2 files changed, 45 insertions, 1 deletions

diff --git a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpHelper.java b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpHelper.java
index 0ff957b66..810f3a6f2 100644
--- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpHelper.java
+++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpHelper.java
@@ -122,6 +122,19 @@ public class PgpHelper {
         return signingKeys;
     }
 
+    @SuppressWarnings("unchecked")
+    public static Vector<PGPSecretKey> getCertificationKeys(PGPSecretKeyRing keyRing) {
+        Vector<PGPSecretKey> signingKeys = new Vector<PGPSecretKey>();
+
+        for (PGPSecretKey key : new IterableIterator<PGPSecretKey>(keyRing.getSecretKeys())) {
+            if (isCertificationKey(key)) {
+                signingKeys.add(key);
+            }
+        }
+
+        return signingKeys;
+    }
+
     public static Vector<PGPPublicKey> getUsableEncryptKeys(PGPPublicKeyRing keyRing) {
         Vector<PGPPublicKey> usableKeys = new Vector<PGPPublicKey>();
         Vector<PGPPublicKey> encryptKeys = getEncryptKeys(keyRing);
@@ -157,6 +170,24 @@ public class PgpHelper {
         return isExpired(key.getPublicKey());
     }
 
+    public static Vector<PGPSecretKey> getUsableCertificationKeys(PGPSecretKeyRing keyRing) {
+        Vector<PGPSecretKey> usableKeys = new Vector<PGPSecretKey>();
+        Vector<PGPSecretKey> signingKeys = getCertificationKeys(keyRing);
+        PGPSecretKey masterKey = null;
+        for (int i = 0; i < signingKeys.size(); ++i) {
+            PGPSecretKey key = signingKeys.get(i);
+            if (key.isMasterKey()) {
+                masterKey = key;
+            } else {
+                usableKeys.add(key);
+            }
+        }
+        if (masterKey != null) {
+            usableKeys.add(masterKey);
+        }
+        return usableKeys;
+    }
+
     public static Vector<PGPSecretKey> getUsableSigningKeys(PGPSecretKeyRing keyRing) {
         Vector<PGPSecretKey> usableKeys = new Vector<PGPSecretKey>();
         Vector<PGPSecretKey> signingKeys = getSigningKeys(keyRing);
@@ -208,6 +239,19 @@ public class PgpHelper {
         return encryptKeys.get(0);
     }
 
+    public static PGPSecretKey getCertificationKey(Context context, long masterKeyId) {
+        PGPSecretKeyRing keyRing = ProviderHelper.getPGPSecretKeyRingByMasterKeyId(context,
+                masterKeyId);
+        if (keyRing == null) {
+            return null;
+        }
+        Vector<PGPSecretKey> signingKeys = getUsableCertificationKeys(keyRing);
+        if (signingKeys.size() == 0) {
+            return null;
+        }
+        return signingKeys.get(0);
+    }
+
     public static PGPSecretKey getSigningKey(Context context, long masterKeyId) {
         PGPSecretKeyRing keyRing = ProviderHelper.getPGPSecretKeyRingByMasterKeyId(context,
                 masterKeyId);
diff --git a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
index 27047cd0f..142dfec01 100644
--- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
+++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/helper/PgpMain.java
@@ -1132,7 +1132,7 @@ public class PgpMain {
         } else {
             PGPPublicKeyRing pubring = ProviderHelper.getPGPPublicKeyRingByKeyId(context, pubKeyId);
 
-            PGPSecretKey signingKey = PgpHelper.getSigningKey(context, masterKeyId);
+            PGPSecretKey signingKey = PgpHelper.getCertificationKey(context, masterKeyId);
             if (signingKey == null) {
                 throw new PgpGeneralException(context.getString(R.string.error_signatureFailed));
             }