aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
diff options
context:
space:
mode:
authorDominik Schürmann <dominik@dominikschuermann.de>2014-09-13 19:05:53 +0200
committerDominik Schürmann <dominik@dominikschuermann.de>2014-09-13 19:05:53 +0200
commit9e37522bddc7c5a048aca7fc60153b6f10ce8f44 (patch)
tree73d8e264a9874be9f4f8cdcdb2e603fb332cdd5a /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
parent974dc47d699ee78b657021d12ae04c7699a20e82 (diff)
downloadopen-keychain-9e37522bddc7c5a048aca7fc60153b6f10ce8f44.tar.gz
open-keychain-9e37522bddc7c5a048aca7fc60153b6f10ce8f44.tar.bz2
open-keychain-9e37522bddc7c5a048aca7fc60153b6f10ce8f44.zip
Get certificates by raw user ids, be more liberal about accepted user id encodings
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java49
1 files changed, 26 insertions, 23 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index fea314f41..768065f1c 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -33,6 +33,7 @@ import org.spongycastle.openpgp.PGPSignature;
import org.spongycastle.openpgp.PGPSignatureList;
import org.spongycastle.openpgp.PGPUtil;
import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
+import org.spongycastle.util.Strings;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.service.results.OperationResultParcel.LogLevel;
@@ -361,23 +362,25 @@ public class UncachedKeyRing {
}
}
- ArrayList<String> processedUserIds = new ArrayList<String>();
- for (String userId : new IterableIterator<String>(masterKey.getUserIDs())) {
+ ArrayList<byte[]> processedUserIds = new ArrayList<byte[]>();
+ for (byte[] rawUserId : new IterableIterator<byte[]>(masterKey.getRawUserIDs())) {
+ String userId = Strings.fromUTF8ByteArray(rawUserId);
+
// check for duplicate user ids
- if (processedUserIds.contains(userId)) {
+ if (processedUserIds.contains(rawUserId)) {
log.add(LogLevel.WARN, LogType.MSG_KC_UID_DUP,
indent, userId);
// strip out the first found user id with this name
- modified = PGPPublicKey.removeCertification(modified, userId);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId);
}
- processedUserIds.add(userId);
+ processedUserIds.add(rawUserId);
PGPSignature selfCert = null;
revocation = null;
// look through signatures for this specific user id
@SuppressWarnings("unchecked")
- Iterator<PGPSignature> signaturesIt = masterKey.getSignaturesForID(userId);
+ Iterator<PGPSignature> signaturesIt = masterKey.getSignaturesForID(rawUserId);
if (signaturesIt != null) {
for (PGPSignature zert : new IterableIterator<PGPSignature>(signaturesIt)) {
WrappedSignature cert = new WrappedSignature(zert);
@@ -391,7 +394,7 @@ public class UncachedKeyRing {
&& type != PGPSignature.CERTIFICATION_REVOCATION) {
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_TYPE,
indent, "0x" + Integer.toString(zert.getSignatureType(), 16));
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
continue;
}
@@ -399,7 +402,7 @@ public class UncachedKeyRing {
if (cert.getCreationTime().after(now)) {
// Creation date in the future? No way!
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_TIME, indent);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
continue;
}
@@ -407,7 +410,7 @@ public class UncachedKeyRing {
if (cert.isLocal()) {
// Creation date in the future? No way!
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_LOCAL, indent);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
continue;
}
@@ -418,7 +421,7 @@ public class UncachedKeyRing {
if (isSecret()) {
log.add(LogLevel.WARN, LogType.MSG_KC_UID_FOREIGN,
indent, PgpKeyHelper.convertKeyIdToHex(certId));
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
}
continue;
@@ -427,17 +430,17 @@ public class UncachedKeyRing {
// Otherwise, first make sure it checks out
try {
cert.init(masterKey);
- if (!cert.verifySignature(masterKey, userId)) {
+ if (!cert.verifySignature(masterKey, rawUserId)) {
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
continue;
}
} catch (PgpGeneralException e) {
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_ERR,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
badCerts += 1;
continue;
}
@@ -452,13 +455,13 @@ public class UncachedKeyRing {
} else if (selfCert.getCreationTime().before(cert.getCreationTime())) {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_CERT_DUP,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, selfCert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, selfCert);
redundantCerts += 1;
selfCert = zert;
} else {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_CERT_DUP,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
redundantCerts += 1;
}
// If there is a revocation certificate, and it's older than this, drop it
@@ -466,7 +469,7 @@ public class UncachedKeyRing {
&& revocation.getCreationTime().before(selfCert.getCreationTime())) {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_OLD,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, revocation);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, revocation);
revocation = null;
redundantCerts += 1;
}
@@ -477,7 +480,7 @@ public class UncachedKeyRing {
if (selfCert != null && selfCert.getCreationTime().after(zert.getCreationTime())) {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_OLD,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
redundantCerts += 1;
continue;
}
@@ -488,13 +491,13 @@ public class UncachedKeyRing {
} else if (revocation.getCreationTime().before(cert.getCreationTime())) {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_DUP,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, revocation);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, revocation);
redundantCerts += 1;
revocation = zert;
} else {
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_DUP,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId, zert);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
redundantCerts += 1;
}
break;
@@ -506,7 +509,7 @@ public class UncachedKeyRing {
if (selfCert == null && revocation == null) {
log.add(LogLevel.ERROR, LogType.MSG_KC_UID_REMOVE,
indent, userId);
- modified = PGPPublicKey.removeCertification(modified, userId);
+ modified = PGPPublicKey.removeCertification(modified, rawUserId);
}
}
@@ -817,9 +820,9 @@ public class UncachedKeyRing {
}
// Copy over all user id certificates
- for (String userId : new IterableIterator<String>(key.getUserIDs())) {
+ for (byte[] rawUserId : new IterableIterator<byte[]>(key.getRawUserIDs())) {
@SuppressWarnings("unchecked")
- Iterator<PGPSignature> signaturesIt = key.getSignaturesForID(userId);
+ Iterator<PGPSignature> signaturesIt = key.getSignaturesForID(rawUserId);
// no signatures for this User ID, skip it
if (signaturesIt == null) {
continue;
@@ -836,7 +839,7 @@ public class UncachedKeyRing {
}
newCerts += 1;
certs.add(encoded);
- modified = PGPPublicKey.addCertification(modified, userId, cert);
+ modified = PGPPublicKey.addCertification(modified, rawUserId, cert);
}
}
// If anything changed, save the updated (sub)key
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-21 02:52:49 +0000