drop key encryption altogether for empty passphrase
This commit is contained in:
parent
3057eaa813
commit
dfdfd733f3
|
@ -1330,10 +1330,14 @@ public class PgpKeyOperation {
|
|||
PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
|
||||
Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
|
||||
// Build key encryptor based on new passphrase
|
||||
PBESecretKeyEncryptor keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(newPassphrase.getCharArray());
|
||||
PBESecretKeyEncryptor keyEncryptorNew = null;
|
||||
if (newPassphrase != null && !newPassphrase.isEmpty()) {
|
||||
keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME)
|
||||
.build(newPassphrase.getCharArray());
|
||||
}
|
||||
boolean keysModified = false;
|
||||
|
||||
for (PGPSecretKey sKey : new IterableIterator<>(sKR.getSecretKeys())) {
|
||||
|
|
|
@ -1192,8 +1192,6 @@ public class PgpKeyOperationTest {
|
|||
Assert.assertTrue("key modification must succeed", result.success());
|
||||
Assert.assertFalse("log must not contain a warning",
|
||||
result.getLog().containsWarnings());
|
||||
Assert.assertTrue("log must contain an empty passphrase retry notice",
|
||||
result.getLog().containsType(LogType.MSG_MF_PASSPHRASE_EMPTY_RETRY));
|
||||
modified = result.getRing();
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue