From cfab8a744d236a568516d205f22ae9352a4d7749 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Sun, 5 Aug 2018 12:23:54 +0200 Subject: [PATCH] Properly close InputStream in SymmetricEncryptorDecryptor Although it is possibly not strict required, it is always a good idea to close streams even if the conrete implementation does not cause resource leaks when not closed. After all, the implementation could change at some point in the future. --- .../SymmetricEncryptorDecryptor.java | 65 +++++++++++-------- 1 file changed, 37 insertions(+), 28 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java b/pgpainless-core/src/main/java/org/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java index 87ec4404..c5505156 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java +++ b/pgpainless-core/src/main/java/org/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java @@ -102,43 +102,52 @@ public class SymmetricEncryptorDecryptor { */ public static byte[] symmetricallyDecrypt(@Nonnull byte[] data, @Nonnull Passphrase password) throws IOException, PGPException { - InputStream in = new BufferedInputStream(new ByteArrayInputStream(data)); - in = PGPUtil.getDecoderStream(in); + PGPPBEEncryptedData pbe; + ByteArrayOutputStream outputStream = null; + BufferedInputStream bis = new BufferedInputStream(new ByteArrayInputStream(data)); + InputStream in = PGPUtil.getDecoderStream(bis); - BcPGPObjectFactory pgpF = new BcPGPObjectFactory(in); - PGPEncryptedDataList enc; - Object o = pgpF.nextObject(); + try { + BcPGPObjectFactory pgpF = new BcPGPObjectFactory(in); + PGPEncryptedDataList enc; + Object o = pgpF.nextObject(); - if (o instanceof PGPEncryptedDataList) { - enc = (PGPEncryptedDataList) o; - } else { - enc = (PGPEncryptedDataList) pgpF.nextObject(); - } + if (o instanceof PGPEncryptedDataList) { + enc = (PGPEncryptedDataList) o; + } else { + enc = (PGPEncryptedDataList) pgpF.nextObject(); + } - PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0); + pbe = (PGPPBEEncryptedData) enc.get(0); - InputStream clear = pbe.getDataStream(new BcPBEDataDecryptorFactory( - password.getChars(), new BcPGPDigestCalculatorProvider())); + InputStream clear = pbe.getDataStream( + new BcPBEDataDecryptorFactory(password.getChars(), new BcPGPDigestCalculatorProvider())); + BcPGPObjectFactory pgpFact = new BcPGPObjectFactory(clear); - BcPGPObjectFactory pgpFact = new BcPGPObjectFactory(clear); - - o = pgpFact.nextObject(); - if (o instanceof PGPCompressedData) { - PGPCompressedData cData = (PGPCompressedData) o; - pgpFact = new BcPGPObjectFactory(cData.getDataStream()); o = pgpFact.nextObject(); + if (o instanceof PGPCompressedData) { + PGPCompressedData cData = (PGPCompressedData) o; + pgpFact = new BcPGPObjectFactory(cData.getDataStream()); + o = pgpFact.nextObject(); + } + + PGPLiteralData ld = (PGPLiteralData) o; + InputStream unc = ld.getInputStream(); + + try { + outputStream = new ByteArrayOutputStream(); + + Streams.pipeAll(unc, outputStream); + } finally { + if (outputStream != null) { + outputStream.close(); + } + } + } finally { + in.close(); } - PGPLiteralData ld = (PGPLiteralData) o; - InputStream unc = ld.getInputStream(); - - ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); - - Streams.pipeAll(unc, outputStream); - - outputStream.close(); - if (pbe.isIntegrityProtected()) { if (!pbe.verify()) { throw new PGPException("Integrity check failed.");