PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-23 04:42:06 +01:00
Code Issues Releases Wiki Activity

Fix crash when validating unmatched signer's user-id subpacket

Browse source 
TODO: We might want to deprecate Signer's UserID subpackets completely and ignore them.
See results of sequoias test suite once PR below gets merged.
https://gitlab.com/sequoia-pgp/openpgp-interoperability-test-suite/-/merge_requests/28
This commit is contained in:
Paul Schaub 2022-03-09 21:05:00 +01:00
parent b34866b012
commit 26d79679f0
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java
View file

@ -144,7 +144,13 @@ public final class CertificateValidator {
// Specific signer user-id
SignerUserID signerUserID = SignatureSubpacketsUtil.getSignerUserID(signature);
if (signerUserID != null) {
PGPSignature userIdSig = userIdSignatures.get(signerUserID.getID()).get(0);
List<PGPSignature> signerUserIdSigs = userIdSignatures.get(signerUserID.getID());
if (signerUserIdSigs == null || signerUserIdSigs.isEmpty()) {
throw new SignatureValidationException("Signature was allegedly made by user-id '" + signerUserID.getID() +
"' but we have no valid signatures for that on the certificate.");
}
PGPSignature userIdSig = signerUserIdSigs.get(0);
if (userIdSig.getSignatureType() == SignatureType.CERTIFICATION_REVOCATION.getCode()) {
throw new SignatureValidationException("Signature was made with user-id '" + signerUserID.getID() + "' which is revoked.");
}