1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-18 18:32:05 +01:00

Prevent adding NULL to symmetric algorithm preference when generating key

Fixes #301
This commit is contained in:
Paul Schaub 2022-07-15 14:19:45 +02:00
parent 32e1f1234b
commit ba191a1d0f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 19 additions and 0 deletions

View file

@ -64,6 +64,11 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
@Override
public KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(
@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms) {
for (SymmetricKeyAlgorithm algo : preferredSymmetricKeyAlgorithms) {
if (algo == SymmetricKeyAlgorithm.NULL) {
throw new IllegalArgumentException("NULL (unencrypted) is an invalid symmetric key algorithm preference.");
}
}
this.preferredSymmetricAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredSymmetricKeyAlgorithms));
return this;
}

View file

@ -9,20 +9,34 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.encryption_signing.EncryptionOptions;
import org.pgpainless.encryption_signing.EncryptionResult;
import org.pgpainless.encryption_signing.EncryptionStream;
import org.pgpainless.encryption_signing.ProducerOptions;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.rsa.RsaLength;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class StupidAlgorithmPreferenceEncryptionTest {
@Test
public void testPreventUnencryptedAlgorithmPreferenceDuringKeyGeneration() {
KeySpecBuilder specBuilder = KeySpec.getBuilder(KeyType.RSA(RsaLength._4096), KeyFlag.CERTIFY_OTHER);
assertThrows(IllegalArgumentException.class, () ->
specBuilder.overridePreferredSymmetricKeyAlgorithms(
SymmetricKeyAlgorithm.AES_256, SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_128, SymmetricKeyAlgorithm.NULL));
}
// RSA key with symmetric algorithm preference "NULL" (unencrypted).
private static final String STUPID_KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" +
"Version: PGPainless\n" +