mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-23 03:17:58 +01:00
Add MessageInspector utility class which can be used to determine encryption keys for a message
This commit is contained in:
parent
5683ee205e
commit
81379a5176
2 changed files with 177 additions and 0 deletions
|
@ -0,0 +1,103 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2021 Paul Schaub.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.pgpainless.decryption_verification;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.InputStream;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.Collections;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPCompressedData;
|
||||||
|
import org.bouncycastle.openpgp.PGPEncryptedData;
|
||||||
|
import org.bouncycastle.openpgp.PGPEncryptedDataList;
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.bouncycastle.openpgp.PGPLiteralData;
|
||||||
|
import org.bouncycastle.openpgp.PGPObjectFactory;
|
||||||
|
import org.bouncycastle.openpgp.PGPPBEEncryptedData;
|
||||||
|
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
|
||||||
|
import org.pgpainless.implementation.ImplementationFactory;
|
||||||
|
import org.pgpainless.util.ArmorUtils;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Inspect an OpenPGP message to determine IDs of its encryption keys or whether it is passphrase protected.
|
||||||
|
*/
|
||||||
|
public final class MessageInspector {
|
||||||
|
|
||||||
|
public static class EncryptionInfo {
|
||||||
|
private final List<Long> keyIds = new ArrayList<>();
|
||||||
|
private boolean isPassphraseEncrypted = false;
|
||||||
|
|
||||||
|
public List<Long> getKeyIds() {
|
||||||
|
return Collections.unmodifiableList(keyIds);
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isPassphraseEncrypted() {
|
||||||
|
return isPassphraseEncrypted;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private MessageInspector() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Parses parts of the provided OpenPGP message in order to determine which keys were used to encrypt it.
|
||||||
|
* Note: This method does not rewind the passed in Stream, so you might need to take care of that yourselves.
|
||||||
|
*
|
||||||
|
* @param dataIn openpgp message
|
||||||
|
* @return encryption information
|
||||||
|
* @throws IOException
|
||||||
|
* @throws PGPException
|
||||||
|
*/
|
||||||
|
public static EncryptionInfo determineEncryptionInfoForMessage(InputStream dataIn) throws IOException, PGPException {
|
||||||
|
InputStream decoded = ArmorUtils.getDecoderStream(dataIn);
|
||||||
|
EncryptionInfo info = new EncryptionInfo();
|
||||||
|
|
||||||
|
collectDecryptionKeyIDs(decoded, info);
|
||||||
|
|
||||||
|
return info;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void collectDecryptionKeyIDs(InputStream dataIn, EncryptionInfo info) throws PGPException {
|
||||||
|
PGPObjectFactory objectFactory = new PGPObjectFactory(dataIn,
|
||||||
|
ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||||
|
|
||||||
|
for (Object next : objectFactory) {
|
||||||
|
if (next instanceof PGPEncryptedDataList) {
|
||||||
|
PGPEncryptedDataList encryptedDataList = (PGPEncryptedDataList) next;
|
||||||
|
for (PGPEncryptedData encryptedData : encryptedDataList) {
|
||||||
|
if (encryptedData instanceof PGPPublicKeyEncryptedData) {
|
||||||
|
PGPPublicKeyEncryptedData pubKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedData;
|
||||||
|
info.keyIds.add(pubKeyEncryptedData.getKeyID());
|
||||||
|
} else if (encryptedData instanceof PGPPBEEncryptedData) {
|
||||||
|
info.isPassphraseEncrypted = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (next instanceof PGPCompressedData) {
|
||||||
|
PGPCompressedData compressed = (PGPCompressedData) next;
|
||||||
|
InputStream decompressed = compressed.getDataStream();
|
||||||
|
collectDecryptionKeyIDs(decompressed, info);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (next instanceof PGPLiteralData) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,74 @@
|
||||||
|
/*
|
||||||
|
* Copyright 2021 Paul Schaub.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.pgpainless.decryption_verification;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||||
|
|
||||||
|
import java.io.ByteArrayInputStream;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
|
||||||
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.pgpainless.key.util.KeyIdUtil;
|
||||||
|
|
||||||
|
public class MessageInspectorTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testBasicMessageInspection() throws PGPException, IOException {
|
||||||
|
String message = "-----BEGIN PGP MESSAGE-----\n" +
|
||||||
|
"\n" +
|
||||||
|
"wV4DR2b2udXyHrYSAQdAO6LtuB8LenDp1EPVSSYn1QCmTSPjeXj9Qdel7t6Ozi8w\n" +
|
||||||
|
"kewS+0AdZcvcd2PQEuCboilRAN4TTi9SziuSDNZe//suYHL7SRnOvX6mWSZoiKBm\n" +
|
||||||
|
"0j8BlbKlRhBzcNDj6DSKfM/KBhRaw0U9fGs01gq+RNXIHOOnzVjLK18xTNEkx72F\n" +
|
||||||
|
"Z1/i3TYsmy8B0mMKkNYtpMk=\n" +
|
||||||
|
"=IICf\n" +
|
||||||
|
"-----END PGP MESSAGE-----\n";
|
||||||
|
|
||||||
|
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(
|
||||||
|
new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||||
|
|
||||||
|
assertFalse(info.isPassphraseEncrypted());
|
||||||
|
assertEquals(1, info.getKeyIds().size());
|
||||||
|
assertEquals(KeyIdUtil.fromLongKeyId("4766F6B9D5F21EB6"), info.getKeyIds().get(0));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testMultipleRecipientKeysAndPassphrase() throws PGPException, IOException {
|
||||||
|
String message = "-----BEGIN PGP MESSAGE-----\n" +
|
||||||
|
"Version: PGPainless\n" +
|
||||||
|
"\n" +
|
||||||
|
"jC4ECQMCtjbxGuer3wJgmQNX6L5nrJzkOEsnsFxyDYmqpqaFaMRHwARfX2huZdNd\n" +
|
||||||
|
"hF4DTG6PmfbkcYQSAQdAxolEEp+NDhQXzf4/hN/4ihjSs16EoMVPxnQVZslvXm0w\n" +
|
||||||
|
"pCmY/zAd1i3cJjNw2IXtCUpAIwjGc3pJzPxnkm0aBSS1ejxTqKy34MlostqEveB+\n" +
|
||||||
|
"hF4DGDkHmmQLL6wSAQdAxdIJmu7Vbz12eG3lCUDuuwXW1s0ZsSftbUT3Ly+YMFIw\n" +
|
||||||
|
"TadDYpy4pAAC82G8Z291zMiyctJE5dPAEWE5/sIguJSTeeM3ltocCMfx3ZCbKiov\n" +
|
||||||
|
"jC4ECQMCssbl4ymUB6FgAVELIUXGolY6PgsnRmq3oBQbM7ysu+WsXm//CRXqfkgU\n" +
|
||||||
|
"0kABN21rVlCCSrgAQq2vY4GWQ8OfiUzJOWH//63VDYMJ5ehou9eFtOXq2YW9IUy4\n" +
|
||||||
|
"nxVuXey3iyihCFAfD8ZK1Rnh\n" +
|
||||||
|
"=z6e0\n" +
|
||||||
|
"-----END PGP MESSAGE-----";
|
||||||
|
|
||||||
|
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
|
||||||
|
|
||||||
|
assertTrue(info.isPassphraseEncrypted());
|
||||||
|
assertEquals(2, info.getKeyIds().size());
|
||||||
|
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("4C6E8F99F6E47184")));
|
||||||
|
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("1839079A640B2FAC")));
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue