From f32863dc54587f601090d5da164021d23d6045ae Mon Sep 17 00:00:00 2001
From: Tankred Hase <tankred@whiteout.io>
Date: Fri, 12 Jun 2015 16:50:03 +0200
Subject: [PATCH] Add error handling for invalid PGP key user id

---
 src/js/crypto/pgp.js | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/js/crypto/pgp.js b/src/js/crypto/pgp.js
index 807eb65..545f3d3 100644
--- a/src/js/crypto/pgp.js
+++ b/src/js/crypto/pgp.js
@@ -106,7 +106,7 @@ PGP.prototype.getKeyId = function(keyArmored) {
  * Read all relevant params of an armored key.
  */
 PGP.prototype.getKeyParams = function(keyArmored) {
-    var key, packet, userIds;
+    var key, packet, userIds, emailAddress;
 
     // process armored key input
     if (keyArmored) {
@@ -122,15 +122,24 @@ PGP.prototype.getKeyParams = function(keyArmored) {
     // read user names and email addresses
     userIds = [];
     key.getUserIds().forEach(function(userId) {
+        if (!userId || userId.indexOf('<') < 0 || userId.indexOf('>') < 0) {
+            return;
+        }
         userIds.push({
             name: userId.split('<')[0].trim(),
             emailAddress: userId.split('<')[1].split('>')[0].trim()
         });
     });
 
+    // check user ID
+    emailAddress = userIds[0] && userIds[0].emailAddress;
+    if (!emailAddress) {
+        throw new Error('Cannot parse PGP key user ID!');
+    }
+
     return {
         _id: packet.getKeyId().toHex().toUpperCase(),
-        userId: userIds[0].emailAddress, // the primary (first) email address of the key
+        userId: emailAddress, // the primary (first) email address of the key
         userIds: userIds, // a dictonary of all the key's name/address pairs
         fingerprint: packet.getFingerprint().toUpperCase(),
         algorithm: packet.algorithm,