From d889c02a0a4c2433dcea3507631530493a6fe665 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Wed, 24 Feb 2021 11:05:11 +0100 Subject: [PATCH] make ascii armor parsing more resiliant --- .../java/eu/siacs/conversations/crypto/PgpEngine.java | 2 +- .../java/eu/siacs/conversations/utils/AsciiArmor.java | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/crypto/PgpEngine.java b/src/main/java/eu/siacs/conversations/crypto/PgpEngine.java index c4f58da94..007a28f70 100644 --- a/src/main/java/eu/siacs/conversations/crypto/PgpEngine.java +++ b/src/main/java/eu/siacs/conversations/crypto/PgpEngine.java @@ -164,7 +164,7 @@ public class PgpEngine { params.setAction(OpenPgpApi.ACTION_DECRYPT_VERIFY); try { params.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, AsciiArmor.decode(signature)); - } catch (final IllegalArgumentException e) { + } catch (final Exception e) { Log.d(Config.LOGTAG, "unable to parse signature", e); return 0; } diff --git a/src/main/java/eu/siacs/conversations/utils/AsciiArmor.java b/src/main/java/eu/siacs/conversations/utils/AsciiArmor.java index beb224169..a1203ede1 100644 --- a/src/main/java/eu/siacs/conversations/utils/AsciiArmor.java +++ b/src/main/java/eu/siacs/conversations/utils/AsciiArmor.java @@ -14,8 +14,13 @@ public class AsciiArmor { final List lines = Splitter.on('\n').splitToList(Strings.nullToEmpty(input).trim()); if (lines.size() == 1) { final String line = lines.get(0); - final String cleaned = line.substring(0, line.lastIndexOf("=")); - return BaseEncoding.base64().decode(cleaned); + if (line.length() > 1) { + final int end = line.lastIndexOf('='); + if (end >= 1) { + final String cleaned = line.substring(0, end); + return BaseEncoding.base64().decode(cleaned); + } + } } final String withoutChecksum; if (Iterables.getLast(lines).charAt(0) == '=') {