From 704ccdc096e4f5cf2670c5c58eaf19fe1fdf4df3 Mon Sep 17 00:00:00 2001 From: Thomas Wolf <thomas.wolf@paranor.ch> Date: Mon, 22 Feb 2021 09:29:12 +0100 Subject: GPG: fix reading unprotected old-format secret keys Fix code and add a test case. The old code passed on the original input stream, which has already been consumed. Bug: 570501 Change-Id: I81f60698ce42443df57e59b1d1ab155574136fa8 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch> --- .../org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit') diff --git a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.java b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.java index 1542b8cbcc..269a1ba0f6 100644 --- a/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.java +++ b/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/keys/SecretKeys.java @@ -113,13 +113,13 @@ public final class SecretKeys { try { if (firstChar == '(') { // Binary format. - if (!matches(data, 4, PROTECTED_KEY)) { - // Not encrypted binary format. - return parser.parseSecretKey(in, null, publicKey); + PBEProtectionRemoverFactory decryptor = null; + if (matches(data, 4, PROTECTED_KEY)) { + // AES/CBC encrypted. + decryptor = new JcePBEProtectionRemoverFactory( + passphraseSupplier.getPassphrase(), + calculatorProvider); } - // AES/CBC encrypted. - PBEProtectionRemoverFactory decryptor = new JcePBEProtectionRemoverFactory( - passphraseSupplier.getPassphrase(), calculatorProvider); try (InputStream sIn = new ByteArrayInputStream(data)) { return parser.parseSecretKey(sIn, decryptor, publicKey); } -- cgit v1.2.3