diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java b/pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java index f52c1408..c3355ff8 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/KeyRingValidator.java @@ -94,6 +94,10 @@ public final class KeyRingValidator { List signatures = CollectionUtils.iteratorToList(userIdSigs); Collections.sort(signatures, new SignatureCreationDateComparator(SignatureCreationDateComparator.Order.NEW_TO_OLD)); for (PGPSignature signature : signatures) { + if (signature.getKeyID() != primaryKey.getKeyID()) { + // Signature was not made by primary key + continue; + } try { if (SignatureType.valueOf(signature.getSignatureType()) == SignatureType.CERTIFICATION_REVOCATION) { if (SignatureVerifier.verifyUserIdRevocation(userId, signature, primaryKey, policy, validationDate)) { @@ -116,6 +120,10 @@ public final class KeyRingValidator { Iterator userAttributeSignatureIterator = primaryKey.getSignaturesForUserAttribute(userAttribute); while (userAttributeSignatureIterator.hasNext()) { PGPSignature signature = userAttributeSignatureIterator.next(); + if (signature.getKeyID() != primaryKey.getKeyID()) { + // Signature was not made by primary key + continue; + } try { if (SignatureType.valueOf(signature.getSignatureType()) == SignatureType.CERTIFICATION_REVOCATION) { if (SignatureVerifier.verifyUserAttributesRevocation(userAttribute, signature, primaryKey, policy, validationDate)) { diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java index 65a1a41d..809ea003 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/CertificateValidator.java @@ -72,6 +72,10 @@ public final class CertificateValidator { Iterator primaryKeyRevocationIterator = primaryKey.getSignaturesOfType(SignatureType.KEY_REVOCATION.getCode()); while (primaryKeyRevocationIterator.hasNext()) { PGPSignature revocation = primaryKeyRevocationIterator.next(); + if (revocation.getKeyID() != primaryKey.getKeyID()) { + // Revocation was not made by primary key, skip + // TODO: What about external revocation keys? + } try { if (SignatureVerifier.verifyKeyRevocationSignature(revocation, primaryKey, policy, signature.getCreationTime())) { directKeySignatures.add(revocation); @@ -86,6 +90,10 @@ public final class CertificateValidator { Iterator keySignatures = primaryKey.getSignaturesOfType(SignatureType.DIRECT_KEY.getCode()); while (keySignatures.hasNext()) { PGPSignature keySignature = keySignatures.next(); + if (keySignature.getKeyID() != primaryKey.getKeyID()) { + // Signature was not made by primary key, skip + continue; + } try { if (SignatureVerifier.verifyDirectKeySignature(keySignature, primaryKey, policy, signature.getCreationTime())) { directKeySignatures.add(keySignature); @@ -112,6 +120,10 @@ public final class CertificateValidator { Iterator userIdSigs = primaryKey.getSignaturesForID(userId); while (userIdSigs.hasNext()) { PGPSignature userIdSig = userIdSigs.next(); + if (userIdSig.getKeyID() != primaryKey.getKeyID()) { + // Sig was made by external key, skip + continue; + } try { if (SignatureVerifier.verifySignatureOverUserId(userId, userIdSig, primaryKey, policy, signature.getCreationTime())) { signaturesOnUserId.add(userIdSig); @@ -168,6 +180,10 @@ public final class CertificateValidator { Iterator bindingRevocations = signingSubkey.getSignaturesOfType(SignatureType.SUBKEY_REVOCATION.getCode()); while (bindingRevocations.hasNext()) { PGPSignature revocation = bindingRevocations.next(); + if (revocation.getKeyID() != primaryKey.getKeyID()) { + // Subkey Revocation was not made by primary key, skip + continue; + } try { if (SignatureVerifier.verifySubkeyBindingRevocation(revocation, primaryKey, signingSubkey, policy, signature.getCreationTime())) { subkeySigs.add(revocation); diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignaturePicker.java b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignaturePicker.java index 74fff1e9..e6f2f755 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignaturePicker.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignaturePicker.java @@ -209,10 +209,15 @@ public final class SignaturePicker { Iterator userIdSigIterator = primaryKey.getSignaturesForID(userId); List signatures = CollectionUtils.iteratorToList(userIdSigIterator); + Collections.sort(signatures, new SignatureCreationDateComparator()); PGPSignature mostRecentUserIdCertification = null; for (PGPSignature signature : signatures) { + if (primaryKey.getKeyID() != signature.getKeyID()) { + // Signature not made by primary key + continue; + } try { SignatureVerifier.verifyUserIdCertification(userId, signature, primaryKey, policy, validationDate); } catch (SignatureValidationException e) { diff --git a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureVerifier.java b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureVerifier.java index 1cfff7db..d4a61271 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureVerifier.java +++ b/pgpainless-core/src/main/java/org/pgpainless/signature/consumer/SignatureVerifier.java @@ -89,6 +89,7 @@ public final class SignatureVerifier { */ public static boolean verifyUserIdCertification(String userId, PGPSignature signature, PGPPublicKey signingKey, PGPPublicKey keyWithUserId, Policy policy, Date validationDate) throws SignatureValidationException { + SignatureValidator.wasPossiblyMadeByKey(signingKey).verify(signature); SignatureValidator.signatureIsCertification().verify(signature); SignatureValidator.signatureStructureIsAcceptable(signingKey, policy).verify(signature); SignatureValidator.signatureIsEffective(validationDate).verify(signature); @@ -129,6 +130,7 @@ public final class SignatureVerifier { */ public static boolean verifyUserIdRevocation(String userId, PGPSignature signature, PGPPublicKey signingKey, PGPPublicKey keyWithUserId, Policy policy, Date validationDate) throws SignatureValidationException { + SignatureValidator.wasPossiblyMadeByKey(signingKey).verify(signature); SignatureValidator.signatureIsOfType(SignatureType.CERTIFICATION_REVOCATION).verify(signature); SignatureValidator.signatureStructureIsAcceptable(signingKey, policy).verify(signature); SignatureValidator.signatureIsEffective(validationDate).verify(signature); @@ -174,6 +176,7 @@ public final class SignatureVerifier { PGPPublicKey keyWithUserAttributes, Policy policy, Date validationDate) throws SignatureValidationException { + SignatureValidator.wasPossiblyMadeByKey(signingKey).verify(signature); SignatureValidator.signatureIsCertification().verify(signature); SignatureValidator.signatureStructureIsAcceptable(signingKey, policy).verify(signature); SignatureValidator.signatureIsEffective(validationDate).verify(signature); @@ -219,6 +222,7 @@ public final class SignatureVerifier { PGPPublicKey keyWithUserAttributes, Policy policy, Date validationDate) throws SignatureValidationException { + SignatureValidator.wasPossiblyMadeByKey(signingKey).verify(signature); SignatureValidator.signatureIsOfType(SignatureType.CERTIFICATION_REVOCATION).verify(signature); SignatureValidator.signatureStructureIsAcceptable(signingKey, policy).verify(signature); SignatureValidator.signatureIsEffective(validationDate).verify(signature);