1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-06-16 08:34:53 +02:00

Disallow stripping of primary secret keys

This commit is contained in:
Paul Schaub 2022-05-07 14:11:39 +02:00
parent 64a50266f1
commit 3e7e6df3f9
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -451,6 +451,11 @@ public final class KeyRingUtils {
public static PGPSecretKeyRing stripSecretKey(@Nonnull PGPSecretKeyRing secretKeys, public static PGPSecretKeyRing stripSecretKey(@Nonnull PGPSecretKeyRing secretKeys,
long secretKeyId) long secretKeyId)
throws IOException, PGPException { throws IOException, PGPException {
if (secretKeys.getPublicKey().getKeyID() == secretKeyId) {
throw new IllegalArgumentException("Bouncy Castle currently cannot deal with stripped secret primary keys.");
}
if (secretKeys.getSecretKey(secretKeyId) == null) { if (secretKeys.getSecretKey(secretKeyId) == null) {
throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId)); throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId));
} }