PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-06-23 03:54:49 +02:00
Code Issues Releases Wiki Activity
1689 commits 75 branches 114 tags 11 MiB
Commit graph

216 commits

Author SHA1 Message Date
Paul Schaub 230725f6ff
Add option to force handling of data as non-openpgp 2022-04-22 21:33:13 +02:00
Paul Schaub 46f69b9fa5
Introduce OpenPgpInputStream to distinguish between armored, binary and non-OpenPGP data 2022-04-22 20:53:44 +02:00
Paul Schaub 58dee0d970
Fix javadoc warnings 2022-04-02 18:56:05 +02:00
Paul Schaub e8b03834cb
Annotate fromId(code) methods with Nullable and add Nonnull requireFromId(code) methods 2022-03-22 15:09:09 +01:00
Paul Schaub 1753cef10e Simplify handling of cleartext-signed data 2022-02-23 18:45:29 +01:00
Paul Schaub a3f9311d9a
Add some comments to messy DecryptionStreamFactory code 2022-02-19 14:48:17 +01:00
Paul Schaub e8da3b30d8 Yet another patch for ASCII armor detection -.- 2022-02-15 14:23:03 +01:00
Paul Schaub f3cf3456ab ConsumerOptions.setIsCleartextSigned -> return this 2022-02-15 14:22:57 +01:00
Paul Schaub 458b4f1f78 Fix detection of unarmored data in detached signature verification 2022-02-11 14:07:29 +01:00
Paul Schaub b1bde161b4
Fix typos and wording 2021-12-28 13:53:25 +01:00
Paul Schaub ce7b69269b
Various code cleanup 2021-12-28 13:32:50 +01:00
Paul Schaub 59f1a85887
Fix more code issues 2021-12-28 12:30:52 +01:00
Paul Schaub a66b45c3d2
Further sourcing of PGPObjectFactory from ImplementationProvider 2021-12-14 15:03:45 +01:00
Paul Schaub bff2b3fbfe
Clarify nesting depth exceeded error message 2021-12-14 13:14:56 +01:00
Paul Schaub 5108b81252
Add test to ensure PGPainless will refuse to decrypt message with incapable key 2021-12-13 12:43:08 +01:00
Paul Schaub 80e12db8b6
Prevent message decryption using non-encryption key 2021-12-13 12:27:32 +01:00
Paul Schaub 710f676dc3 Rename MAX_RECURSION_DEPTH constant to avoid confusion 2021-12-13 01:03:20 +01:00
Paul Schaub c55fd2e552 Implement decryption with - and access of session keys 2021-12-02 12:42:02 +01:00
Paul Schaub 16e283f3a6
Fix unvalid cursor mark for large cleartext signed messages 
Fixes #219, #220
 2021-11-24 14:51:16 +01:00
Paul Schaub 352f099d8a Refactoring: Move signature verification stuff to consumer subpacket 2021-11-16 13:40:33 +01:00
Paul Schaub 59c9ec341e
Hide distinction between clearsigned and inline signed message verification 2021-11-02 12:12:29 +01:00
Paul Schaub bd67d9c0fa
Rename EncryptionPurpose.STORAGE_AND_COMMUNICATION -> ANY 2021-11-02 11:30:44 +01:00
Paul Schaub cf1881a140
Fix detection of non-armored data 2021-10-30 15:00:04 +02:00
Paul Schaub 3a9473ad6c
V5 Key-readyness: Replace usages of OpenPgpV4Fingerprint with abstract super class 2021-10-27 17:38:25 +02:00
Paul Schaub bc2afea7ed
Add toString() methods for SignatureVerification & failure 2021-10-27 17:11:40 +02:00
Paul Schaub aed06fc832
Add MessageInspector.determineEncryptionInfo(String) 2021-10-27 15:54:34 +02:00
Paul Schaub 5c3fa28946 Fix Kleopatra Interoperability 
The cause of this issue was that we skipped the first (proper) PKESK and instead tried to decrypt
the wildcard PKESKs.

