From 9d9d71f3db93302483f1142851462b989270abd8 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Tue, 23 Sep 2014 01:35:49 +0200 Subject: reject keys with duplicate subkeys altogether closes #870 --- .../sufficientlysecure/keychain/pgp/UncachedKeyRing.java | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java index cde25c19d..7bf16791d 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java @@ -51,6 +51,7 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Comparator; import java.util.Date; +import java.util.HashSet; import java.util.Iterator; import java.util.Set; import java.util.TreeSet; @@ -529,12 +530,25 @@ public class UncachedKeyRing { } + // Keep track of ids we encountered so far + Set knownIds = new HashSet(); + // Process all keys for (PGPPublicKey key : new IterableIterator(ring.getPublicKeys())) { - // Don't care about the master key here, that one gets special treatment above + // Make sure this is not a duplicate, avoid undefined behavior! + if (knownIds.contains(key.getKeyID())) { + log.add(LogType.MSG_KC_ERROR_DUP_KEY, indent, + KeyFormattingUtils.convertKeyIdToHex(key.getKeyID())); + return null; + } + // Add the key id to known + knownIds.add(key.getKeyID()); + + // Don't care about the master key any further, that one gets special treatment above if (key.isMasterKey()) { continue; } + log.add(LogType.MSG_KC_SUB, indent, KeyFormattingUtils.convertKeyIdToHex(key.getKeyID())); indent += 1; -- cgit v1.2.3