cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perform fingerprint check after canonicalization (OKC-01-009)

Browse Source
This commit is contained in:
Vincent Breitmoser
2015-09-11 01:57:17 +02:00
parent 950409ce55
commit 9d97d37c06
6 changed files with 30 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
View File

@@ -878,7 +878,7 @@ public class ProviderHelper {
}
public SaveKeyringResult savePublicKeyRing(UncachedKeyRing keyRing) {
return savePublicKeyRing(keyRing, new ProgressScaler());
return savePublicKeyRing(keyRing, new ProgressScaler(), null);
}
/**
@@ -887,7 +887,7 @@ public class ProviderHelper {
* This is a high level method, which takes care of merging all new information into the old and
* keep public and secret keyrings in sync.
*/
public SaveKeyringResult savePublicKeyRing(UncachedKeyRing publicRing, Progressable progress) {
public SaveKeyringResult savePublicKeyRing(UncachedKeyRing publicRing, Progressable progress, String expectedFingerprint) {
try {
long masterKeyId = publicRing.getMasterKeyId();
@@ -960,6 +960,17 @@ public class ProviderHelper {
canSecretRing = null;
}
// If we have an expected fingerprint, make sure it matches
if (expectedFingerprint != null) {
if (!canPublicRing.containsSubkey(expectedFingerprint)) {
log(LogType.MSG_IP_FINGERPRINT_ERROR);
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null);
} else {
log(LogType.MSG_IP_FINGERPRINT_OK);
}
}
int result = saveCanonicalizedPublicKeyRing(canPublicRing, progress, canSecretRing != null);
// Save the saved keyring (if any)