From 2946d442e5d51a3e65029b1df2032194d3dc7e2e Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Wed, 4 Jun 2014 21:35:03 +0200
Subject: do respect expectedFingerprint during key import

---
 .../sufficientlysecure/keychain/pgp/PgpImportExport.java    | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
index 1817ad3a6..14ec67e64 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
@@ -139,7 +139,18 @@ public class PgpImportExport {
         int position = 0;
         for (ParcelableKeyRing entry : entries) {
             try {
-                UncachedKeyRing key = entry.getUncachedKeyRing();
+                UncachedKeyRing key = UncachedKeyRing.decodeFromData(entry.getBytes());
+
+                String expectedFp = entry.getExpectedFingerprint();
+                if(expectedFp != null) {
+                    if(!PgpKeyHelper.convertFingerprintToHex(key.getFingerprint()).equals(expectedFp)) {
+                        Log.e(Constants.TAG, "Actual key fingerprint is not the same as expected!");
+                        badKeys += 1;
+                        continue;
+                    } else {
+                        Log.d(Constants.TAG, "Actual key fingerprint matches expected one.");
+                    }
+                }
 
                 mProviderHelper.savePublicKeyRing(key);
                 /*switch(status) {
-- 
cgit v1.2.3