GPG: check that the key found is a signing key
Throw an exception if not. Change-Id: I60f36b271d5f44c6dc475302b169cb5b8a1e3945 Signed-off-by: Thomas Wolf <thomas.wolf@paranor.ch>
This commit is contained in:
parent
6536b5cbca
commit
efe6d2bb5b
|
@ -330,6 +330,7 @@ gpgNoKeyring=neither pubring.kbx nor secring.gpg files found
|
||||||
gpgNoKeyInLegacySecring=no matching secret key found in legacy secring.gpg for key or user id: {0}
|
gpgNoKeyInLegacySecring=no matching secret key found in legacy secring.gpg for key or user id: {0}
|
||||||
gpgNoPublicKeyFound=Unable to find a public-key with key or user id: {0}
|
gpgNoPublicKeyFound=Unable to find a public-key with key or user id: {0}
|
||||||
gpgNoSecretKeyForPublicKey=unable to find associated secret key for public key: {0}
|
gpgNoSecretKeyForPublicKey=unable to find associated secret key for public key: {0}
|
||||||
|
gpgNotASigningKey=Secret key ({0}) is not suitable for signing
|
||||||
gpgKeyInfo=GPG Key (fingerprint {0})
|
gpgKeyInfo=GPG Key (fingerprint {0})
|
||||||
gpgSigningCancelled=Signing was cancelled
|
gpgSigningCancelled=Signing was cancelled
|
||||||
headRequiredToStash=HEAD required to stash local changes
|
headRequiredToStash=HEAD required to stash local changes
|
||||||
|
|
|
@ -391,6 +391,7 @@ public static JGitText get() {
|
||||||
/***/ public String gpgNoKeyInLegacySecring;
|
/***/ public String gpgNoKeyInLegacySecring;
|
||||||
/***/ public String gpgNoPublicKeyFound;
|
/***/ public String gpgNoPublicKeyFound;
|
||||||
/***/ public String gpgNoSecretKeyForPublicKey;
|
/***/ public String gpgNoSecretKeyForPublicKey;
|
||||||
|
/***/ public String gpgNotASigningKey;
|
||||||
/***/ public String gpgKeyInfo;
|
/***/ public String gpgKeyInfo;
|
||||||
/***/ public String gpgSigningCancelled;
|
/***/ public String gpgSigningCancelled;
|
||||||
/***/ public String headRequiredToStash;
|
/***/ public String headRequiredToStash;
|
||||||
|
|
|
@ -261,6 +261,10 @@ public BouncyCastleGpgKey findSecretKey()
|
||||||
USER_PGP_LEGACY_SECRING_FILE);
|
USER_PGP_LEGACY_SECRING_FILE);
|
||||||
|
|
||||||
if (secretKey != null) {
|
if (secretKey != null) {
|
||||||
|
if (!secretKey.isSigningKey()) {
|
||||||
|
throw new PGPException(MessageFormat.format(
|
||||||
|
JGitText.get().gpgNotASigningKey, signingKey));
|
||||||
|
}
|
||||||
return new BouncyCastleGpgKey(secretKey, USER_PGP_LEGACY_SECRING_FILE);
|
return new BouncyCastleGpgKey(secretKey, USER_PGP_LEGACY_SECRING_FILE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -294,6 +298,10 @@ private BouncyCastleGpgKey findSecretKeyForKeyBoxPublicKey(
|
||||||
PGPSecretKey secretKey = attemptParseSecretKey(keyFile,
|
PGPSecretKey secretKey = attemptParseSecretKey(keyFile,
|
||||||
calculatorProvider, passphraseProvider, publicKey);
|
calculatorProvider, passphraseProvider, publicKey);
|
||||||
if (secretKey != null) {
|
if (secretKey != null) {
|
||||||
|
if (!secretKey.isSigningKey()) {
|
||||||
|
throw new PGPException(MessageFormat.format(
|
||||||
|
JGitText.get().gpgNotASigningKey, signingKey));
|
||||||
|
}
|
||||||
return new BouncyCastleGpgKey(secretKey, userKeyboxPath);
|
return new BouncyCastleGpgKey(secretKey, userKeyboxPath);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue