1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-26 12:58:02 +01:00

Fix changelog and change method signature

This commit is contained in:
Paul Schaub 2022-03-31 21:56:24 +02:00
parent 39382c7de6
commit 50bcb6a135
4 changed files with 60 additions and 32 deletions

View file

@ -7,9 +7,9 @@ SPDX-License-Identifier: CC0-1.0
## 1.1.5-SNAPSHOT
- SOP encrypt: match signature type when using `encrypt --as=` option
- `ProducerOptions.setEncoding()`: The encoding is henceforth only considered metadata and will no longer trigger CRLF encoding
- `ProducerOptions.setEncoding()`: The encoding is henceforth only considered metadata and will no longer trigger CRLF encoding.
- This fixes broken signature generation for mismatching (`StreamEncoding`,`DocumentSignatureType`) tuples.
- Applications that rely on CRLF-encoding must now apply that encoding themselves (see [#264](https://github.com/pgpainless/pgpainless/issues/264#issuecomment-1083206738) for details).
- Applications that rely on CRLF-encoding can request PGPainless to apply this encoding by calling `ProducerOptions.applyCRLFEncoding(true)`.
## 1.1.4
- Add utility method `KeyRingUtils.removeSecretKey()` to remove secret key part from key ring

View file

@ -12,21 +12,6 @@ import java.io.OutputStream;
/**
* {@link OutputStream} which applies CR-LF encoding of its input data, based on the desired {@link StreamEncoding}.
*
*
* If you need PGPainless to CRLF encode signed data for you, you could do the following:
* {@code
* <pre>
* InputStream plaintext = ...
* EncryptionStream signerOrEncryptor = PGPainless.signAndOrEncrypt(...);
* CRLFGeneratorStream crlfOut = new CRLFGeneratorStream(signerOrEncryptor, streamEncoding);
*
* Streams.pipeAll(plaintext, crlfOut);
* crlfOut.close;
*
* EncryptionResult result = signerOrEncryptor.getResult();
* </pre>
* }
* This implementation originates from the Bouncy Castle library.
*/
public class CRLFGeneratorStream extends OutputStream {

View file

@ -249,17 +249,16 @@ public final class ProducerOptions {
/**
* Apply special encoding of line endings to the input data.
* By default, this is set to <pre>false</pre>, which means that the data is not altered.
* By default, this is disabled, which means that the data is not altered.
*
* Setting it to <pre>true</pre> will change the line endings to CR/LF.
* Enabling it will change the line endings to CR/LF.
* Note: The encoding will not be reversed when decrypting, so applying CR/LF encoding will result in
* the identity "decrypt(encrypt(data)) == data == verify(sign(data))".
*
* @param applyCRLFEncoding apply crlf encoding
* @return this
*/
public ProducerOptions applyCRLFEncoding(boolean applyCRLFEncoding) {
this.applyCRLFEncoding = applyCRLFEncoding;
public ProducerOptions applyCRLFEncoding() {
this.applyCRLFEncoding = true;
return this;
}

View file

@ -288,6 +288,47 @@ public class CanonicalizedDataEncryptionTest {
}
}
@Test
public void resultOfDecryptionIsCRLFEncoded() throws PGPException, IOException {
String before = "Foo\nBar!\n";
String after = "Foo\r\nBar!\r\n";
String encrypted = encryptAndSign(before, DocumentSignatureType.BINARY_DOCUMENT, StreamEncoding.TEXT, true);
ByteArrayInputStream in = new ByteArrayInputStream(encrypted.getBytes(StandardCharsets.UTF_8));
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
.onInputStream(in)
.withOptions(new ConsumerOptions()
.addDecryptionKey(secretKeys, SecretKeyRingProtector.unprotectedKeys())
.addVerificationCert(publicKeys));
ByteArrayOutputStream decrypted = new ByteArrayOutputStream();
Streams.pipeAll(decryptionStream, decrypted);
decryptionStream.close();
assertArrayEquals(after.getBytes(StandardCharsets.UTF_8), decrypted.toByteArray());
}
@Test
public void resultOfDecryptionIsNotCRLFEncoded() throws PGPException, IOException {
String beforeAndAfter = "Foo\nBar!\n";
String encrypted = encryptAndSign(beforeAndAfter, DocumentSignatureType.BINARY_DOCUMENT, StreamEncoding.TEXT, false);
ByteArrayInputStream in = new ByteArrayInputStream(encrypted.getBytes(StandardCharsets.UTF_8));
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
.onInputStream(in)
.withOptions(new ConsumerOptions()
.addDecryptionKey(secretKeys, SecretKeyRingProtector.unprotectedKeys())
.addVerificationCert(publicKeys));
ByteArrayOutputStream decrypted = new ByteArrayOutputStream();
Streams.pipeAll(decryptionStream, decrypted);
decryptionStream.close();
assertArrayEquals(beforeAndAfter.getBytes(StandardCharsets.UTF_8), decrypted.toByteArray());
}
private String encryptAndSign(String message,
DocumentSignatureType sigType,
StreamEncoding dataFormat,
@ -295,18 +336,21 @@ public class CanonicalizedDataEncryptionTest {
throws PGPException, IOException {
ByteArrayOutputStream out = new ByteArrayOutputStream();
ProducerOptions options = ProducerOptions
.signAndEncrypt(
EncryptionOptions.encryptCommunications()
.addRecipient(publicKeys),
SigningOptions.get()
.addInlineSignature(SecretKeyRingProtector.unprotectedKeys(), secretKeys, sigType)
)
.setEncoding(dataFormat);
if (applyCRLFEncoding) {
options.applyCRLFEncoding();
}
EncryptionStream encryptionStream = PGPainless.encryptAndOrSign()
.onOutputStream(out)
.withOptions(ProducerOptions
.signAndEncrypt(
EncryptionOptions.encryptCommunications()
.addRecipient(publicKeys),
SigningOptions.get()
.addInlineSignature(SecretKeyRingProtector.unprotectedKeys(), secretKeys, sigType)
)
.setEncoding(dataFormat)
.applyCRLFEncoding(applyCRLFEncoding)
);
.withOptions(options);
ByteArrayInputStream inputStream = new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8));
Streams.pipeAll(inputStream, encryptionStream);