mirror of
https://github.com/pgpainless/pgpainless.git
synced 2025-01-10 20:27:58 +01:00
sop: Enforce that any secret key argument only contains a single secret key
This commit is contained in:
parent
4e83281213
commit
e3ff1403a3
3 changed files with 15 additions and 3 deletions
|
@ -104,8 +104,11 @@ public class DecryptImpl implements Decrypt {
|
||||||
public DecryptImpl withKey(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.BadData, SOPGPException.UnsupportedAsymmetricAlgo {
|
public DecryptImpl withKey(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.BadData, SOPGPException.UnsupportedAsymmetricAlgo {
|
||||||
try {
|
try {
|
||||||
PGPSecretKeyRingCollection secretKeys = PGPainless.readKeyRing()
|
PGPSecretKeyRingCollection secretKeys = PGPainless.readKeyRing()
|
||||||
.keyRingCollection(keyIn, true)
|
.secretKeyRingCollection(keyIn);
|
||||||
.getPGPSecretKeyRingCollection();
|
|
||||||
|
if (secretKeys.size() != 1) {
|
||||||
|
throw new SOPGPException.BadData(new AssertionError("Exactly one single secret key expected. Got " + secretKeys.size()));
|
||||||
|
}
|
||||||
|
|
||||||
for (PGPSecretKeyRing secretKey : secretKeys) {
|
for (PGPSecretKeyRing secretKey : secretKeys) {
|
||||||
KeyRingInfo info = new KeyRingInfo(secretKey);
|
KeyRingInfo info = new KeyRingInfo(secretKey);
|
||||||
|
|
|
@ -63,6 +63,9 @@ public class EncryptImpl implements Encrypt {
|
||||||
public Encrypt signWith(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.CertCannotSign, SOPGPException.UnsupportedAsymmetricAlgo, SOPGPException.BadData {
|
public Encrypt signWith(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.CertCannotSign, SOPGPException.UnsupportedAsymmetricAlgo, SOPGPException.BadData {
|
||||||
try {
|
try {
|
||||||
PGPSecretKeyRingCollection keys = PGPainless.readKeyRing().secretKeyRingCollection(keyIn);
|
PGPSecretKeyRingCollection keys = PGPainless.readKeyRing().secretKeyRingCollection(keyIn);
|
||||||
|
if (keys.size() != 1) {
|
||||||
|
throw new SOPGPException.BadData(new AssertionError("Exactly one secret key at a time expected. Got " + keys.size()));
|
||||||
|
}
|
||||||
|
|
||||||
if (signingOptions == null) {
|
if (signingOptions == null) {
|
||||||
signingOptions = SigningOptions.get();
|
signingOptions = SigningOptions.get();
|
||||||
|
|
|
@ -24,6 +24,7 @@ import java.util.List;
|
||||||
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
|
||||||
import org.bouncycastle.openpgp.PGPSignature;
|
import org.bouncycastle.openpgp.PGPSignature;
|
||||||
import org.bouncycastle.util.io.Streams;
|
import org.bouncycastle.util.io.Streams;
|
||||||
import org.pgpainless.PGPainless;
|
import org.pgpainless.PGPainless;
|
||||||
|
@ -62,7 +63,12 @@ public class SignImpl implements Sign {
|
||||||
@Override
|
@Override
|
||||||
public Sign key(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.BadData, IOException {
|
public Sign key(InputStream keyIn) throws SOPGPException.KeyIsProtected, SOPGPException.BadData, IOException {
|
||||||
try {
|
try {
|
||||||
PGPSecretKeyRing key = PGPainless.readKeyRing().secretKeyRing(keyIn);
|
PGPSecretKeyRingCollection keys = PGPainless.readKeyRing().secretKeyRingCollection(keyIn);
|
||||||
|
if (keys.size() != 1) {
|
||||||
|
throw new SOPGPException.BadData(new AssertionError("Exactly one secret key at a time expected. Got " + keys.size()));
|
||||||
|
}
|
||||||
|
|
||||||
|
PGPSecretKeyRing key = keys.iterator().next();
|
||||||
KeyRingInfo info = new KeyRingInfo(key);
|
KeyRingInfo info = new KeyRingInfo(key);
|
||||||
if (!info.isFullyDecrypted()) {
|
if (!info.isFullyDecrypted()) {
|
||||||
throw new SOPGPException.KeyIsProtected();
|
throw new SOPGPException.KeyIsProtected();
|
||||||
|
|
Loading…
Reference in a new issue