PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-06-17 00:54:50 +02:00
Code Issues Releases Wiki Activity
1200 commits 76 branches 114 tags 11 MiB
Commit graph

65 commits

Author SHA1 Message Date
Paul Schaub 864bfad80c Add test for encryption / decryption, signing with missing secret subkey 2022-04-07 19:42:58 +02:00
Paul Schaub 50bcb6a135 Fix changelog and change method signature 2022-04-02 16:18:12 +02:00
Paul Schaub f8e66f4d61 Add ProducerOptions.applyCRLFEncoding() 
Enabling it will automatically apply CRLF encoding to input data.
Further, disentangle signing from the encryption stream
 2022-04-02 16:18:12 +02:00
Paul Schaub ffdbd21491 Implement configuration option for SignerUserId subpacket verification level. 
By default we ignore SignerUserId subpackets on signatures.
This behavior can be changed by calling Policy.setSignerUserIdValidationLevel().
Right now, STRICT and DISABLED are available as options, but it may make sense to implement
another option PARTIALLY, which will accept signatures made by key with user-id 'A <foo@bar>'
but where the sig contains a signer user id of value 'foo@bar' for example.
 2022-03-14 11:10:12 +01:00
Paul Schaub 1753cef10e Simplify handling of cleartext-signed data 2022-02-23 18:45:29 +01:00
Paul Schaub e8da3b30d8 Yet another patch for ASCII armor detection -.- 2022-02-15 14:23:03 +01:00
Paul Schaub 458b4f1f78 Fix detection of unarmored data in detached signature verification 2022-02-11 14:07:29 +01:00
Paul Schaub b1bde161b4
Fix typos and wording 2021-12-28 13:53:25 +01:00
Paul Schaub ce7b69269b
Various code cleanup 2021-12-28 13:32:50 +01:00
Paul Schaub 59f1a85887
Fix more code issues 2021-12-28 12:30:52 +01:00
Paul Schaub cf90c25afc
rename invocationContextProvider to TestAllImplementations 2021-12-14 16:56:29 +01:00
Paul Schaub c331dee6b1
Replace @ArgumentSource with @TestTemplate, @ExtendWith 2021-12-14 16:55:04 +01:00
Paul Schaub 2ebf4be39c
Replace @MethodSource annotation with @ArgumentsSource 2021-12-14 15:47:53 +01:00
Paul Schaub 5108b81252
Add test to ensure PGPainless will refuse to decrypt message with incapable key 2021-12-13 12:43:08 +01:00
Paul Schaub ddc071374c Add invalid signature version processing regression test 2021-12-02 12:42:02 +01:00
Paul Schaub 16e283f3a6
Fix unvalid cursor mark for large cleartext signed messages 
Fixes #219, #220
 2021-11-24 14:51:16 +01:00
Paul Schaub 91080f411d
Rework secret key protection 2021-11-20 20:19:22 +01:00
Paul Schaub 352f099d8a Refactoring: Move signature verification stuff to consumer subpacket 2021-11-16 13:40:33 +01:00
Paul Schaub 59c9ec341e
Hide distinction between clearsigned and inline signed message verification 2021-11-02 12:12:29 +01:00
Paul Schaub bd67d9c0fa
Rename EncryptionPurpose.STORAGE_AND_COMMUNICATION -> ANY 2021-11-02 11:30:44 +01:00
Paul Schaub e8bf2ea9e7
Add tests for message inspection 2021-10-27 15:54:50 +02:00
Paul Schaub 2ad917d27c
Add ConsumerOptions.setMissingKeyPassphraseStrategy() 
This allows switching missing passphrase handling from interactive mode
(fire callbacks to prompt user for missing key passphrases) to non-interactive mode
(throw MissingPassphraseException with all keys with missing passphrase in it).

