From 80de3585d79ca27ba5b3175b01e410ecd510b195 Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Tue, 1 Jul 2025 14:28:50 +0200
Subject: [PATCH] Throw MissingArg for missing arguments

---
 .../bouncycastle/sop/operation/BCDetachedVerify.java       | 5 +++++
 .../pgpainless/bouncycastle/sop/operation/BCEncrypt.java   | 7 +++++++
 2 files changed, 12 insertions(+)

diff --git a/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCDetachedVerify.java b/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCDetachedVerify.java
index 33e15f1..d024c16 100644
--- a/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCDetachedVerify.java
+++ b/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCDetachedVerify.java
@@ -20,6 +20,7 @@ public class BCDetachedVerify
 {
 
     private final OpenPGPDetachedSignatureProcessor processor;
+    private boolean hasCerts = false;
 
     public BCDetachedVerify(OpenPGPApi api)
     {
@@ -50,12 +51,16 @@ public class BCDetachedVerify
     @Override
     public DetachedVerify cert(@NotNull InputStream inputStream) throws SOPGPException.BadData, IOException {
         processor.addVerificationCertificate(parseCertificate(inputStream));
+        hasCerts = true;
         return this;
     }
 
     @NotNull
     @Override
     public List<Verification> data(@NotNull InputStream inputStream) throws IOException, SOPGPException.NoSignature, SOPGPException.BadData {
+        if (!hasCerts) {
+            throw new SOPGPException.MissingArg("No certificates provided for signature verification.");
+        }
         List<OpenPGPSignature.OpenPGPDocumentSignature> signatures = processor.process(inputStream);
 
         List<Verification> verifications = getVerifications(signatures);
diff --git a/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCEncrypt.java b/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCEncrypt.java
index 29d7a22..beaa9a7 100644
--- a/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCEncrypt.java
+++ b/bc-sop-api/src/main/java/org/pgpainless/bouncycastle/sop/operation/BCEncrypt.java
@@ -31,6 +31,7 @@ public class BCEncrypt
     private final OpenPGPMessageGenerator mGen;
     private final List<OpenPGPKey> signingKeys = new ArrayList<>();
     private int signatureMode = PGPSignature.BINARY_DOCUMENT;
+    private boolean hasEncryptionMethod = false;
 
     public BCEncrypt(OpenPGPApi api) {
         super(api);
@@ -83,6 +84,7 @@ public class BCEncrypt
     public Encrypt withPassword(@NotNull String s)
             throws SOPGPException.PasswordNotHumanReadable, SOPGPException.UnsupportedOption {
         mGen.addEncryptionPassphrase(s.toCharArray());
+        hasEncryptionMethod = true;
         return this;
     }
 
@@ -92,6 +94,7 @@ public class BCEncrypt
             throws SOPGPException.CertCannotEncrypt, SOPGPException.UnsupportedAsymmetricAlgo, SOPGPException.BadData {
         try {
             mGen.addEncryptionCertificate(parseCertificate(inputStream));
+            hasEncryptionMethod = true;
         } catch (InvalidEncryptionKeyException e) {
             throw new SOPGPException.CertCannotEncrypt("Certificate cannot encrypt", e);
         }
@@ -109,6 +112,10 @@ public class BCEncrypt
     @Override
     public ReadyWithResult<EncryptionResult> plaintext(@NotNull InputStream inputStream)
             throws SOPGPException.KeyIsProtected {
+        if (!hasEncryptionMethod) {
+            throw new SOPGPException.MissingArg("No encryption method provided.");
+        }
+
         for (OpenPGPKey key : signingKeys) {
             try {
                 mGen.addSigningKey(key, new SignatureParameters.Callback() {