From 6a7165298f28216e69b1bfac357a9c1f3533d0f7 Mon Sep 17 00:00:00 2001
From: Roman Zeyde <roman.zeyde@gmail.com>
Date: Tue, 7 Mar 2017 21:43:32 +0200
Subject: [PATCH] decode: skip invalid pubkeys (instead of crashing)

---
 trezor_agent/gpg/decode.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/trezor_agent/gpg/decode.py b/trezor_agent/gpg/decode.py
index c1eba94..4cf0481 100644
--- a/trezor_agent/gpg/decode.py
+++ b/trezor_agent/gpg/decode.py
@@ -54,7 +54,8 @@ def parse_mpis(s, n):
 
 def _parse_nist256p1_pubkey(mpi):
     prefix, x, y = util.split_bits(mpi, 4, 256, 256)
-    assert prefix == 4
+    if prefix != 4:
+        raise ValueError('Invalid MPI prefix: {}'.format(prefix))
     point = ecdsa.ellipticcurve.Point(curve=ecdsa.NIST256p.curve,
                                       x=x, y=y)
     return ecdsa.VerifyingKey.from_public_point(
@@ -64,7 +65,8 @@ def _parse_nist256p1_pubkey(mpi):
 
 def _parse_ed25519_pubkey(mpi):
     prefix, value = util.split_bits(mpi, 8, 256)
-    assert prefix == 0x40
+    if prefix != 0x40:
+        raise ValueError('Invalid MPI prefix: {}'.format(prefix))
     return ed25519.VerifyingKey(util.num2bytes(value, size=32))
 
 
@@ -245,11 +247,13 @@ def parse_packets(stream):
         packet_data = reader.read(packet_size)
         packet_type = PACKET_TYPES.get(tag)
 
+        p = {'type': 'unknown', 'tag': tag, 'raw': packet_data}
         if packet_type is not None:
-            p = packet_type(util.Reader(io.BytesIO(packet_data)))
-            p['tag'] = tag
-        else:
-            p = {'type': 'unknown', 'tag': tag, 'raw': packet_data}
+            try:
+                p = packet_type(util.Reader(io.BytesIO(packet_data)))
+                p['tag'] = tag
+            except ValueError:
+                log.exception('Skipping packet: %s', util.hexlify(packet_data))
 
         log.debug('packet "%s": %s', p['type'], p)
         yield p