Fixes #193
 2021-10-18 16:01:19 +02:00
Paul Schaub 33f516efe8
Fix detection of signed messages when verification keys are missing 
Fixes #187, supersedes #189
 2021-10-08 14:03:12 +02:00
Paul Schaub e390389c0a Reuse compliance 2021-10-07 16:28:31 +02:00
Paul Schaub 7bc35dcba3
Add regression test for PGPUtil.getDecoderStream mistaking plaintext for base64 encoded data 2021-10-01 15:21:42 +02:00
Paul Schaub 5869996059
Add isSignedOnly() to MessageInspector 
This method can be used to determine, whether the message was created using gpg --sign --armor.
It will return false if the message is signed and encrypted, since we cannot determine signed status while the message is encrypted.
Fixes #188
 2021-10-01 14:12:10 +02:00
Paul Schaub 8ec8a55f10
Add ConsumerOptions.setIgnoreMDCErrors() 
This method can be used to make PGPainless ignore certain MDC related errors or mishabits.
Use of this options is discouraged, but may come in handy in some situations.

Fixes #190
 2021-10-01 13:54:51 +02:00
Paul Schaub ece5897bae
CleartextSignedMessage processing: Reuse normal processing API 2021-09-27 11:47:54 +02:00
Paul Schaub ce645fc429
Postpone decryption of PKESK if secret key passphrase is missing and try next PKESK first before passphrase retrieval using callback 
Fixes #186
 2021-09-15 16:33:03 +02:00
Paul Schaub 81379a5176
Add MessageInspector utility class which can be used to determine encryption keys for a message 2021-09-14 21:49:02 +02:00
Paul Schaub f28232893c
Refactoring: Move cleartext signed message processing to decryption_verification 2021-09-13 18:09:53 +02:00
Paul Schaub 3994f87c78 Cleartext Signature Framework: Return OpenPgpMetadata 2021-09-07 14:02:07 +02:00
Paul Schaub 90a00e0541 Move signature verification to dedicated streams 2021-09-07 14:02:07 +02:00
Paul Schaub 97c8ff8312
Throw WrongConsumingMethodException when processing Cleartext Signed Messages with Inband Signature verification API and vice versa 2021-08-29 13:35:27 +02:00
Paul Schaub 2885ff7a14
Cleartext signature framework: Reuse ConsumerOptions 2021-08-28 11:39:50 +02:00
Paul Schaub e19acb667c
Add SignatureUtils.readSignatures(byte[]) 2021-08-26 19:35:25 +02:00
Paul Schaub ac469ff5d7
Make non-test method a main method 2021-08-26 15:07:48 +02:00
Paul Schaub 4d6ca80e25 Debug signature verification using debug build of bcpg 2021-08-26 15:03:20 +02:00
Paul Schaub 3573115a60 Add investigation test for cleartext signature verification 2021-08-23 14:27:03 +02:00
Paul Schaub 5a9b8a2c50
Verify notBefore and notAfter on any message signatures 2021-08-18 12:55:24 +02:00
Paul Schaub 2bd71617bd PGPException is not thrown during secret key reading 2021-08-15 15:46:41 +02:00
Paul Schaub aa0aaf134d
Bundle ASCII-Armor CRC related tests 2021-08-08 17:39:36 +02:00
Paul Schaub 1983cfb4ac
ArmoredInputStreams: Properly catch ignorable IOExceptions caused by missing CRC sums 2021-08-08 15:35:05 +02:00
Paul Schaub 311c842196
Revert introduction of StreamUtil 2021-07-31 20:40:31 +02:00
Paul Schaub 107e53c03e
Fully drain ArmoredInputStreams to verify CRC checksum. 
Fixes #159 (for real this time)
 2021-07-27 15:09:59 +02:00
Paul Schaub fc311fe781
Workaround for #159: Avoid to prevent swallowing IOExceptions 2021-07-26 16:19:30 +02:00
Paul Schaub 6a90c4303e
OpenPgpMetadat: identify verified sigs by SubkeyIdentifier 2021-07-04 13:08:24 +02:00
Paul Schaub 63c75f1f86
Rename TestUtil -> TestImplementationFactoryProvider 2021-07-03 12:42:12 +02:00
Paul Schaub e7f685e63b
Tests: Make use of KeyRingInfo to determine encryption subkeys 2021-06-23 19:20:47 +02:00
Paul Schaub 88891e1337
Remove usage of deprecated decryption/verification API in tests 2021-06-16 15:38:02 +02:00