Merge pull request #139 from T4cC0re/master

Disregard GNU dummy subkeys when checking (un)locked state and unlocking a crypto.Key
2021-07-30 14:49:41 +02:00 · 2021-07-30 14:49:41 +02:00 · a3d8ed70c8
commit a3d8ed70c8
parent a5fa9e21f3 abf7e6f86a
1 changed files with 19 additions and 7 deletions
--- a/crypto/key.go
+++ b/crypto/key.go
@ -156,7 +156,7 @@ func (key *Key) Unlock(passphrase []byte) (*Key, error) {
 	}

 	for _, sub := range unlockedKey.entity.Subkeys {
-		if sub.PrivateKey != nil {
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() {
 			if err := sub.PrivateKey.Decrypt(passphrase); err != nil {
 				return nil, errors.Wrap(err, "gopenpgp: error in unlocking sub key")
 			}
@ -280,13 +280,19 @@ func (key *Key) IsLocked() (bool, error) {
 		return true, errors.New("gopenpgp: a public key cannot be locked")
 	}

+	encryptedKeys := 0
+
 	for _, sub := range key.entity.Subkeys {
-		if sub.PrivateKey != nil && !sub.PrivateKey.Encrypted {
-			return false, nil
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
+			encryptedKeys++
 		}
 	}

-	return key.entity.PrivateKey.Encrypted, nil
+	if key.entity.PrivateKey.Encrypted {
+		encryptedKeys++
+	}
+
+	return encryptedKeys > 0, nil
 }

 // IsUnlocked checks if a private key is unlocked.
@ -295,13 +301,19 @@ func (key *Key) IsUnlocked() (bool, error) {
 		return true, errors.New("gopenpgp: a public key cannot be unlocked")
 	}

+	encryptedKeys := 0
+
 	for _, sub := range key.entity.Subkeys {
-		if sub.PrivateKey != nil && sub.PrivateKey.Encrypted {
-			return false, nil
+		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
+			encryptedKeys++
 		}
 	}

-	return !key.entity.PrivateKey.Encrypted, nil
+	if key.entity.PrivateKey.Encrypted {
+		encryptedKeys++
+	}
+
+	return encryptedKeys == 0, nil
 }

 // Check verifies if the public keys match the private key parameters by