moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-04 16:25:05 -05:00
Code Issues Releases Wiki Activity

add empty notation data packet only if necessary

Browse Source
This commit is contained in:
Vincent Breitmoser 2015-01-01 20:46:39 +01:00
parent 9f7b2472cf
commit 2d38079574
1 changed files with 35 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
View File

@ -919,22 +919,25 @@ public class PgpKeyOperation {
if (newUnlock.mNewPassphrase != null) { if (newUnlock.mNewPassphrase != null) {
sKR = applyNewPassphrase(sKR, masterPublicKey, passphrase, newUnlock.mNewPassphrase, log, indent); sKR = applyNewPassphrase(sKR, masterPublicKey, passphrase, newUnlock.mNewPassphrase, log, indent);
// add packet with EMPTY notation data (updates old one, but will be stripped later) // if there is any old packet with notation data
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder( if (hasNotationData(sKR)) {
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512) // add packet with EMPTY notation data (updates old one, but will be stripped later)
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME); PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder); masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
{ // set subpackets .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
PGPSignatureSubpacketGenerator hashedPacketsGen = new PGPSignatureSubpacketGenerator(); PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
hashedPacketsGen.setExportable(false, false); { // set subpackets
sGen.setHashedSubpackets(hashedPacketsGen.generate()); PGPSignatureSubpacketGenerator hashedPacketsGen = new PGPSignatureSubpacketGenerator();
} hashedPacketsGen.setExportable(false, false);
sGen.init(PGPSignature.DIRECT_KEY, masterPrivateKey); sGen.setHashedSubpackets(hashedPacketsGen.generate());
PGPSignature emptySig = sGen.generateCertification(masterPublicKey); }
sGen.init(PGPSignature.DIRECT_KEY, masterPrivateKey);
PGPSignature emptySig = sGen.generateCertification(masterPublicKey);
masterPublicKey = PGPPublicKey.addCertification(masterPublicKey, emptySig); masterPublicKey = PGPPublicKey.addCertification(masterPublicKey, emptySig);
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKR = PGPSecretKeyRing.insertSecretKey(sKR,
PGPSecretKey.replacePublicKey(sKR.getSecretKey(), masterPublicKey)); PGPSecretKey.replacePublicKey(sKR.getSecretKey(), masterPublicKey));
}
return sKR; return sKR;
} }
@ -942,7 +945,7 @@ public class PgpKeyOperation {
if (newUnlock.mNewPin != null) { if (newUnlock.mNewPin != null) {
sKR = applyNewPassphrase(sKR, masterPublicKey, passphrase, newUnlock.mNewPin, log, indent); sKR = applyNewPassphrase(sKR, masterPublicKey, passphrase, newUnlock.mNewPin, log, indent);
// add packet with EMPTY notation data (updates old one, but will be stripped later) // add packet with "pin" notation data
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder( PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512) masterPrivateKey.getPublicKeyPacket().getAlgorithm(), HashAlgorithmTags.SHA512)
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME); .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
@ -967,6 +970,22 @@ public class PgpKeyOperation {
} }
/** This method returns true iff the provided keyring has a local direct key signature
* with notation data.
*/
private static boolean hasNotationData(PGPSecretKeyRing sKR) {
// noinspection unchecked
Iterator<PGPSignature> sigs = sKR.getPublicKey().getKeySignatures();
while (sigs.hasNext()) {
WrappedSignature sig = new WrappedSignature(sigs.next());
if (sig.getSignatureType() == PGPSignature.DIRECT_KEY
&& sig.isLocal() && !sig.getNotation().isEmpty()) {
return true;
}
}
return false;
}
private static PGPSecretKeyRing applyNewPassphrase( private static PGPSecretKeyRing applyNewPassphrase(
PGPSecretKeyRing sKR, PGPSecretKeyRing sKR,
PGPPublicKey masterPublicKey, PGPPublicKey masterPublicKey,