.dart'; import '../enum/armor_type.dart'; import '../enum/compression_algorithm.dart'; import '../enum/preset_rfc.dart'; @@ -58,26 +59,42 @@ final class LiteralMessage extends BaseMessage implements LiteralMessageInterfac /// Checking the algorithm preferences of the passed encryption keys. static SessionKeyInterface generateSessionKey( final Iterable encryptionKeys, [ - final SymmetricAlgorithm symmetric = SymmetricAlgorithm.aes128, + final SymmetricAlgorithm defaultSymmetric = SymmetricAlgorithm.aes128, ]) { + var desiredSymmetrics = [ + SymmetricAlgorithm.aes128, + SymmetricAlgorithm.aes192, + SymmetricAlgorithm.aes256, + ]; + for (final key in encryptionKeys) { + desiredSymmetrics = desiredSymmetrics + .where( + (symmetric) => key.preferredSymmetrics.contains(symmetric), + ) + .toList(); + } + final symmetric = desiredSymmetrics.firstOrNull ?? defaultSymmetric; + + var desiredAeads = [ + AeadAlgorithm.ocb, + AeadAlgorithm.gcm, + AeadAlgorithm.eax, + ]; var aeadProtect = Config.aeadProtect; - final aead = Config.preferredAead; for (final key in encryptionKeys) { - final symmetrics = key.preferredSymmetrics; - if (symmetrics.isNotEmpty && !symmetrics.contains(symmetric)) { - throw AssertionError( - 'Symmetric not compatible with the given `encryptionKeys`', - ); - } if (key.aeadSupported) { - final aeads = key.preferredAeads(symmetric); - if (!aeads.contains(aead)) { - aeadProtect = false; - } + desiredAeads = desiredAeads + .where( + (aead) => key.preferredAeads(symmetric).contains(aead), + ) + .toList(); } else { aeadProtect = false; + break; } } + final aead = desiredAeads.firstOrNull ?? Config.preferredAead; + return SessionKey.produceKey( symmetric, aeadProtect ? aead : null, @@ -120,15 +137,16 @@ final class LiteralMessage extends BaseMessage implements LiteralMessageInterfac ); @override - compress([final CompressionAlgorithm? algorithm]) { - final algo = algorithm ?? Config.preferredCompression; - if (algo != CompressionAlgorithm.uncompressed) { + compress([ + final CompressionAlgorithm algorithm = CompressionAlgorithm.uncompressed, + ]) { + if (algorithm != CompressionAlgorithm.uncompressed) { return LiteralMessage( PacketList( [ CompressedDataPacket.fromPacketList( _unwrapCompressed(), - algorithm: algo, + algorithm: algorithm, ) ], ), @@ -141,7 +159,7 @@ final class LiteralMessage extends BaseMessage implements LiteralMessageInterfac encrypt({ final Iterable encryptionKeys = const [], final Iterable passwords = const [], - final SymmetricAlgorithm? symmetric, + final SymmetricAlgorithm symmetric = SymmetricAlgorithm.aes128, }) { if (encryptionKeys.isEmpty && passwords.isEmpty) { throw ArgumentError( @@ -156,7 +174,7 @@ final class LiteralMessage extends BaseMessage implements LiteralMessageInterfac } final sessionKey = generateSessionKey( encryptionKeys, - symmetric ?? Config.preferredSymmetric, + symmetric, ); final packetList = addPadding @@ -180,7 +198,7 @@ final class LiteralMessage extends BaseMessage implements LiteralMessageInterfac SymEncryptedIntegrityProtectedDataPacket.encryptPackets( sessionKey.encryptionKey, packetList, - symmetric: symmetric ?? Config.preferredSymmetric, + symmetric: symmetric, aead: sessionKey.aead, ), ])); diff --git a/lib/src/openpgp.dart b/lib/src/openpgp.dart index b08d370c..1c563fc2 100644 --- a/lib/src/openpgp.dart +++ b/lib/src/openpgp.dart @@ -269,10 +269,14 @@ final class OpenPGP { final DateTime? time, }) { return signingKeys.isEmpty - ? message.compress(compression).encrypt( + ? message + .compress( + compression ?? Config.preferredCompression, + ) + .encrypt( encryptionKeys: encryptionKeys, passwords: passwords, - symmetric: symmetric, + symmetric: symmetric ?? Config.preferredSymmetric, ) : message .sign( @@ -281,11 +285,13 @@ final class OpenPGP { notationData: notationData, time: time, ) - .compress(compression) + .compress( + compression ?? Config.preferredCompression, + ) .encrypt( encryptionKeys: encryptionKeys, passwords: passwords, - symmetric: symmetric, + symmetric: symmetric ?? Config.preferredSymmetric, ); } @@ -308,6 +314,7 @@ final class OpenPGP { passwords: passwords, signingKeys: signingKeys, symmetric: symmetric, + compression: compression, notationData: notationData, time: time, ); @@ -332,6 +339,7 @@ final class OpenPGP { passwords: passwords, signingKeys: signingKeys, symmetric: symmetric, + compression: compression, notationData: notationData, time: time, ); diff --git a/lib/src/packet/signature.dart b/lib/src/packet/signature.dart index 52737093..175b7f2d 100644 --- a/lib/src/packet/signature.dart +++ b/lib/src/packet/signature.dart @@ -493,7 +493,6 @@ class SignaturePacket extends BasePacket implements SignaturePacketInterface { PreferredSymmetricAlgorithms(Uint8List.fromList([ SymmetricAlgorithm.aes128.value, SymmetricAlgorithm.aes256.value, - SymmetricAlgorithm.aes192.value, ])), PreferredAeadAlgorithms(Uint8List.fromList([ AeadAlgorithm.ocb.value, @@ -531,12 +530,6 @@ class SignaturePacket extends BasePacket implements SignaturePacketInterface { SymmetricAlgorithm.aes256.value, AeadAlgorithm.gcm.value, ], - ...[ - SymmetricAlgorithm.aes192.value, - AeadAlgorithm.ocb.value, - SymmetricAlgorithm.aes192.value, - AeadAlgorithm.gcm.value, - ], ]))); } return subpackets; diff --git a/lib/src/type/literal_message.dart b/lib/src/type/literal_message.dart index cbe355eb..ed94d3d2 100644 --- a/lib/src/type/literal_message.dart +++ b/lib/src/type/literal_message.dart @@ -61,10 +61,12 @@ abstract interface class LiteralMessageInterface implements ArmorableInterface, EncryptedMessageInterface encrypt({ final Iterable encryptionKeys = const [], final Iterable passwords = const [], - final SymmetricAlgorithm? symmetric, + final SymmetricAlgorithm symmetric = SymmetricAlgorithm.aes128, }); /// Compress the message (the literal and signature packets of the message) /// Return new message with compressed content. - LiteralMessageInterface compress([final CompressionAlgorithm? algorithm]); + LiteralMessageInterface compress([ + final CompressionAlgorithm algorithm = CompressionAlgorithm.uncompressed, + ]); }