PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-10 10:49:39 +02:00
Code Issues Releases Wiki Activity

Add workaround for decryption with non-encryption subkey

Browse source
This commit is contained in:
Paul Schaub 2025-02-18 15:14:04 +01:00
parent d656b5fda0
commit 95afc2cd30
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
3 changed files with 32 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

22
pgpainless-core/src/test/java/org/pgpainless/decryption_verification/PreventDecryptionUsingNonEncryptionKeyTest.java
View file

@ -14,7 +14,6 @@ import java.nio.charset.StandardCharsets;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.util.io.Streams;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import org.pgpainless.PGPainless;
import org.pgpainless.exception.MissingDecryptionMethodException;
@ -206,15 +205,30 @@ public class PreventDecryptionUsingNonEncryptionKeyTest {
}
@Test
@Disabled
public void nonEncryptionKeyCannotDecrypt() throws IOException {
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(ENCRYPTION_INCAPABLE_KEY);
ByteArrayInputStream msgIn = new ByteArrayInputStream(MSG.getBytes(StandardCharsets.UTF_8));
assertThrows(MissingDecryptionMethodException.class, () ->
PGPainless.decryptAndOrVerify()
PGPainless.decryptAndOrVerify()
.onInputStream(msgIn)
.withOptions(ConsumerOptions.get().addDecryptionKey(secretKeys)));
}
@Test
public void nonEncryptionKeyCanDecryptIfAllowed() throws IOException, PGPException {
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(ENCRYPTION_INCAPABLE_KEY);
ByteArrayInputStream msgIn = new ByteArrayInputStream(MSG.getBytes(StandardCharsets.UTF_8));
DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify()
.onInputStream(msgIn)
.withOptions(ConsumerOptions.get().addDecryptionKey(secretKeys)));
.withOptions(ConsumerOptions.get()
.setAllowDecryptionWithNonEncryptionKey(true)
.addDecryptionKey(secretKeys));
byte[] decrypted = Streams.readAll(decryptionStream);
decryptionStream.close();
}
}