diff options
author | Vincent Breitmoser <valodim@mugenguild.com> | 2014-09-09 22:41:24 +0200 |
---|---|---|
committer | Vincent Breitmoser <valodim@mugenguild.com> | 2014-09-09 22:43:14 +0200 |
commit | 7dbb7cf1e1fd4de1098d4a2207a90ddc680598ed (patch) | |
tree | e44cec83c4e97c586e8fd730d0458b5da92c3bc8 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java | |
parent | a925e8b83f2af77bd74752dbe56c18baedeb1f1f (diff) | |
download | open-keychain-7dbb7cf1e1fd4de1098d4a2207a90ddc680598ed.tar.gz open-keychain-7dbb7cf1e1fd4de1098d4a2207a90ddc680598ed.tar.bz2 open-keychain-7dbb7cf1e1fd4de1098d4a2207a90ddc680598ed.zip |
jury-rig broken sign mechanism
Should improve situation on #811
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java index 2e4eafe41..4874b6eaa 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java @@ -68,6 +68,7 @@ public class PgpSignEncrypt { private String mSymmetricPassphrase; private int mSymmetricEncryptionAlgorithm; private long mSignatureMasterKeyId; + private Long mSignatureSubKeyId; private int mSignatureHashAlgorithm; private String mSignaturePassphrase; private long mAdditionalEncryptId; @@ -101,6 +102,7 @@ public class PgpSignEncrypt { this.mSymmetricPassphrase = builder.mSymmetricPassphrase; this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm; this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId; + this.mSignatureSubKeyId = builder.mSignatureSubKeyId; this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm; this.mSignaturePassphrase = builder.mSignaturePassphrase; this.mAdditionalEncryptId = builder.mAdditionalEncryptId; @@ -125,6 +127,7 @@ public class PgpSignEncrypt { private String mSymmetricPassphrase = null; private int mSymmetricEncryptionAlgorithm = 0; private long mSignatureMasterKeyId = Constants.key.none; + private Long mSignatureSubKeyId = null; private int mSignatureHashAlgorithm = 0; private String mSignaturePassphrase = null; private long mAdditionalEncryptId = Constants.key.none; @@ -179,6 +182,11 @@ public class PgpSignEncrypt { return this; } + public Builder setSignatureSubKeyId(long signatureSubKeyId) { + mSignatureSubKeyId = signatureSubKeyId; + return this; + } + public Builder setSignatureHashAlgorithm(int signatureHashAlgorithm) { mSignatureHashAlgorithm = signatureHashAlgorithm; return this; @@ -309,26 +317,32 @@ public class PgpSignEncrypt { /* Get keys for signature generation for later usage */ CanonicalizedSecretKey signingKey = null; if (enableSignature) { - CanonicalizedSecretKeyRing signingKeyRing; - try { - signingKeyRing = mProviderHelper.getCanonicalizedSecretKeyRing(mSignatureMasterKeyId); - } catch (ProviderHelper.NotFoundException e) { - throw new NoSigningKeyException(); + + // If we weren't handed a passphrase, throw early + if (mSignaturePassphrase == null) { + throw new NoPassphraseException(); } + try { - signingKey = signingKeyRing.getSigningSubKey(); - } catch (PgpGeneralException e) { + // fetch the indicated master key id (the one whose name we sign in) + CanonicalizedSecretKeyRing signingKeyRing = + mProviderHelper.getCanonicalizedSecretKeyRing(mSignatureMasterKeyId); + // fetch the specific subkey to sign with, or just use the master key if none specified + long signKeyId = mSignatureSubKeyId != null ? mSignatureSubKeyId : mSignatureMasterKeyId; + signingKey = signingKeyRing.getSecretKey(signKeyId); + // make sure it's a signing key alright! + } catch (ProviderHelper.NotFoundException e) { throw new NoSigningKeyException(); } - if (mSignaturePassphrase == null) { - throw new NoPassphraseException(); + if ( ! signingKey.canSign()) { + throw new NoSigningKeyException(); } updateProgress(R.string.progress_extracting_signature_key, 0, 100); try { - if (!signingKey.unlock(mSignaturePassphrase)) { + if ( ! signingKey.unlock(mSignaturePassphrase)) { throw new WrongPassphraseException(); } } catch (PgpGeneralException e) { |