From 0ee913d59a96aa140d5dd2219b344680404d0d0e Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Sun, 25 Jun 2023 14:08:25 +0200
Subject: [PATCH] Catch exceptions on malformed keys

---
 .../src/main/java/org/pgpainless/wot/WebOfTrust.java  | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/pgpainless-wot/src/main/java/org/pgpainless/wot/WebOfTrust.java b/pgpainless-wot/src/main/java/org/pgpainless/wot/WebOfTrust.java
index 924136c5..d668db83 100644
--- a/pgpainless-wot/src/main/java/org/pgpainless/wot/WebOfTrust.java
+++ b/pgpainless-wot/src/main/java/org/pgpainless/wot/WebOfTrust.java
@@ -12,6 +12,7 @@ import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.NoSuchElementException;
 
 import org.bouncycastle.bcpg.sig.RevocationReason;
 import org.bouncycastle.openpgp.PGPPublicKey;
@@ -193,11 +194,19 @@ public class WebOfTrust implements CertificateAuthority {
             certsWithKey.add(cert);
 
             // index synopses
+            Date expirationDate;
+            try {
+                expirationDate = cert.getExpirationDateForUse(KeyFlag.CERTIFY_OTHER);
+            } catch (NoSuchElementException e) {
+                // Some keys are malformed and have no KeyFlags
+                return;
+            }
             certSynopsisMap.put(cert.getFingerprint(),
                     new CertSynopsis(cert.getFingerprint(),
-                            cert.getExpirationDateForUse(KeyFlag.CERTIFY_OTHER),
+                            expirationDate,
                             revocationStateFromSignature(cert.getRevocationSelfSignature()),
                             new HashSet<>(cert.getValidUserIds())));
+
         }
 
         private void findEdges() {