1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-22 20:32:05 +01:00

Merge pull request #18 from wiktor-k/fix-empty-passphrase

Fix creating keys with `Passphrase.emptyPassphrase()`
This commit is contained in:
Paul Schaub 2020-10-30 12:31:06 +01:00 committed by GitHub
commit 423a3f1354
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 58 additions and 2 deletions

View file

@ -338,7 +338,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
}
private PBESecretKeyEncryptor buildSecretKeyEncryptor() {
PBESecretKeyEncryptor encryptor = passphrase == null ?
PBESecretKeyEncryptor encryptor = passphrase == null || passphrase.isEmpty() ?
null : // unencrypted key pair, otherwise AES-256 encrypted
new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, digestCalculator)
.setProvider(ProviderFactory.getProvider())
@ -347,7 +347,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
}
private PBESecretKeyDecryptor buildSecretKeyDecryptor() throws PGPException {
PBESecretKeyDecryptor decryptor = passphrase == null ?
PBESecretKeyDecryptor decryptor = passphrase == null || passphrase.isEmpty() ?
null :
new JcePBESecretKeyDecryptorBuilder()
.build(passphrase.getChars());

View file

@ -91,6 +91,17 @@ public class Passphrase {
}
}
/**
* Return true if the passphrase represents no password.
*
* @return empty
*/
public boolean isEmpty() {
synchronized (lock) {
return chars == null;
}
}
/**
* Represents a {@link Passphrase} instance that represents no password.
*

View file

@ -0,0 +1,45 @@
/*
* Copyright 2018 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless.key.generation;
import static org.junit.Assert.assertNotNull;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import org.bouncycastle.openpgp.PGPException;
import org.junit.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.key.generation.type.RSA;
import org.pgpainless.key.generation.type.length.RsaLength;
import org.pgpainless.util.Passphrase;
public class GenerateWithEmptyPassphrase {
@Test
public void test() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException, IOException {
assertNotNull(PGPainless.generateKeyRing()
.withMasterKey(KeySpec.getBuilder(RSA.withLength(RsaLength._3072))
.withDefaultKeyFlags()
.withDefaultAlgorithms())
.withPrimaryUserId("primary@user.id")
.withPassphrase(Passphrase.emptyPassphrase())
.build());
}
}