From 8f88efe13fc9b895654d02459b4fab6afdff0406 Mon Sep 17 00:00:00 2001
From: Durgesh <007durgesh219@gmail.com>
Date: Tue, 5 Apr 2016 04:01:24 +0530
Subject: Fix Crash when no encryption subkey is available, Issue #1817

Signed-off-by: Durgesh <007durgesh219@gmail.com>
---
 .../keychain/pgp/PgpSignEncryptOperation.java      | 28 ++++++++++++++--------
 1 file changed, 18 insertions(+), 10 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
index 328daa7ff..48ba68fa6 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -168,10 +168,17 @@ public class PgpSignEncryptOperation extends BaseOperation {
             try {
                 long signingMasterKeyId = input.getSignatureMasterKeyId();
                 long signingSubKeyId = input.getSignatureSubKeyId();
-                {
-                    CanonicalizedSecretKeyRing signingKeyRing =
-                            mProviderHelper.getCanonicalizedSecretKeyRing(signingMasterKeyId);
-                    signingKey = signingKeyRing.getSecretKey(input.getSignatureSubKeyId());
+
+                CanonicalizedSecretKeyRing signingKeyRing =
+                        mProviderHelper.getCanonicalizedSecretKeyRing(signingMasterKeyId);
+                signingKey = signingKeyRing.getSecretKey(input.getSignatureSubKeyId());
+
+
+                // Make sure key is not expired or revoked
+                if (signingKeyRing.isExpired() || signingKeyRing.isRevoked()
+                        || signingKey.isExpired() || signingKey.isRevoked()) {
+                    log.add(LogType.MSG_PSE_ERROR_REVOKED_OR_EXPIRED, indent);
+                    return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
                 }
 
                 // Make sure we are allowed to sign here!
@@ -281,16 +288,17 @@ public class PgpSignEncryptOperation extends BaseOperation {
                         if (encryptSubKeyIds.isEmpty()) {
                             log.add(LogType.MSG_PSE_KEY_WARN, indent + 1,
                                     KeyFormattingUtils.convertKeyIdToHex(id));
-                            if (input.isFailOnMissingEncryptionKeyIds()) {
-                                return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
-                            }
+                            return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
+                        }
+                        // Make sure key is not expired or revoked
+                        if (keyRing.isExpired() || keyRing.isRevoked()) {
+                            log.add(LogType.MSG_PSE_ERROR_REVOKED_OR_EXPIRED, indent);
+                            return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
                         }
                     } catch (ProviderHelper.NotFoundException e) {
                         log.add(LogType.MSG_PSE_KEY_UNKNOWN, indent + 1,
                                 KeyFormattingUtils.convertKeyIdToHex(id));
-                        if (input.isFailOnMissingEncryptionKeyIds()) {
-                            return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
-                        }
+                        return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
                     }
                 }
             }
-- 
cgit v1.2.3