mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-12-25 00:18:51 -05:00
Handle missing integrity protection MDC packet as if integrity check would have failed.
An attacker could strip the MDC on its way to the receiver...
This commit is contained in:
parent
b0821a3ddd
commit
c981902aba
@ -399,8 +399,7 @@ public class PgpDecryptVerify {
|
||||
signingKey = signingRing.getPublicKey(sigKeyId);
|
||||
signatureIndex = i;
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.d(Constants.TAG, "key not found!");
|
||||
// try next one...
|
||||
Log.d(Constants.TAG, "key not found, trying next signature…");
|
||||
}
|
||||
}
|
||||
|
||||
@ -537,8 +536,10 @@ public class PgpDecryptVerify {
|
||||
}
|
||||
} else {
|
||||
// no integrity check
|
||||
Log.e(Constants.TAG, "Encrypted data was not integrity protected!");
|
||||
// TODO: inform user?
|
||||
Log.d(Constants.TAG, "Encrypted data was not integrity protected! MDC packet is missing!");
|
||||
// Handle missing integrity protection like failed integrity protection!
|
||||
// The MDC packet can be stripped by an attacker!
|
||||
throw new IntegrityCheckFailedException();
|
||||
}
|
||||
|
||||
updateProgress(R.string.progress_done, 100, 100);
|
||||
|
Loading…
Reference in New Issue
Block a user