check primary bindings

2024-11-07 01:35:00 -05:00 · 2014-01-14 15:03:35 +00:00 · 2014-01-14 15:03:35 +00:00 · bb0baa815e
commit bb0baa815e
parent 2b71b12b24
2 changed files with 44 additions and 29 deletions
--- a/OpenPGP-Keychain/libs/scpg-jdk15on-1.47.0.3-SNAPSHOT.jar
+++ b/OpenPGP-Keychain/libs/scpg-jdk15on-1.47.0.3-SNAPSHOT.jar
--- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java
+++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/pgp/PgpOperation.java
@ -33,7 +33,11 @@ import java.util.Iterator;

 import org.spongycastle.bcpg.ArmoredInputStream;
 import org.spongycastle.bcpg.ArmoredOutputStream;
+import org.spongycastle.bcpg.BCPGInputStream;
 import org.spongycastle.bcpg.BCPGOutputStream;
+
+import org.spongycastle.bcpg.SignaturePacket;
+
 import org.spongycastle.bcpg.SignatureSubpacket;
 import org.spongycastle.bcpg.SignatureSubpacketTags;
 import org.spongycastle.openpgp.PGPCompressedData;
@ -892,7 +896,11 @@ public class PgpOperation {

        boolean sig_isok = signature.verify();

-        //We should only do the next part if the singing key was a subkey - not the master key!
+        //Now check binding signatures
+        boolean subkeyBinding_isok = false;
+        boolean tmp_subkeyBinding_isok = false;
+        boolean primkeyBinding_isok = false;
+
        signatureKeyId = signature.getKeyID();
        String userId = null;
        PGPPublicKeyRing signKeyRing = ProviderHelper.getPGPPublicKeyRingByKeyId(mContext,
@ -901,39 +909,46 @@ public class PgpOperation {
        if (signKeyRing != null) {
            mKey = PgpKeyHelper.getMasterKey(signKeyRing);
        }
-        Iterator<PGPSignature> itr = signatureKey.getSignatures();
+        if (signature.getKeyID() != mKey.getKeyID()) {
+            Iterator<PGPSignature> itr = signatureKey.getSignatures();

-        boolean subkeyBinding_isok = false;
-        boolean tmp_subkeyBinding_isok = false;
-        boolean primkeyBinding_isok = false;
-        while (itr.hasNext()) { //what does gpg do if the subkey binding is wrong?
-            //gpg has an invalid subkey binding error on key import I think, but doesn't shout
-            //about keys without subkey signing. Can't get it to import a slightly broken one
-            //either, so we will err on bad subkey binding here.
-            PGPSignature sig = itr.next();
-            if (sig.getKeyID() == mKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) {
-                //check and if ok, check primary key binding.
-                sig.init(contentVerifierBuilderProvider, mKey);
-                tmp_subkeyBinding_isok = sig.verifyCertification(mKey, signatureKey);
-                if (tmp_subkeyBinding_isok)
-                    subkeyBinding_isok = true;
-                if (tmp_subkeyBinding_isok) {
-                    PGPSignatureSubpacketVector hPkts = sig.getHashedSubPackets();
-                    PGPSignatureSubpacketVector uhPkts = sig.getUnhashedSubPackets();
-                    if (hPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) {
-                        SignatureSubpacket[] subsigpkts = hPkts.getSubpackets(SignatureSubpacketTags.EMBEDDED_SIGNATURE);
-			PGPSignature[] vals = new PGPSignature[subsigpkts.length];
-			for (int i = 0; i < subsigpkts.length; i++)
-			{
-			    vals[i] = (PGPSignature)subsigpkts[i];
-			}
-                    }
-                    if (uhPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) {
+            subkeyBinding_isok = false;
+            tmp_subkeyBinding_isok = false;
+            primkeyBinding_isok = false;
+            while (itr.hasNext()) { //what does gpg do if the subkey binding is wrong?
+                //gpg has an invalid subkey binding error on key import I think, but doesn't shout
+                //about keys without subkey signing. Can't get it to import a slightly broken one
+                //either, so we will err on bad subkey binding here.
+                PGPSignature sig = itr.next();
+                if (sig.getKeyID() == mKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) {
+                    //check and if ok, check primary key binding.
+                    sig.init(contentVerifierBuilderProvider, mKey);
+                    tmp_subkeyBinding_isok = sig.verifyCertification(mKey, signatureKey);
+                    if (tmp_subkeyBinding_isok)
+                        subkeyBinding_isok = true;
+                    if (tmp_subkeyBinding_isok) {
+                        PGPSignatureSubpacketVector hPkts = sig.getHashedSubPackets();
+                        PGPSignatureSubpacketVector uhPkts = sig.getUnhashedSubPackets();
+                        if (uhPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) {
+                            PGPSignatureList eSigList = uhPkts.getEmbeddedSignatures();
+                            for (int j = 0; j < eSigList.size(); ++j) {
+                                PGPSignature emSig = eSigList.get(j);
+                                emSig.init(contentVerifierBuilderProvider, signatureKey);
+                                primkeyBinding_isok = emSig.verifyCertification(mKey, signatureKey);
+                                if (primkeyBinding_isok)
+                                    break;
+                            }
+                        }
+                        if (hPkts.hasSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE)) {
+                        }
                    }
                }
            }
+        } else { //if the key used to make the signature was the master key, no need to check binding sigs
+            subkeyBinding_isok = true;
+            primkeyBinding_isok = true;
        }
-        returnData.putBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS, sig_isok & subkeyBinding_isok);
+        returnData.putBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS, sig_isok & subkeyBinding_isok & primkeyBinding_isok);

        updateProgress(R.string.progress_done, 100, 100);
        return returnData;