From 95be228b474c31a47743e84cf2abc1dff1d63079 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Sat, 15 Mar 2014 18:12:44 +0100 Subject: certify: sign individual UIDs direct signing of pubkeys is out for now. not sure how this should be handled, but it's trivial to re-add so leaving this up for discussion for now. --- .../keychain/pgp/PgpKeyOperation.java | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) (limited to 'OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java') diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index fe09ea525..78e48b4ab 100644 --- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -408,7 +408,16 @@ public class PgpKeyOperation { updateProgress(R.string.progress_done, 100, 100); } - public PGPPublicKeyRing certifyKey(long masterKeyId, long pubKeyId, String passphrase) + /** + * Certify the given pubkeyid with the given masterkeyid. + * + * @param masterKeyId Certifying key, must be available as secret key + * @param pubKeyId ID of public key to certify + * @param userIds User IDs to certify, must not be null or empty + * @param passphrase Passphrase of the secret key + * @return A keyring with added certifications + */ + public PGPPublicKeyRing certifyKey(long masterKeyId, long pubKeyId, List userIds, String passphrase) throws PgpGeneralException, NoSuchAlgorithmException, NoSuchProviderException, PGPException, SignatureException { if (passphrase == null) { @@ -437,7 +446,7 @@ public class PgpKeyOperation { .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME); signatureGenerator = new PGPSignatureGenerator(contentSignerBuilder); - signatureGenerator.init(PGPSignature.DIRECT_KEY, signaturePrivateKey); + signatureGenerator.init(PGPSignature.DEFAULT_CERTIFICATION, signaturePrivateKey); } { // supply signatureGenerator with a SubpacketVector @@ -449,8 +458,11 @@ public class PgpKeyOperation { // fetch public key ring, add the certification and return it PGPPublicKeyRing pubring = ProviderHelper .getPGPPublicKeyRingByKeyId(mContext, pubKeyId); - PGPPublicKey signedKey = PGPPublicKey.addCertification(pubring.getPublicKey(pubKeyId), - signatureGenerator.generate()); + PGPPublicKey signedKey = pubring.getPublicKey(pubKeyId); + for(String userId : new IterableIterator(userIds.iterator())) { + PGPSignature sig = signatureGenerator.generateCertification(userId, signedKey); + signedKey = PGPPublicKey.addCertification(signedKey, userId, sig); + } pubring = PGPPublicKeyRing.insertPublicKey(pubring, signedKey); return pubring; -- cgit v1.2.3