feat(crypto-pgpainless): run usability test when adding keys

3 files changed, 15 insertions, 0 deletions

diff --git a/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt b/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt
index 6d752964..551a051e 100644
--- a/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt
+++ b/crypto-common/src/main/kotlin/app/passwordstore/crypto/errors/CryptoException.kt
@@ -22,6 +22,10 @@ public object KeyDeletionFailedException : KeyManagerException("Couldn't delete
 public object InvalidKeyException :
   KeyManagerException("Given key cannot be parsed as a known key type")
 
+/** Key failed the [app.passwordstore.crypto.KeyUtils.isKeyUsable] test. */
+public object UnusableKeyException :
+  KeyManagerException("Given key is not usable for encryption - is it using AEAD?")
+
 /** No key matching `keyId` could be found. */
 public class KeyNotFoundException(keyId: String) :
   KeyManagerException("No key found with id: $keyId")
diff --git a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
index a34d0379..aed1acf2 100644
--- a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
+++ b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
@@ -7,6 +7,7 @@
 package app.passwordstore.crypto
 
 import androidx.annotation.VisibleForTesting
+import app.passwordstore.crypto.KeyUtils.isKeyUsable
 import app.passwordstore.crypto.KeyUtils.tryGetId
 import app.passwordstore.crypto.KeyUtils.tryParseKeyring
 import app.passwordstore.crypto.errors.InvalidKeyException
@@ -15,6 +16,7 @@ import app.passwordstore.crypto.errors.KeyDeletionFailedException
 import app.passwordstore.crypto.errors.KeyDirectoryUnavailableException
 import app.passwordstore.crypto.errors.KeyNotFoundException
 import app.passwordstore.crypto.errors.NoKeysAvailableException
+import app.passwordstore.crypto.errors.UnusableKeyException
 import app.passwordstore.util.coroutines.runSuspendCatching
 import com.github.michaelbull.result.Result
 import com.github.michaelbull.result.unwrap
@@ -42,6 +44,7 @@ constructor(
       runSuspendCatching {
         if (!keyDirExists()) throw KeyDirectoryUnavailableException
         val incomingKeyRing = tryParseKeyring(key) ?: throw InvalidKeyException
+        if (!isKeyUsable(key)) throw UnusableKeyException
         val keyFile = File(keyDir, "${tryGetId(key)}.$KEY_EXTENSION")
         if (keyFile.exists()) {
           val existingKeyBytes = keyFile.readBytes()
diff --git a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPKeyManagerTest.kt b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPKeyManagerTest.kt
index 43a62bd7..85cf8e1b 100644
--- a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPKeyManagerTest.kt
+++ b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPKeyManagerTest.kt
@@ -6,6 +6,7 @@ import app.passwordstore.crypto.PGPIdentifier.UserId
 import app.passwordstore.crypto.errors.KeyAlreadyExistsException
 import app.passwordstore.crypto.errors.KeyNotFoundException
 import app.passwordstore.crypto.errors.NoKeysAvailableException
+import app.passwordstore.crypto.errors.UnusableKeyException
 import com.github.michaelbull.result.Err
 import com.github.michaelbull.result.Ok
 import com.github.michaelbull.result.unwrap
@@ -71,6 +72,13 @@ class PGPKeyManagerTest {
     }
 
   @Test
+  fun addKeyWithUnusableKey() =
+    runTest(dispatcher) {
+      val error = keyManager.addKey(PGPKey(TestUtils.getAEADSecretKey())).unwrapError()
+      assertEquals(UnusableKeyException, error)
+    }
+
+  @Test
   fun removeKey() =
     runTest(dispatcher) {
       // Add key using KeyManager