From 52c8439da5abc36f6995653ba4531e76f8c185c7 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Sun, 10 Jul 2022 23:02:00 +0200 Subject: [PATCH] Prevent third-party assigned user-ids from being accidentally returned as primary user-id Fixes #293 --- .../main/java/org/pgpainless/key/info/KeyRingInfo.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java b/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java index 7999b592..b69e301b 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/info/KeyRingInfo.java @@ -289,16 +289,16 @@ public class KeyRingInfo { return null; } - String firstUserId = userIds.get(0); - if (userIds.size() == 1) { - return firstUserId; - } - + String firstUserId = null; for (String userId : userIds) { PGPSignature certification = signatures.userIdCertifications.get(userId); if (certification == null) { continue; } + + if (firstUserId == null) { + firstUserId = userId; + } Date creationTime = certification.getCreationTime(); if (certification.getHashedSubPackets().isPrimaryUserID()) {