moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-13 04:25:00 -05:00
Code Issues Releases Wiki Activity

Handle missing MDC as failed only if no valid signature is present

Browse Source
This commit is contained in:
Dominik Schürmann 2014-08-10 21:50:46 +02:00
parent 33a4d68520
commit 13f86890d6
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
View File

@ -65,6 +65,10 @@ public class OpenPgpSignatureResultBuilder {
this.mSignatureAvailable = signatureAvailable; this.mSignatureAvailable = signatureAvailable;
} }
public boolean isValidSignature() {
return mValidSignature;
}
public OpenPgpSignatureResult build() { public OpenPgpSignatureResult build() {
if (mSignatureAvailable) { if (mSignatureAvailable) {
OpenPgpSignatureResult result = new OpenPgpSignatureResult(); OpenPgpSignatureResult result = new OpenPgpSignatureResult();

6
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
View File

@ -535,9 +535,13 @@ public class PgpDecryptVerify {
} else { } else {
// no integrity check // no integrity check
Log.d(Constants.TAG, "Encrypted data was not integrity protected! MDC packet is missing!"); Log.d(Constants.TAG, "Encrypted data was not integrity protected! MDC packet is missing!");
// If no valid signature is present:
// Handle missing integrity protection like failed integrity protection! // Handle missing integrity protection like failed integrity protection!
// The MDC packet can be stripped by an attacker! // The MDC packet can be stripped by an attacker!
throw new IntegrityCheckFailedException(); if (!signatureResultBuilder.isValidSignature()) {
throw new IntegrityCheckFailedException();
}
} }
updateProgress(R.string.progress_done, 100, 100); updateProgress(R.string.progress_done, 100, 100);