PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-12 15:32:06 +01:00
Code Issues Releases Wiki Activity

Prevent adding NULL to symmetric algorithm preference when generating key

Browse source 
Fixes #301
This commit is contained in:
Paul Schaub 2022-07-15 14:19:45 +02:00
parent 32e1f1234b
commit ba191a1d0f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeySpecBuilder.java
View file

@ -64,6 +64,11 @@ public class KeySpecBuilder implements KeySpecBuilderInterface {
@Override @Override
public KeySpecBuilder overridePreferredSymmetricKeyAlgorithms( public KeySpecBuilder overridePreferredSymmetricKeyAlgorithms(
@Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms) { @Nonnull SymmetricKeyAlgorithm... preferredSymmetricKeyAlgorithms) {
for (SymmetricKeyAlgorithm algo : preferredSymmetricKeyAlgorithms) {
if (algo == SymmetricKeyAlgorithm.NULL) {
throw new IllegalArgumentException("NULL (unencrypted) is an invalid symmetric key algorithm preference.");
}
}
this.preferredSymmetricAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredSymmetricKeyAlgorithms)); this.preferredSymmetricAlgorithms = new LinkedHashSet<>(Arrays.asList(preferredSymmetricKeyAlgorithms));
return this; return this;
} }

14
pgpainless-core/src/test/java/org/pgpainless/key/generation/StupidAlgorithmPreferenceEncryptionTest.java
View file

@ -9,20 +9,34 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
import org.pgpainless.encryption_signing.EncryptionOptions; import org.pgpainless.encryption_signing.EncryptionOptions;
import org.pgpainless.encryption_signing.EncryptionResult; import org.pgpainless.encryption_signing.EncryptionResult;
import org.pgpainless.encryption_signing.EncryptionStream; import org.pgpainless.encryption_signing.EncryptionStream;
import org.pgpainless.encryption_signing.ProducerOptions; import org.pgpainless.encryption_signing.ProducerOptions;
import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.rsa.RsaLength;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue; import static org.junit.jupiter.api.Assertions.assertTrue;
public class StupidAlgorithmPreferenceEncryptionTest { public class StupidAlgorithmPreferenceEncryptionTest {
@Test
public void testPreventUnencryptedAlgorithmPreferenceDuringKeyGeneration() {
KeySpecBuilder specBuilder = KeySpec.getBuilder(KeyType.RSA(RsaLength._4096), KeyFlag.CERTIFY_OTHER);
assertThrows(IllegalArgumentException.class, () ->
specBuilder.overridePreferredSymmetricKeyAlgorithms(
SymmetricKeyAlgorithm.AES_256, SymmetricKeyAlgorithm.AES_192,
SymmetricKeyAlgorithm.AES_128, SymmetricKeyAlgorithm.NULL));
}
// RSA key with symmetric algorithm preference "NULL" (unencrypted). // RSA key with symmetric algorithm preference "NULL" (unencrypted).
private static final String STUPID_KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + private static final String STUPID_KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" +
"Version: PGPainless\n" + "Version: PGPainless\n" +