private keys without master keys and some fixes for things which broke along the way

OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpHelper.java

@@ -24,12 +24,16 @@ import java.util.Locale;
 import java.util.Vector;
 
 import org.spongycastle.bcpg.sig.KeyFlags;
+import org.spongycastle.openpgp.PGPPrivateKey;
 import org.spongycastle.openpgp.PGPPublicKey;
 import org.spongycastle.openpgp.PGPPublicKeyRing;
 import org.spongycastle.openpgp.PGPSecretKey;
 import org.spongycastle.openpgp.PGPSecretKeyRing;
 import org.spongycastle.openpgp.PGPSignature;
 import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
+import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
+import org.spongycastle.openpgp.PGPException;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.util.IterableIterator;
@@ -76,6 +80,22 @@ public class PgpHelper {
         return null;
     }
 
+    @SuppressWarnings("unchecked")
+    public static PGPSecretKey getKeyNum(PGPSecretKeyRing keyRing, long num) {
+        long cnt = 0;
+        if (keyRing == null) {
+            return null;
+        }
+        for (PGPSecretKey key : new IterableIterator<PGPSecretKey>(keyRing.getSecretKeys())) {
+            if (cnt == num) {
+                return key;
+            }
+            cnt++;
+        }
+
+        return null;
+    }
+
     @SuppressWarnings("unchecked")
     public static Vector<PGPPublicKey> getEncryptKeys(PGPPublicKeyRing keyRing) {
         Vector<PGPPublicKey> encryptKeys = new Vector<PGPPublicKey>();
@@ -144,7 +164,17 @@ public class PgpHelper {
         for (int i = 0; i < signingKeys.size(); ++i) {
             PGPSecretKey key = signingKeys.get(i);
             if (key.isMasterKey()) {
-                masterKey = key;
+                try {
+                    PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
+                            .setProvider(PgpMain.BOUNCY_CASTLE_PROVIDER_NAME).build(new char[] {});
+                    PGPPrivateKey testKey = key.extractPrivateKey(
+                            keyDecryptor);
+                    if (testKey != null) {
+                        masterKey = key;
+                    }
+                } catch (PGPException e) {
+                    // all good if this fails, we likely didn't use the right password
+                }
             } else {
                 usableKeys.add(key);
             }

OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java

@@ -84,6 +84,7 @@ import org.sufficientlysecure.keychain.util.PositionAwareInputStream;
 import org.sufficientlysecure.keychain.util.Primes;
 import org.sufficientlysecure.keychain.util.ProgressDialogUpdater;
 import org.sufficientlysecure.keychain.util.KeyServer.AddKeyException;
+import org.sufficientlysecure.keychain.util.IterableIterator;
 import org.sufficientlysecure.keychain.R;
 
 import android.content.Context;
@@ -483,25 +484,28 @@ public class PgpMain {
      * @param keyring
      * @return
      */
+    @SuppressWarnings("unchecked")
     public static int storeKeyRingInCache(Context context, PGPKeyRing keyring) {
         int status = Integer.MIN_VALUE; // out of bounds value (Id.return_value.*)
         try {
             if (keyring instanceof PGPSecretKeyRing) {
                 PGPSecretKeyRing secretKeyRing = (PGPSecretKeyRing) keyring;
                 boolean save = true;
-                try {
-                    PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
-                            .setProvider(BOUNCY_CASTLE_PROVIDER_NAME).build(new char[] {});
-                    PGPPrivateKey testKey = secretKeyRing.getSecretKey().extractPrivateKey(
-                            keyDecryptor);
-                    if (testKey == null) {
-                        // this is bad, something is very wrong... likely a --export-secret-subkeys
-                        // export
-                        save = false;
-                        status = Id.return_value.bad;
+
+                for (PGPSecretKey testSecretKey : new IterableIterator<PGPSecretKey>(secretKeyRing.getSecretKeys())) {
+                    try {
+                        PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
+                                .setProvider(BOUNCY_CASTLE_PROVIDER_NAME).build(new char[] {});
+                        PGPPrivateKey testKey = testSecretKey.extractPrivateKey(
+                                keyDecryptor);
+                        if (testKey == null && !testSecretKey.isMasterKey()) {
+                            // this is bad, something is very wrong...
+                            save = false;
+                            status = Id.return_value.bad;
+                        }
+                    } catch (PGPException e) {
+                        // all good if this fails, we likely didn't use the right password
                     }
-                } catch (PGPException e) {
-                    // all good if this fails, we likely didn't use the right password
                 }
 
                 if (save) {