PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-12-08 13:21:09 +01:00
Code Issues Releases Wiki Activity

Handle unknown packet versions gracefully

Browse source
This commit is contained in:
Paul Schaub 2022-10-24 19:23:52 +02:00
parent 192aa98326
commit 7e8841abf3
2 changed files with 418 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
pgpainless-core/src/main/java/org/pgpainless/decryption_verification/OpenPgpMessageInputStream.java
View file

@ -18,6 +18,7 @@ import javax.annotation.Nonnull;
import org.bouncycastle.bcpg.ArmoredInputStream;
import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPEncryptedDataList;
@ -366,7 +367,13 @@ public class OpenPgpMessageInputStream extends DecryptionStream {
// true if Signature corresponds to OnePassSignature
boolean isSigForOPS = syntaxVerifier.peekStack() == StackAlphabet.ops;
syntaxVerifier.next(InputAlphabet.Signature);
PGPSignature signature = packetInputStream.readSignature();
PGPSignature signature;
try {
signature = packetInputStream.readSignature();
} catch (UnsupportedPacketVersionException e) {
LOGGER.debug("Unsupported Signature at depth " + metadata.depth + " encountered.", e);
return;
}
long keyId = SignatureUtils.determineIssuerKeyId(signature);
if (isSigForOPS) {
LOGGER.debug("Signature Packet corresponding to One-Pass-Signature by key " +