Paul Schaub
230725f6ff
Add option to force handling of data as non-openpgp
2022-04-22 21:33:13 +02:00
Paul Schaub
46f69b9fa5
Introduce OpenPgpInputStream to distinguish between armored, binary and non-OpenPGP data
2022-04-22 20:53:44 +02:00
Paul Schaub
58dee0d970
Fix javadoc warnings
2022-04-02 18:56:05 +02:00
Paul Schaub
e8b03834cb
Annotate fromId(code) methods with Nullable and add Nonnull requireFromId(code) methods
2022-03-22 15:09:09 +01:00
Paul Schaub
1753cef10e
Simplify handling of cleartext-signed data
2022-02-23 18:45:29 +01:00
Paul Schaub
a3f9311d9a
Add some comments to messy DecryptionStreamFactory code
2022-02-19 14:48:17 +01:00
Paul Schaub
e8da3b30d8
Yet another patch for ASCII armor detection -.-
2022-02-15 14:23:03 +01:00
Paul Schaub
f3cf3456ab
ConsumerOptions.setIsCleartextSigned -> return this
2022-02-15 14:22:57 +01:00
Paul Schaub
458b4f1f78
Fix detection of unarmored data in detached signature verification
2022-02-11 14:07:29 +01:00
Paul Schaub
b1bde161b4
Fix typos and wording
2021-12-28 13:53:25 +01:00
Paul Schaub
ce7b69269b
Various code cleanup
2021-12-28 13:32:50 +01:00
Paul Schaub
59f1a85887
Fix more code issues
2021-12-28 12:30:52 +01:00
Paul Schaub
a66b45c3d2
Further sourcing of PGPObjectFactory from ImplementationProvider
2021-12-14 15:03:45 +01:00
Paul Schaub
bff2b3fbfe
Clarify nesting depth exceeded error message
2021-12-14 13:14:56 +01:00
Paul Schaub
5108b81252
Add test to ensure PGPainless will refuse to decrypt message with incapable key
2021-12-13 12:43:08 +01:00
Paul Schaub
80e12db8b6
Prevent message decryption using non-encryption key
2021-12-13 12:27:32 +01:00
Paul Schaub
710f676dc3
Rename MAX_RECURSION_DEPTH constant to avoid confusion
2021-12-13 01:03:20 +01:00
Paul Schaub
c55fd2e552
Implement decryption with - and access of session keys
2021-12-02 12:42:02 +01:00
Paul Schaub
16e283f3a6
Fix unvalid cursor mark for large cleartext signed messages
...
Fixes #219 , #220
2021-11-24 14:51:16 +01:00
Paul Schaub
352f099d8a
Refactoring: Move signature verification stuff to consumer subpacket
2021-11-16 13:40:33 +01:00
Paul Schaub
59c9ec341e
Hide distinction between clearsigned and inline signed message verification
2021-11-02 12:12:29 +01:00
Paul Schaub
bd67d9c0fa
Rename EncryptionPurpose.STORAGE_AND_COMMUNICATION -> ANY
2021-11-02 11:30:44 +01:00
Paul Schaub
cf1881a140
Fix detection of non-armored data
2021-10-30 15:00:04 +02:00
Paul Schaub
3a9473ad6c
V5 Key-readyness: Replace usages of OpenPgpV4Fingerprint with abstract super class
2021-10-27 17:38:25 +02:00
Paul Schaub
bc2afea7ed
Add toString() methods for SignatureVerification & failure
2021-10-27 17:11:40 +02:00
Paul Schaub
aed06fc832
Add MessageInspector.determineEncryptionInfo(String)
2021-10-27 15:54:34 +02:00
Paul Schaub
5c3fa28946
Fix Kleopatra Interoperability
...
The cause of this issue was that we skipped the first (proper) PKESK and instead tried to decrypt
the wildcard PKESKs.
Furthermore, we had an issue in MessageInspector which read past the PKESK packets
2021-10-27 13:26:49 +02:00
Paul Schaub
963a8170da
Fix decryption of signed messages created with PGPainless < 0.2.10
2021-10-23 16:44:40 +02:00
Paul Schaub
f05be3dc30
Fix prematurely throwing of MissingPassphraseException
2021-10-19 18:13:23 +02:00
Paul Schaub
dc0b96278e
Add javadoc
2021-10-18 16:19:12 +02:00
Paul Schaub
2ad917d27c
Add ConsumerOptions.setMissingKeyPassphraseStrategy()
...
