1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-18 02:12:06 +01:00

Fix NPE when validating signature made by key without keyflags on direct key sigature

(Presumably) fixes #332
This commit is contained in:
Paul Schaub 2022-11-06 23:00:28 +01:00
parent b02ae86ff6
commit 50d18a4581

View file

@ -171,7 +171,9 @@ public final class CertificateValidator {
if (signingSubkey == primaryKey) { if (signingSubkey == primaryKey) {
if (!directKeySignatures.isEmpty()) { if (!directKeySignatures.isEmpty()) {
if (KeyFlag.hasKeyFlag(SignatureSubpacketsUtil.getKeyFlags(directKeySignatures.get(0)).getFlags(), KeyFlag.SIGN_DATA)) { PGPSignature directKeySignature = directKeySignatures.get(0);
KeyFlags keyFlags = SignatureSubpacketsUtil.getKeyFlags(directKeySignature);
if (keyFlags != null && KeyFlag.hasKeyFlag(keyFlags.getFlags(), KeyFlag.SIGN_DATA)) {
return true; return true;
} }
} }
@ -225,7 +227,7 @@ public final class CertificateValidator {
} }
PGPSignature directKeySig = directKeySignatures.get(0); PGPSignature directKeySig = directKeySignatures.get(0);
KeyFlags directKeyFlags = SignatureSubpacketsUtil.getKeyFlags(directKeySig); KeyFlags directKeyFlags = SignatureSubpacketsUtil.getKeyFlags(directKeySig);
if (!KeyFlag.hasKeyFlag(directKeyFlags.getFlags(), KeyFlag.SIGN_DATA)) { if (directKeyFlags == null || !KeyFlag.hasKeyFlag(directKeyFlags.getFlags(), KeyFlag.SIGN_DATA)) {
throw new SignatureValidationException("Signature was made by key which is not capable of signing (no keyflags on binding sig, no SIGN flag on direct-key sig)."); throw new SignatureValidationException("Signature was made by key which is not capable of signing (no keyflags on binding sig, no SIGN flag on direct-key sig).");
} }
} else if (!KeyFlag.hasKeyFlag(keyFlags.getFlags(), KeyFlag.SIGN_DATA)) { } else if (!KeyFlag.hasKeyFlag(keyFlags.getFlags(), KeyFlag.SIGN_DATA)) {