2 files changed, 9 insertions, 1 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
index 75f8bdb66..a116ea665 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java
@@ -65,6 +65,10 @@ public class OpenPgpSignatureResultBuilder {
         this.mSignatureAvailable = signatureAvailable;
     }
 
+    public boolean isValidSignature() {
+        return mValidSignature;
+    }
+
     public OpenPgpSignatureResult build() {
         if (mSignatureAvailable) {
             OpenPgpSignatureResult result = new OpenPgpSignatureResult();
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index b38caa80e..518975907 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -535,9 +535,13 @@ public class PgpDecryptVerify {
         } else {
             // no integrity check
             Log.d(Constants.TAG, "Encrypted data was not integrity protected! MDC packet is missing!");
+
+            // If no valid signature is present:
             // Handle missing integrity protection like failed integrity protection!
             // The MDC packet can be stripped by an attacker!
-            throw new IntegrityCheckFailedException();
+            if (!signatureResultBuilder.isValidSignature()) {
+                throw new IntegrityCheckFailedException();
+            }
         }
 
         updateProgress(R.string.progress_done, 100, 100);