cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

complain about mdc insecurity status only if data actually was encrypted

Browse Source
This commit is contained in:
Vincent Breitmoser
2015-09-10 22:36:07 +02:00
parent b78954fc16
commit 950409ce55
1 changed files with 16 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
View File

@@ -382,12 +382,14 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
esResult = handleEncryptedPacket( esResult = handleEncryptedPacket(
input, cryptoInput, (PGPEncryptedDataList) obj, log, indent, currentProgress); input, cryptoInput, (PGPEncryptedDataList) obj, log, indent, currentProgress);
// if there is an error, there is nothing left to do here // if there is an error, nothing left to do here
if (esResult.errorResult != null) { if (esResult.errorResult != null) {
return esResult.errorResult; return esResult.errorResult;
} }
// if this worked out so far, the data is encrypted
decryptionResultBuilder.setEncrypted(true); decryptionResultBuilder.setEncrypted(true);
if (esResult.insecureEncryptionKey) { if (esResult.insecureEncryptionKey) {
log.add(LogType.MSG_DC_INSECURE_SYMMETRIC_ENCRYPTION_ALGO, indent + 1); log.add(LogType.MSG_DC_INSECURE_SYMMETRIC_ENCRYPTION_ALGO, indent + 1);
decryptionResultBuilder.setInsecure(true); decryptionResultBuilder.setInsecure(true);
@@ -630,21 +632,20 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
indent -= 1; indent -= 1;
if (esResult != null && esResult.encryptedData.isIntegrityProtected()) { if (esResult != null) {
updateProgress(R.string.progress_verifying_integrity, 95, 100); if (esResult.encryptedData.isIntegrityProtected()) {
updateProgress(R.string.progress_verifying_integrity, 95, 100);
if (esResult.encryptedData.verify()) { if (esResult.encryptedData.verify()) {
log.add(LogType.MSG_DC_INTEGRITY_CHECK_OK, indent); log.add(LogType.MSG_DC_INTEGRITY_CHECK_OK, indent);
} else { } else {
log.add(LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent); log.add(LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log); return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
} }
} else { } else if (signature == null) {
// If no valid signature is present: // If no signature is present, we *require* an MDC!
// Handle missing integrity protection like failed integrity protection! // Handle missing integrity protection like failed integrity protection!
// The MDC packet can be stripped by an attacker! // The MDC packet can be stripped by an attacker!
Log.d(Constants.TAG, "MDC fail");
if (!signatureResultBuilder.isValidSignature()) {
log.add(LogType.MSG_DC_INSECURE_MDC_MISSING, indent); log.add(LogType.MSG_DC_INSECURE_MDC_MISSING, indent);
decryptionResultBuilder.setInsecure(true); decryptionResultBuilder.setInsecure(true);
} }