From 0f9540a645ef66f3cf67294f75ba2c5d9d80078e Mon Sep 17 00:00:00 2001 From: Harsh Shandilya Date: Mon, 27 May 2024 20:59:20 +0530 Subject: feat(pgpainless): add detection for passphrase-less messages (#3069) * WIP: feat(pgpainless): add detection for passphrase-less messages * refactor: test keys instead of the message This makes more logical sense --- .../app/passwordstore/crypto/PGPainlessCryptoHandler.kt | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'crypto/pgpainless/src/main') diff --git a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt index 1aabe54f..b3f2a64b 100644 --- a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt +++ b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt @@ -11,6 +11,7 @@ import app.passwordstore.crypto.errors.NoKeysProvidedException import app.passwordstore.crypto.errors.NonStandardAEAD import app.passwordstore.crypto.errors.UnknownError import com.github.michaelbull.result.Result +import com.github.michaelbull.result.mapBoth import com.github.michaelbull.result.mapError import com.github.michaelbull.result.runCatching import java.io.InputStream @@ -140,4 +141,14 @@ public class PGPainlessCryptoHandler @Inject constructor() : public override fun canHandle(fileName: String): Boolean { return fileName.substringAfterLast('.', "") == "gpg" } + + public override fun isPassphraseProtected(keys: List): Boolean = + keys + .mapNotNull { key -> PGPainless.readKeyRing().secretKeyRing(key.contents) } + .map(::keyringHasPassphrase) + .all { it } + + internal fun keyringHasPassphrase(keyRing: PGPSecretKeyRing) = + runCatching { keyRing.secretKey.extractPrivateKey(null) } + .mapBoth(success = { false }, failure = { true }) } -- cgit v1.2.3