From 3e7e6df3f9ac37633773bd18a17cf9d9c6d9f409 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Sat, 7 May 2022 14:11:39 +0200
Subject: [PATCH] Disallow stripping of primary secret keys

---
 .../src/main/java/org/pgpainless/key/util/KeyRingUtils.java  | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java
index a7a2b0b9..dd366e46 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java
@@ -451,6 +451,11 @@ public final class KeyRingUtils {
     public static PGPSecretKeyRing stripSecretKey(@Nonnull PGPSecretKeyRing secretKeys,
                                                    long secretKeyId)
             throws IOException, PGPException {
+        
+        if (secretKeys.getPublicKey().getKeyID() == secretKeyId) {
+            throw new IllegalArgumentException("Bouncy Castle currently cannot deal with stripped secret primary keys.");
+        }
+
         if (secretKeys.getSecretKey(secretKeyId) == null) {
             throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId));
         }