mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-23 03:17:58 +01:00
Fix NPEs and expose decryption keys
This commit is contained in:
parent
6fd705b1dc
commit
7097d44916
2 changed files with 40 additions and 10 deletions
|
@ -7,6 +7,7 @@ package org.pgpainless.decryption_verification;
|
|||
import org.pgpainless.algorithm.CompressionAlgorithm;
|
||||
import org.pgpainless.algorithm.StreamEncoding;
|
||||
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
||||
import org.pgpainless.key.SubkeyIdentifier;
|
||||
import org.pgpainless.util.SessionKey;
|
||||
|
||||
import javax.annotation.Nonnull;
|
||||
|
@ -182,6 +183,24 @@ public class MessageMetadata {
|
|||
return (LiteralData) nested;
|
||||
}
|
||||
|
||||
public SubkeyIdentifier getDecryptionKey() {
|
||||
Iterator<SubkeyIdentifier> iterator = new LayerIterator<SubkeyIdentifier>(message) {
|
||||
@Override
|
||||
public boolean matches(Nested layer) {
|
||||
return layer instanceof EncryptedData;
|
||||
}
|
||||
|
||||
@Override
|
||||
public SubkeyIdentifier getProperty(Layer last) {
|
||||
return ((EncryptedData) last).decryptionKey;
|
||||
}
|
||||
};
|
||||
if (iterator.hasNext()) {
|
||||
return iterator.next();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public abstract static class Layer {
|
||||
protected final List<SignatureVerification> verifiedDetachedSignatures = new ArrayList<>();
|
||||
protected final List<SignatureVerification.Failure> rejectedDetachedSignatures = new ArrayList<>();
|
||||
|
@ -309,6 +328,7 @@ public class MessageMetadata {
|
|||
|
||||
public static class EncryptedData extends Layer implements Nested {
|
||||
protected final SymmetricKeyAlgorithm algorithm;
|
||||
protected SubkeyIdentifier decryptionKey;
|
||||
protected SessionKey sessionKey;
|
||||
protected List<Long> recipients;
|
||||
|
||||
|
|
|
@ -334,6 +334,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
|
|||
|
||||
MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData(
|
||||
SymmetricKeyAlgorithm.requireFromId(pkesk.getSymmetricAlgorithm(decryptorFactory)));
|
||||
encryptedData.decryptionKey = new SubkeyIdentifier(decryptionKeys, decryptionKey.getKeyID());
|
||||
encryptedData.sessionKey = sessionKey;
|
||||
|
||||
IntegrityProtectedInputStream integrityProtected = new IntegrityProtectedInputStream(decrypted, pkesk, options);
|
||||
|
@ -361,6 +362,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
|
|||
|
||||
MessageMetadata.EncryptedData encryptedData = new MessageMetadata.EncryptedData(
|
||||
SymmetricKeyAlgorithm.requireFromId(pkesk.getSymmetricAlgorithm(decryptorFactory)));
|
||||
encryptedData.decryptionKey = new SubkeyIdentifier(decryptionKeyCandidate.getA(), privateKey.getKeyID());
|
||||
encryptedData.sessionKey = sessionKey;
|
||||
|
||||
IntegrityProtectedInputStream integrityProtected = new IntegrityProtectedInputStream(decrypted, pkesk, options);
|
||||
|
@ -560,8 +562,6 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
|
|||
final List<PGPSignature> correspondingSignatures;
|
||||
boolean isLiteral = true;
|
||||
|
||||
final List<PGPSignature> verified = new ArrayList<>();
|
||||
|
||||
private Signatures(ConsumerOptions options) {
|
||||
this.options = options;
|
||||
this.detachedSignatures = new ArrayList<>();
|
||||
|
@ -580,24 +580,33 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
|
|||
void addDetachedSignature(PGPSignature signature) {
|
||||
long keyId = SignatureUtils.determineIssuerKeyId(signature);
|
||||
PGPPublicKeyRing certificate = findCertificate(keyId);
|
||||
initialize(signature, certificate, keyId);
|
||||
this.detachedSignatures.add(new DetachedOrPrependedSignature(signature, certificate, keyId));
|
||||
|
||||
if (certificate != null) {
|
||||
initialize(signature, certificate, keyId);
|
||||
this.detachedSignatures.add(new DetachedOrPrependedSignature(signature, certificate, keyId));
|
||||
}
|
||||
}
|
||||
|
||||
void addPrependedSignature(PGPSignature signature) {
|
||||
long keyId = SignatureUtils.determineIssuerKeyId(signature);
|
||||
PGPPublicKeyRing certificate = findCertificate(keyId);
|
||||
initialize(signature, certificate, keyId);
|
||||
this.prependedSignatures.add(new DetachedOrPrependedSignature(signature, certificate, keyId));
|
||||
|
||||
if (certificate != null) {
|
||||
initialize(signature, certificate, keyId);
|
||||
this.prependedSignatures.add(new DetachedOrPrependedSignature(signature, certificate, keyId));
|
||||
}
|
||||
}
|
||||
|
||||
void addOnePassSignature(PGPOnePassSignature signature) {
|
||||
PGPPublicKeyRing certificate = findCertificate(signature.getKeyID());
|
||||
OnePassSignature ops = new OnePassSignature(signature, certificate, signature.getKeyID());
|
||||
ops.init(certificate);
|
||||
onePassSignatures.add(ops);
|
||||
|
||||
literalOPS.add(ops);
|
||||
if (certificate != null) {
|
||||
OnePassSignature ops = new OnePassSignature(signature, certificate, signature.getKeyID());
|
||||
ops.init(certificate);
|
||||
onePassSignatures.add(ops);
|
||||
|
||||
literalOPS.add(ops);
|
||||
}
|
||||
if (signature.isContaining()) {
|
||||
enterNesting();
|
||||
}
|
||||
|
@ -898,6 +907,7 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
|
|||
resultBuilder.setFileName(m.getFilename());
|
||||
resultBuilder.setFileEncoding(m.getFormat());
|
||||
resultBuilder.setSessionKey(m.getSessionKey());
|
||||
resultBuilder.setDecryptionKey(m.getDecryptionKey());
|
||||
|
||||
for (SignatureVerification accepted : m.getVerifiedDetachedSignatures()) {
|
||||
resultBuilder.addVerifiedDetachedSignature(accepted);
|
||||
|
|
Loading…
Reference in a new issue