PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 14:22:05 +01:00
Code Issues Releases Wiki Activity

Add some comments to messy DecryptionStreamFactory code

Browse source
This commit is contained in:
Paul Schaub 2022-02-19 14:48:17 +01:00
parent 08a3f3e8b0
commit a3f9311d9a
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/DecryptionStreamFactory.java
View file

@ -133,6 +133,11 @@ public final class DecryptionStreamFactory {
InputStream decoderStream;
PGPObjectFactory objectFactory;
// Workaround for cleartext signed data
// If we below threw a WrongConsumingMethodException, the CleartextSignatureProcessor will prepare the
// message for us and will set options.isCleartextSigned() to true.
// That way we can process long messages without running the issue of resetting the bufferedInputStream
// to invalid marks.
if (options.isCleartextSigned()) {
inputStream = wrapInVerifySignatureStream(bufferedIn, null);
return new DecryptionStream(inputStream, resultBuilder, integrityProtectedEncryptedInputStream,
@ -146,6 +151,9 @@ public final class DecryptionStreamFactory {
if (decoderStream instanceof ArmoredInputStream) {
ArmoredInputStream armor = (ArmoredInputStream) decoderStream;
// Cleartext Signed Message
// Throw a WrongConsumingMethodException to delegate preparation (extraction of signatures)
// to the CleartextSignatureProcessor which will call us again (see comment above)
if (armor.isClearText()) {
throw new WrongConsumingMethodException("Message appears to be using the Cleartext Signature Framework. " +
"Use PGPainless.verifyCleartextSignedMessage() to verify this message instead.");
@ -156,6 +164,7 @@ public final class DecryptionStreamFactory {
// Parse OpenPGP message
inputStream = processPGPPackets(objectFactory, 1);
} catch (EOFException | FinalIOException e) {
// Broken message or invalid decryption session key
throw e;
} catch (MissingLiteralDataException e) {
// Not an OpenPGP message.