diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-10-14 01:05:16 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-10-14 01:05:16 +0700 |
| commit | 1b15bfc5d4b7e478887f5202c74e563382ffa2d9 (patch) | |
| tree | f4eedff7c22b12b5a9ad5b1ef474159505aa09f7 /crypto/src | |
| parent | Improve ASN.1 set special handling (diff) | |
| download | BouncyCastle.NET-ed25519-1b15bfc5d4b7e478887f5202c74e563382ffa2d9.tar.xz | |
Ignore PGP signatures with invalid version
Diffstat (limited to 'crypto/src')
| -rw-r--r-- | crypto/src/bcpg/BcpgInputStream.cs | 2 | ||||
| -rw-r--r-- | crypto/src/bcpg/SignaturePacket.cs | 5 | ||||
| -rw-r--r-- | crypto/src/bcpg/UnsupportedPacketVersionException.cs | 13 | ||||
| -rw-r--r-- | crypto/src/openpgp/PgpObjectFactory.cs | 8 |
4 files changed, 25 insertions, 3 deletions
diff --git a/crypto/src/bcpg/BcpgInputStream.cs b/crypto/src/bcpg/BcpgInputStream.cs index 3dba953ea..38b5382ad 100644 --- a/crypto/src/bcpg/BcpgInputStream.cs +++ b/crypto/src/bcpg/BcpgInputStream.cs @@ -196,7 +196,7 @@ namespace Org.BouncyCastle.Bcpg else { PartialInputStream pis = new PartialInputStream(this, partial, bodyLen); - objStream = new BcpgInputStream(pis); + objStream = new BcpgInputStream(new BufferedStream(pis)); } switch (tag) diff --git a/crypto/src/bcpg/SignaturePacket.cs b/crypto/src/bcpg/SignaturePacket.cs index 70138d584..9a664f902 100644 --- a/crypto/src/bcpg/SignaturePacket.cs +++ b/crypto/src/bcpg/SignaturePacket.cs @@ -5,6 +5,7 @@ using System.IO; using Org.BouncyCastle.Bcpg.Sig; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Date; +using Org.BouncyCastle.Utilities.IO; namespace Org.BouncyCastle.Bcpg { @@ -121,7 +122,9 @@ namespace Org.BouncyCastle.Bcpg } else { - throw new Exception("unsupported version: " + version); + Streams.Drain(bcpgIn); + + throw new UnsupportedPacketVersionException("unsupported version: " + version); } fingerprint = new byte[2]; diff --git a/crypto/src/bcpg/UnsupportedPacketVersionException.cs b/crypto/src/bcpg/UnsupportedPacketVersionException.cs new file mode 100644 index 000000000..447d75286 --- /dev/null +++ b/crypto/src/bcpg/UnsupportedPacketVersionException.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Bcpg +{ + public class UnsupportedPacketVersionException + : Exception + { + public UnsupportedPacketVersionException(string msg) + : base(msg) + { + } + } +} diff --git a/crypto/src/openpgp/PgpObjectFactory.cs b/crypto/src/openpgp/PgpObjectFactory.cs index 1f1c32c83..c67c7ccd1 100644 --- a/crypto/src/openpgp/PgpObjectFactory.cs +++ b/crypto/src/openpgp/PgpObjectFactory.cs @@ -50,6 +50,12 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp { l.Add(new PgpSignature(bcpgIn)); } + catch (UnsupportedPacketVersionException e) + { + // Signatures of unsupported version MUST BE ignored + // see: https://tests.sequoia-pgp.org/#Detached_signatures_with_unknown_packets + continue; + } catch (PgpException e) { throw new IOException("can't create signature object: " + e); @@ -61,7 +67,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp { sigs[i] = (PgpSignature)l[i]; } - return new PgpSignatureList(sigs); + return new PgpSignatureList(sigs); } case PacketTag.SecretKey: try |