make ascii armor parsing more resiliant

This commit is contained in:
Daniel Gultsch 2021-02-24 11:05:11 +01:00
parent 073b6a998a
commit d889c02a0a
2 changed files with 8 additions and 3 deletions

View file

@ -164,7 +164,7 @@ public class PgpEngine {
params.setAction(OpenPgpApi.ACTION_DECRYPT_VERIFY); params.setAction(OpenPgpApi.ACTION_DECRYPT_VERIFY);
try { try {
params.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, AsciiArmor.decode(signature)); params.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, AsciiArmor.decode(signature));
} catch (final IllegalArgumentException e) { } catch (final Exception e) {
Log.d(Config.LOGTAG, "unable to parse signature", e); Log.d(Config.LOGTAG, "unable to parse signature", e);
return 0; return 0;
} }

View file

@ -14,8 +14,13 @@ public class AsciiArmor {
final List<String> lines = Splitter.on('\n').splitToList(Strings.nullToEmpty(input).trim()); final List<String> lines = Splitter.on('\n').splitToList(Strings.nullToEmpty(input).trim());
if (lines.size() == 1) { if (lines.size() == 1) {
final String line = lines.get(0); final String line = lines.get(0);
final String cleaned = line.substring(0, line.lastIndexOf("=")); if (line.length() > 1) {
return BaseEncoding.base64().decode(cleaned); final int end = line.lastIndexOf('=');
if (end >= 1) {
final String cleaned = line.substring(0, end);
return BaseEncoding.base64().decode(cleaned);
}
}
} }
final String withoutChecksum; final String withoutChecksum;
if (Iterables.getLast(lines).charAt(0) == '=') { if (Iterables.getLast(lines).charAt(0) == '=') {