improve robustness of SecretKeyType handling

3 files changed, 11 insertions, 9 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
index a26d80e8c..2812ed954 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
@@ -123,9 +123,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
     }
 
     public SecretKeyType getSecretKeyType() {
-        if (mSecretKey.getS2K() != null && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K) {
+        S2K s2k = mSecretKey.getS2K();
+        if (s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K) {
             // divert to card is special
-            if (mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) {
+            if (s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) {
                 return SecretKeyType.DIVERT_TO_CARD;
             }
             // no matter the exact protection mode, it's some kind of dummy key
@@ -156,9 +157,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
      */
     public boolean unlock(Passphrase passphrase) throws PgpGeneralException {
         // handle keys on OpenPGP cards like they were unlocked
-        if (mSecretKey.getS2K() != null
-                && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K
-                && mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) {
+        S2K s2k = mSecretKey.getS2K();
+        if (s2k != null
+                && s2k.getType() == S2K.GNU_DUMMY_S2K
+                && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) {
             mPrivateKeyState = PRIVATE_KEY_STATE_DIVERT_TO_CARD;
             return true;
         }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 612f38e15..942eb7b68 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -1478,13 +1478,13 @@ public class PgpKeyOperation {
 
     private static boolean isDummy(PGPSecretKey secretKey) {
         S2K s2k = secretKey.getS2K();
-        return s2k.getType() == S2K.GNU_DUMMY_S2K
-                && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY;
+        return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K
+                && s2k.getProtectionMode() != S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD;
     }
 
     private static boolean isDivertToCard(PGPSecretKey secretKey) {
         S2K s2k = secretKey.getS2K();
-        return s2k.getType() == S2K.GNU_DUMMY_S2K
+        return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K
                 && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD;
     }
 
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
index 35996ffb7..a4ee7fc36 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
@@ -831,7 +831,7 @@ public class ProviderHelper {
                 mIndent -= 1;
 
                 // this implicitly leaves all keys which were not in the secret key ring
-                // with has_secret = 0
+                // with has_secret = 1
             }
 
             log(LogType.MSG_IS_SUCCESS);