don't show allowed key list if no key exists, and some minor PgpDecryptVerify changes

author: Vincent Breitmoser <valodim@mugenguild.com> 2015-05-28 02:27:44 +0200
committer: Vincent Breitmoser <valodim@mugenguild.com> 2015-05-28 16:33:45 +0200
commit: 5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24 (patch)
tree: 9f21406042dd97721c641616f78456baa4546082 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
parent: 1fb7477a5ae85485153d70bdfb043f45dd4bda0e (diff)
download: open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.tar.gz
open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.tar.bz2
open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.zip
1 files changed, 24 insertions, 13 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index f6580b85a..aa1125800 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -384,7 +384,7 @@ public class PgpDecryptVerify extends BaseOperation {
         }
 
         if (enc == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, indent);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -419,6 +419,7 @@ public class PgpDecryptVerify extends BaseOperation {
         }
 
         Passphrase passphrase = null;
+        boolean skippedDisallowedKey = false;
 
         // go through all objects and find one we can decrypt
         while (it.hasNext()) {
@@ -451,13 +452,6 @@ public class PgpDecryptVerify extends BaseOperation {
                     log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                     continue;
                 }
-                // get subkey which has been used for this encryption packet
-                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
-                if (secretEncryptionKey == null) {
-                    // should actually never happen, so no need to be more specific.
-                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
-                    continue;
-                }
 
                 // allow only specific keys for decryption?
                 if (mAllowedKeyIds != null) {
@@ -469,11 +463,20 @@ public class PgpDecryptVerify extends BaseOperation {
                     if (!mAllowedKeyIds.contains(masterKeyId)) {
                         // this key is in our db, but NOT allowed!
                         // continue with the next packet in the while loop
+                        skippedDisallowedKey = true;
                         log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent + 1);
                         continue;
                     }
                 }
 
+                // get subkey which has been used for this encryption packet
+                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
+                if (secretEncryptionKey == null) {
+                    // should actually never happen, so no need to be more specific.
+                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
+                    continue;
+                }
+
                 /* secret key exists in database and is allowed! */
                 asymmetricPacketFound = true;
 
@@ -604,10 +607,18 @@ public class PgpDecryptVerify extends BaseOperation {
             }
             encryptedData = encryptedDataAsymmetric;
         } else {
-            // If we didn't find any useful data, error out
+            // there wasn't even any useful data
+            if (!anyPacketFound) {
+                log.add(LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
+                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_NO_DATA, log);
+            }
+            // there was data but key wasn't allowed
+            if (skippedDisallowedKey) {
+                log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
+                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_KEY_DISALLOWED, log);
+            }
             // no packet has been found where we have the corresponding secret key in our db
-            log.add(
-                    anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
+            log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -910,7 +921,7 @@ public class PgpDecryptVerify extends BaseOperation {
 
         PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
         if (sigList == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -993,7 +1004,7 @@ public class PgpDecryptVerify extends BaseOperation {
         } else if (o instanceof PGPSignatureList) {
             sigList = (PGPSignatureList) o;
         } else {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
author	Vincent Breitmoser <valodim@mugenguild.com>	2015-05-28 02:27:44 +0200
committer	Vincent Breitmoser <valodim@mugenguild.com>	2015-05-28 16:33:45 +0200
commit	5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24 (patch)
tree	9f21406042dd97721c641616f78456baa4546082 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
parent	1fb7477a5ae85485153d70bdfb043f45dd4bda0e (diff)
download	open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.tar.gz open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.tar.bz2 open-keychain-5c8af1c5a5ad4be2bf3f2f657fe3fbd2f1fe8a24.zip