1
0
Fork 0
mirror of https://codeberg.org/Mercury-IM/Smack synced 2024-11-25 15:52:06 +01:00

Merge pull request #488 from vanitasvitae/bumpPgpainless

OpenPGP: Bump PGPainless to 0.2.8
This commit is contained in:
Florian Schmaus 2021-08-10 16:49:46 +02:00 committed by GitHub
commit 98d530819f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 15 additions and 14 deletions

View file

@ -147,7 +147,7 @@ allprojects {
smackMinAndroidSdk = 19 smackMinAndroidSdk = 19
junitVersion = '5.7.1' junitVersion = '5.7.1'
commonsIoVersion = '2.6' commonsIoVersion = '2.6'
bouncyCastleVersion = '1.68' bouncyCastleVersion = '1.69'
guavaVersion = '30.1-jre' guavaVersion = '30.1-jre'
mockitoVersion = '3.7.7' mockitoVersion = '3.7.7'
orgReflectionsVersion = '0.9.11' orgReflectionsVersion = '0.9.11'

View file

@ -8,7 +8,7 @@ dependencies {
api project(':smack-extensions') api project(':smack-extensions')
api project(':smack-experimental') api project(':smack-experimental')
api 'org.pgpainless:pgpainless-core:0.2.0' api 'org.pgpainless:pgpainless-core:0.2.8'
testImplementation "org.bouncycastle:bcprov-jdk15on:${bouncyCastleVersion}" testImplementation "org.bouncycastle:bcprov-jdk15on:${bouncyCastleVersion}"

View file

@ -47,6 +47,7 @@ import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.bouncycastle.util.io.Streams; import org.bouncycastle.util.io.Streams;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.DocumentSignatureType; import org.pgpainless.algorithm.DocumentSignatureType;
import org.pgpainless.decryption_verification.ConsumerOptions;
import org.pgpainless.decryption_verification.DecryptionStream; import org.pgpainless.decryption_verification.DecryptionStream;
import org.pgpainless.decryption_verification.MissingPublicKeyCallback; import org.pgpainless.decryption_verification.MissingPublicKeyCallback;
import org.pgpainless.decryption_verification.OpenPgpMetadata; import org.pgpainless.decryption_verification.OpenPgpMetadata;
@ -209,10 +210,10 @@ public class PainlessOpenPgpProvider implements OpenPgpProvider {
DecryptionStream cipherStream = PGPainless.decryptAndOrVerify() DecryptionStream cipherStream = PGPainless.decryptAndOrVerify()
.onInputStream(cipherText) .onInputStream(cipherText)
.decryptWith(getStore().getKeyRingProtector(), self.getSecretKeys()) .withOptions(new ConsumerOptions()
.verifyWith(announcedPublicKeys) .addDecryptionKeys(self.getSecretKeys(), getStore().getKeyRingProtector())
.handleMissingPublicKeysWith(missingPublicKeyCallback) .addVerificationCerts(announcedPublicKeys)
.build(); .setMissingCertificateCallback(missingPublicKeyCallback));
Streams.pipeAll(cipherStream, plainText); Streams.pipeAll(cipherStream, plainText);

View file

@ -37,6 +37,7 @@ import org.bouncycastle.util.io.Streams;
import org.jxmpp.jid.BareJid; import org.jxmpp.jid.BareJid;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm; import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.decryption_verification.ConsumerOptions;
import org.pgpainless.decryption_verification.DecryptionStream; import org.pgpainless.decryption_verification.DecryptionStream;
import org.pgpainless.encryption_signing.EncryptionOptions; import org.pgpainless.encryption_signing.EncryptionOptions;
import org.pgpainless.encryption_signing.EncryptionStream; import org.pgpainless.encryption_signing.EncryptionStream;
@ -153,9 +154,8 @@ public class SecretKeyBackupHelper {
try { try {
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify() DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
.onInputStream(encryptedIn) .onInputStream(encryptedIn)
.decryptWith(Passphrase.fromPassword(backupCode.toString())) .withOptions(new ConsumerOptions()
.doNotVerify() .addDecryptionPassphrase(Passphrase.fromPassword(backupCode.toString())));
.build();
Streams.pipeAll(decryptionStream, plaintextOut); Streams.pipeAll(decryptionStream, plaintextOut);
decryptionStream.close(); decryptionStream.close();

View file

@ -142,7 +142,7 @@ public class PainlessOpenPgpProviderTest extends SmackTestSuite {
// Decrypt and Verify // Decrypt and Verify
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob); decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
OpenPgpV4Fingerprint decryptionFingerprint = decrypted.getMetadata().getDecryptionFingerprint(); OpenPgpV4Fingerprint decryptionFingerprint = decrypted.getMetadata().getDecryptionKey().getFingerprint();
assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId())); assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId()));
assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys)); assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys));
@ -162,9 +162,9 @@ public class PainlessOpenPgpProviderTest extends SmackTestSuite {
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob); decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
decryptionFingerprint = decrypted.getMetadata().getDecryptionFingerprint(); decryptionFingerprint = decrypted.getMetadata().getDecryptionKey().getFingerprint();
assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId())); assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId()));
assertTrue(decrypted.getMetadata().getVerifiedSignatureKeyFingerprints().isEmpty()); assertTrue(decrypted.getMetadata().getVerifiedSignatures().isEmpty());
assertEquals(OpenPgpMessage.State.crypt, decrypted.getState()); assertEquals(OpenPgpMessage.State.crypt, decrypted.getState());
CryptElement decryptedCrypt = (CryptElement) decrypted.getOpenPgpContentElement(); CryptElement decryptedCrypt = (CryptElement) decrypted.getOpenPgpContentElement();
@ -182,7 +182,7 @@ public class PainlessOpenPgpProviderTest extends SmackTestSuite {
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob); decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
assertNull(decrypted.getMetadata().getDecryptionFingerprint()); assertNull(decrypted.getMetadata().getDecryptionKey());
assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys)); assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys));
assertEquals(OpenPgpMessage.State.sign, decrypted.getState()); assertEquals(OpenPgpMessage.State.sign, decrypted.getState());

View file

@ -155,7 +155,7 @@ public class OXInstantMessagingManagerTest extends SmackTestSuite {
assertTrue(metadata.isSigned() && metadata.isEncrypted()); assertTrue(metadata.isSigned() && metadata.isEncrypted());
// Check, if one of Bobs keys was used for decryption // Check, if one of Bobs keys was used for decryption
assertNotNull(bobSelf.getSigningKeyRing().getPublicKey(metadata.getDecryptionFingerprint().getKeyId())); assertNotNull(bobSelf.getSigningKeyRing().getPublicKey(metadata.getDecryptionKey().getKeyId()));
// TODO: I observed this assertTrue() to fail sporadically. As a first attempt to diagnose this, a message was // TODO: I observed this assertTrue() to fail sporadically. As a first attempt to diagnose this, a message was
// added to the assertion. However since most (all?) objects used in the message do not implement a proper // added to the assertion. However since most (all?) objects used in the message do not implement a proper