From da131220aac727865b9e33e8d34743939e8acbf0 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Mon, 28 Jul 2014 17:04:25 +0200 Subject: [PATCH] watch out for nullpointers from get(Un|)HashedSubpackets fixes #721 --- .../keychain/pgp/PgpKeyOperation.java | 5 +++-- .../keychain/pgp/UncachedKeyRing.java | 3 ++- .../keychain/pgp/WrappedSignature.java | 21 ++++++++++++------- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 69244ca14..6bce07824 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -413,7 +413,8 @@ public class PgpKeyOperation { } // if this is~ the/a primary user id - if (currentCert.hasSubpackets() && currentCert.getHashedSubPackets().isPrimaryUserID()) { + if (currentCert.getHashedSubPackets() != null + && currentCert.getHashedSubPackets().isPrimaryUserID()) { // if it's the one we want, just leave it as is if (userId.equals(saveParcel.mChangePrimaryUserId)) { ok = true; @@ -740,7 +741,7 @@ public class PgpKeyOperation { int flags = 0; //noinspection unchecked for(PGPSignature sig : new IterableIterator(key.getSignatures())) { - if (!sig.hasSubpackets()) { + if (sig.getHashedSubPackets() == null) { continue; } flags |= sig.getHashedSubPackets().getKeyFlags(); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java index 8838075cd..de8c683ff 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java @@ -513,7 +513,8 @@ public class UncachedKeyRing { } // if this certificate says it allows signing for the key - if (zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) { + if (zert.getHashedSubPackets() != null && + zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) { int flags = ((KeyFlags) zert.getHashedSubPackets() .getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags(); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java index df19930c4..28e4c51d6 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java @@ -63,13 +63,17 @@ public class WrappedSignature { } try { PGPSignatureList list; - list = mSig.getHashedSubPackets().getEmbeddedSignatures(); - for(int i = 0; i < list.size(); i++) { - sigs.add(new WrappedSignature(list.get(i))); + if (mSig.getHashedSubPackets() != null) { + list = mSig.getHashedSubPackets().getEmbeddedSignatures(); + for (int i = 0; i < list.size(); i++) { + sigs.add(new WrappedSignature(list.get(i))); + } } - list = mSig.getUnhashedSubPackets().getEmbeddedSignatures(); - for(int i = 0; i < list.size(); i++) { - sigs.add(new WrappedSignature(list.get(i))); + if (mSig.getUnhashedSubPackets() != null) { + list = mSig.getUnhashedSubPackets().getEmbeddedSignatures(); + for (int i = 0; i < list.size(); i++) { + sigs.add(new WrappedSignature(list.get(i))); + } } } catch (PGPException e) { // no matter @@ -97,6 +101,9 @@ public class WrappedSignature { if(!isRevocation()) { throw new PgpGeneralException("Not a revocation signature."); } + if (mSig.getHashedSubPackets() == null) { + return null; + } SignatureSubpacket p = mSig.getHashedSubPackets().getSubpacket( SignatureSubpacketTags.REVOCATION_REASON); // For some reason, this is missing in SignatureSubpacketInputStream:146 @@ -205,7 +212,7 @@ public class WrappedSignature { } public boolean isLocal() { - if (!mSig.hasSubpackets() + if (mSig.getHashedSubPackets() == null || !mSig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.EXPORTABLE)) { return false; }