diff options
author | Vincent Breitmoser <valodim@mugenguild.com> | 2015-09-11 01:57:17 +0200 |
---|---|---|
committer | Vincent Breitmoser <valodim@mugenguild.com> | 2015-09-11 01:57:17 +0200 |
commit | 9d97d37c06f22354c124bd6cedd989d9ca4ff53e (patch) | |
tree | 5090cf0d0a18dcbb28a319ac559b224af0c6bf80 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java | |
parent | 950409ce55f2df1aecdb61a7fecfc599b541d89c (diff) | |
download | open-keychain-9d97d37c06f22354c124bd6cedd989d9ca4ff53e.tar.gz open-keychain-9d97d37c06f22354c124bd6cedd989d9ca4ff53e.tar.bz2 open-keychain-9d97d37c06f22354c124bd6cedd989d9ca4ff53e.zip |
perform fingerprint check after canonicalization (OKC-01-009)
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index d9ef4f3c8..6f452bfd1 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -878,7 +878,7 @@ public class ProviderHelper { } public SaveKeyringResult savePublicKeyRing(UncachedKeyRing keyRing) { - return savePublicKeyRing(keyRing, new ProgressScaler()); + return savePublicKeyRing(keyRing, new ProgressScaler(), null); } /** @@ -887,7 +887,7 @@ public class ProviderHelper { * This is a high level method, which takes care of merging all new information into the old and * keep public and secret keyrings in sync. */ - public SaveKeyringResult savePublicKeyRing(UncachedKeyRing publicRing, Progressable progress) { + public SaveKeyringResult savePublicKeyRing(UncachedKeyRing publicRing, Progressable progress, String expectedFingerprint) { try { long masterKeyId = publicRing.getMasterKeyId(); @@ -960,6 +960,17 @@ public class ProviderHelper { canSecretRing = null; } + + // If we have an expected fingerprint, make sure it matches + if (expectedFingerprint != null) { + if (!canPublicRing.containsSubkey(expectedFingerprint)) { + log(LogType.MSG_IP_FINGERPRINT_ERROR); + return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null); + } else { + log(LogType.MSG_IP_FINGERPRINT_OK); + } + } + int result = saveCanonicalizedPublicKeyRing(canPublicRing, progress, canSecretRing != null); // Save the saved keyring (if any) |