mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-23 03:17:58 +01:00
Add isSignedOnly() to MessageInspector
This method can be used to determine, whether the message was created using gpg --sign --armor. It will return false if the message is signed and encrypted, since we cannot determine signed status while the message is encrypted. Fixes #188
This commit is contained in:
parent
8ec8a55f10
commit
5869996059
2 changed files with 85 additions and 3 deletions
|
@ -27,6 +27,7 @@ import org.bouncycastle.openpgp.PGPEncryptedDataList;
|
|||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPLiteralData;
|
||||
import org.bouncycastle.openpgp.PGPObjectFactory;
|
||||
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
|
||||
import org.bouncycastle.openpgp.PGPPBEEncryptedData;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
|
||||
import org.pgpainless.implementation.ImplementationFactory;
|
||||
|
@ -40,7 +41,12 @@ public final class MessageInspector {
|
|||
public static class EncryptionInfo {
|
||||
private final List<Long> keyIds = new ArrayList<>();
|
||||
private boolean isPassphraseEncrypted = false;
|
||||
private boolean isSignedOnly = false;
|
||||
|
||||
/**
|
||||
* Return a list of recipient key ids for whom the message is encrypted.
|
||||
* @return recipient key ids
|
||||
*/
|
||||
public List<Long> getKeyIds() {
|
||||
return Collections.unmodifiableList(keyIds);
|
||||
}
|
||||
|
@ -48,6 +54,24 @@ public final class MessageInspector {
|
|||
public boolean isPassphraseEncrypted() {
|
||||
return isPassphraseEncrypted;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true, if the message is encrypted.
|
||||
*
|
||||
* @return true if encrypted
|
||||
*/
|
||||
public boolean isEncrypted() {
|
||||
return isPassphraseEncrypted || !keyIds.isEmpty();
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true, if the message is not encrypted, but signed using {@link org.bouncycastle.openpgp.PGPOnePassSignature OnePassSignatures}.
|
||||
*
|
||||
* @return true if message is signed only
|
||||
*/
|
||||
public boolean isSignedOnly() {
|
||||
return isSignedOnly;
|
||||
}
|
||||
}
|
||||
|
||||
private MessageInspector() {
|
||||
|
@ -67,16 +91,24 @@ public final class MessageInspector {
|
|||
InputStream decoded = ArmorUtils.getDecoderStream(dataIn);
|
||||
EncryptionInfo info = new EncryptionInfo();
|
||||
|
||||
collectDecryptionKeyIDs(decoded, info);
|
||||
processMessage(decoded, info);
|
||||
|
||||
return info;
|
||||
}
|
||||
|
||||
private static void collectDecryptionKeyIDs(InputStream dataIn, EncryptionInfo info) throws PGPException {
|
||||
private static void processMessage(InputStream dataIn, EncryptionInfo info) throws PGPException {
|
||||
PGPObjectFactory objectFactory = new PGPObjectFactory(dataIn,
|
||||
ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||
|
||||
for (Object next : objectFactory) {
|
||||
if (next instanceof PGPOnePassSignatureList) {
|
||||
PGPOnePassSignatureList signatures = (PGPOnePassSignatureList) next;
|
||||
if (!signatures.isEmpty()) {
|
||||
info.isSignedOnly = true;
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (next instanceof PGPEncryptedDataList) {
|
||||
PGPEncryptedDataList encryptedDataList = (PGPEncryptedDataList) next;
|
||||
for (PGPEncryptedData encryptedData : encryptedDataList) {
