From 2b71b12b24e6f5c8f8193513ae0d81fb159d519d Mon Sep 17 00:00:00 2001 From: Ashley Hughes Date: Tue, 14 Jan 2014 00:30:58 +0000 Subject: [PATCH] subkey binding check, start primary binding check --- .../keychain/pgp/PgpOperation.java | 48 ++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java index 755537012..804d22187 100644 --- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java +++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java @@ -34,6 +34,8 @@ import java.util.Iterator; import org.spongycastle.bcpg.ArmoredInputStream; import org.spongycastle.bcpg.ArmoredOutputStream; import org.spongycastle.bcpg.BCPGOutputStream; +import org.spongycastle.bcpg.SignatureSubpacket; +import org.spongycastle.bcpg.SignatureSubpacketTags; import org.spongycastle.openpgp.PGPCompressedData; import org.spongycastle.openpgp.PGPCompressedDataGenerator; import org.spongycastle.openpgp.PGPEncryptedData; @@ -56,6 +58,7 @@ import org.spongycastle.openpgp.PGPSignature; import org.spongycastle.openpgp.PGPSignatureGenerator; import org.spongycastle.openpgp.PGPSignatureList; import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator; +import org.spongycastle.openpgp.PGPSignatureSubpacketVector; import org.spongycastle.openpgp.PGPUtil; import org.spongycastle.openpgp.PGPV3SignatureGenerator; import org.spongycastle.openpgp.operator.PBEDataDecryptorFactory; @@ -887,7 +890,50 @@ public class PgpOperation { } while (lookAhead != -1); } - returnData.putBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS, signature.verify()); + boolean sig_isok = signature.verify(); + + //We should only do the next part if the singing key was a subkey - not the master key! + signatureKeyId = signature.getKeyID(); + String userId = null; + PGPPublicKeyRing signKeyRing = ProviderHelper.getPGPPublicKeyRingByKeyId(mContext, + signatureKeyId); + PGPPublicKey mKey = null; + if (signKeyRing != null) { + mKey = PgpKeyHelper.getMasterKey(signKeyRing); + } + Iterator itr = signatureKey.getSignatures(); + + boolean subkeyBinding_isok = false; + boolean tmp_subkeyBinding_isok = false; + boolean primkeyBinding_isok = false; + while (itr.hasNext()) { //what does gpg do if the subkey binding is wrong? + //gpg has an invalid subkey binding error on key import I think, but doesn't shout + //about keys without subkey signing. Can't get it to import a slightly broken one + //either, so we will err on bad subkey binding here. + PGPSignature sig = itr.next(); + if (sig.getKeyID() == mKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { + //check and if ok, check primary key binding. + sig.init(contentVerifierBuilderProvider, mKey); + tmp_subkeyBinding_isok = sig.verifyCertification(mKey, signatureKey); + if (tmp_subkeyBinding_isok) + subkeyBinding_isok = true; + if (tmp_subkeyBinding_isok) { + PGPSignatureSubpacketVector hPkts = sig.getHashedSubPackets(); + PGPSignatureSubpacketVector uhPkts = sig.getUnhashedSubPackets(); + if (hPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) { + SignatureSubpacket[] subsigpkts = hPkts.getSubpackets(SignatureSubpacketTags.EMBEDDED_SIGNATURE); + PGPSignature[] vals = new PGPSignature[subsigpkts.length]; + for (int i = 0; i < subsigpkts.length; i++) + { + vals[i] = (PGPSignature)subsigpkts[i]; + } + } + if (uhPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) { + } + } + } + } + returnData.putBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS, sig_isok & subkeyBinding_isok); updateProgress(R.string.progress_done, 100, 100); return returnData;