From 6902dbec2ff4d6bd458f4d29014942447c341ad2 Mon Sep 17 00:00:00 2001 From: TharmiganK <ktharmi176@gmail.com> Date: Wed, 9 Oct 2024 14:51:35 +0530 Subject: [PATCH] Address sonar cloud issues --- .../stdlib/crypto/PgpDecryptionGenerator.java | 48 ++++++------------- 1 file changed, 15 insertions(+), 33 deletions(-) diff --git a/native/src/main/java/io/ballerina/stdlib/crypto/PgpDecryptionGenerator.java b/native/src/main/java/io/ballerina/stdlib/crypto/PgpDecryptionGenerator.java index ee72713a..e622738c 100644 --- a/native/src/main/java/io/ballerina/stdlib/crypto/PgpDecryptionGenerator.java +++ b/native/src/main/java/io/ballerina/stdlib/crypto/PgpDecryptionGenerator.java @@ -91,6 +91,11 @@ private Optional<PGPPrivateKey> findSecretKey(long keyID) throws PGPException { private void decryptStream(InputStream encryptedIn, OutputStream clearOut) throws PGPException, IOException { + KeyEncryptedResult keyEncryptedResult = getKeyEncryptedResult(encryptedIn); + decrypt(clearOut, keyEncryptedResult.pgpPrivateKey(), keyEncryptedResult.publicKeyEncryptedData()); + } + + private KeyEncryptedResult getKeyEncryptedResult(InputStream encryptedIn) throws IOException, PGPException { // Remove armour and return the underlying binary encrypted stream encryptedIn = PGPUtil.getDecoderStream(encryptedIn); JcaPGPObjectFactory pgpObjectFactory = new JcaPGPObjectFactory(encryptedIn); @@ -116,36 +121,15 @@ private void decryptStream(InputStream encryptedIn, OutputStream clearOut) if (pgpPrivateKey.isEmpty()) { throw new PGPException("Could not Extract private key"); } - decrypt(clearOut, pgpPrivateKey.get(), publicKeyEncryptedData); + return new KeyEncryptedResult(pgpPrivateKey.get(), publicKeyEncryptedData); } - public void decryptStream(InputStream encryptedIn, BObject iteratorObj) throws PGPException, IOException { - // Remove armour and return the underlying binary encrypted stream - encryptedIn = PGPUtil.getDecoderStream(encryptedIn); - JcaPGPObjectFactory pgpObjectFactory = new JcaPGPObjectFactory(encryptedIn); - - Object obj = pgpObjectFactory.nextObject(); - // Verify the marker packet - PGPEncryptedDataList pgpEncryptedDataList = (obj instanceof PGPEncryptedDataList) - ? (PGPEncryptedDataList) obj : (PGPEncryptedDataList) pgpObjectFactory.nextObject(); - - Optional<PGPPrivateKey> pgpPrivateKey = Optional.empty(); - PGPPublicKeyEncryptedData publicKeyEncryptedData = null; - - Iterator<PGPEncryptedData> encryptedDataItr = pgpEncryptedDataList.getEncryptedDataObjects(); - while (pgpPrivateKey.isEmpty() && encryptedDataItr.hasNext()) { - publicKeyEncryptedData = (PGPPublicKeyEncryptedData) encryptedDataItr.next(); - pgpPrivateKey = findSecretKey(publicKeyEncryptedData.getKeyID()); - } - - if (Objects.isNull(publicKeyEncryptedData)) { - throw new PGPException("Could not generate PGPPublicKeyEncryptedData object"); - } + private record KeyEncryptedResult(PGPPrivateKey pgpPrivateKey, PGPPublicKeyEncryptedData publicKeyEncryptedData) { + } - if (pgpPrivateKey.isEmpty()) { - throw new PGPException("Could not Extract private key"); - } - decrypt(pgpPrivateKey.get(), publicKeyEncryptedData, iteratorObj); + public void decryptStream(InputStream encryptedIn, BObject iteratorObj) throws PGPException, IOException { + KeyEncryptedResult keyEncryptedResult = getKeyEncryptedResult(encryptedIn); + decrypt(keyEncryptedResult.pgpPrivateKey, keyEncryptedResult.publicKeyEncryptedData, iteratorObj); } // Decrypts the given byte array of encrypted data using PGP decryption. @@ -187,11 +171,10 @@ private static void decrypt(OutputStream clearOut, PGPPrivateKey pgpPrivateKey, } } // Perform the integrity check - if (publicKeyEncryptedData.isIntegrityProtected()) { - if (!publicKeyEncryptedData.verify()) { + if (publicKeyEncryptedData.isIntegrityProtected() && !publicKeyEncryptedData.verify()) { throw new PGPException("Message failed integrity check"); } - } + } private static void decrypt(PGPPrivateKey pgpPrivateKey, PGPPublicKeyEncryptedData publicKeyEncryptedData, @@ -209,11 +192,10 @@ private static void decrypt(PGPPrivateKey pgpPrivateKey, PGPPublicKeyEncryptedDa if (message instanceof PGPLiteralData pgpLiteralData) { // Perform the integrity check - if (publicKeyEncryptedData.isIntegrityProtected()) { - if (!publicKeyEncryptedData.verify()) { + if (publicKeyEncryptedData.isIntegrityProtected() && !publicKeyEncryptedData.verify()) { throw new PGPException("Message failed integrity check"); } - } + iteratorObj.addNativeData(TARGET_STREAM, pgpLiteralData.getDataStream()); iteratorObj.addNativeData(COMPRESSED_DATA_STREAM, compressedDataStream); iteratorObj.addNativeData(DATA_STREAM, decryptedCompressedIn);