|
||||
|
@ -92,7 +124,7 @@ public final class MessageInspector {
|
|||
if (next instanceof PGPCompressedData) {
|
||||
PGPCompressedData compressed = (PGPCompressedData) next;
|
||||
InputStream decompressed = compressed.getDataStream();
|
||||
collectDecryptionKeyIDs(decompressed, info);
|
||||
processMessage(decompressed, info);
|
||||
}
|
||||
|
||||
if (next instanceof PGPLiteralData) {
|
||||
|
|
|
@ -44,6 +44,8 @@ public class MessageInspectorTest {
|
|||
new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||
|
||||
assertFalse(info.isPassphraseEncrypted());
|
||||
assertFalse(info.isSignedOnly());
|
||||
assertTrue(info.isEncrypted());
|
||||
assertEquals(1, info.getKeyIds().size());
|
||||
assertEquals(KeyIdUtil.fromLongKeyId("4766F6B9D5F21EB6"), info.getKeyIds().get(0));
|
||||
}
|
||||
|
@ -66,9 +68,57 @@ public class MessageInspectorTest {
|
|||
|
||||
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||
|
||||
assertTrue(info.isEncrypted());
|
||||
assertTrue(info.isPassphraseEncrypted());
|
||||
assertEquals(2, info.getKeyIds().size());
|
||||
assertFalse(info.isSignedOnly());
|
||||
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("4C6E8F99F6E47184")));
|
||||
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("1839079A640B2FAC")));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSignedOnlyMessage() throws PGPException, IOException {
|
||||
String message = "-----BEGIN PGP MESSAGE-----\n" +
|
||||
"Version: PGPainless\n" +
|
||||
"\n" +
|
||||
"owGbwMvMwCU2JftV+VJxWRbG0yJJDCDgkZqTk6+jEJ5flJOiyNVRysIgxsXAxsqU\n" +
|
||||
"GPbzCoMipwBMg5giy+9JdusX5zywTwq60QsTfj2J4a9ki6nKuVnu940q5qzl+aK3\n" +
|
||||
"89zdHzzyDBEdJg4asQcf3PBk+Cu1W/vQ1mMVW3fyTVc0VNe9PyktZlfcge2CbR8F\n" +
|
||||
"Dvxwv8UPAA==\n" +
|
||||
"=nt5n\n" +
|
||||
"-----END PGP MESSAGE-----";
|
||||
|
||||
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||
|
||||
assertTrue(info.isSignedOnly());
|
||||
|
||||
assertFalse(info.isEncrypted());
|
||||
assertFalse(info.isPassphraseEncrypted());
|
||||
assertEquals(0, info.getKeyIds().size());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEncryptedAndSignedMessage() throws PGPException, IOException {
|
||||
String message = "-----BEGIN PGP MESSAGE-----\n" +
|
||||
"Version: PGPainless\n" +
|
||||
"\n" +
|
||||
"jC4ECQMCKFdrpiMTt8xgtZjkH60Nu4s+5THbPWOgyTmXkAeBAsmXDNWWuB5QSXFz\n" +
|
||||
"hF4DaM8R0fnHE6USAQdALJl6fCtB597Ub/GR3bxu3Uv2lirMA8bI2iGHUE7f0Rkw\n" +
|
||||
"ZNgmEk3YRGp+zddZoLp0WAIL0y4FLwUlMrR+YFYA37eAILiCwLEesIpvIoYq+fIu\n" +
|
||||
"0r4BJ/bM9oiCZGy7clpBQgOBFOTMR2fCO9ESVOaLwTGDJkVk6m+iLV1OYG6997vP\n" +
|
||||
"qHrg/zzy/U+xm90iHJzXoQ7yd2QZMU7llvC/otf5j14x3PCqd/rIxQrO2uc76Pef\n" +
|
||||
"Lh1JRHb7St4PC429HfE7pEAfFUej1I56U/ZCPwxa9f6je911jM4ZmZQTKJq3XZ3H\n" +
|
||||
"KK0Ymg5GrsBTEGFm4jb1p+V85PPhsIioX3np/N3fkIfxFguTGZza33/GHy61+DTy\n" +
|
||||
"=SZU6\n" +
|
||||
"-----END PGP MESSAGE-----";
|
||||
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||
|
||||
// Message is encrypted, so we cannot determine if it is signed or not.
|
||||
// It is not signed only
|
||||
assertFalse(info.isSignedOnly());
|
||||
|
||||
assertTrue(info.isEncrypted());
|
||||
assertTrue(info.isPassphraseEncrypted());
|
||||
assertEquals(1, info.getKeyIds().size());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue