Bug#1026329: bouncycastle breaks pgpainless autopkgtest: premature end of stream

Thu, 05 Jan 2023 15:45:15 -0800 

Dear Maintainer,

 Would it be possible to include a fix for this issue as a patch to
bouncycastle source?
I have cherry-picked commits that fixed
https://github.com/bcgit/bc-java/issues/1251 into the patch,  applied it,
rebuilt bouncycastle and verified that pgpainless builds and tests
successfully against patched bouncycastle.

Best Regards,
 Vladimir.

commit b3ff4a295409246725c82922087c84afef077763
Author: vpa1977 <vladimir.pe...@canonical.com>
Date:   Fri Jan 6 12:03:48 2023 +1300

     Regression in PGP verification of decrypted data
     https://github.com/bcgit/bc-java/issues/1251

diff --git a/debian/patches/fix-missing-offset-inclusion.patch b/debian/patches/fix-missing-offset-inclusion.patch
new file mode 100644
index 00000000..0ded3bcc
--- /dev/null
+++ b/debian/patches/fix-missing-offset-inclusion.patch
@@ -0,0 +1,19 @@
+commit 04bc5096ab1a3cf38c91952adf634df448609762
+Author: David Hook <david.h...@keyfactor.com>
+Date:   Mon Oct 24 17:41:51 2022 +1100
+
+    fixed missing offset inclusion
+
+diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
+index 3ba8d2cc5..1939881da 100644
+--- a/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
++++ b/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
+@@ -96,7 +96,7 @@ else if (len == 0)
+             int bytesFromLookahead = Math.min(bytesRead, lookAhead.length);
+             for (int i = 0; i < bytesFromLookahead; i++)
+             {
+-                b[i] = (byte)lookAhead[(bufPtr + i) % lookAhead.length];
++                b[off + i] = (byte)lookAhead[(bufPtr + i) % lookAhead.length];
+             }
+ 
+             // write tail of readBuffer to lookahead
diff --git a/debian/patches/masked-byte-data-for-lookahead.patch b/debian/patches/masked-byte-data-for-lookahead.patch
new file mode 100644
index 00000000..ac0647df
--- /dev/null
+++ b/debian/patches/masked-byte-data-for-lookahead.patch
@@ -0,0 +1,30 @@
+commit 1f549b1adeba7fadf2476be97af0b9e45386165c
+Author: David Hook <d...@cryptoworkshop.com>
+Date:   Mon Oct 24 21:02:51 2022 +1100
+
+    relates to #1251 - masked byte data for lookahead
+
+diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
+index 1939881da..6a3527e49 100644
+--- a/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
++++ b/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedData.java
+@@ -103,13 +103,16 @@ else if (len == 0)
+             int bufferTail = bytesRead - bytesFromLookahead;
+             for (int i = bufferTail; i < bytesRead; i++)
+             {
+-                lookAhead[bufPtr] = readBuffer[i];
++                lookAhead[bufPtr] = readBuffer[i] & 0xff; // we're not at end of file.
+                 bufPtr = (bufPtr + 1) % lookAhead.length;
+             }
+ 
+             // Copy head of readBuffer to output
+-            System.arraycopy(readBuffer, 0, b, off + bytesFromLookahead, bufferTail);
+-
++            if (bufferTail != 0)
++            {
++                System.arraycopy(readBuffer, 0, b, off + bytesFromLookahead, bufferTail);
++            }
++            
+             return bytesRead;
+         }
+         
diff --git a/debian/patches/series b/debian/patches/series
index 6c766b22..9ea886c2 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,4 @@
 02_index.patch
 backward-compatibility.patch
+fix-missing-offset-inclusion.patch
+masked-byte-data-for-lookahead.patch

Reply via email to