Furthermore, we had an issue in MessageInspector which read past the PKESK packets
 2021-10-27 13:26:49 +02:00
Paul Schaub 963a8170da
Fix decryption of signed messages created with PGPainless < 0.2.10 2021-10-23 16:44:40 +02:00
Paul Schaub f05be3dc30
Fix prematurely throwing of MissingPassphraseException 2021-10-19 18:13:23 +02:00
Paul Schaub dc0b96278e
Add javadoc 2021-10-18 16:19:12 +02:00
Paul Schaub 2ad917d27c
Add ConsumerOptions.setMissingKeyPassphraseStrategy() 
This allows switching missing passphrase handling from interactive mode
(fire callbacks to prompt user for missing key passphrases) to non-interactive mode
(throw MissingPassphraseException with all keys with missing passphrase in it).

Fixes #193
 2021-10-18 16:01:19 +02:00
Paul Schaub 4e16cf13c5
Remove unused subclass 2021-10-12 15:31:38 +02:00
Paul Schaub 33f516efe8
Fix detection of signed messages when verification keys are missing 
Fixes #187, supersedes #189
 2021-10-08 14:03:12 +02:00
Paul Schaub e390389c0a Reuse compliance 2021-10-07 16:28:31 +02:00
Paul Schaub 76a0a6479a
Remove unused OPS methods 2021-10-03 14:12:26 +02:00
Paul Schaub 0e1d6cb5a1
Rename DetachedSignature -> DetachedSignatureCheck 2021-10-03 13:47:20 +02:00
Paul Schaub 7bc35dcba3
Add regression test for PGPUtil.getDecoderStream mistaking plaintext for base64 encoded data 2021-10-01 15:21:42 +02:00
Paul Schaub f7a7035059
Workaround for PGPUtil accidentally mistaking plain data for base64 encoded data. 2021-10-01 15:04:37 +02:00
Paul Schaub 5869996059
Add isSignedOnly() to MessageInspector 
This method can be used to determine, whether the message was created using gpg --sign --armor.
It will return false if the message is signed and encrypted, since we cannot determine signed status while the message is encrypted.
Fixes #188
 2021-10-01 14:12:10 +02:00
Paul Schaub 8ec8a55f10
Add ConsumerOptions.setIgnoreMDCErrors() 
This method can be used to make PGPainless ignore certain MDC related errors or mishabits.
Use of this options is discouraged, but may come in handy in some situations.

Fixes #190
 2021-10-01 13:54:51 +02:00
Paul Schaub ece5897bae
CleartextSignedMessage processing: Reuse normal processing API 2021-09-27 11:47:54 +02:00
Paul Schaub 1aa6541766 Merge branch 'key_generator_rework' 2021-09-20 14:50:02 +02:00
Paul Schaub ce645fc429
Postpone decryption of PKESK if secret key passphrase is missing and try next PKESK first before passphrase retrieval using callback 
Fixes #186
 2021-09-15 16:33:03 +02:00
Paul Schaub 81379a5176
Add MessageInspector utility class which can be used to determine encryption keys for a message 2021-09-14 21:49:02 +02:00
Paul Schaub 21f424551b Simplify KeySpecBuilder 2021-09-13 19:46:18 +02:00
Paul Schaub 0a45f4de9e
Add documentation to SignatureVerification class 2021-09-13 18:18:50 +02:00
Paul Schaub f28232893c
Refactoring: Move cleartext signed message processing to decryption_verification 2021-09-13 18:09:53 +02:00
Paul Schaub 90a00e0541 Move signature verification to dedicated streams 2021-09-07 14:02:07 +02:00
Paul Schaub ba0e5eb3fe
Improve readability of DecryptionStreamFactory 2021-09-06 17:15:17 +02:00
Paul Schaub e81ee648d8
Clean DecryptionStream: We only ever have one IntegrityProtectedInputStream at most 2021-09-06 15:14:13 +02:00
Paul Schaub 97c8ff8312
Throw WrongConsumingMethodException when processing Cleartext Signed Messages with Inband Signature verification API and vice versa 2021-08-29 13:35:27 +02:00
Paul Schaub 943360aa65
Document OpenPgpMetadata class 2021-08-26 19:53:15 +02:00
Paul Schaub 1124c6fd15 Wip: Configure logback logging 2021-08-26 15:03:20 +02:00
Paul Schaub 200e00990b Remove unused class and move detached sig initialization in own method 2021-08-23 14:27:02 +02:00
Paul Schaub 829068d5a8 Switch from JUL logging to SLF4J 2021-08-23 14:20:25 +02:00
Paul Schaub 03efb5e14c
Rename verifySignatureCreationTimeIsInBounds method 2021-08-18 14:50:01 +02:00
Paul Schaub 8c3b694a71
Refactoring 2021-08-18 13:19:43 +02:00
Paul Schaub 5a9b8a2c50
Verify notBefore and notAfter on any message signatures 2021-08-18 12:55:24 +02:00
Paul Schaub 099b160656
Native support for notBefore and notAfter signature creation time constraints 2021-08-17 14:47:07 +02:00
Paul Schaub 54a4625fed fix comments and javadoc 2021-08-15 15:46:41 +02:00
Paul Schaub e5b15fe0c2 Use String-formatting in Logger statements 2021-08-15 15:46:41 +02:00
Paul Schaub ab951fcf03 InputStreams: overwrite read(b, off, len) for improved performance 2021-08-15 15:46:41 +02:00
Paul Schaub 5eb470862e Remove OpenPgpMetadata.FileInfo subclass 2021-08-15 15:46:41 +02:00
Paul Schaub fb16db5db4
Improve handling of signatures with missing issuerKeyId packets 2021-07-31 22:24:39 +02:00
Paul Schaub 107e53c03e
Fully drain ArmoredInputStreams to verify CRC checksum. 
Fixes #159 (for real this time)
 2021-07-27 15:09:59 +02:00
Paul Schaub 8cf5347b52 Base PGPainlessCLI on new sop-java module 
* Rename pgpainless-sop -> pgpainless-cli
* Introduce sop-java (implementation-independent SOP API)
* Introduce sop-java-picocli (CLI frontend for sop-java)
* Introduce pgpainless-sop (implementation of sop-java using PGPainless)
* Rework pgpainless-cli (plugs pgpainless-sop into sop-java-picocli)
 2021-07-15 17:03:56 +02:00
Paul Schaub 2ba782c451
Move file-related encryption-info into ProducerOptions 2021-07-10 12:22:47 +02:00
Paul Schaub 6a90c4303e
OpenPgpMetadat: identify verified sigs by SubkeyIdentifier 2021-07-04 13:08:24 +02:00
Paul Schaub ab347dab43 Remove deprecated decryption API code 2021-06-29 16:15:36 +02:00
Paul Schaub df22c2a102
Remove duplicate code and throw NotYetImplementedExceptions where sensible 2021-06-16 15:49:43 +02:00
Paul Schaub 88891e1337
Remove usage of deprecated decryption/verification API in tests 2021-06-16 15:38:02 +02:00
Paul Schaub 715d055b41
Add documentation and deprecate old methods 2021-06-15 17:56:36 +02:00
Paul Schaub 8f425cd31d
Fix parsing of non-OpenPGP messages when handling detached signatures 2021-06-15 17:35:58 +02:00
Paul Schaub 70c4dcd1d2
Begin introducing new Decryption API 2021-06-15 17:08:40 +02:00
Paul Schaub 9b9064beae
Small code style fixes and optimizations 2021-06-10 12:42:48 +02:00
Paul Schaub 845779d40b
Avoid deprecated methods 2021-06-10 12:42:03 +02:00
Paul Schaub 13c7572c8c
Restore functionality of MissingPublicKeyCallback + JUnit test it 2021-05-29 12:19:12 +02:00
Paul Schaub ea03c66400
Throw MissingDecryptionMethodException when missing decryption key or -passphrase 2021-05-28 23:20:25 +02:00
Paul Schaub 197cfab0d6
Respect symmetric algorithm policy during decryption and throw UnacceptableAlgorithmException if policy is violated 2021-05-17 13:47:46 +02:00
Paul Schaub 5a56949dd7
Throw WrongPassphraseException when wrong passphrase is provided to unlock secret key 2021-05-14 13:18:34 +02:00
Paul Schaub 431a65517e
Add documentation to signature related classes 2021-05-03 13:37:47 +02:00
Paul Schaub ec85f53bb6
Incorporate feedback from @IvanPizhenko. Thanks! 2021-04-30 10:23:12 +02:00
Paul Schaub 64cc9ecca4 Proper Signature Verification 2021-04-30 09:49:19 +02:00
Paul Schaub 6ee8a9416f
Prevent decryption of messages using SED instead of SEIP packets and create dedicated exceptions for MDC related errors 2021-04-27 12:27:25 +02:00
Paul Schaub 0b3511486c
Add documentation to DecryptionStream(Interface) 2021-04-25 13:34:30 +02:00
Paul Schaub 2c4a3fca6a
Introduce OpenPgpMetadata.FileInfo class for setting/getting file name, mod date, encoding... 2021-04-25 00:28:48 +02:00
Paul Schaub 81393a7285
Abort decryption process at a depth of 16 nested packets 2021-02-19 21:37:54 +01:00
Paul Schaub 217609679d
Add SignatureValidationUtil and NotationRegistry classes 2021-02-19 21:22:25 +01:00
Paul Schaub ea89289852
