1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-23 11:27:57 +01:00

Reject NULL encryption algorithm when decrypting messages

Fixes #77
This commit is contained in:
Paul Schaub 2021-02-17 20:07:54 +01:00
parent cb7f38f003
commit 506a8b18af
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 7 additions and 1 deletions

View file

@ -197,6 +197,9 @@ public final class DecryptionStreamFactory {
.getPBEDataDecryptorFactory(decryptionPassphrase);
SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.fromId(
pbeEncryptedData.getSymmetricAlgorithm(passphraseDecryptor));
if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
throw new PGPException("Data is not encrypted.");
}
resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);
resultBuilder.setIntegrityProtected(pbeEncryptedData.isIntegrityProtected());
@ -256,6 +259,9 @@ public final class DecryptionStreamFactory {
SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm
.fromId(encryptedSessionKey.getSymmetricAlgorithm(keyDecryptor));
if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
throw new PGPException("Data is not encrypted.");
}
LOGGER.log(LEVEL, "Message is encrypted using " + symmetricKeyAlgorithm);
resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);

View file

@ -62,7 +62,7 @@ public class OpenPgpMetadata {
}
public boolean isEncrypted() {
return !getRecipientKeyIds().isEmpty();
return symmetricKeyAlgorithm != SymmetricKeyAlgorithm.NULL && !getRecipientKeyIds().isEmpty();
}
public OpenPgpV4Fingerprint getDecryptionFingerprint() {