1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-23 04:42:06 +01:00

Fix crash when validating unmatched signer's user-id subpacket

TODO: We might want to deprecate Signer's UserID subpackets completely and ignore them.
See results of sequoias test suite once PR below gets merged.
https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/merge_requests/28
This commit is contained in:
Paul Schaub 2022-03-09 21:05:00 +01:00
parent b34866b012
commit 26d79679f0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311

View file

@ -144,7 +144,13 @@ public final class CertificateValidator {
// Specific signer user-id // Specific signer user-id
SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature); SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature);
if (signerUserID != null) { if (signerUserID != null) {
PGPSignature userIdSig = userIdSignatures.get(signerUserID.getID()).get(0); List<PGPSignature> signerUserIdSigs = userIdSignatures.get(signerUserID.getID());
if (signerUserIdSigs == null || signerUserIdSigs.isEmpty()) {
throw new SignatureValidationException("Signature was allegedly made by user-id '" + signerUserID.getID() +
"' but we have no valid signatures for that on the certificate.");
}
PGPSignature userIdSig = signerUserIdSigs.get(0);
if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) { if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked."); throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked.");
} }