diff options
Diffstat (limited to 'crypto-pgpainless')
-rw-r--r-- | crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt | 33 | ||||
-rw-r--r-- | crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt | 4 |
2 files changed, 18 insertions, 19 deletions
diff --git a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt index 64ad426f..74f880a2 100644 --- a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt +++ b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt @@ -12,12 +12,12 @@ import app.passwordstore.crypto.errors.UnknownError import com.github.michaelbull.result.Result import com.github.michaelbull.result.mapError import com.github.michaelbull.result.runCatching -import java.io.ByteArrayInputStream import java.io.InputStream import java.io.OutputStream import javax.inject.Inject import org.bouncycastle.openpgp.PGPPublicKeyRing import org.bouncycastle.openpgp.PGPPublicKeyRingCollection +import org.bouncycastle.openpgp.PGPSecretKeyRing import org.bouncycastle.openpgp.PGPSecretKeyRingCollection import org.pgpainless.PGPainless import org.pgpainless.decryption_verification.ConsumerOptions @@ -25,23 +25,25 @@ import org.pgpainless.encryption_signing.EncryptionOptions import org.pgpainless.encryption_signing.ProducerOptions import org.pgpainless.exception.WrongPassphraseException import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector -import org.pgpainless.key.util.KeyRingUtils import org.pgpainless.util.Passphrase public class PGPainlessCryptoHandler @Inject constructor() : CryptoHandler<PGPKey> { public override fun decrypt( - secretKey: PGPKey, + keys: List<PGPKey>, passphrase: String, ciphertextStream: InputStream, outputStream: OutputStream, ): Result<Unit, CryptoHandlerException> = runCatching { - val pgpSecretKeyRing = PGPainless.readKeyRing().secretKeyRing(secretKey.contents) - val keyringCollection = PGPSecretKeyRingCollection(listOf(pgpSecretKeyRing)) + if (keys.isEmpty()) throw NoKeysProvided("No keys provided for encryption") + val keyringCollection = + keys + .map { key -> PGPainless.readKeyRing().secretKeyRing(key.contents) } + .run(::PGPSecretKeyRingCollection) val protector = PasswordBasedSecretKeyRingProtector.forKey( - pgpSecretKeyRing, + keyringCollection.first(), Passphrase.fromPassword(passphrase) ) PGPainless.decryptAndOrVerify() @@ -68,17 +70,14 @@ public class PGPainlessCryptoHandler @Inject constructor() : CryptoHandler<PGPKe ): Result<Unit, CryptoHandlerException> = runCatching { if (keys.isEmpty()) throw NoKeysProvided("No keys provided for encryption") - val publicKeyRings = arrayListOf<PGPPublicKeyRing>() - val armoredKeys = - keys.joinToString("\n") { key -> key.contents.decodeToString() }.toByteArray() - val secKeysStream = ByteArrayInputStream(armoredKeys) - publicKeyRings.addAll( - KeyRingUtils.publicKeyRingCollectionFrom( - PGPainless.readKeyRing().secretKeyRingCollection(secKeysStream) - ) - ) - val pubKeysStream = ByteArrayInputStream(armoredKeys) - publicKeyRings.addAll(PGPainless.readKeyRing().publicKeyRingCollection(pubKeysStream)) + val publicKeyRings = + keys.mapNotNull(KeyUtils::tryParseKeyring).mapNotNull { keyRing -> + when (keyRing) { + is PGPPublicKeyRing -> keyRing + is PGPSecretKeyRing -> PGPainless.extractCertificate(keyRing) + else -> null + } + } require(keys.size == publicKeyRings.size) { "Failed to parse all keys: keys=${keys.size},parsed=${publicKeyRings.size}" } diff --git a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt index 6a20fe25..80c8dc7c 100644 --- a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt +++ b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt @@ -46,7 +46,7 @@ class PGPainlessCryptoHandlerTest { val plaintextStream = ByteArrayOutputStream() val decryptRes = cryptoHandler.decrypt( - secretKey, + listOf(secretKey), CryptoConstants.KEY_PASSPHRASE, ciphertextStream.toByteArray().inputStream(), plaintextStream, @@ -68,7 +68,7 @@ class PGPainlessCryptoHandlerTest { val plaintextStream = ByteArrayOutputStream() val result = cryptoHandler.decrypt( - secretKey, + listOf(secretKey), "very incorrect passphrase", ciphertextStream.toByteArray().inputStream(), plaintextStream, |