This allows switching missing passphrase handling from interactive mode
(fire callbacks to prompt user for missing key passphrases) to non-interactive mode
(throw MissingPassphraseException with all keys with missing passphrase in it).
Fixes #193
2021-10-18 16:01:19 +02:00
Paul Schaub
4e16cf13c5
Remove unused subclass
2021-10-12 15:31:38 +02:00
Paul Schaub
33f516efe8
Fix detection of signed messages when verification keys are missing
...
Fixes #187 , supersedes #189
2021-10-08 14:03:12 +02:00
Paul Schaub
e390389c0a
Reuse compliance
2021-10-07 16:28:31 +02:00
Paul Schaub
76a0a6479a
Remove unused OPS methods
2021-10-03 14:12:26 +02:00
Paul Schaub
0e1d6cb5a1
Rename DetachedSignature -> DetachedSignatureCheck
2021-10-03 13:47:20 +02:00
Paul Schaub
7bc35dcba3
Add regression test for PGPUtil.getDecoderStream mistaking plaintext for base64 encoded data
2021-10-01 15:21:42 +02:00
Paul Schaub
f7a7035059
Workaround for PGPUtil accidentally mistaking plain data for base64 encoded data.
2021-10-01 15:04:37 +02:00
Paul Schaub
5869996059
Add isSignedOnly() to MessageInspector
...
This method can be used to determine, whether the message was created using gpg --sign --armor.
It will return false if the message is signed and encrypted, since we cannot determine signed status while the message is encrypted.
Fixes #188
2021-10-01 14:12:10 +02:00
Paul Schaub
8ec8a55f10
Add ConsumerOptions.setIgnoreMDCErrors()
...
This method can be used to make PGPainless ignore certain MDC related errors or mishabits.
Use of this options is discouraged, but may come in handy in some situations.
Fixes #190
2021-10-01 13:54:51 +02:00
Paul Schaub
ece5897bae
CleartextSignedMessage processing: Reuse normal processing API
2021-09-27 11:47:54 +02:00
Paul Schaub
1aa6541766
Merge branch 'key_generator_rework'
2021-09-20 14:50:02 +02:00
Paul Schaub
ce645fc429
Postpone decryption of PKESK if secret key passphrase is missing and try next PKESK first before passphrase retrieval using callback
...
Fixes #186
2021-09-15 16:33:03 +02:00
Paul Schaub
81379a5176
Add MessageInspector utility class which can be used to determine encryption keys for a message
2021-09-14 21:49:02 +02:00
Paul Schaub
21f424551b
Simplify KeySpecBuilder
2021-09-13 19:46:18 +02:00
Paul Schaub
0a45f4de9e
Add documentation to SignatureVerification class
2021-09-13 18:18:50 +02:00
Paul Schaub
f28232893c
Refactoring: Move cleartext signed message processing to decryption_verification
2021-09-13 18:09:53 +02:00
Paul Schaub
90a00e0541
Move signature verification to dedicated streams
2021-09-07 14:02:07 +02:00
Paul Schaub
ba0e5eb3fe
Improve readability of DecryptionStreamFactory
2021-09-06 17:15:17 +02:00
Paul Schaub
e81ee648d8
Clean DecryptionStream: We only ever have one IntegrityProtectedInputStream at most
2021-09-06 15:14:13 +02:00
Paul Schaub
97c8ff8312
Throw WrongConsumingMethodException when processing Cleartext Signed Messages with Inband Signature verification API and vice versa
2021-08-29 13:35:27 +02:00
Paul Schaub
943360aa65
Document OpenPgpMetadata class
2021-08-26 19:53:15 +02:00
Paul Schaub
1124c6fd15
Wip: Configure logback logging
2021-08-26 15:03:20 +02:00
Paul Schaub
200e00990b
Remove unused class and move detached sig initialization in own method
2021-08-23 14:27:02 +02:00
Paul Schaub
829068d5a8
Switch from JUL logging to SLF4J
2021-08-23 14:20:25 +02:00
Paul Schaub
03efb5e14c
Rename verifySignatureCreationTimeIsInBounds method
2021-08-18 14:50:01 +02:00
Paul Schaub
8c3b694a71
Refactoring
2021-08-18 13:19:43 +02:00
Paul Schaub
5a9b8a2c50
Verify notBefore and notAfter on any message signatures
2021-08-18 12:55:24 +02:00
Paul Schaub
099b160656
Native support for notBefore and notAfter signature creation time constraints
2021-08-17 14:47:07 +02:00
Paul Schaub
54a4625fed
fix comments and javadoc
2021-08-15 15:46:41 +02:00
Paul Schaub
e5b15fe0c2
Use String-formatting in Logger statements
2021-08-15 15:46:41 +02:00
Paul Schaub
ab951fcf03
InputStreams: overwrite read(b, off, len) for improved performance
2021-08-15 15:46:41 +02:00
Paul Schaub
5eb470862e
Remove OpenPgpMetadata.FileInfo subclass
2021-08-15 15:46:41 +02:00
Paul Schaub
fb16db5db4
Improve handling of signatures with missing issuerKeyId packets
2021-07-31 22:24:39 +02:00
Paul Schaub
107e53c03e
Fully drain ArmoredInputStreams to verify CRC checksum.
