diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
index 149640bcf..920c83ef7 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@@ -351,6 +351,7 @@ public abstract class OperationResult implements Parcelable {
MSG_IS_ERROR_IO_EXC(LogLevel.DEBUG, R.string.msg_is_error_io_exc),
MSG_IS_MERGE_PUBLIC (LogLevel.DEBUG, R.string.msg_is_merge_public),
MSG_IS_MERGE_SECRET (LogLevel.DEBUG, R.string.msg_is_merge_secret),
+ MSG_IS_MERGE_SPECIAL (LogLevel.DEBUG, R.string.msg_is_merge_special),
MSG_IS_IMPORTING_SUBKEYS (LogLevel.DEBUG, R.string.msg_is_importing_subkeys),
MSG_IS_PUBRING_GENERATE (LogLevel.DEBUG, R.string.msg_is_pubring_generate),
MSG_IS_SUBKEY_NONEXISTENT (LogLevel.DEBUG, R.string.msg_is_subkey_nonexistent),
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
index c28ebde8d..46f294866 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
@@ -135,9 +135,7 @@ public class ProviderHelper {
}
public void clearLog() {
- if (mLog != null) {
- mLog.clear();
- }
+ mLog = new OperationLog();
}
// If we ever switch to api level 11, we can ditch this whole mess!
@@ -867,7 +865,21 @@ public class ProviderHelper {
// This is a safe cast, because we made sure this is a secret ring above
canSecretRing = (CanonicalizedSecretKeyRing) secretRing.canonicalize(mLog, mIndent);
if (canSecretRing == null) {
- return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null);
+
+ // Special case: If keyring canonicalization failed, try again after adding
+ // all self-certificates from the public key.
+ try {
+ log(LogType.MSG_IS_MERGE_SPECIAL);
+ UncachedKeyRing oldPublicRing = getCanonicalizedPublicKeyRing(masterKeyId).getUncachedKeyRing();
+ secretRing = secretRing.merge(oldPublicRing, mLog, mIndent);
+ canSecretRing = (CanonicalizedSecretKeyRing) secretRing.canonicalize(mLog, mIndent);
+ } catch (NotFoundException e2) {
+ // nothing, this is handled right in the next line
+ }
+
+ if (canSecretRing == null) {
+ return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null);
+ }
}
}
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index 73d5c612c..d914b4299 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -688,6 +688,7 @@
"Error encoding keyring"
"Merging imported data into existing public keyring"
"Merging imported data into existing public keyring"
+ "Merging in self-certificates data from public keyring"
"Generating public keyring from secret keyring"
"Subkey %s unavailable in secret key"
"Marked secret subkey %s as available"