PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 02:09:38 +02:00
Code Issues Releases Wiki Activity

Allow UserIDs with trailing/leading whitespace and escape newlines in ASCII armor

Browse source
This commit is contained in:
Paul Schaub 2025-07-23 11:23:34 +02:00
parent f2cbde43be
commit 0ee31b232a
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
4 changed files with 17 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
View file

@ -45,7 +45,7 @@ class KeyRingBuilder : KeyRingBuilderInterface<KeyRingBuilder> {
} }
override fun addUserId(userId: CharSequence): KeyRingBuilder = apply { override fun addUserId(userId: CharSequence): KeyRingBuilder = apply {
userIds[userId.toString().trim()] = null userIds[userId.toString()] = null
} }
override fun addUserId(userId: ByteArray): KeyRingBuilder = override fun addUserId(userId: ByteArray): KeyRingBuilder =

7
pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt
View file

@ -569,9 +569,10 @@ class SecretKeyRingEditor(
} }
private fun sanitizeUserId(userId: CharSequence): CharSequence = private fun sanitizeUserId(userId: CharSequence): CharSequence =
// TODO: Further research how to sanitize user IDs. // I'm not sure, what kind of sanitization is needed.
// e.g. what about newlines? // Newlines are allowed, they just need to be escaped when emitted in an ASCII armor header
userId.toString().trim() // Trailing/Leading whitespace is also fine.
userId.toString()
private fun callbackFromRevocationAttributes(attributes: RevocationAttributes?) = private fun callbackFromRevocationAttributes(attributes: RevocationAttributes?) =
object : RevocationSignatureSubpackets.Callback { object : RevocationSignatureSubpackets.Callback {

3
pgpainless-core/src/main/kotlin/org/pgpainless/util/ArmorUtils.kt
View file

@ -247,7 +247,8 @@ class ArmorUtils {
.add(OpenPgpFingerprint.of(publicKey).prettyPrint()) .add(OpenPgpFingerprint.of(publicKey).prettyPrint())
// Primary / First User ID // Primary / First User ID
(primary ?: first)?.let { (primary ?: first)?.let {
headerMap.getOrPut(HEADER_COMMENT) { mutableSetOf() }.add(it) headerMap.getOrPut(HEADER_COMMENT) { mutableSetOf() }
.add(it.replace("\n", "\\n").replace("\r", "\\r"))
} }
// X-1 further identities // X-1 further identities
when (userIds.size) { when (userIds.size) {

10
pgpainless-sop/src/test/java/org/pgpainless/sop/GenerateKeyTest.java
View file

@ -100,4 +100,14 @@ public class GenerateKeyTest {
assertThrows(SOPGPException.UnsupportedProfile.class, () -> assertThrows(SOPGPException.UnsupportedProfile.class, () ->
sop.generateKey().profile("invalid")); sop.generateKey().profile("invalid"));
} }
@Test
public void generateKeyWithNewlinesInUserId() throws IOException {
byte[] keyBytes = sop.generateKey()
.userId("Foo\n\nBar")
.generate()
.getBytes();
assertTrue(new String(keyBytes).contains("Foo\\n\\nBar"));
}
} }