...
Fixes #159 (for real this time)
2021-07-27 15:09:59 +02:00
Paul Schaub
8cf5347b52
Base PGPainlessCLI on new sop-java module
...
* Rename pgpainless-sop -> pgpainless-cli
* Introduce sop-java (implementation-independent SOP API)
* Introduce sop-java-picocli (CLI frontend for sop-java)
* Introduce pgpainless-sop (implementation of sop-java using PGPainless)
* Rework pgpainless-cli (plugs pgpainless-sop into sop-java-picocli)
2021-07-15 17:03:56 +02:00
Paul Schaub
2ba782c451
Move file-related encryption-info into ProducerOptions
2021-07-10 12:22:47 +02:00
Paul Schaub
6a90c4303e
OpenPgpMetadat: identify verified sigs by SubkeyIdentifier
2021-07-04 13:08:24 +02:00
Paul Schaub
ab347dab43
Remove deprecated decryption API code
2021-06-29 16:15:36 +02:00
Paul Schaub
df22c2a102
Remove duplicate code and throw NotYetImplementedExceptions where sensible
2021-06-16 15:49:43 +02:00
Paul Schaub
88891e1337
Remove usage of deprecated decryption/verification API in tests
2021-06-16 15:38:02 +02:00
Paul Schaub
715d055b41
Add documentation and deprecate old methods
2021-06-15 17:56:36 +02:00
Paul Schaub
8f425cd31d
Fix parsing of non-OpenPGP messages when handling detached signatures
2021-06-15 17:35:58 +02:00
Paul Schaub
70c4dcd1d2
Begin introducing new Decryption API
2021-06-15 17:08:40 +02:00
Paul Schaub
9b9064beae
Small code style fixes and optimizations
2021-06-10 12:42:48 +02:00
Paul Schaub
845779d40b
Avoid deprecated methods
2021-06-10 12:42:03 +02:00
Paul Schaub
13c7572c8c
Restore functionality of MissingPublicKeyCallback + JUnit test it
2021-05-29 12:19:12 +02:00
Paul Schaub
ea03c66400
Throw MissingDecryptionMethodException when missing decryption key or -passphrase
2021-05-28 23:20:25 +02:00
Paul Schaub
197cfab0d6
Respect symmetric algorithm policy during decryption and throw UnacceptableAlgorithmException if policy is violated
2021-05-17 13:47:46 +02:00
Paul Schaub
5a56949dd7
Throw WrongPassphraseException when wrong passphrase is provided to unlock secret key
2021-05-14 13:18:34 +02:00
Paul Schaub
431a65517e
Add documentation to signature related classes
2021-05-03 13:37:47 +02:00
Paul Schaub
ec85f53bb6
Incorporate feedback from @IvanPizhenko. Thanks!
2021-04-30 10:23:12 +02:00
Paul Schaub
64cc9ecca4
Proper Signature Verification
2021-04-30 09:49:19 +02:00
Paul Schaub
6ee8a9416f
Prevent decryption of messages using SED instead of SEIP packets and create dedicated exceptions for MDC related errors
2021-04-27 12:27:25 +02:00
Paul Schaub
0b3511486c
Add documentation to DecryptionStream(Interface)
2021-04-25 13:34:30 +02:00
Paul Schaub
2c4a3fca6a
Introduce OpenPgpMetadata.FileInfo class for setting/getting file name, mod date, encoding...
