Merge pull request ProtonMail#139 from T4cC0re/master

wussler · web-flow · commit a3d8ed70c85b · 2021-07-30T14:49:41.000+02:00
Disregard GNU dummy subkeys when checking (un)locked state and unlocking a crypto.Key
diff --git a/crypto/key.go b/crypto/key.go
@@ -156,7 +156,7 @@ func (key *Key) Unlock(passphrase []byte) (*Key, error) {
 	}
 
 	for _, sub := range unlockedKey.entity.Subkeys {
-		if sub.PrivateKey != nil {
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() {
 			if err := sub.PrivateKey.Decrypt(passphrase); err != nil {
 				return nil, errors.Wrap(err, "gopenpgp: error in unlocking sub key")
 			}
@@ -280,13 +280,19 @@ func (key *Key) IsLocked() (bool, error) {
 		return true, errors.New("gopenpgp: a public key cannot be locked")
 	}
 
+	encryptedKeys := 0
+
 	for _, sub := range key.entity.Subkeys {
-		if sub.PrivateKey != nil && !sub.PrivateKey.Encrypted {
-			return false, nil
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
+			encryptedKeys++
 		}
 	}
 
-	return key.entity.PrivateKey.Encrypted, nil
+	if key.entity.PrivateKey.Encrypted {
+		encryptedKeys++
+	}
+
+	return encryptedKeys > 0, nil
 }
 
 // IsUnlocked checks if a private key is unlocked.
@@ -295,13 +301,19 @@ func (key *Key) IsUnlocked() (bool, error) {
 		return true, errors.New("gopenpgp: a public key cannot be unlocked")
 	}
 
+	encryptedKeys := 0
+
 	for _, sub := range key.entity.Subkeys {
-		if sub.PrivateKey != nil && sub.PrivateKey.Encrypted {
-			return false, nil
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
+			encryptedKeys++
 		}
 	}
 
-	return !key.entity.PrivateKey.Encrypted, nil
+	if key.entity.PrivateKey.Encrypted {
+		encryptedKeys++
+	}
+
+	return encryptedKeys == 0, nil
 }
 
 // Check verifies if the public keys match the private key parameters by

Original file line number	Diff line number	Diff line change
`@@ -156,7 +156,7 @@ func (key Key) Unlock(passphrase []byte) (Key, error) {`
`156`	`156`	`}`
`157`	`157`
`158`	`158`	`for _, sub := range unlockedKey.entity.Subkeys {`
`159`		`- if sub.PrivateKey != nil {`
	`159`	`+ if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() {`
`160`	`160`	`if err := sub.PrivateKey.Decrypt(passphrase); err != nil {`
`161`	`161`	`return nil, errors.Wrap(err, "gopenpgp: error in unlocking sub key")`
`162`	`162`	`}`
`@@ -280,13 +280,19 @@ func (key *Key) IsLocked() (bool, error) {`
`280`	`280`	`return true, errors.New("gopenpgp: a public key cannot be locked")`
`281`	`281`	`}`
`282`	`282`
	`283`	`+ encryptedKeys := 0`
	`284`	`+`
`283`	`285`	`for _, sub := range key.entity.Subkeys {`
`284`		`- if sub.PrivateKey != nil && !sub.PrivateKey.Encrypted {`
`285`		`- return false, nil`
	`286`	`+ if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {`
	`287`	`+ encryptedKeys++`
`286`	`288`	`}`
`287`	`289`	`}`
`288`	`290`
`289`		`- return key.entity.PrivateKey.Encrypted, nil`
	`291`	`+ if key.entity.PrivateKey.Encrypted {`
	`292`	`+ encryptedKeys++`
	`293`	`+ }`
	`294`	`+`
	`295`	`+ return encryptedKeys > 0, nil`
`290`	`296`	`}`
`291`	`297`
`292`	`298`	`// IsUnlocked checks if a private key is unlocked.`
`@@ -295,13 +301,19 @@ func (key *Key) IsUnlocked() (bool, error) {`
`295`	`301`	`return true, errors.New("gopenpgp: a public key cannot be unlocked")`
`296`	`302`	`}`
`297`	`303`
	`304`	`+ encryptedKeys := 0`
	`305`	`+`
`298`	`306`	`for _, sub := range key.entity.Subkeys {`
`299`		`- if sub.PrivateKey != nil && sub.PrivateKey.Encrypted {`
`300`		`- return false, nil`
	`307`	`+ if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {`
	`308`	`+ encryptedKeys++`
`301`	`309`	`}`
`302`	`310`	`}`
`303`	`311`
`304`		`- return !key.entity.PrivateKey.Encrypted, nil`
	`312`	`+ if key.entity.PrivateKey.Encrypted {`
	`313`	`+ encryptedKeys++`
	`314`	`+ }`
	`315`	`+`
	`316`	`+ return encryptedKeys == 0, nil`
`305`	`317`	`}`
`306`	`318`
`307`	`319`	`// Check verifies if the public keys match the private key parameters by`