diff options
Diffstat (limited to 'OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp')
-rw-r--r-- | OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java index 29255fbbe..003db632d 100644 --- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java +++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java @@ -67,6 +67,7 @@ import java.io.InputStream; import java.io.OutputStream; import java.security.SignatureException; import java.util.Iterator; +import java.util.Set; /** * This class uses a Builder pattern! @@ -79,7 +80,7 @@ public class PgpDecryptVerify { private ProgressDialogUpdater mProgressDialogUpdater; private boolean mAllowSymmetricDecryption; private String mPassphrase; - private long mEnforcedKeyId; + private Set<Long> mAllowedKeyIds; private PgpDecryptVerify(Builder builder) { // private Constructor can only be called from Builder @@ -90,7 +91,7 @@ public class PgpDecryptVerify { this.mProgressDialogUpdater = builder.mProgressDialogUpdater; this.mAllowSymmetricDecryption = builder.mAllowSymmetricDecryption; this.mPassphrase = builder.mPassphrase; - this.mEnforcedKeyId = builder.mEnforcedKeyId; + this.mAllowedKeyIds = builder.mAllowedKeyIds; } public static class Builder { @@ -103,7 +104,7 @@ public class PgpDecryptVerify { private ProgressDialogUpdater mProgressDialogUpdater = null; private boolean mAllowSymmetricDecryption = true; private String mPassphrase = null; - private long mEnforcedKeyId = 0; + private Set<Long> mAllowedKeyIds = null; public Builder(Context context, InputData data, OutputStream outStream) { this.mContext = context; @@ -127,14 +128,14 @@ public class PgpDecryptVerify { } /** - * Allow this key id alone for decryption. - * This means only ciphertexts encrypted for this private key can be decrypted. + * Allow these key ids alone for decryption. + * This means only ciphertexts encrypted for one of these private key can be decrypted. * - * @param enforcedKeyId + * @param allowedKeyIds * @return */ - public Builder enforcedKeyId(long enforcedKeyId) { - this.mEnforcedKeyId = enforcedKeyId; + public Builder allowedKeyIds(Set<Long> allowedKeyIds) { + this.mAllowedKeyIds = allowedKeyIds; return this; } @@ -236,16 +237,16 @@ public class PgpDecryptVerify { // secret key exists in database // allow only a specific key for decryption? - if (mEnforcedKeyId != 0) { + if (mAllowedKeyIds != null) { // TODO: improve this code! get master key directly! PGPSecretKeyRing secretKeyRing = ProviderHelper.getPGPSecretKeyRingByKeyId(mContext, encData.getKeyID()); long masterKeyId = PgpKeyHelper.getMasterKey(secretKeyRing).getKeyID(); Log.d(Constants.TAG, "encData.getKeyID():" + encData.getKeyID()); - Log.d(Constants.TAG, "enforcedKeyId: " + mEnforcedKeyId); + Log.d(Constants.TAG, "allowedKeyIds: " + mAllowedKeyIds); Log.d(Constants.TAG, "masterKeyId: " + masterKeyId); - if (mEnforcedKeyId != masterKeyId) { + if (!mAllowedKeyIds.contains(masterKeyId)) { throw new PgpGeneralException( mContext.getString(R.string.error_no_secret_key_found)); } |