2021-04-25 00:28:48 +02:00
Paul Schaub
81393a7285
Abort decryption process at a depth of 16 nested packets
2021-02-19 21:37:54 +01:00
Paul Schaub
217609679d
Add SignatureValidationUtil and NotationRegistry classes
2021-02-19 21:22:25 +01:00
Paul Schaub
ea89289852
Check MDC when stream is closed
2021-02-17 21:04:05 +01:00
Paul Schaub
d2a581de9b
Fix decryption of messages with Wildcard recipient
...
Fixes #76
2021-02-17 20:20:10 +01:00
Paul Schaub
506a8b18af
Reject NULL encryption algorithm when decrypting messages
...
Fixes #77
2021-02-17 20:07:54 +01:00
Paul Schaub
63bf5a8e69
Add support for decryption with hidden recipients
2021-01-09 16:16:17 +01:00
Paul Schaub
1c1f9d49ab
Introduce ImplementationFactory
2020-12-27 01:56:18 +01:00
Paul Schaub
c7ede0fc8a
Add junit test for symmetric decryption
2020-12-26 23:36:33 +01:00
Paul Schaub
7d374f10a7
Allow encryption and decryption using symmetric passphrases in the main API
2020-12-26 19:04:27 +01:00
Paul Schaub
ff8c6d8b6d
Fix NPE when signing key is not found during signature verification
2020-12-16 20:11:45 +01:00
Paul Schaub
7de04c2949
Add handy shortcut methods to the API
2020-08-24 16:57:14 +02:00
Paul Schaub
f10d698a09
Remove dependency on jetbrains annotations
2020-08-24 16:44:14 +02:00
Paul Schaub
4f6a7d2838
Fix checkstyle issues
2020-08-24 16:26:29 +02:00
Paul Schaub
848a7a428b
Add handy default methods for the API and add documentation
2020-08-24 16:00:23 +02:00
Paul Schaub
65b670740e
Add support for detached signatures
2020-08-24 14:56:42 +02:00
Paul Schaub
ead54cb00b
Fix checkstyle issues
2020-01-10 18:46:31 +01:00
Paul Schaub
5134463883
Fix animalsniffer bugs!
2020-01-10 18:42:39 +01:00
Paul Schaub
b615ef74b0
Further refactoring of SignatureVerifyingInputStream
2020-01-10 18:31:43 +01:00
Paul Schaub
2902c81b6c
Simplify integrity protection assignment of resultBuilder
2020-01-10 18:31:27 +01:00
Paul Schaub
dd976b7319
Add hint about mutli assignment
2020-01-10 18:30:48 +01:00
Paul Schaub
db09a0ffbe
First Refactoring of DecryptionStreamFactory
2020-01-10 17:12:13 +01:00
Paul Schaub
be33206d03
Refactor SignatureVerifyingInputStream
2020-01-10 15:57:15 +01:00
Paul Schaub
530a22ba0e
Improve tests and add signatures to result
2020-01-10 15:12:04 +01:00
Florian Schmaus
8abea678ca
Tune down the INFO logging, use debug log level where sensible
...
Libraries should usually stay silent if everything works as
expected. Most of the INFO log levels call sites of pgpainless
actually are more of debug log level call sites. Hence this commit
changes most of them to use a debug log level.
2019-04-18 08:19:19 +02:00
Paul Schaub
90649a5882
Degrade decryption stream loglevel to FINE
2019-03-16 16:26:22 +01:00
Paul Schaub
b89d3562ac
Add @Nullable, @Nonnull annotations through findbugs
2018-07-31 20:09:16 +02:00
Paul Schaub
c8f3e3d116
add containsVerifiedSignatureFrom(OpenPgpV4Fingerprint) to OpenPgpMetadata
2018-07-26 16:40:26 +02:00
Paul Schaub
e9ca8df956
Add javadoc to MissingPublicKeyCallback
2018-07-25 22:49:02 +02:00
Paul Schaub
9017fcaba0
Rename PainlessResult -> OpenPpgMetadata
2018-07-23 16:23:23 +02:00
Paul Schaub
39c5464c37
Rename module painless-core -> pgpainless-core
...
Fix build.gradle
2018-07-19 00:15:06 +02:00