mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Remove workaround for invalid signature processing
This commit is contained in:
parent
c55fd2e552
commit
cd9e7611ac
1 changed files with 4 additions and 31 deletions
|
@ -19,7 +19,6 @@ import org.bouncycastle.bcpg.sig.RevocationReason;
|
||||||
import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
|
import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
|
||||||
import org.bouncycastle.openpgp.PGPCompressedData;
|
import org.bouncycastle.openpgp.PGPCompressedData;
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPMarker;
|
|
||||||
import org.bouncycastle.openpgp.PGPObjectFactory;
|
import org.bouncycastle.openpgp.PGPObjectFactory;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKey;
|
import org.bouncycastle.openpgp.PGPSecretKey;
|
||||||
|
@ -226,56 +225,30 @@ public final class SignatureUtils {
|
||||||
PGPObjectFactory objectFactory = new PGPObjectFactory(
|
PGPObjectFactory objectFactory = new PGPObjectFactory(
|
||||||
pgpIn, ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
pgpIn, ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||||
|
|
||||||
Object nextObject = tryNext(objectFactory);
|
Object nextObject;
|
||||||
while (nextObject != null) {
|
while ((nextObject = objectFactory.nextObject()) != null) {
|
||||||
if (nextObject instanceof PGPMarker) {
|
|
||||||
nextObject = tryNext(objectFactory);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if (nextObject instanceof PGPCompressedData) {
|
if (nextObject instanceof PGPCompressedData) {
|
||||||
PGPCompressedData compressedData = (PGPCompressedData) nextObject;
|
PGPCompressedData compressedData = (PGPCompressedData) nextObject;
|
||||||
objectFactory = new PGPObjectFactory(compressedData.getDataStream(),
|
objectFactory = new PGPObjectFactory(compressedData.getDataStream(),
|
||||||
ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||||
nextObject = tryNext(objectFactory);
|
|
||||||
continue;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nextObject instanceof PGPSignatureList) {
|
if (nextObject instanceof PGPSignatureList) {
|
||||||
PGPSignatureList signatureList = (PGPSignatureList) nextObject;
|
PGPSignatureList signatureList = (PGPSignatureList) nextObject;
|
||||||
for (PGPSignature s : signatureList) {
|
for (PGPSignature s : signatureList) {
|
||||||
signatures.add(s);
|
signatures.add(s);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (nextObject instanceof PGPSignature) {
|
if (nextObject instanceof PGPSignature) {
|
||||||
signatures.add((PGPSignature) nextObject);
|
signatures.add((PGPSignature) nextObject);
|
||||||
}
|
}
|
||||||
nextObject = tryNext(objectFactory);
|
|
||||||
}
|
}
|
||||||
pgpIn.close();
|
pgpIn.close();
|
||||||
|
|
||||||
return signatures;
|
return signatures;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Try reading the next signature from the factory.
|
|
||||||
*
|
|
||||||
* This is a helper method for BC choking on unexpected data like invalid signature versions.
|
|
||||||
* Unfortunately, this solves only half the issue, see bcgit/bc-java#1006 for a proper fix.
|
|
||||||
*
|
|
||||||
* @see <a href="https://github.com/bcgit/bc-java/pull/1006">BC-Java: Ignore PGPSignature with invalid version</a>
|
|
||||||
*
|
|
||||||
* @param factory pgp object factory
|
|
||||||
* @return next non-throwing object or null
|
|
||||||
* @throws IOException in case of a stream error
|
|
||||||
*/
|
|
||||||
private static Object tryNext(PGPObjectFactory factory) throws IOException {
|
|
||||||
try {
|
|
||||||
Object o = factory.nextObject();
|
|
||||||
return o;
|
|
||||||
} catch (RuntimeException e) {
|
|
||||||
return tryNext(factory);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determine the issuer key-id of a {@link PGPSignature}.
|
* Determine the issuer key-id of a {@link PGPSignature}.
|
||||||
* This method first inspects the {@link IssuerKeyID} subpacket of the signature and returns the key-id if present.
|
* This method first inspects the {@link IssuerKeyID} subpacket of the signature and returns the key-id if present.
|
||||||
|
|
Loading…
Reference in a new issue