From f86327d6f8ef1552796c711c0460e966328a564f Mon Sep 17 00:00:00 2001
From: Paul Schaub <vanitasvitae@fsfe.org>
Date: Mon, 22 Apr 2024 11:08:20 +0200
Subject: [PATCH] OPS packet: throw UnsupportedPacketVersionException for
 version other than 3,6

---
 .../bouncycastle/bcpg/OnePassSignaturePacket.java  | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java b/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java
index 42c7e6e201..e3fa3d6a1d 100644
--- a/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java
+++ b/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java
@@ -1,5 +1,7 @@
 package org.bouncycastle.bcpg;
 
+import org.bouncycastle.util.io.Streams;
+
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 
@@ -32,9 +34,12 @@ public class OnePassSignaturePacket
         hashAlgorithm = in.read();
         keyAlgorithm = in.read();
 
-        if (version == VERSION_3) {
+        if (version == VERSION_3)
+        {
             keyID = StreamUtil.readKeyID(in);
-        } else if (version == VERSION_6) {
+        }
+        else if (version == VERSION_6)
+        {
             int saltLen = in.read();
             if (saltLen < 0) {
                 throw new IOException("Version 6 OPS packet has invalid salt length.");
@@ -45,6 +50,11 @@ public class OnePassSignaturePacket
             fingerprint = new byte[32];
             in.readFully(fingerprint);
         }
+        else
+        {
+            Streams.drain(in);
+            throw new UnsupportedPacketVersionException("Unsupported OnePassSignature packet version encountered: " + version);
+        }
 
         isContaining = in.read();
     }