From 36ecd60c1b4c2daaeb9481b2edca07e373da0a70 Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Sat, 30 May 2015 13:09:09 +0200
Subject: better error handling for bad encrypted data checksum

---
 .../org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java     | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index ea5147eb5..c5303fc9e 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -28,6 +28,7 @@ import org.spongycastle.openpgp.PGPCompressedData;
 import org.spongycastle.openpgp.PGPEncryptedData;
 import org.spongycastle.openpgp.PGPEncryptedDataList;
 import org.spongycastle.openpgp.PGPException;
+import org.spongycastle.openpgp.PGPKeyValidationException;
 import org.spongycastle.openpgp.PGPLiteralData;
 import org.spongycastle.openpgp.PGPOnePassSignature;
 import org.spongycastle.openpgp.PGPOnePassSignatureList;
@@ -596,7 +597,12 @@ public class PgpDecryptVerify extends BaseOperation {
             try {
                 PublicKeyDataDecryptorFactory decryptorFactory
                         = secretEncryptionKey.getDecryptorFactory(cryptoInput);
-                clear = encryptedDataAsymmetric.getDataStream(decryptorFactory);
+                try {
+                    clear = encryptedDataAsymmetric.getDataStream(decryptorFactory);
+                } catch (PGPKeyValidationException | ArrayIndexOutOfBoundsException e) {
+                    log.add(LogType.MSG_DC_ERROR_CORRUPT_DATA, indent + 1);
+                    return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
+                }
 
                 symmetricEncryptionAlgo = encryptedDataAsymmetric.getSymmetricAlgorithm(decryptorFactory);
             } catch (NfcSyncPublicKeyDataDecryptorFactoryBuilder.NfcInteractionNeeded e) {
-- 
cgit v1.2.3