mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Add ConsumerOptions.setMissingKeyPassphraseStrategy()
This allows switching missing passphrase handling from interactive mode (fire callbacks to prompt user for missing key passphrases) to non-interactive mode (throw MissingPassphraseException with all keys with missing passphrase in it). Fixes #193
This commit is contained in:
parent
bebb9709ac
commit
2ad917d27c
5 changed files with 231 additions and 12 deletions
|
@ -32,6 +32,7 @@ import org.pgpainless.util.Passphrase;
|
||||||
*/
|
*/
|
||||||
public class ConsumerOptions {
|
public class ConsumerOptions {
|
||||||
|
|
||||||
|
|
||||||
private boolean ignoreMDCErrors = false;
|
private boolean ignoreMDCErrors = false;
|
||||||
|
|
||||||
private Date verifyNotBefore = null;
|
private Date verifyNotBefore = null;
|
||||||
|
@ -47,6 +48,7 @@ public class ConsumerOptions {
|
||||||
|
|
||||||
private final Map<PGPSecretKeyRing, SecretKeyRingProtector> decryptionKeys = new HashMap<>();
|
private final Map<PGPSecretKeyRing, SecretKeyRingProtector> decryptionKeys = new HashMap<>();
|
||||||
private final Set<Passphrase> decryptionPassphrases = new HashSet<>();
|
private final Set<Passphrase> decryptionPassphrases = new HashSet<>();
|
||||||
|
private MissingKeyPassphraseStrategy missingKeyPassphraseStrategy = MissingKeyPassphraseStrategy.INTERACTIVE;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -289,4 +291,13 @@ public class ConsumerOptions {
|
||||||
boolean isIgnoreMDCErrors() {
|
boolean isIgnoreMDCErrors() {
|
||||||
return ignoreMDCErrors;
|
return ignoreMDCErrors;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public ConsumerOptions setMissingKeyPassphraseStrategy(MissingKeyPassphraseStrategy strategy) {
|
||||||
|
this.missingKeyPassphraseStrategy = strategy;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
MissingKeyPassphraseStrategy getMissingKeyPassphraseStrategy() {
|
||||||
|
return missingKeyPassphraseStrategy;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,6 +10,7 @@ import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
@ -47,6 +48,7 @@ import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||||
import org.pgpainless.exception.MessageNotIntegrityProtectedException;
|
import org.pgpainless.exception.MessageNotIntegrityProtectedException;
|
||||||
import org.pgpainless.exception.MissingDecryptionMethodException;
|
import org.pgpainless.exception.MissingDecryptionMethodException;
|
||||||
import org.pgpainless.exception.MissingLiteralDataException;
|
import org.pgpainless.exception.MissingLiteralDataException;
|
||||||
|
import org.pgpainless.exception.MissingPassphraseException;
|
||||||
import org.pgpainless.exception.SignatureValidationException;
|
import org.pgpainless.exception.SignatureValidationException;
|
||||||
import org.pgpainless.exception.UnacceptableAlgorithmException;
|
import org.pgpainless.exception.UnacceptableAlgorithmException;
|
||||||
import org.pgpainless.exception.WrongConsumingMethodException;
|
import org.pgpainless.exception.WrongConsumingMethodException;
|
||||||
|
@ -67,6 +69,7 @@ import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
public final class DecryptionStreamFactory {
|
public final class DecryptionStreamFactory {
|
||||||
|
|
||||||
|
|
||||||
private static final Logger LOGGER = LoggerFactory.getLogger(DecryptionStreamFactory.class);
|
private static final Logger LOGGER = LoggerFactory.getLogger(DecryptionStreamFactory.class);
|
||||||
private static final int MAX_RECURSION_DEPTH = 16;
|
private static final int MAX_RECURSION_DEPTH = 16;
|
||||||
|
|
||||||
|
@ -382,6 +385,17 @@ public final class DecryptionStreamFactory {
|
||||||
|
|
||||||
// Try postponed keys with missing passphrases (will cause missing passphrase callbacks to fire)
|
// Try postponed keys with missing passphrases (will cause missing passphrase callbacks to fire)
|
||||||
if (encryptedSessionKey == null) {
|
if (encryptedSessionKey == null) {
|
||||||
|
|
||||||
|
if (options.getMissingKeyPassphraseStrategy() == MissingKeyPassphraseStrategy.THROW_EXCEPTION) {
|
||||||
|
// Non-interactive mode: Throw an exception with all locked decryption keys
|
||||||
|
Set<SubkeyIdentifier> keyIds = new HashSet<>();
|
||||||
|
for (Tuple<SubkeyIdentifier, ?> k : postponedDueToMissingPassphrase) {
