1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-27 06:42:05 +01:00

Reject NULL encryption algorithm when decrypting messages

Fixes #77
This commit is contained in:
Paul Schaub 2021-02-17 20:07:54 +01:00
parent cb7f38f003
commit 506a8b18af
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 7 additions and 1 deletions

View file

@ -197,6 +197,9 @@ public final class DecryptionStreamFactory {
.getPBEDataDecryptorFactory(decryptionPassphrase); .getPBEDataDecryptorFactory(decryptionPassphrase);
SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.fromId( SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm.fromId(
pbeEncryptedData.getSymmetricAlgorithm(passphraseDecryptor)); pbeEncryptedData.getSymmetricAlgorithm(passphraseDecryptor));
if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
throw new PGPException("Data is not encrypted.");
}
resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm); resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);
resultBuilder.setIntegrityProtected(pbeEncryptedData.isIntegrityProtected()); resultBuilder.setIntegrityProtected(pbeEncryptedData.isIntegrityProtected());
@ -256,6 +259,9 @@ public final class DecryptionStreamFactory {
SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm SymmetricKeyAlgorithm symmetricKeyAlgorithm = SymmetricKeyAlgorithm
.fromId(encryptedSessionKey.getSymmetricAlgorithm(keyDecryptor)); .fromId(encryptedSessionKey.getSymmetricAlgorithm(keyDecryptor));
if (symmetricKeyAlgorithm == SymmetricKeyAlgorithm.NULL) {
throw new PGPException("Data is not encrypted.");
}
LOGGER.log(LEVEL, "Message is encrypted using " + symmetricKeyAlgorithm); LOGGER.log(LEVEL, "Message is encrypted using " + symmetricKeyAlgorithm);
resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm); resultBuilder.setSymmetricKeyAlgorithm(symmetricKeyAlgorithm);

View file

@ -62,7 +62,7 @@ public class OpenPgpMetadata {
} }
public boolean isEncrypted() { public boolean isEncrypted() {
return !getRecipientKeyIds().isEmpty(); return symmetricKeyAlgorithm != SymmetricKeyAlgorithm.NULL && !getRecipientKeyIds().isEmpty();
} }
public OpenPgpV4Fingerprint getDecryptionFingerprint() { public OpenPgpV4Fingerprint getDecryptionFingerprint() {