-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
File with valid MDC can fail MDC verification when stream is wrapped #66
Comments
homps
added a commit
to homps/bouncy-gpg
that referenced
this issue
Feb 3, 2022
Nesting inputstreams can result in a child stream reaching its end twice. For the MDCValidatingInputStream this results in verifying the MDC twice. PGPEncryptedData#verify doesn't handle being called twice. Fix with a simple boolean flag to prevent double verification.
homps
added a commit
to homps/bouncy-gpg
that referenced
this issue
Feb 3, 2022
Nesting inputstreams can result in a child stream reaching its end twice. For the MDCValidatingInputStream this results in verifying the MDC twice. PGPEncryptedData#verify doesn't handle being called twice. Fix with a simple boolean flag to prevent double verification.
homps
added a commit
to homps/bouncy-gpg
that referenced
this issue
Feb 3, 2022
Nesting inputstreams can result in a child stream reaching its end twice. For the MDCValidatingInputStream this results in verifying the MDC twice. PGPEncryptedData#verify doesn't handle being called twice. Fix with a simple boolean flag to prevent double verification.
homps
added a commit
to homps/bouncy-gpg
that referenced
this issue
Feb 3, 2022
Nesting inputstreams can result in a child stream reaching its end twice. For the MDCValidatingInputStream this results in verifying the MDC twice. PGPEncryptedData#verify doesn't handle being called twice. Fix with a simple boolean flag to prevent double verification.
Any way to merge this PR. I am facing the same issue here. |
That would be up to @neuhalje |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Exception thrown ('Error while validating MDC') if MDC validation occurs twice, caused by nested InputStreams.
To Reproduce
Wrap the
decryptAndVerifyStream
in an additional InputStream, reading to the end of that stream can causeMDCValidatingInputStream#read
to be called twice.PGPEncryptedData#verify
doesn't like being called twice, possibly due to the reuse of theintegrityCalculator
OutputStream (a guess).Expected behavior
Exception should not be thrown if MDC is valid, even if nested streams cause the validator to trigger twice.
** System (please complete the following information):**
Additional context
I've got an example trivial fix, will raise a PR for consideration shortly. Thanks!
The text was updated successfully, but these errors were encountered: