From cd9e7611ac552dc732bdc054351458e634947849 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Fri, 15 Oct 2021 15:32:21 +0200 Subject: [PATCH] Remove workaround for invalid signature processing --- .../pgpainless/signature/SignatureUtils.java | 35 +++---------------- 1 file changed, 4 insertions(+), 31 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java index 2d97d460..3209fc8a 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/SignatureUtils.java @@ -19,7 +19,6 @@ import org.bouncycastle.bcpg.sig.RevocationReason; import org.bouncycastle.bcpg.sig.SignatureExpirationTime; import org.bouncycastle.openpgp.PGPCompressedData; import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPMarker; import org.bouncycastle.openpgp.PGPObjectFactory; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPSecretKey; @@ -226,56 +225,30 @@ public final class SignatureUtils { PGPObjectFactory objectFactory = new PGPObjectFactory( pgpIn, ImplementationFactory.getInstance().getKeyFingerprintCalculator()); - Object nextObject = tryNext(objectFactory); - while (nextObject != null) { - if (nextObject instanceof PGPMarker) { - nextObject = tryNext(objectFactory); - continue; - } + Object nextObject; + while ((nextObject = objectFactory.nextObject()) != null) { if (nextObject instanceof PGPCompressedData) { PGPCompressedData compressedData = (PGPCompressedData) nextObject; objectFactory = new PGPObjectFactory(compressedData.getDataStream(), ImplementationFactory.getInstance().getKeyFingerprintCalculator()); - nextObject = tryNext(objectFactory); - continue; } + if (nextObject instanceof PGPSignatureList) { PGPSignatureList signatureList = (PGPSignatureList) nextObject; for (PGPSignature s : signatureList) { signatures.add(s); } } + if (nextObject instanceof PGPSignature) { signatures.add((PGPSignature) nextObject); } - nextObject = tryNext(objectFactory); } pgpIn.close(); return signatures; } - /** - * Try reading the next signature from the factory. - * - * This is a helper method for BC choking on unexpected data like invalid signature versions. - * Unfortunately, this solves only half the issue, see bcgit/bc-java#1006 for a proper fix. - * - * @see BC-Java: Ignore PGPSignature with invalid version - * - * @param factory pgp object factory - * @return next non-throwing object or null - * @throws IOException in case of a stream error - */ - private static Object tryNext(PGPObjectFactory factory) throws IOException { - try { - Object o = factory.nextObject(); - return o; - } catch (RuntimeException e) { - return tryNext(factory); - } - } - /** * Determine the issuer key-id of a {@link PGPSignature}. * This method first inspects the {@link IssuerKeyID} subpacket of the signature and returns the key-id if present.