moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-11 03:25:05 -05:00
Code Issues Releases Wiki Activity

Handle missing MDC as failed only if no valid signature is present

Browse Source
This commit is contained in:
Dominik Schürmann 2014-08-10 21:50:46 +02:00
parent 33a4d68520
commit 13f86890d6
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
View File

@ -65,6 +65,10 @@ public class OpenPgpSignatureResultBuilder {
this.mSignatureAvailable = signatureAvailable;
}
public boolean isValidSignature() {
return mValidSignature;
}
public OpenPgpSignatureResult build() {
if (mSignatureAvailable) {
OpenPgpSignatureResult result = new OpenPgpSignatureResult();

6
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
View File

@ -535,9 +535,13 @@ public class PgpDecryptVerify {
} else {
// no integrity check
Log.d(Constants.TAG, "Encrypted data was not integrity protected! MDC packet is missing!");
// If no valid signature is present:
// Handle missing integrity protection like failed integrity protection!
// The MDC packet can be stripped by an attacker!
throw new IntegrityCheckFailedException();
if (!signatureResultBuilder.isValidSignature()) {
throw new IntegrityCheckFailedException();
}
}
updateProgress(R.string.progress_done, 100, 100);