1 files changed, 16 insertions, 12 deletions

diff --git a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
index 26842e4dc..26739f564 100644
--- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
+++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
@@ -84,6 +84,7 @@ import org.sufficientlysecure.keychain.util.PositionAwareInputStream;
 import org.sufficientlysecure.keychain.util.Primes;
 import org.sufficientlysecure.keychain.util.ProgressDialogUpdater;
 import org.sufficientlysecure.keychain.util.KeyServer.AddKeyException;
+import org.sufficientlysecure.keychain.util.IterableIterator;
 import org.sufficientlysecure.keychain.R;
 
 import android.content.Context;
@@ -483,25 +484,28 @@ public class PgpMain {
      * @param keyring
      * @return
      */
+    @SuppressWarnings("unchecked")
     public static int storeKeyRingInCache(Context context, PGPKeyRing keyring) {
         int status = Integer.MIN_VALUE; // out of bounds value (Id.return_value.*)
         try {
             if (keyring instanceof PGPSecretKeyRing) {
                 PGPSecretKeyRing secretKeyRing = (PGPSecretKeyRing) keyring;
                 boolean save = true;
-                try {
-                    PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
-                            .setProvider(BOUNCY_CASTLE_PROVIDER_NAME).build(new char[] {});
-                    PGPPrivateKey testKey = secretKeyRing.getSecretKey().extractPrivateKey(
-                            keyDecryptor);
-                    if (testKey == null) {
-                        // this is bad, something is very wrong... likely a --export-secret-subkeys
-                        // export
-                        save = false;
-                        status = Id.return_value.bad;
+
+                for (PGPSecretKey testSecretKey : new IterableIterator<PGPSecretKey>(secretKeyRing.getSecretKeys())) {
+                    try {
+                        PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
+                                .setProvider(BOUNCY_CASTLE_PROVIDER_NAME).build(new char[] {});
+                        PGPPrivateKey testKey = testSecretKey.extractPrivateKey(
+                                keyDecryptor);
+                        if (testKey == null && !testSecretKey.isMasterKey()) {
+                            // this is bad, something is very wrong...
+                            save = false;
+                            status = Id.return_value.bad;
+                        }
+                    } catch (PGPException e) {
+                        // all good if this fails, we likely didn't use the right password
                     }
-                } catch (PGPException e) {
-                    // all good if this fails, we likely didn't use the right password
                 }
 
                 if (save) {