Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing an issue where a secret subkey wasn't being used to decrypt #188

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

fbernardo
Copy link
Contributor

In the case where a secret key was used only to sign and a secret subkey was then used to encrypt only, this function wasn't finding any keys to encrypt.

Similarly to how it is assumed on line 322, I changed the code to assume a secret subkey is always capable.

Checklist:

  • I accept the CONTRIBUTING.md terms.
  • Correct file headers (see CONTRIBUTING.md).
  • Tests.

Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let signaturePacket = subKey.bindingSignature;
if (signaturePacket.canBeUsedToEncrypt && PGPEqualObjects(PGPCast(subKey.primaryKeyPacket, PGPSecretKeyPacket).keyID, keyID)) {
//Assume the primary key packet is always capable if if its a secret key packet
if (PGPEqualObjects(PGPCast(subKey.primaryKeyPacket, PGPSecretKeyPacket).keyID, keyID)) {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if this is correct.
This makes always use the first subkey. What if there's multiple subkeys, ale there's one that is valid, and it's not the first from the list?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants