mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 04:42:06 +01:00
Fix crash when validating unmatched signer's user-id subpacket
TODO: We might want to deprecate Signer's UserID subpackets completely and ignore them. See results of sequoias test suite once PR below gets merged. https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/merge_requests/28
This commit is contained in:
parent
b34866b012
commit
26d79679f0
1 changed files with 7 additions and 1 deletions
|
@ -144,7 +144,13 @@ public final class CertificateValidator {
|
||||||
// Specific signer user-id
|
// Specific signer user-id
|
||||||
SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature);
|
SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature);
|
||||||
if (signerUserID != null) {
|
if (signerUserID != null) {
|
||||||
PGPSignature userIdSig = userIdSignatures.get(signerUserID.getID()).get(0);
|
List<PGPSignature> signerUserIdSigs = userIdSignatures.get(signerUserID.getID());
|
||||||
|
if (signerUserIdSigs == null || signerUserIdSigs.isEmpty()) {
|
||||||
|
throw new SignatureValidationException("Signature was allegedly made by user-id '" + signerUserID.getID() +
|
||||||
|
"' but we have no valid signatures for that on the certificate.");
|
||||||
|
}
|
||||||
|
|
||||||
|
PGPSignature userIdSig = signerUserIdSigs.get(0);
|
||||||
if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
|
if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
|
||||||
throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked.");
|
throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked.");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue