Skip to content

Commit

Permalink
verify olny SUBKEY_BINDING signatures for SubKey
Browse files Browse the repository at this point in the history
fix: #72
  • Loading branch information
slawekjaranowski committed Feb 19, 2020
1 parent f481881 commit cd04e84
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 3 deletions.
7 changes: 5 additions & 2 deletions src/main/java/org/simplify4u/plugins/PublicKeyUtils.java
Original file line number Diff line number Diff line change
Expand Up @@ -173,17 +173,20 @@ private static void verifyPublicKeyRing(PGPPublicKeyRing publicKeyRing) {

private static void verifySigForSubKey(PGPPublicKey subKey, PGPPublicKeyRing publicKeyRing) {

subKey.getSignatures().forEachRemaining(s -> Try.run(() -> {
subKey.getSignaturesOfType(PGPSignature.SUBKEY_BINDING).forEachRemaining(s -> Try.run(() -> {
PGPSignature sig = (PGPSignature) s;
PGPPublicKey masterKey = publicKeyRing.getPublicKey(sig.getKeyID());
if (masterKey != null) {
sig.init(new BcPGPContentVerifierBuilderProvider(), masterKey);
if (!sig.verifyCertification(masterKey, subKey)) {
throw new PGPException(
String.format("Failed signature type: %d for subKey: %s in key: %s",
String.format("Failed signature type: %x for subKey: %s in key: %s",
sig.getSignatureType(),
fingerprint(subKey), fingerprint(masterKey)));
}
} else {
throw new PGPException(String.format("Signature type: %x Not found key 0x%016X for subKeyId: %s",
sig.getSignatureType(), sig.getKeyID(), fingerprint(subKey)));
}
}).get()
);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ public void invalidUTF8InUserId() throws IOException, PGPException {
}

@Test
public void invalidDerbyClient() throws IOException, PGPException {
public void validateSubKeyWithExternalSignature() throws IOException, PGPException {

try (InputStream inputStream = getClass().getResourceAsStream("/3D8B00E198E21827.asc")) {
PGPPublicKeyRing publicKeyRing = PublicKeyUtils.loadPublicKeyRing(inputStream, 0x3D8B00E198E21827L);
Expand Down

0 comments on commit cd04e84

Please sign in to comment.