From fb5d351de7fb043066b6ae2b15ba718895e78945 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Wed, 27 Jun 2018 14:53:52 +0200 Subject: [PATCH] Make sure that provided key sets are not empty and return result on encryption stream --- .../encryption_signing/EncryptionBuilder.java | 39 ++++++++++++++++--- .../encryption_signing/EncryptionStream.java | 26 +++++++++++++ 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionBuilder.java b/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionBuilder.java index aff78b2e..137af08e 100644 --- a/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionBuilder.java +++ b/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionBuilder.java @@ -67,6 +67,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public WithAlgorithms toRecipients(PGPPublicKey... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } for (PGPPublicKey k : keys) { if (encryptionKeySelector().accept(null, k)) { EncryptionBuilder.this.encryptionKeys.add(k); @@ -79,6 +82,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public WithAlgorithms toRecipients(PGPPublicKeyRing... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } for (PGPPublicKeyRing ring : keys) { for (PGPPublicKey k : ring) { if (encryptionKeySelector().accept(null, k)) { @@ -92,6 +98,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public WithAlgorithms toRecipients(PublicKeyRingSelectionStrategy ringSelectionStrategy, MultiMap keys) { + if (keys.isEmpty()) { + throw new IllegalArgumentException("Recipient map MUST NOT be empty."); + } MultiMap acceptedKeyRings = ringSelectionStrategy.selectKeyRingsFromCollections(keys); for (O identifier : acceptedKeyRings.keySet()) { Set acceptedSet = acceptedKeyRings.get(identifier); @@ -116,6 +125,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public WithAlgorithms andToSelf(PGPPublicKey... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } for (PGPPublicKey k : keys) { if (encryptionKeySelector().accept(null, k)) { EncryptionBuilder.this.encryptionKeys.add(k); @@ -127,8 +139,11 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { } @Override - public WithAlgorithms andToSelf(PGPPublicKeyRing... keyRings) { - for (PGPPublicKeyRing ring : keyRings) { + public WithAlgorithms andToSelf(PGPPublicKeyRing... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } + for (PGPPublicKeyRing ring : keys) { for (Iterator i = ring.getPublicKeys(); i.hasNext(); ) { PGPPublicKey key = i.next(); if (encryptionKeySelector().accept(null, key)) { @@ -140,9 +155,12 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { } public WithAlgorithms andToSelf(PublicKeyRingSelectionStrategy ringSelectionStrategy, - MultiMap keyRingCollections) { + MultiMap keys) { + if (keys.isEmpty()) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } MultiMap acceptedKeyRings = - ringSelectionStrategy.selectKeyRingsFromCollections(keyRingCollections); + ringSelectionStrategy.selectKeyRingsFromCollections(keys); for (O identifier : acceptedKeyRings.keySet()) { Set acceptedSet = acceptedKeyRings.get(identifier); for (PGPPublicKeyRing k : acceptedSet) { @@ -183,6 +201,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public Armor signWith(SecretKeyRingProtector decryptor, PGPSecretKey... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } for (PGPSecretKey s : keys) { if (EncryptionBuilder.this.signingKeySelector().accept(null, s)) { signingKeys.add(s); @@ -196,6 +217,9 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public Armor signWith(SecretKeyRingProtector decryptor, PGPSecretKeyRing... keys) { + if (keys.length == 0) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } for (PGPSecretKeyRing key : keys) { for (Iterator i = key.getSecretKeys(); i.hasNext(); ) { PGPSecretKey s = i.next(); @@ -211,9 +235,12 @@ public class EncryptionBuilder implements EncryptionBuilderInterface { @Override public Armor signWith(SecretKeyRingSelectionStrategy ringSelectionStrategy, SecretKeyRingProtector decryptor, - MultiMap keyRingCollections) { + MultiMap keys) { + if (keys.isEmpty()) { + throw new IllegalArgumentException("Recipient list MUST NOT be empty."); + } MultiMap acceptedKeyRings = - ringSelectionStrategy.selectKeyRingsFromCollections(keyRingCollections); + ringSelectionStrategy.selectKeyRingsFromCollections(keys); for (O identifier : acceptedKeyRings.keySet()) { Set acceptedSet = acceptedKeyRings.get(identifier); for (PGPSecretKeyRing k : acceptedSet) { diff --git a/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionStream.java b/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionStream.java index f5831d7b..5924bcba 100644 --- a/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionStream.java +++ b/src/main/java/de/vanitasvitae/crypto/pgpainless/encryption_signing/EncryptionStream.java @@ -19,6 +19,7 @@ import java.io.IOException; import java.io.OutputStream; import java.util.ArrayList; import java.util.Date; +import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.logging.Level; @@ -27,6 +28,7 @@ import java.util.logging.Logger; import de.vanitasvitae.crypto.pgpainless.algorithm.CompressionAlgorithm; import de.vanitasvitae.crypto.pgpainless.algorithm.HashAlgorithm; import de.vanitasvitae.crypto.pgpainless.algorithm.SymmetricKeyAlgorithm; +import de.vanitasvitae.crypto.pgpainless.decryption_verification.PainlessResult; import org.bouncycastle.bcpg.ArmoredOutputStream; import org.bouncycastle.bcpg.BCPGOutputStream; import org.bouncycastle.openpgp.PGPCompressedDataGenerator; @@ -36,6 +38,7 @@ import org.bouncycastle.openpgp.PGPLiteralData; import org.bouncycastle.openpgp.PGPLiteralDataGenerator; import org.bouncycastle.openpgp.PGPPrivateKey; import org.bouncycastle.openpgp.PGPPublicKey; +import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPSignature; import org.bouncycastle.openpgp.PGPSignatureGenerator; import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder; @@ -53,6 +56,8 @@ public class EncryptionStream extends OutputStream { private static final int BUFFER_SIZE = 1 << 8; + private final PainlessResult result; + private List signatureGenerators = new ArrayList<>(); private boolean closed = false; @@ -139,6 +144,23 @@ public class EncryptionStream extends OutputStream { literalDataGenerator = new PGPLiteralDataGenerator(); literalDataStream = literalDataGenerator.open(basicCompressionStream, PGPLiteralData.BINARY, PGPLiteralData.CONSOLE, new Date(), new byte[BUFFER_SIZE]); + + // Prepare result + Set recipientKeyIds = new HashSet<>(); + for (PGPPublicKey recipient : encryptionKeys) { + recipientKeyIds.add(recipient.getKeyID()); + } + + Set signingKeyIds = new HashSet<>(); + for (PGPPrivateKey signer : signingKeys) { + signingKeyIds.add(signer.getKeyID()); + } + + + this.result = new PainlessResult(recipientKeyIds, + null, symmetricKeyAlgorithm, + compressionAlgorithm, true, + signingKeyIds, null); } static EncryptionStream create(OutputStream outputStream, @@ -236,4 +258,8 @@ public class EncryptionStream extends OutputStream { throw new IllegalArgumentException("Argument '" + name + "' MUST NOT be null."); } } + + public PainlessResult getResult() { + return result; + } }