mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-12-03 17:52:07 +01:00
Fix crash when validating unmatched signer's user-id subpacket
TODO: We might want to deprecate Signer's UserID subpackets completely and ignore them. See results of sequoias test suite once PR below gets merged. https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/merge_requests/28
This commit is contained in:
parent
b34866b012
commit
26d79679f0
1 changed files with 7 additions and 1 deletions
|
@ -144,7 +144,13 @@ public final class CertificateValidator {
|
|||
// Specific signer user-id
|
||||
SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature);
|
||||
if (signerUserID != null) {
|
||||
PGPSignature userIdSig = userIdSignatures.get(signerUserID.getID()).get(0);
|
||||
List<PGPSignature> signerUserIdSigs = userIdSignatures.get(signerUserID.getID());
|
||||
if (signerUserIdSigs == null || signerUserIdSigs.isEmpty()) {
|
||||
throw new SignatureValidationException("Signature was allegedly made by user-id '" + signerUserID.getID() +
|
||||
"' but we have no valid signatures for that on the certificate.");
|
||||
}
|
||||
|
||||
PGPSignature userIdSig = signerUserIdSigs.get(0);
|
||||
if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
|
||||
throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked.");
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue