PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-09 18:29:39 +02:00
Code Issues Releases Wiki Activity

Port MessageInspector

Browse source
This commit is contained in:
Paul Schaub 2025-03-28 16:02:10 +01:00
parent a5336b1806
commit aeed0e736b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
2 changed files with 83 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

35
pgpainless-core/src/main/kotlin/org/pgpainless/decryption_verification/MessageInspector.kt
View file

@ -6,69 +6,69 @@ package org.pgpainless.decryption_verification
import java.io.IOException import java.io.IOException
import java.io.InputStream import java.io.InputStream
import org.bouncycastle.bcpg.KeyIdentifier
import org.bouncycastle.openpgp.* import org.bouncycastle.openpgp.*
import org.bouncycastle.openpgp.api.OpenPGPImplementation import org.bouncycastle.openpgp.api.OpenPGPImplementation
import org.pgpainless.PGPainless
import org.pgpainless.util.ArmorUtils import org.pgpainless.util.ArmorUtils
/** /**
* Inspect an OpenPGP message to determine IDs of its encryption keys or whether it is passphrase * Inspect an OpenPGP message to determine IDs of its encryption keys or whether it is passphrase
* protected. * protected.
*/ */
class MessageInspector { class MessageInspector(val api: PGPainless = PGPainless.getInstance()) {
/** /**
* Info about an OpenPGP message. * Info about an OpenPGP message.
* *
* @param keyIds List of recipient key ids for whom the message is encrypted. * @param keyIdentifiers List of recipient [KeyIdentifiers][KeyIdentifier] for whom the message
* is encrypted.
* @param isPassphraseEncrypted true, if the message is encrypted for a passphrase * @param isPassphraseEncrypted true, if the message is encrypted for a passphrase
* @param isSignedOnly true, if the message is not encrypted, but signed using OnePassSignatures * @param isSignedOnly true, if the message is not encrypted, but signed using OnePassSignatures
*/ */
data class EncryptionInfo( data class EncryptionInfo(
val keyIds: List<Long>, val keyIdentifiers: List<KeyIdentifier>,
val isPassphraseEncrypted: Boolean, val isPassphraseEncrypted: Boolean,
val isSignedOnly: Boolean val isSignedOnly: Boolean
) { ) {
val isEncrypted: Boolean val isEncrypted: Boolean
get() = isPassphraseEncrypted || keyIds.isNotEmpty() get() = isPassphraseEncrypted || keyIds.isNotEmpty()
val keyIds: List<Long> = keyIdentifiers.map { it.keyId }
} }
companion object {
/** /**
* Parses parts of the provided OpenPGP message in order to determine which keys were used * Parses parts of the provided OpenPGP message in order to determine which keys were used to
* to encrypt it. * encrypt it.
* *
* @param message OpenPGP message * @param message OpenPGP message
* @return encryption info * @return encryption info
* @throws PGPException in case the message is broken * @throws PGPException in case the message is broken
* @throws IOException in case of an IO error * @throws IOException in case of an IO error
*/ */
@JvmStatic
@Throws(PGPException::class, IOException::class) @Throws(PGPException::class, IOException::class)
