From 93f3a98eae1fdd8f9a3a82d415a7284548a2e4bf Mon Sep 17 00:00:00 2001 From: Adithya Abraham Philip Date: Sun, 31 May 2015 02:40:06 +0530 Subject: prevent keybase key replacing keyserver key --- .../keychain/operations/ImportExportOperation.java | 23 +++++++++++----------- .../operations/results/OperationResult.java | 1 + OpenKeychain/src/main/res/values/strings.xml | 1 + 3 files changed, 13 insertions(+), 12 deletions(-) (limited to 'OpenKeychain') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java index 86cfc21a3..b48de009e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java @@ -38,7 +38,6 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.Operat import org.sufficientlysecure.keychain.operations.results.SaveKeyringResult; import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing; import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing; -import org.sufficientlysecure.keychain.pgp.PgpHelper; import org.sufficientlysecure.keychain.pgp.Progressable; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException; @@ -244,25 +243,25 @@ public class ImportExportOperation extends BaseOperation { try { log.add(LogType.MSG_IMPORT_FETCH_KEYBASE, 2, entry.mKeybaseName); byte[] data = keybaseServer.get(entry.mKeybaseName).getBytes(); - key = UncachedKeyRing.decodeFromData(data); + UncachedKeyRing keybaseKey = UncachedKeyRing.decodeFromData(data); - // If there already is a key (of keybase origin), merge the two - if (key != null) { + // If there already is a key, merge the two + if (key != null && keybaseKey != null) { log.add(LogType.MSG_IMPORT_MERGE, 3); - UncachedKeyRing merged = UncachedKeyRing.decodeFromData(data); - merged = key.merge(merged, log, 4); + keybaseKey = key.merge(keybaseKey, log, 4); // If the merge didn't fail, use the new merged key - if (merged != null) { - key = merged; + if (keybaseKey != null) { + key = keybaseKey; + } else { + log.add(LogType.MSG_IMPORT_MERGE_ERROR, 4); } - } else { - log.add(LogType.MSG_IMPORT_FETCH_ERROR_DECODE, 3); - key = UncachedKeyRing.decodeFromData(data); + } else if (keybaseKey != null) { + key = keybaseKey; } } catch (Keyserver.QueryFailedException e) { // download failed, too bad. just proceed Log.e(Constants.TAG, "query failed", e); - log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER_ERROR, 3); + log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER_ERROR, 3, e.getMessage()); } } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java index 2551c1802..707cf0af1 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java @@ -696,6 +696,7 @@ public abstract class OperationResult implements Parcelable { MSG_IMPORT_FETCH_KEYBASE (LogLevel.INFO, R.string.msg_import_fetch_keybase), MSG_IMPORT_KEYSERVER (LogLevel.DEBUG, R.string.msg_import_keyserver), MSG_IMPORT_MERGE (LogLevel.DEBUG, R.string.msg_import_merge), + MSG_IMPORT_MERGE_ERROR (LogLevel.ERROR, R.string.msg_import_merge_error), MSG_IMPORT_FINGERPRINT_ERROR (LogLevel.ERROR, R.string.msg_import_fingerprint_error), MSG_IMPORT_FINGERPRINT_OK (LogLevel.DEBUG, R.string.msg_import_fingerprint_ok), MSG_IMPORT_ERROR (LogLevel.ERROR, R.string.msg_import_error), diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index 58e9292de..853acbaa5 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -1154,6 +1154,7 @@ "Fingerprint of fetched key didn't match expected!" "Fingerprint check OK" "Merging retrieved data" + "Error merging retrieved data!" "Import operation failed!" "Import operation failed due to i/o error!" "Import operation successful, with errors!" -- cgit v1.2.3