Add check of proof fingerprint vs key-being-verified fingerprint

timbray · timbray · commit b2a8fe1327f6 · 2014-11-22T09:31:56.000-08:00
diff --git a/Lib/src/main/java/com/textuality/keybase/lib/prover/Prover.java b/Lib/src/main/java/com/textuality/keybase/lib/prover/Prover.java
@@ -52,22 +52,25 @@
  * How to use:
  * 1. call fetchProofData(), which will exhibit network latency. If it returns false the proof
  *    verification failed; an explanation can be found in the log.
- * 2. fetch the PGP message with getPgpMessage(), check that it’s signed with the right fingerprint
+ * 2. call checkFingerprint(), passing it the fingerprint of the key you’re checking up on; if
+ *    if it returns false the verification failed.
+ * 3. fetch the PGP message with getPgpMessage(), check that it’s signed with the right fingerprint
  *    (see above).
- * 3. Call dnsTxtCheckRequired() and if it returns non-null, the return value is a domain name;
+ * 4. Call dnsTxtCheckRequired() and if it returns non-null, the return value is a domain name;
  *    retrieve TXT records from that domain and pass them to checkDnsTxt(); if it returns false
  *    the proof verification failed; an explanation can be found in the log.
- * 4. call rawMessageCheckRequired() and if it returns true, feed the raw (de-armored) bytes
+ * 5. call rawMessageCheckRequired() and if it returns true, feed the raw (de-armored) bytes
  *    of the message to checkRawMessageBytes(). if it returns false the proof verification failed;
  *    an explanation can be found in the log. This may exhibit crypto latency.
- * 5. Pass the message to validate(), which should have no real latency.  If it returns false the
+ * 6. Pass the message to validate(), which should have no real latency.  If it returns false the
  *    proof verification failed; an explanation can be found in the log.
  */
 public abstract class Prover {
 
     String mPgpMessage;
     String mPayload;
     String mShortenedMessageHash;
+    String mFingerprintUsedInProof = null;
     final Proof mProof;
     final List<String> mLog = new ArrayList<String>();
 
@@ -94,6 +97,10 @@ public String getPgpMessage() {
         return mPgpMessage;
     }
 
+    public boolean checkFingerprint(String fingerprint) {
+        return fingerprint.equalsIgnoreCase(mFingerprintUsedInProof);
+    }
+
     public boolean validate(String decryptedMessage) {
         return mPayload.equals(decryptedMessage);
     }
@@ -111,6 +118,7 @@ JSONObject readSig(String sigId) throws JSONException, KeybaseException {
         sigJSON = JWalk.getArray(sigJSON, "sigs").getJSONObject(0);
         mPayload = JWalk.getString(sigJSON, "payload_json");
         mPgpMessage = JWalk.getString(sigJSON, "sig");
+        mFingerprintUsedInProof = JWalk.getString(sigJSON, "fingerprint");
 
         mLog.add("Extracted payload & message from sig");
 
