From 506a8b18afa125e5eccd4db05798630b77702286 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Wed, 17 Feb 2021 20:07:54 +0100
Subject: [PATCH] Reject NULL encryption algorithm when decrypting messages

Fixes #77
---
 .../decryption_verification/DecryptionStreamFactory.java    | 6 ++++++
 .../pgpainless/decryption_verification/OpenPgpMetadata.java | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
index 4fbdea3c..cd64abcd 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
@@ -197,6 +197,9 @@ public final class DecryptionStreamFactory {
                             .getPBEDataDecryptorFactory(decryptionPassphrase);
                     SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.fromId(
                             pbeEncryptedData.getSymmetricAlgorithm(passphraseDecryptor));
+                    if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
+                        throw new PGPException("Data is not encrypted.");
+                    }
                     resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);
                     resultBuilder.setIntegrityProtected(pbeEncryptedData.isIntegrityProtected());
 
@@ -256,6 +259,9 @@ public final class DecryptionStreamFactory {
 
         SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm
                 .fromId(encryptedSessionKey.getSymmetricAlgorithm(keyDecryptor));
+        if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
+            throw new PGPException("Data is not encrypted.");
+        }
 
         LOGGER.log(LEVEL, "Message is encrypted using " + symmetricKeyAlgorithm);
         resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);
diff --git a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java
index 269478ac..0b6d92da 100644
--- a/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMetadata.java
@@ -62,7 +62,7 @@ public class OpenPgpMetadata {
     }
 
     public boolean isEncrypted() {
-        return !getRecipientKeyIds().isEmpty();
+        return symmetricKeyAlgorithm != SymmetricKeyAlgorithm.NULL && !getRecipientKeyIds().isEmpty();
     }
 
     public OpenPgpV4Fingerprint getDecryptionFingerprint() {