|
||||||
|
keyIds.add(k.getA());
|
||||||
|
}
|
||||||
|
throw new MissingPassphraseException(keyIds);
|
||||||
|
}
|
||||||
|
else if (options.getMissingKeyPassphraseStrategy() == MissingKeyPassphraseStrategy.INTERACTIVE) {
|
||||||
|
// Interactive mode: Fire protector callbacks to get passphrases interactively
|
||||||
for (Tuple<SubkeyIdentifier, PGPPublicKeyEncryptedData> missingPassphrases : postponedDueToMissingPassphrase) {
|
for (Tuple<SubkeyIdentifier, PGPPublicKeyEncryptedData> missingPassphrases : postponedDueToMissingPassphrase) {
|
||||||
SubkeyIdentifier keyId = missingPassphrases.getA();
|
SubkeyIdentifier keyId = missingPassphrases.getA();
|
||||||
PGPPublicKeyEncryptedData publicKeyEncryptedData = missingPassphrases.getB();
|
PGPPublicKeyEncryptedData publicKeyEncryptedData = missingPassphrases.getB();
|
||||||
|
@ -397,6 +411,10 @@ public final class DecryptionStreamFactory {
|
||||||
encryptedSessionKey = publicKeyEncryptedData;
|
encryptedSessionKey = publicKeyEncryptedData;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
throw new IllegalStateException("Invalid PostponedKeysStrategy set in consumer options.");
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return decryptWith(encryptedSessionKey, decryptionKey);
|
return decryptWith(encryptedSessionKey, decryptionKey);
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.decryption_verification;
|
||||||
|
|
||||||
|
public enum MissingKeyPassphraseStrategy {
|
||||||
|
INTERACTIVE, // ask for missing key passphrases one by one
|
||||||
|
THROW_EXCEPTION // throw an exception with all keys with missing passphrases
|
||||||
|
}
|
|
@ -0,0 +1,26 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.exception;
|
||||||
|
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.pgpainless.key.SubkeyIdentifier;
|
||||||
|
|
||||||
|
public class MissingPassphraseException extends PGPException {
|
||||||
|
|
||||||
|
private final Set<SubkeyIdentifier> keyIds;
|
||||||
|
|
||||||
|
public MissingPassphraseException(Set<SubkeyIdentifier> keyIds) {
|
||||||
|
super("Missing passphrase encountered for keys " + Arrays.toString(keyIds.toArray()));
|
||||||
|
this.keyIds = Collections.unmodifiableSet(keyIds);
|
||||||
|
}
|
||||||
|
|
||||||
|
public Set<SubkeyIdentifier> getKeyIds() {
|
||||||
|
return keyIds;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,154 @@
|
||||||
|
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
|
||||||
|
//
|
||||||
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
|
package org.pgpainless.decryption_verification;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertArrayEquals;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
import static org.junit.jupiter.api.Assertions.fail;
|
||||||
|
|
||||||
|
import java.io.ByteArrayInputStream;
|
||||||
|
import java.io.ByteArrayOutputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.List;
|
||||||
|
import javax.annotation.Nullable;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
import org.bouncycastle.util.io.Streams;
|
||||||
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.pgpainless.PGPainless;
|
||||||
|
import org.pgpainless.algorithm.EncryptionPurpose;
|
||||||
|
import org.pgpainless.encryption_signing.EncryptionOptions;
|
||||||
|
import org.pgpainless.encryption_signing.EncryptionStream;
|
||||||
|
import org.pgpainless.encryption_signing.ProducerOptions;
|
||||||
|
import org.pgpainless.exception.MissingPassphraseException;
|
||||||
|
import org.pgpainless.key.SubkeyIdentifier;
|
||||||
|
import org.pgpainless.key.info.KeyRingInfo;
|
||||||
|
import org.pgpainless.key.protection.SecretKeyRingProtector;
|
||||||
|
import org.pgpainless.key.protection.passphrase_provider.SecretKeyPassphraseProvider;
|
||||||
|
import org.pgpainless.util.Passphrase;
|
||||||
|
|
||||||
|
public class MissingPassphraseForDecryptionTest {
|
||||||
|
|
||||||
|
private String passphrase = "dragon123";
|
||||||
|
private PGPSecretKeyRing secretKeys;
|
||||||
|
private byte[] message;
|
||||||
|
|
||||||
|
@BeforeEach
|
||||||
|
public void setup() throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException {
|
||||||
|
secretKeys = PGPainless.generateKeyRing().modernKeyRing("Test", passphrase);
|
||||||
|
