1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-26 22:32:07 +01:00

Raise readable error message when trying to encrypt for key without acceptable self-sigs

This commit is contained in:
Paul Schaub 2022-03-07 14:55:45 +01:00
parent 9d160ef047
commit fc65bb4496
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -11,6 +11,7 @@ import java.util.HashSet;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Set; import java.util.Set;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
@ -184,15 +185,24 @@ public class EncryptionOptions {
* @return this * @return this
*/ */
public EncryptionOptions addRecipient(PGPPublicKeyRing key, EncryptionKeySelector encryptionKeySelectionStrategy) { public EncryptionOptions addRecipient(PGPPublicKeyRing key, EncryptionKeySelector encryptionKeySelectionStrategy) {
KeyRingInfo info = new KeyRingInfo(key, new Date()); Date evaluationDate = new Date();
Date primaryKeyExpiration = info.getPrimaryKeyExpirationDate(); KeyRingInfo info;
if (primaryKeyExpiration != null && primaryKeyExpiration.before(new Date())) { info = new KeyRingInfo(key, evaluationDate);
Date primaryKeyExpiration;
try {
primaryKeyExpiration = info.getPrimaryKeyExpirationDate();
} catch (NoSuchElementException e) {
throw new IllegalArgumentException("Provided key " + OpenPgpFingerprint.of(key) + " does not have a valid/acceptable signature carrying a primary key expiration date.");
}
if (primaryKeyExpiration != null && primaryKeyExpiration.before(evaluationDate)) {
throw new IllegalArgumentException("Provided key " + OpenPgpFingerprint.of(key) + " is expired: " + primaryKeyExpiration); throw new IllegalArgumentException("Provided key " + OpenPgpFingerprint.of(key) + " is expired: " + primaryKeyExpiration);
} }
List<PGPPublicKey> encryptionSubkeys = encryptionKeySelectionStrategy List<PGPPublicKey> encryptionSubkeys = encryptionKeySelectionStrategy
.selectEncryptionSubkeys(info.getEncryptionSubkeys(purpose)); .selectEncryptionSubkeys(info.getEncryptionSubkeys(purpose));
if (encryptionSubkeys.isEmpty()) { if (encryptionSubkeys.isEmpty()) {
throw new IllegalArgumentException("Key has no suitable encryption subkeys."); throw new IllegalArgumentException("Key " + OpenPgpFingerprint.of(key) + " has no suitable encryption subkeys.");
} }
for (PGPPublicKey encryptionSubkey : encryptionSubkeys) { for (PGPPublicKey encryptionSubkey : encryptionSubkeys) {