From c4d392051c8967823fd28a75ed5b622219f816f7 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 22:34:02 +0200 Subject: improve robustness of SecretKeyType handling --- .../keychain/pgp/CanonicalizedSecretKey.java | 12 +++++++----- .../org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java | 6 +++--- .../sufficientlysecure/keychain/provider/ProviderHelper.java | 2 +- 3 files changed, 11 insertions(+), 9 deletions(-) (limited to 'OpenKeychain') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java index a26d80e8c..2812ed954 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java @@ -123,9 +123,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { } public SecretKeyType getSecretKeyType() { - if (mSecretKey.getS2K() != null && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K) { // divert to card is special - if (mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + if (s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { return SecretKeyType.DIVERT_TO_CARD; } // no matter the exact protection mode, it's some kind of dummy key @@ -156,9 +157,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { */ public boolean unlock(Passphrase passphrase) throws PgpGeneralException { // handle keys on OpenPGP cards like they were unlocked - if (mSecretKey.getS2K() != null - && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K - && mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null + && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { mPrivateKeyState = PRIVATE_KEY_STATE_DIVERT_TO_CARD; return true; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 612f38e15..942eb7b68 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -1478,13 +1478,13 @@ public class PgpKeyOperation { private static boolean isDummy(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K - && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY; + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() != S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } private static boolean isDivertToCard(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index 35996ffb7..a4ee7fc36 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -831,7 +831,7 @@ public class ProviderHelper { mIndent -= 1; // this implicitly leaves all keys which were not in the secret key ring - // with has_secret = 0 + // with has_secret = 1 } log(LogType.MSG_IS_SUCCESS); -- cgit v1.2.3