diff options
Diffstat (limited to 'OpenKeychain/src/main/java')
| -rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java | 27 | 
1 files changed, 22 insertions, 5 deletions
| diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 797a3cc3e..77a51c061 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -200,7 +200,7 @@ public class PgpKeyOperation {              PGPSecretKeyRing sKR = new PGPSecretKeyRing(                      masterSecretKey.getEncoded(), new JcaKeyFingerprintCalculator()); -            return internal(sKR, masterSecretKey, saveParcel, "", log, indent); +            return internal(sKR, masterSecretKey, add.mFlags, saveParcel, "", log, indent);          } catch (PGPException e) {              Log.e(Constants.TAG, "pgp error encoding key", e); @@ -262,11 +262,16 @@ public class PgpKeyOperation {              return null;          } -        return internal(sKR, masterSecretKey, saveParcel, passphrase, log, indent); +        // read masterKeyFlags, and use the same as before. +        // since this is the master key, this contains at least CERTIFY_OTHER +        int masterKeyFlags = readMasterKeyFlags(masterSecretKey.getPublicKey()); + +        return internal(sKR, masterSecretKey, masterKeyFlags, saveParcel, passphrase, log, indent);      }      private UncachedKeyRing internal(PGPSecretKeyRing sKR, PGPSecretKey masterSecretKey, +                                     int masterKeyFlags,                                       SaveKeyringParcel saveParcel, String passphrase,                                       OperationLog log, int indent) { @@ -323,8 +328,8 @@ public class PgpKeyOperation {                          && userId.equals(saveParcel.changePrimaryUserId);                  // generate and add new certificate                  PGPSignature cert = generateUserIdSignature(masterPrivateKey, -                        masterPublicKey, userId, isPrimary); -                modifiedPublicKey = PGPPublicKey.addCertification(masterPublicKey, userId, cert); +                        masterPublicKey, userId, isPrimary, masterKeyFlags); +                modifiedPublicKey = PGPPublicKey.addCertification(modifiedPublicKey, userId, cert);              }              // 2b. Add revocations for revoked user ids @@ -551,7 +556,7 @@ public class PgpKeyOperation {      }      private static PGPSignature generateUserIdSignature( -            PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary) +            PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary, int flags)              throws IOException, PGPException, SignatureException {          PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(                  pKey.getAlgorithm(), PGPUtil.SHA1) @@ -563,6 +568,7 @@ public class PgpKeyOperation {          subHashedPacketsGen.setPreferredHashAlgorithms(true, PREFERRED_HASH_ALGORITHMS);          subHashedPacketsGen.setPreferredCompressionAlgorithms(true, PREFERRED_COMPRESSION_ALGORITHMS);          subHashedPacketsGen.setPrimaryUserID(false, primary); +        subHashedPacketsGen.setKeyFlags(false, flags);          sGen.setHashedSubpackets(subHashedPacketsGen.generate());          sGen.init(PGPSignature.POSITIVE_CERTIFICATION, masterPrivateKey);          return sGen.generateCertification(userId, pKey); @@ -670,4 +676,15 @@ public class PgpKeyOperation {      } +    private static int readMasterKeyFlags(PGPPublicKey masterKey) { +        int flags = KeyFlags.CERTIFY_OTHER; +        for(PGPSignature sig : new IterableIterator<PGPSignature>(masterKey.getSignatures())) { +            if (!sig.hasSubpackets()) { +                continue; +            } +            flags |= sig.getHashedSubPackets().getKeyFlags(); +        } +        return flags; +    } +  } | 
