1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-22 10:57:58 +01:00

Kotlin conversion: MessageInspector

This commit is contained in:
Paul Schaub 2023-09-20 13:18:48 +02:00
parent ea57c4aec0
commit befb1c8c0f
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 108 additions and 146 deletions

View file

@ -1,146 +0,0 @@
// SPDX-FileCopyrightText: 2021 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.decryption_verification;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPLiteralData;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPOnePassSignatureList;
import org.bouncycastle.openpgp.PGPPBEEncryptedData;
import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
import org.bouncycastle.openpgp.PGPUtil;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.util.ArmorUtils;
/**
* Inspect an OpenPGP message to determine IDs of its encryption keys or whether it is passphrase protected.
*/
public final class MessageInspector {
public static class EncryptionInfo {
private final List<Long> keyIds = new ArrayList<>();
private boolean isPassphraseEncrypted = false;
private boolean isSignedOnly = false;
/**
* Return a list of recipient key ids for whom the message is encrypted.
* @return recipient key ids
*/
public List<Long> getKeyIds() {
return Collections.unmodifiableList(keyIds);
}
public boolean isPassphraseEncrypted() {
return isPassphraseEncrypted;
}
/**
* Return true, if the message is encrypted.
*
* @return true if encrypted
*/
public boolean isEncrypted() {
return isPassphraseEncrypted || !keyIds.isEmpty();
}
/**
* Return true, if the message is not encrypted, but signed using {@link org.bouncycastle.openpgp.PGPOnePassSignature OnePassSignatures}.
*
* @return true if message is signed only
*/
public boolean isSignedOnly() {
return isSignedOnly;
}
}
private MessageInspector() {
}
/**
* Parses parts of the provided OpenPGP message in order to determine which keys were used to encrypt it.
*
* @param message OpenPGP message
* @return encryption info
*
* @throws PGPException in case the message is broken
* @throws IOException in case of an IO error
*/
public static EncryptionInfo determineEncryptionInfoForMessage(String message) throws PGPException, IOException {
@SuppressWarnings("CharsetObjectCanBeUsed")
Charset charset = Charset.forName("UTF-8");
return determineEncryptionInfoForMessage(new ByteArrayInputStream(message.getBytes(charset)));
}
/**
* Parses parts of the provided OpenPGP message in order to determine which keys were used to encrypt it.
* Note: This method does not rewind the passed in Stream, so you might need to take care of that yourselves.
*
* @param dataIn openpgp message
* @return encryption information
*
* @throws IOException in case of an IO error
* @throws PGPException if the message is broken
*/
public static EncryptionInfo determineEncryptionInfoForMessage(InputStream dataIn) throws IOException, PGPException {
InputStream decoded = ArmorUtils.getDecoderStream(dataIn);
EncryptionInfo info = new EncryptionInfo();
processMessage(decoded, info);
return info;
}
private static void processMessage(InputStream dataIn, EncryptionInfo info) throws PGPException, IOException {
PGPObjectFactory objectFactory = ImplementationFactory.getInstance().getPGPObjectFactory(dataIn);
Object next;
while ((next = objectFactory.nextObject()) != null) {
if (next instanceof PGPOnePassSignatureList) {
PGPOnePassSignatureList signatures = (PGPOnePassSignatureList) next;
if (!signatures.isEmpty()) {
info.isSignedOnly = true;
return;
}
}
if (next instanceof PGPEncryptedDataList) {
PGPEncryptedDataList encryptedDataList = (PGPEncryptedDataList) next;
for (PGPEncryptedData encryptedData : encryptedDataList) {
if (encryptedData instanceof PGPPublicKeyEncryptedData) {
PGPPublicKeyEncryptedData pubKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedData;
info.keyIds.add(pubKeyEncryptedData.getKeyID());
} else if (encryptedData instanceof PGPPBEEncryptedData) {
info.isPassphraseEncrypted = true;
}
}
// Data is encrypted, we cannot go deeper
return;
}
if (next instanceof PGPCompressedData) {
PGPCompressedData compressed = (PGPCompressedData) next;
InputStream decompressed = compressed.getDataStream();
InputStream decoded = PGPUtil.getDecoderStream(decompressed);
objectFactory = ImplementationFactory.getInstance().getPGPObjectFactory(decoded);
}
if (next instanceof PGPLiteralData) {
return;
}
}
}
}

View file

@ -0,0 +1,108 @@
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.decryption_verification
import org.bouncycastle.openpgp.*
import org.pgpainless.implementation.ImplementationFactory
import org.pgpainless.util.ArmorUtils
import java.io.IOException
import java.io.InputStream
/**
* Inspect an OpenPGP message to determine IDs of its encryption keys or whether it is passphrase protected.
*/
class MessageInspector {
/**
* Info about an OpenPGP message.
*
* @param keyIds List of recipient key ids for whom the message is encrypted.
* @param isPassphraseEncrypted true, if the message is encrypted for a passphrase
* @param isSignedOnly true, if the message is not encrypted, but signed using OnePassSignatures
*/
data class EncryptionInfo(
val keyIds: List<Long>,
val isPassphraseEncrypted: Boolean,
val isSignedOnly: Boolean) {
val isEncrypted: Boolean
get() = isPassphraseEncrypted || keyIds.isNotEmpty()
}
companion object {
/**
* Parses parts of the provided OpenPGP message in order to determine which keys were used to encrypt it.
*
* @param message OpenPGP message
* @return encryption info
*
* @throws PGPException in case the message is broken
* @throws IOException in case of an IO error
*/
@JvmStatic
@Throws(PGPException::class, IOException::class)
fun determineEncryptionInfoForMessage(message: String): EncryptionInfo = determineEncryptionInfoForMessage(message.byteInputStream())
/**
* Parses parts of the provided OpenPGP message in order to determine which keys were used to encrypt it.
* Note: This method does not rewind the passed in Stream, so you might need to take care of that yourselves.
*
* @param inputStream openpgp message
* @return encryption information
*
* @throws IOException in case of an IO error
* @throws PGPException if the message is broken
*/
@JvmStatic
@Throws(PGPException::class, IOException::class)
fun determineEncryptionInfoForMessage(inputStream: InputStream): EncryptionInfo {
return processMessage(ArmorUtils.getDecoderStream(inputStream))
}
@JvmStatic
@Throws(PGPException::class, IOException::class)
private fun processMessage(inputStream: InputStream): EncryptionInfo {
var objectFactory = ImplementationFactory.getInstance().getPGPObjectFactory(inputStream)
var n: Any?
while (objectFactory.nextObject().also { n = it } != null) {
when (val next = n!!) {
is PGPOnePassSignatureList -> {
if (!next.isEmpty) {
return EncryptionInfo(listOf(), isPassphraseEncrypted = false, isSignedOnly = true)
}
}
is PGPEncryptedDataList -> {
var isPassphraseEncrypted = false
val keyIds = mutableListOf<Long>()
for (encryptedData in next) {
if (encryptedData is PGPPublicKeyEncryptedData) {
keyIds.add(encryptedData.keyID)
} else if (encryptedData is PGPPBEEncryptedData) {
isPassphraseEncrypted = true
}
}
// Data is encrypted, we cannot go deeper
return EncryptionInfo(keyIds, isPassphraseEncrypted, false)
}
is PGPCompressedData -> {
objectFactory = ImplementationFactory.getInstance().getPGPObjectFactory(
PGPUtil.getDecoderStream(next.dataStream))
continue
}
is PGPLiteralData -> {
break
}
}
}
return EncryptionInfo(listOf(), isPassphraseEncrypted = false, isSignedOnly = false)
}
}
}