From 3e7e6df3f9ac37633773bd18a17cf9d9c6d9f409 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Sat, 7 May 2022 14:11:39 +0200 Subject: [PATCH] Disallow stripping of primary secret keys --- .../src/main/java/org/pgpainless/key/util/KeyRingUtils.java | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java index a7a2b0b9..dd366e46 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/util/KeyRingUtils.java @@ -451,6 +451,11 @@ public final class KeyRingUtils { public static PGPSecretKeyRing stripSecretKey(@Nonnull PGPSecretKeyRing secretKeys, long secretKeyId) throws IOException, PGPException { + + if (secretKeys.getPublicKey().getKeyID() == secretKeyId) { + throw new IllegalArgumentException("Bouncy Castle currently cannot deal with stripped secret primary keys."); + } + if (secretKeys.getSecretKey(secretKeyId) == null) { throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId)); }