Check MDC when stream is closed 2021-02-17 21:04:05 +01:00
Paul Schaub d2a581de9b
Fix decryption of messages with Wildcard recipient 
Fixes #76
 2021-02-17 20:20:10 +01:00
Paul Schaub 506a8b18af
Reject NULL encryption algorithm when decrypting messages 
Fixes #77
 2021-02-17 20:07:54 +01:00
Paul Schaub 63bf5a8e69
Add support for decryption with hidden recipients 2021-01-09 16:16:17 +01:00
Paul Schaub 1c1f9d49ab
Introduce ImplementationFactory 2020-12-27 01:56:18 +01:00
Paul Schaub c7ede0fc8a
Add junit test for symmetric decryption 2020-12-26 23:36:33 +01:00
Paul Schaub 7d374f10a7
Allow encryption and decryption using symmetric passphrases in the main API 2020-12-26 19:04:27 +01:00
Paul Schaub ff8c6d8b6d Fix NPE when signing key is not found during signature verification 2020-12-16 20:11:45 +01:00
Paul Schaub 7de04c2949
Add handy shortcut methods to the API 2020-08-24 16:57:14 +02:00
Paul Schaub f10d698a09
Remove dependency on jetbrains annotations 2020-08-24 16:44:14 +02:00
Paul Schaub 4f6a7d2838
Fix checkstyle issues 2020-08-24 16:26:29 +02:00
Paul Schaub 848a7a428b
Add handy default methods for the API and add documentation 2020-08-24 16:00:23 +02:00
Paul Schaub 65b670740e Add support for detached signatures 2020-08-24 14:56:42 +02:00
Paul Schaub ead54cb00b
Fix checkstyle issues 2020-01-10 18:46:31 +01:00
Paul Schaub 5134463883
Fix animalsniffer bugs! 2020-01-10 18:42:39 +01:00
Paul Schaub b615ef74b0
Further refactoring of SignatureVerifyingInputStream 2020-01-10 18:31:43 +01:00
Paul Schaub 2902c81b6c
Simplify integrity protection assignment of resultBuilder 2020-01-10 18:31:27 +01:00
Paul Schaub dd976b7319
Add hint about mutli assignment 2020-01-10 18:30:48 +01:00
Paul Schaub db09a0ffbe
First Refactoring of DecryptionStreamFactory 2020-01-10 17:12:13 +01:00
Paul Schaub be33206d03
Refactor SignatureVerifyingInputStream 2020-01-10 15:57:15 +01:00
Paul Schaub 530a22ba0e
Improve tests and add signatures to result 2020-01-10 15:12:04 +01:00
Florian Schmaus 8abea678ca Tune down the INFO logging, use debug log level where sensible 
Libraries should usually stay silent if everything works as
expected. Most of the INFO log levels call sites of pgpainless
actually are more of debug log level call sites. Hence this commit
changes most of them to use a debug log level.
 2019-04-18 08:19:19 +02:00
Paul Schaub 90649a5882
Degrade decryption stream loglevel to FINE 2019-03-16 16:26:22 +01:00
Paul Schaub b89d3562ac
Add @Nullable, @Nonnull annotations through findbugs 2018-07-31 20:09:16 +02:00
Paul Schaub c8f3e3d116
add containsVerifiedSignatureFrom(OpenPgpV4Fingerprint) to OpenPgpMetadata 2018-07-26 16:40:26 +02:00
Paul Schaub e9ca8df956
Add javadoc to MissingPublicKeyCallback 2018-07-25 22:49:02 +02:00
Paul Schaub 9017fcaba0
Rename PainlessResult -> OpenPpgMetadata 2018-07-23 16:23:23 +02:00
Paul Schaub 39c5464c37
Rename module painless-core -> pgpainless-core 
Fix build.gradle
 2018-07-19 00:15:06 +02:00