drop invalid user ids and add fatal case(s)

author: Vincent Breitmoser <valodim@mugenguild.com> 2014-06-16 22:32:17 +0200
committer: Vincent Breitmoser <valodim@mugenguild.com> 2014-06-16 22:32:17 +0200
commit: ffea551afc95ec68892ca9003f99c383c7cc5661 (patch)
tree: 900a8abd5671316e529fe27e5d5ff976436b8120 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain
parent: 2f0e70587dfc21ce5c3d826f3d96b8231674f022 (diff)
download: open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.tar.gz
open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.tar.bz2
open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.zip
3 files changed, 21 insertions, 5 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index 9b9818c2f..26c6c6451 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -191,10 +191,8 @@ public class UncachedKeyRing {
      *   - key revocation signatures on the master key
      *   - subkey binding signatures for subkeys
      *   - certifications and certification revocations for user ids
-     *
-     * After this cleaning, a number of checks are done: TODO implement
-     *  - See if each subkey retains a valid self certificate
-     *  - See if each user id retains a valid self certificate
+     *  - If a subkey retains no valid subkey binding certificate, remove it
+     *  - If a user id retains no valid self certificate, remove it
      *
      * This operation writes an OperationLog which can be used as part of a OperationResultParcel.
      *
@@ -419,6 +417,19 @@ public class UncachedKeyRing {
                     }
 
                 }
+
+                // If no valid certificate (if only a revocation) remains, drop it
+                if (selfCert == null && revocation == null) {
+                    modified = PGPPublicKey.removeCertification(modified, userId);
+                    log.add(LogLevel.ERROR, LogType.MSG_KC_UID_REVOKE_DUP,
+                            new String[] { userId }, indent);
+                }
+            }
+
+            // If NO user ids remain, error out!
+            if (!modified.getUserIDs().hasNext()) {
+                log.add(LogLevel.ERROR, LogType.MSG_KC_FATAL_NO_UID, null, indent);
+                return null;
             }
 
             // Replace modified key in the keyring
@@ -570,7 +581,7 @@ public class UncachedKeyRing {
                 ring = PGPPublicKeyRing.removePublicKey(ring, modified);
 
                 log.add(LogLevel.ERROR, LogType.MSG_KC_SUB_NO_CERT,
-                        new String[]{PgpKeyHelper.convertKeyIdToHex(key.getKeyID())}, indent);
+                        new String[]{ PgpKeyHelper.convertKeyIdToHex(key.getKeyID()) }, indent);
                 indent -= 1;
                 continue;
             }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
index 497957e5e..80fabdf48 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
@@ -298,6 +298,9 @@ public class ProviderHelper {
 
         // Canonicalize this key, to assert a number of assumptions made about it.
         keyRing = keyRing.canonicalize(mLog, mIndent);
+        if (keyRing == null) {
+            return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
+        }
 
         UncachedPublicKey masterKey = keyRing.getPublicKey();
 
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
index b9531f83f..0760aadf8 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
@@ -180,6 +180,7 @@ public class OperationResultParcel implements Parcelable {
 
         // keyring canonicalization
         MSG_KC (R.string.msg_kc),
+        MSG_KC_FATAL_NO_UID (R.string.msg_kc_fatal_no_uid),
         MSG_KC_MASTER (R.string.msg_kc_master),
         MSG_KC_REVOKE_BAD_ERR (R.string.msg_kc_revoke_bad_err),
         MSG_KC_REVOKE_BAD_LOCAL (R.string.msg_kc_revoke_bad_local),
@@ -211,6 +212,7 @@ public class OperationResultParcel implements Parcelable {
         MSG_KC_UID_BAD_TYPE (R.string.msg_kc_uid_bad_type),
         MSG_KC_UID_BAD (R.string.msg_kc_uid_bad),
         MSG_KC_UID_DUP (R.string.msg_kc_uid_dup),
+        MSG_KC_UID_NO_CERT (R.string.msg_kc_uid_no_cert),
         MSG_KC_UID_REVOKE_DUP (R.string.msg_kc_uid_revoke_dup),
         MSG_KC_UID_REVOKE_OLD (R.string.msg_kc_uid_revoke_old),
         ;
author	Vincent Breitmoser <valodim@mugenguild.com>	2014-06-16 22:32:17 +0200
committer	Vincent Breitmoser <valodim@mugenguild.com>	2014-06-16 22:32:17 +0200
commit	ffea551afc95ec68892ca9003f99c383c7cc5661 (patch)
tree	900a8abd5671316e529fe27e5d5ff976436b8120 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain
parent	2f0e70587dfc21ce5c3d826f3d96b8231674f022 (diff)
download	open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.tar.gz open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.tar.bz2 open-keychain-ffea551afc95ec68892ca9003f99c383c7cc5661.zip