fun determineEncryptionInfoForMessage(message: String): EncryptionInfo = fun determineEncryptionInfoForMessage(message: String): EncryptionInfo =
determineEncryptionInfoForMessage(message.byteInputStream()) determineEncryptionInfoForMessage(message.byteInputStream())
/** /**
* Parses parts of the provided OpenPGP message in order to determine which keys were used * Parses parts of the provided OpenPGP message in order to determine which keys were used to
* to encrypt it. Note: This method does not rewind the passed in Stream, so you might need * encrypt it. Note: This method does not rewind the passed in Stream, so you might need to take
* to take care of that yourselves. * care of that yourselves.
* *
* @param inputStream openpgp message * @param inputStream openpgp message
* @return encryption information * @return encryption information
* @throws IOException in case of an IO error * @throws IOException in case of an IO error
* @throws PGPException if the message is broken * @throws PGPException if the message is broken
*/ */
@JvmStatic
@Throws(PGPException::class, IOException::class) @Throws(PGPException::class, IOException::class)
fun determineEncryptionInfoForMessage(inputStream: InputStream): EncryptionInfo { fun determineEncryptionInfoForMessage(inputStream: InputStream): EncryptionInfo {
return processMessage(ArmorUtils.getDecoderStream(inputStream)) return processMessage(ArmorUtils.getDecoderStream(inputStream))
} }
@JvmStatic
@Throws(PGPException::class, IOException::class) @Throws(PGPException::class, IOException::class)
private fun processMessage(inputStream: InputStream): EncryptionInfo { private fun processMessage(inputStream: InputStream): EncryptionInfo {
var objectFactory = OpenPGPImplementation.getInstance().pgpObjectFactory(inputStream) var objectFactory = api.implementation.pgpObjectFactory(inputStream)
var n: Any? var n: Any?
while (objectFactory.nextObject().also { n = it } != null) { while (objectFactory.nextObject().also { n = it } != null) {
@ -81,16 +81,16 @@ class MessageInspector {
} }
is PGPEncryptedDataList -> { is PGPEncryptedDataList -> {
var isPassphraseEncrypted = false var isPassphraseEncrypted = false
val keyIds = mutableListOf<Long>() val keyIdentifiers = mutableListOf<KeyIdentifier>()
for (encryptedData in next) { for (encryptedData in next) {
if (encryptedData is PGPPublicKeyEncryptedData) { if (encryptedData is PGPPublicKeyEncryptedData) {
keyIds.add(encryptedData.keyID) keyIdentifiers.add(encryptedData.keyIdentifier)
} else if (encryptedData is PGPPBEEncryptedData) { } else if (encryptedData is PGPPBEEncryptedData) {
isPassphraseEncrypted = true isPassphraseEncrypted = true
} }
} }
// Data is encrypted, we cannot go deeper // Data is encrypted, we cannot go deeper
return EncryptionInfo(keyIds, isPassphraseEncrypted, false) return EncryptionInfo(keyIdentifiers, isPassphraseEncrypted, false)
} }
is PGPCompressedData -> { is PGPCompressedData -> {
objectFactory = objectFactory =
@ -105,5 +105,4 @@ class MessageInspector {
} }
return EncryptionInfo(listOf(), isPassphraseEncrypted = false, isSignedOnly = false) return EncryptionInfo(listOf(), isPassphraseEncrypted = false, isSignedOnly = false)
} }
}
} }

28
pgpainless-core/src/test/java/org/pgpainless/decryption_verification/MessageInspectorTest.java
View file

@ -10,9 +10,9 @@ import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.IOException; import java.io.IOException;
import org.bouncycastle.bcpg.KeyIdentifier;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.pgpainless.key.util.KeyIdUtil;
public class MessageInspectorTest { public class MessageInspectorTest {
@ -26,14 +26,15 @@ public class MessageInspectorTest {
"Z1/i3TYsmy8B0mMKkNYtpMk=\n" + "Z1/i3TYsmy8B0mMKkNYtpMk=\n" +
"=IICf\n" + "=IICf\n" +
"-----END PGP MESSAGE-----\n"; "-----END PGP MESSAGE-----\n";
MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
assertFalse(info.isPassphraseEncrypted()); assertFalse(info.isPassphraseEncrypted());
assertFalse(info.isSignedOnly()); assertFalse(info.isSignedOnly());
assertTrue(info.isEncrypted()); assertTrue(info.isEncrypted());
assertEquals(1, info.getKeyIds().size()); assertEquals(1, info.getKeyIds().size());
assertEquals(KeyIdUtil.fromLongKeyId("4766F6B9D5F21EB6"), (long) info.getKeyIds().get(0)); assertEquals(new KeyIdentifier("4766F6B9D5F21EB6"), info.getKeyIdentifiers().get(0));
} }
@Test @Test
@ -51,15 +52,16 @@ public class MessageInspectorTest {
"nxVuXey3iyihCFAfD8ZK1Rnh\n" + "nxVuXey3iyihCFAfD8ZK1Rnh\n" +
"=z6e0\n" + "=z6e0\n" +
"-----END PGP MESSAGE-----"; "-----END PGP MESSAGE-----";
MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
assertTrue(info.isEncrypted()); assertTrue(info.isEncrypted());
assertTrue(info.isPassphraseEncrypted()); assertTrue(info.isPassphraseEncrypted());
assertEquals(2, info.getKeyIds().size()); assertEquals(2, info.getKeyIds().size());
assertFalse(info.isSignedOnly()); assertFalse(info.isSignedOnly());
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("4C6E8F99F6E47184"))); assertTrue(info.getKeyIdentifiers().contains(new KeyIdentifier("4C6E8F99F6E47184")));
assertTrue(info.getKeyIds().contains(KeyIdUtil.fromLongKeyId("1839079A640B2FAC"))); assertTrue(info.getKeyIdentifiers().contains(new KeyIdentifier("1839079A640B2FAC")));
} }
@Test @Test
@ -73,8 +75,8 @@ public class MessageInspectorTest {
"Dvxwv8UPAA==\n" + "Dvxwv8UPAA==\n" +
"=nt5n\n" + "=nt5n\n" +
"-----END PGP MESSAGE-----"; "-----END PGP MESSAGE-----";
MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
assertTrue(info.isSignedOnly()); assertTrue(info.isSignedOnly());
@ -97,7 +99,8 @@ public class MessageInspectorTest {
"KK0Ymg5GrsBTEGFm4jb1p+V85PPhsIioX3np/N3fkIfxFguTGZza33/GHy61+DTy\n" + "KK0Ymg5GrsBTEGFm4jb1p+V85PPhsIioX3np/N3fkIfxFguTGZza33/GHy61+DTy\n" +
"=SZU6\n" + "=SZU6\n" +
"-----END PGP MESSAGE-----"; "-----END PGP MESSAGE-----";
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
// Message is encrypted, so we cannot determine if it is signed or not. // Message is encrypted, so we cannot determine if it is signed or not.
// It is not signed only // It is not signed only
@ -117,8 +120,8 @@ public class MessageInspectorTest {
"yyl0CF9DT05TT0xFYXlXgUp1c3Qgc29tZSB1bmVuY3J5cHRlZCBkYXRhLg==\n" + "yyl0CF9DT05TT0xFYXlXgUp1c3Qgc29tZSB1bmVuY3J5cHRlZCBkYXRhLg==\n" +
"=jVNT\n" + "=jVNT\n" +
"-----END PGP MESSAGE-----"; "-----END PGP MESSAGE-----";
MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
assertFalse(info.isEncrypted()); assertFalse(info.isEncrypted());
assertFalse(info.isSignedOnly()); assertFalse(info.isSignedOnly());
assertFalse(info.isPassphraseEncrypted()); assertFalse(info.isPassphraseEncrypted());
@ -136,7 +139,8 @@ public class MessageInspectorTest {
"=jw3E\n" + "=jw3E\n" +
"-----END PGP MESSAGE-----"; "-----END PGP MESSAGE-----";
MessageInspector.EncryptionInfo info = MessageInspector.determineEncryptionInfoForMessage(message); MessageInspector inspector = new MessageInspector();
MessageInspector.EncryptionInfo info = inspector.determineEncryptionInfoForMessage(message);
assertFalse(info.isEncrypted()); assertFalse(info.isEncrypted());
assertFalse(info.isSignedOnly()); assertFalse(info.isSignedOnly());
assertFalse(info.isPassphraseEncrypted()); assertFalse(info.isPassphraseEncrypted());