diff --git a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt index 440b162e..fa56ebd8 100644 --- a/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt +++ b/crypto-pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt @@ -25,6 +25,7 @@ import org.pgpainless.encryption_signing.EncryptionOptions import org.pgpainless.encryption_signing.ProducerOptions import org.pgpainless.exception.WrongPassphraseException import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector +import org.pgpainless.key.util.KeyRingUtils import org.pgpainless.util.Passphrase public class PGPainlessCryptoHandler @Inject constructor() : CryptoHandler { @@ -71,16 +72,15 @@ public class PGPainlessCryptoHandler @Inject constructor() : CryptoHandler key.contents.decodeToString() }.toByteArray() val secKeysStream = ByteArrayInputStream(armoredKeys) - val secretKeyRingCollection = - PGPainless.readKeyRing().secretKeyRingCollection(secKeysStream) - secretKeyRingCollection.forEach { secretKeyRing -> - publicKeyRings.add(PGPainless.extractCertificate(secretKeyRing)) - } - if (publicKeyRings.isEmpty()) { - val pubKeysStream = ByteArrayInputStream(armoredKeys) - val publicKeyRingCollection = - PGPainless.readKeyRing().publicKeyRingCollection(pubKeysStream) - publicKeyRings.addAll(publicKeyRingCollection) + publicKeyRings.addAll( + KeyRingUtils.publicKeyRingCollectionFrom( + PGPainless.readKeyRing().secretKeyRingCollection(secKeysStream) + ) + ) + val pubKeysStream = ByteArrayInputStream(armoredKeys) + publicKeyRings.addAll(PGPainless.readKeyRing().publicKeyRingCollection(pubKeysStream)) + require(keys.size == publicKeyRings.size) { + "Failed to parse all keys: keys=${keys.size},parsed=${publicKeyRings.size}" } require(publicKeyRings.isNotEmpty()) { "No public keys to encrypt message to" } val publicKeyRingCollection = PGPPublicKeyRingCollection(publicKeyRings) diff --git a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt index 60e8fb6e..4dc0abd5 100644 --- a/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt +++ b/crypto-pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt @@ -19,9 +19,10 @@ import kotlin.test.assertTrue import org.junit.runner.RunWith @Suppress("Unused") // Test runner handles it internally -enum class EncryptionKey(val key: PGPKey) { - PUBLIC(PGPKey(TestUtils.getArmoredPublicKey())), - SECRET(PGPKey(TestUtils.getArmoredPrivateKey())), +enum class EncryptionKey(val keySet: List) { + PUBLIC(listOf(PGPKey(TestUtils.getArmoredPublicKey()))), + SECRET(listOf(PGPKey(TestUtils.getArmoredPrivateKey()))), + ALL(listOf(PGPKey(TestUtils.getArmoredPublicKey()), PGPKey(TestUtils.getArmoredPrivateKey()))), } @RunWith(TestParameterInjector::class) @@ -35,7 +36,7 @@ class PGPainlessCryptoHandlerTest { fun encryptAndDecrypt() { val ciphertextStream = ByteArrayOutputStream() cryptoHandler.encrypt( - listOf(encryptionKey.key), + encryptionKey.keySet, CryptoConstants.PLAIN_TEXT.byteInputStream(Charsets.UTF_8), ciphertextStream, ) @@ -53,7 +54,7 @@ class PGPainlessCryptoHandlerTest { fun decryptWithWrongPassphrase() { val ciphertextStream = ByteArrayOutputStream() cryptoHandler.encrypt( - listOf(encryptionKey.key), + encryptionKey.keySet, CryptoConstants.PLAIN_TEXT.byteInputStream(Charsets.UTF_8), ciphertextStream, )