PGPPublicKeyRing certificate = PGPainless.extractCertificate(secretKeys);
|
||||||
|
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||||
|
EncryptionStream encryptionStream = PGPainless.encryptAndOrSign()
|
||||||
|
.onOutputStream(out)
|
||||||
|
.withOptions(ProducerOptions.encrypt(EncryptionOptions.encryptCommunications()
|
||||||
|
.addRecipient(certificate)));
|
||||||
|
|
||||||
|
Streams.pipeAll(new ByteArrayInputStream("Hey, what's up?".getBytes(StandardCharsets.UTF_8)), encryptionStream);
|
||||||
|
encryptionStream.close();
|
||||||
|
message = out.toByteArray();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void invalidPostponedKeysStrategyTest() {
|
||||||
|
SecretKeyPassphraseProvider callback = new SecretKeyPassphraseProvider() {
|
||||||
|
@Nullable
|
||||||
|
@Override
|
||||||
|
public Passphrase getPassphraseFor(Long keyId) {
|
||||||
|
fail("MUST NOT get called in if postponed key strategy is invalid.");
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean hasPassphrase(Long keyId) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
ConsumerOptions options = new ConsumerOptions()
|
||||||
|
.setMissingKeyPassphraseStrategy(null) // illegal
|
||||||
|
.addDecryptionKey(secretKeys, SecretKeyRingProtector.defaultSecretKeyRingProtector(callback));
|
||||||
|
|
||||||
|
assertThrows(IllegalStateException.class, () -> PGPainless.decryptAndOrVerify()
|
||||||
|
.onInputStream(new ByteArrayInputStream(message))
|
||||||
|
.withOptions(options));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void interactiveStrategy() throws PGPException, IOException {
|
||||||
|
// interactive callback
|
||||||
|
SecretKeyPassphraseProvider callback = new SecretKeyPassphraseProvider() {
|
||||||
|
@Nullable
|
||||||
|
@Override
|
||||||
|
public Passphrase getPassphraseFor(Long keyId) {
|
||||||
|
// is called in interactive mode
|
||||||
|
return Passphrase.fromPassword(passphrase);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean hasPassphrase(Long keyId) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
ConsumerOptions options = new ConsumerOptions()
|
||||||
|
.setMissingKeyPassphraseStrategy(MissingKeyPassphraseStrategy.INTERACTIVE)
|
||||||
|
.addDecryptionKey(secretKeys, SecretKeyRingProtector.defaultSecretKeyRingProtector(callback));
|
||||||
|
|
||||||
|
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
|
||||||
|
.onInputStream(new ByteArrayInputStream(message))
|
||||||
|
.withOptions(options);
|
||||||
|
|
||||||
|
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||||
|
Streams.pipeAll(decryptionStream, out);
|
||||||
|
|
||||||
|
decryptionStream.close();
|
||||||
|
assertArrayEquals("Hey, what's up?".getBytes(StandardCharsets.UTF_8), out.toByteArray());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void throwExceptionStrategy() throws PGPException, IOException {
|
||||||
|
KeyRingInfo info = PGPainless.inspectKeyRing(secretKeys);
|
||||||
|
List<PGPPublicKey> encryptionKeys = info.getEncryptionSubkeys(EncryptionPurpose.STORAGE_AND_COMMUNICATIONS);
|
||||||
|
|
||||||
|
SecretKeyPassphraseProvider callback = new SecretKeyPassphraseProvider() {
|
||||||
|
@Nullable
|
||||||
|
@Override
|
||||||
|
public Passphrase getPassphraseFor(Long keyId) {
|
||||||
|
fail("MUST NOT get called in non-interactive mode.");
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean hasPassphrase(Long keyId) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
ConsumerOptions options = new ConsumerOptions()
|
||||||
|
.setMissingKeyPassphraseStrategy(MissingKeyPassphraseStrategy.THROW_EXCEPTION)
|
||||||
|
.addDecryptionKey(secretKeys, SecretKeyRingProtector.defaultSecretKeyRingProtector(callback));
|
||||||
|
|
||||||
|
try {
|
||||||
|
PGPainless.decryptAndOrVerify()
|
||||||
|
.onInputStream(new ByteArrayInputStream(message))
|
||||||
|
.withOptions(options);
|
||||||
|
fail("Expected exception!");
|
||||||
|
} catch (MissingPassphraseException e) {
|
||||||
|
assertFalse(e.getKeyIds().isEmpty());
|
||||||
|
assertEquals(encryptionKeys.size(), e.getKeyIds().size());
|
||||||
|
for (PGPPublicKey encryptionKey : encryptionKeys) {
|
||||||
|
assertTrue(e.getKeyIds().contains(new SubkeyIdentifier(secretKeys, encryptionKey.getKeyID())));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue