From 7648602fc876df3ec5827f3bba1ebbb8ae92eaae Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Mon, 6 Jul 2015 02:18:34 +0200
Subject: encrypt to all encryption subkeys, rather than just the first

---
 .../keychain/pgp/CanonicalizedKeyRing.java         | 13 ++++++++++++
 .../keychain/pgp/CanonicalizedPublicKeyRing.java   | 13 ------------
 .../keychain/pgp/PgpSignEncryptOperation.java      | 23 +++++++++++++---------
 3 files changed, 27 insertions(+), 22 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
index 432ba23e9..770e8de91 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
@@ -27,6 +27,9 @@ import java.io.IOException;
 import java.io.OutputStream;
 import java.util.ArrayList;
 import java.util.Date;
+import java.util.HashSet;
+import java.util.Set;
+
 
 /** A generic wrapped PGPKeyRing object.
  *
@@ -91,6 +94,16 @@ public abstract class CanonicalizedKeyRing extends KeyRing {
         return getRing().getPublicKey().isEncryptionKey();
     }
 
+    public Set<Long> getEncryptIds() {
+        HashSet<Long> result = new HashSet<>();
+        for(CanonicalizedPublicKey key : publicKeyIterator()) {
+            if (key.canEncrypt() && key.isValid()) {
+                result.add(key.getKeyId());
+            }
+        }
+        return result;
+    }
+
     public long getEncryptId() throws PgpKeyNotFoundException {
         for(CanonicalizedPublicKey key : publicKeyIterator()) {
             if (key.canEncrypt() && key.isValid()) {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java
index 676491164..be5f21f23 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java
@@ -62,19 +62,6 @@ public class CanonicalizedPublicKeyRing extends CanonicalizedKeyRing {
         return mRing;
     }
 
-    /** Getter that returns the subkey that should be used for signing. */
-    CanonicalizedPublicKey getEncryptionSubKey() throws PgpKeyNotFoundException {
-        PGPPublicKey key = getRing().getPublicKey(getEncryptId());
-        if(key != null) {
-            CanonicalizedPublicKey cKey = new CanonicalizedPublicKey(this, key);
-            if(!cKey.canEncrypt()) {
-                throw new PgpKeyNotFoundException("key error");
-            }
-            return cKey;
-        }
-        throw new PgpKeyNotFoundException("no encryption key available");
-    }
-
     public IterableIterator<CanonicalizedPublicKey> publicKeyIterator() {
         @SuppressWarnings("unchecked")
         final Iterator<PGPPublicKey> it = getRing().getPublicKeys();
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
index c2349d80b..a411292af 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -66,6 +66,7 @@ import java.security.SignatureException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
+import java.util.Set;
 import java.util.concurrent.atomic.AtomicBoolean;
 
 /**
@@ -273,15 +274,19 @@ public class PgpSignEncryptOperation extends BaseOperation {
                     try {
                         CanonicalizedPublicKeyRing keyRing = mProviderHelper.getCanonicalizedPublicKeyRing(
                                 KeyRings.buildUnifiedKeyRingUri(id));
-                        CanonicalizedPublicKey key = keyRing.getEncryptionSubKey();
-                        cPk.addMethod(key.getPubKeyEncryptionGenerator(input.isHiddenRecipients()));
-                        log.add(LogType.MSG_PSE_KEY_OK, indent + 1,
-                                KeyFormattingUtils.convertKeyIdToHex(id));
-                    } catch (PgpKeyNotFoundException e) {
-                        log.add(LogType.MSG_PSE_KEY_WARN, indent + 1,
-                                KeyFormattingUtils.convertKeyIdToHex(id));
-                        if (input.isFailOnMissingEncryptionKeyIds()) {
-                            return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
+                        Set<Long> encryptSubKeyIds = keyRing.getEncryptIds();
+                        for (Long subKeyId : encryptSubKeyIds) {
+                            CanonicalizedPublicKey key = keyRing.getPublicKey(subKeyId);
+                            cPk.addMethod(key.getPubKeyEncryptionGenerator(input.isHiddenRecipients()));
+                            log.add(LogType.MSG_PSE_KEY_OK, indent + 1,
+                                    KeyFormattingUtils.convertKeyIdToHex(id));
+                        }
+                        if (encryptSubKeyIds.isEmpty()) {
+                            log.add(LogType.MSG_PSE_KEY_WARN, indent + 1,
+                                    KeyFormattingUtils.convertKeyIdToHex(id));
+                            if (input.isFailOnMissingEncryptionKeyIds()) {
+                                return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
+                            }
                         }
                     } catch (ProviderHelper.NotFoundException e) {
                         log.add(LogType.MSG_PSE_KEY_UNKNOWN, indent + 1,
-- 
cgit v1.2.3