do respect expectedFingerprint during key import

2014-06-04 21:35:03 +02:00
parent cc1e4dce0a
commit 2946d442e5
2 changed files with 18 additions and 9 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
@@ -139,7 +139,18 @@ public class PgpImportExport {
        int position = 0;
        for (ParcelableKeyRing entry : entries) {
            try {
-                UncachedKeyRing key = entry.getUncachedKeyRing();
+                UncachedKeyRing key = UncachedKeyRing.decodeFromData(entry.getBytes());
+
+                String expectedFp = entry.getExpectedFingerprint();
+                if(expectedFp != null) {
+                    if(!PgpKeyHelper.convertFingerprintToHex(key.getFingerprint()).equals(expectedFp)) {
+                        Log.e(Constants.TAG, "Actual key fingerprint is not the same as expected!");
+                        badKeys += 1;
+                        continue;
+                    } else {
+                        Log.d(Constants.TAG, "Actual key fingerprint matches expected one.");
+                    }
+                }

                mProviderHelper.savePublicKeyRing(key);
                /*switch(status) {