Throw NoSuchMessageException if attachment is invalid.

briar-api/src/main/java/org/briarproject/briar/api/attachment/AttachmentReader.java

@@ -1,15 +1,19 @@
 package org.briarproject.briar.api.attachment;
 
 import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.db.NoSuchMessageException;
 
 public interface AttachmentReader {
 
 	/**
 	 * Returns the attachment with the given attachment header.
 	 *
-	 * @throws InvalidAttachmentException If the header refers to a message
+	 * @throws NoSuchMessageException If the header refers to a message in
+	 * a different group from the one specified in the header, to a message
 	 * that is not an attachment, or to an attachment that does not have the
-	 * expected content type
+	 * expected content type. This is meant to prevent social engineering
+	 * attacks that use invalid attachment IDs to test whether messages exist
+	 * in the victim's database
 	 */
 	Attachment getAttachment(AttachmentHeader h) throws DbException;
 

briar-api/src/main/java/org/briarproject/briar/api/attachment/InvalidAttachmentException.java

@@ -1,21 +0,0 @@
-package org.briarproject.briar.api.attachment;
-
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-
-/**
- * An exception that is thrown when an {@link AttachmentHeader} is used to
- * load an {@link Attachment}, and the header refers to a message that is not
- * an attachment, or to an attachment that does not have the expected content
- * type.
- */
-@NotNullByDefault
-public class InvalidAttachmentException extends DbException {
-	public InvalidAttachmentException() {
-		super();
-	}
-
-	public InvalidAttachmentException(Throwable t) {
-		super(t);
-	}
-}

briar-core/src/main/java/org/briarproject/briar/attachment/AttachmentReaderImpl.java

@@ -10,7 +10,6 @@ import org.briarproject.bramble.api.sync.MessageId;
 import org.briarproject.briar.api.attachment.Attachment;
 import org.briarproject.briar.api.attachment.AttachmentHeader;
 import org.briarproject.briar.api.attachment.AttachmentReader;
-import org.briarproject.briar.api.attachment.InvalidAttachmentException;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
@@ -44,13 +43,13 @@ public class AttachmentReaderImpl implements AttachmentReader {
 			BdfDictionary meta = clientHelper.getMessageMetadataAsDictionary(m);
 			String contentType = meta.getString(MSG_KEY_CONTENT_TYPE);
 			if (!contentType.equals(h.getContentType()))
-				throw new InvalidAttachmentException();
+				throw new NoSuchMessageException();
 			int offset = meta.getLong(MSG_KEY_DESCRIPTOR_LENGTH).intValue();
 			InputStream stream = new ByteArrayInputStream(body, offset,
 					body.length - offset);
 			return new Attachment(h, stream);
 		} catch (FormatException e) {
-			throw new InvalidAttachmentException(e);
+			throw new NoSuchMessageException();
 		}
 	}
 

briar-core/src/test/java/org/briarproject/briar/attachment/AttachmentReaderImplTest.java

@@ -9,7 +9,6 @@ import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.test.BrambleMockTestCase;
 import org.briarproject.briar.api.attachment.Attachment;
 import org.briarproject.briar.api.attachment.AttachmentHeader;
-import org.briarproject.briar.api.attachment.InvalidAttachmentException;
 import org.jmock.Expectations;
 import org.junit.Test;
 
@@ -51,14 +50,14 @@ public class AttachmentReaderImplTest extends BrambleMockTestCase {
 		attachmentReader.getAttachment(wrongGroup);
 	}
 
-	@Test(expected = InvalidAttachmentException.class)
+	@Test(expected = NoSuchMessageException.class)
 	public void testMissingContentType() throws Exception {
 		BdfDictionary meta = new BdfDictionary();
 
 		testInvalidMetadata(meta);
 	}
 
-	@Test(expected = InvalidAttachmentException.class)
+	@Test(expected = NoSuchMessageException.class)
 	public void testWrongContentType() throws Exception {
 		BdfDictionary meta = BdfDictionary.of(
 				new BdfEntry(MSG_KEY_CONTENT_TYPE, "image/png"));
@@ -66,7 +65,7 @@ public class AttachmentReaderImplTest extends BrambleMockTestCase {
 		testInvalidMetadata(meta);
 	}
 
-	@Test(expected = InvalidAttachmentException.class)
+	@Test(expected = NoSuchMessageException.class)
 	public void testMissingDescriptorLength() throws Exception {
 		BdfDictionary meta = BdfDictionary.of(
 				new BdfEntry(MSG_KEY_CONTENT_TYPE, contentType));