mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-26 22:32:07 +01:00
Remove workaround for invalid signature processing
This commit is contained in:
parent
c55fd2e552
commit
cd9e7611ac
1 changed files with 4 additions and 31 deletions
|
@ -19,7 +19,6 @@ import org.bouncycastle.bcpg.sig.RevocationReason;
|
|||
import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
|
||||
import org.bouncycastle.openpgp.PGPCompressedData;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPMarker;
|
||||
import org.bouncycastle.openpgp.PGPObjectFactory;
|
||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||
import org.bouncycastle.openpgp.PGPSecretKey;
|
||||
|
@ -226,56 +225,30 @@ public final class SignatureUtils {
|
|||
PGPObjectFactory objectFactory = new PGPObjectFactory(
|
||||
pgpIn, ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||
|
||||
Object nextObject = tryNext(objectFactory);
|
||||
while (nextObject != null) {
|
||||
if (nextObject instanceof PGPMarker) {
|
||||
nextObject = tryNext(objectFactory);
|
||||
continue;
|
||||
}
|
||||
Object nextObject;
|
||||
while ((nextObject = objectFactory.nextObject()) != null) {
|
||||
if (nextObject instanceof PGPCompressedData) {
|
||||
PGPCompressedData compressedData = (PGPCompressedData) nextObject;
|
||||
objectFactory = new PGPObjectFactory(compressedData.getDataStream(),
|
||||
ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||
nextObject = tryNext(objectFactory);
|
||||
continue;
|
||||
}
|
||||
|
||||
if (nextObject instanceof PGPSignatureList) {
|
||||
PGPSignatureList signatureList = (PGPSignatureList) nextObject;
|
||||
for (PGPSignature s : signatureList) {
|
||||
signatures.add(s);
|
||||
}
|
||||
}
|
||||
|
||||
if (nextObject instanceof PGPSignature) {
|
||||
signatures.add((PGPSignature) nextObject);
|
||||
}
|
||||
nextObject = tryNext(objectFactory);
|
||||
}
|
||||
pgpIn.close();
|
||||
|
||||
return signatures;
|
||||
}
|
||||
|
||||
/**
|
||||
* Try reading the next signature from the factory.
|
||||
*
|
||||
* This is a helper method for BC choking on unexpected data like invalid signature versions.
|
||||
* Unfortunately, this solves only half the issue, see bcgit/bc-java#1006 for a proper fix.
|
||||
*
|
||||
* @see <a href="https://github.com/bcgit/bc-java/pull/1006">BC-Java: Ignore PGPSignature with invalid version</a>
|
||||
*
|
||||
* @param factory pgp object factory
|
||||
* @return next non-throwing object or null
|
||||
* @throws IOException in case of a stream error
|
||||
*/
|
||||
private static Object tryNext(PGPObjectFactory factory) throws IOException {
|
||||
try {
|
||||
Object o = factory.nextObject();
|
||||
return o;
|
||||
} catch (RuntimeException e) {
|
||||
return tryNext(factory);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Determine the issuer key-id of a {@link PGPSignature}.
|
||||
* This method first inspects the {@link IssuerKeyID} subpacket of the signature and returns the key-id if present.
|
||||
|
|
Loading…
Reference in a new issue