diff options
Diffstat (limited to 'crypto/pgpainless/src')
4 files changed, 30 insertions, 0 deletions
diff --git a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt index a7087acf..92fbfa64 100644 --- a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt +++ b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt @@ -8,6 +8,7 @@ package app.passwordstore.crypto import app.passwordstore.crypto.errors.CryptoHandlerException import app.passwordstore.crypto.errors.IncorrectPassphraseException import app.passwordstore.crypto.errors.NoKeysProvidedException +import app.passwordstore.crypto.errors.NonStandardAEAD import app.passwordstore.crypto.errors.UnknownError import com.github.michaelbull.result.Result import com.github.michaelbull.result.mapError @@ -24,6 +25,7 @@ import org.pgpainless.PGPainless import org.pgpainless.decryption_verification.ConsumerOptions import org.pgpainless.encryption_signing.EncryptionOptions import org.pgpainless.encryption_signing.ProducerOptions +import org.pgpainless.exception.MessageNotIntegrityProtectedException import org.pgpainless.exception.WrongPassphraseException import org.pgpainless.key.protection.SecretKeyRingProtector import org.pgpainless.util.Passphrase @@ -75,6 +77,13 @@ public class PGPainlessCryptoHandler @Inject constructor() : when (error) { is WrongPassphraseException -> IncorrectPassphraseException(error) is CryptoHandlerException -> error + is MessageNotIntegrityProtectedException -> { + if (error.message?.contains("Symmetrically Encrypted Data") == true) { + NonStandardAEAD(error) + } else { + UnknownError(error) + } + } else -> UnknownError(error) } } diff --git a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt index 4ec4b7fa..5de2bf4f 100644 --- a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt +++ b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt @@ -9,6 +9,7 @@ package app.passwordstore.crypto import app.passwordstore.crypto.CryptoConstants.KEY_PASSPHRASE import app.passwordstore.crypto.CryptoConstants.PLAIN_TEXT import app.passwordstore.crypto.errors.IncorrectPassphraseException +import app.passwordstore.crypto.errors.NonStandardAEAD import com.github.michaelbull.result.getError import com.google.testing.junit.testparameterinjector.TestParameter import com.google.testing.junit.testparameterinjector.TestParameterInjector @@ -138,6 +139,23 @@ class PGPainlessCryptoHandlerTest { } @Test + fun aeadEncryptedMaterialIsSurfacedProperly() { + val secKey = PGPKey(TestUtils.getAEADSecretKey()) + val plaintextStream = ByteArrayOutputStream() + val ciphertextStream = TestUtils.getAEADEncryptedFile().inputStream() + val res = + cryptoHandler.decrypt( + listOf(secKey), + "Password", + ciphertextStream, + plaintextStream, + PGPDecryptOptions.Builder().build(), + ) + assertTrue(res.isErr) + assertIs<NonStandardAEAD>(res.error, message = "${res.error.cause}") + } + + @Test fun canHandleFiltersFormats() { assertFalse { cryptoHandler.canHandle("example.com") } assertTrue { cryptoHandler.canHandle("example.com.gpg") } diff --git a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt index 90b98ac9..56c8c1d8 100644 --- a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt +++ b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/TestUtils.kt @@ -21,6 +21,9 @@ object TestUtils { fun getAEADSecretKey() = this::class.java.classLoader.getResource("aead_sec").readBytes() + fun getAEADEncryptedFile() = + this::class.java.classLoader.getResource("aead_encrypted_file").readBytes() + enum class AllKeys(val keyMaterial: ByteArray) { ARMORED_SEC(getArmoredSecretKey()), ARMORED_PUB(getArmoredPublicKey()), diff --git a/crypto/pgpainless/src/test/resources/aead_encrypted_file b/crypto/pgpainless/src/test/resources/aead_encrypted_file Binary files differnew file mode 100644 index 00000000..d8547bdb --- /dev/null +++ b/crypto/pgpainless/src/test/resources/aead_encrypted_file |