diff options
author | Vincent Breitmoser <valodim@mugenguild.com> | 2015-05-28 22:34:02 +0200 |
---|---|---|
committer | Vincent Breitmoser <valodim@mugenguild.com> | 2015-05-28 22:34:02 +0200 |
commit | c4d392051c8967823fd28a75ed5b622219f816f7 (patch) | |
tree | 92e80be3d22ef98cca3877298582eab4db170064 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain | |
parent | c8f788b92574e2dde181f3795ebd9749d76ceedf (diff) | |
download | open-keychain-c4d392051c8967823fd28a75ed5b622219f816f7.tar.gz open-keychain-c4d392051c8967823fd28a75ed5b622219f816f7.tar.bz2 open-keychain-c4d392051c8967823fd28a75ed5b622219f816f7.zip |
improve robustness of SecretKeyType handling
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain')
3 files changed, 11 insertions, 9 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java index a26d80e8c..2812ed954 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java @@ -123,9 +123,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { } public SecretKeyType getSecretKeyType() { - if (mSecretKey.getS2K() != null && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K) { // divert to card is special - if (mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + if (s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { return SecretKeyType.DIVERT_TO_CARD; } // no matter the exact protection mode, it's some kind of dummy key @@ -156,9 +157,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { */ public boolean unlock(Passphrase passphrase) throws PgpGeneralException { // handle keys on OpenPGP cards like they were unlocked - if (mSecretKey.getS2K() != null - && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K - && mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null + && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { mPrivateKeyState = PRIVATE_KEY_STATE_DIVERT_TO_CARD; return true; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 612f38e15..942eb7b68 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -1478,13 +1478,13 @@ public class PgpKeyOperation { private static boolean isDummy(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K - && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY; + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() != S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } private static boolean isDivertToCard(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index 35996ffb7..a4ee7fc36 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -831,7 +831,7 @@ public class ProviderHelper { mIndent -= 1; // this implicitly leaves all keys which were not in the secret key ring - // with has_secret = 0 + // with has_secret = 1 } log(LogType.MSG_IS_SUCCESS); |