diff options
author | Vincent Breitmoser <valodim@mugenguild.com> | 2015-03-15 20:02:57 +0100 |
---|---|---|
committer | Vincent Breitmoser <valodim@mugenguild.com> | 2015-03-15 20:02:57 +0100 |
commit | 4afd6b881edfd0bc404734a4e8959a7a0fa785a7 (patch) | |
tree | 63a051fb595d168f8ddbfd76a51bb2319889d40b /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider | |
parent | ba7d8a58673d55660bc7faf68970229f17458514 (diff) | |
parent | db39b779c984a758e13adc16837893509f3b364f (diff) | |
download | open-keychain-4afd6b881edfd0bc404734a4e8959a7a0fa785a7.tar.gz open-keychain-4afd6b881edfd0bc404734a4e8959a7a0fa785a7.tar.bz2 open-keychain-4afd6b881edfd0bc404734a4e8959a7a0fa785a7.zip |
Merge branch 'development' into linked-identities
Conflicts:
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyFragment.java
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider')
3 files changed, 69 insertions, 50 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java index 0a7cf4a41..deb12a146 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java @@ -124,6 +124,7 @@ public class KeychainContract { public static final String HAS_SIGN = "has_sign"; public static final String HAS_CERTIFY = "has_certify"; public static final String HAS_AUTHENTICATE = "has_authenticate"; + public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id"; public static final String PUBKEY_DATA = "pubkey_data"; public static final String PRIVKEY_DATA = "privkey_data"; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java index 4a84397a4..380c5cc46 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java @@ -286,7 +286,15 @@ public class KeychainProvider extends ContentProvider { projectionMap.put(KeyRings.EXPIRY, Tables.KEYS + "." + Keys.EXPIRY); projectionMap.put(KeyRings.ALGORITHM, Tables.KEYS + "." + Keys.ALGORITHM); projectionMap.put(KeyRings.FINGERPRINT, Tables.KEYS + "." + Keys.FINGERPRINT); - projectionMap.put(KeyRings.USER_ID, UserPackets.USER_ID); + projectionMap.put(KeyRings.USER_ID, Tables.USER_PACKETS + "." + UserPackets.USER_ID); + projectionMap.put(KeyRings.HAS_DUPLICATE_USER_ID, + "(SELECT COUNT (*) FROM " + Tables.USER_PACKETS + " AS dups" + + " WHERE dups." + UserPackets.MASTER_KEY_ID + + " != " + Tables.KEYS + "." + Keys.MASTER_KEY_ID + + " AND dups." + UserPackets.RANK + " = 0" + + " AND dups." + UserPackets.USER_ID + + " = "+ Tables.USER_PACKETS + "." + UserPackets.USER_ID + + ") AS " + KeyRings.HAS_DUPLICATE_USER_ID); projectionMap.put(KeyRings.VERIFIED, KeyRings.VERIFIED); projectionMap.put(KeyRings.PUBKEY_DATA, Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.KEY_RING_DATA diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index ffb812c32..655bf19ba 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -28,6 +28,7 @@ import android.net.Uri; import android.os.RemoteException; import android.support.v4.util.LongSparseArray; +import org.spongycastle.bcpg.CompressionAlgorithmTags; import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.R; import org.sufficientlysecure.keychain.operations.results.ImportKeyResult; @@ -48,6 +49,7 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing; import org.sufficientlysecure.keychain.pgp.KeyRing; +import org.sufficientlysecure.keychain.pgp.PgpConstants; import org.sufficientlysecure.keychain.pgp.PgpHelper; import org.sufficientlysecure.keychain.pgp.Progressable; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; @@ -81,15 +83,15 @@ import java.util.Iterator; import java.util.List; import java.util.Set; -/** This class contains high level methods for database access. Despite its +/** + * This class contains high level methods for database access. Despite its * name, it is not only a helper but actually the main interface for all * synchronous database operations. - * + * <p/> * Operations in this class write logs. These can be obtained from the * OperationResultParcel return values directly, but are also accumulated over * the lifetime of the executing ProviderHelper object unless the resetLog() * method is called to start a new one specifically. - * */ public class ProviderHelper { private final Context mContext; @@ -126,12 +128,13 @@ public class ProviderHelper { } public void log(LogType type) { - if(mLog != null) { + if (mLog != null) { mLog.add(type, mIndent); } } + public void log(LogType type, Object... parameters) { - if(mLog != null) { + if (mLog != null) { mLog.add(type, mIndent, parameters); } } @@ -213,7 +216,7 @@ public class ProviderHelper { } private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() { - Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] { + Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[]{ KeyRings.MASTER_KEY_ID, // we pick from cache only information that is not easily available from keyrings KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED, @@ -288,7 +291,7 @@ public class ProviderHelper { boolean hasAnySecret = cursor.getInt(0) > 0; int verified = cursor.getInt(1); byte[] blob = cursor.getBlob(2); - if(secret &! hasAnySecret) { + if (secret & !hasAnySecret) { throw new NotFoundException("Secret key not available!"); } return secret @@ -305,7 +308,7 @@ public class ProviderHelper { } // bits, in order: CESA. make SURE these are correct, we will get bad log entries otherwise!! - static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[] { + static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[]{ LogType.MSG_IP_MASTER_FLAGS_XXXX, LogType.MSG_IP_MASTER_FLAGS_CXXX, LogType.MSG_IP_MASTER_FLAGS_XEXX, LogType.MSG_IP_MASTER_FLAGS_CEXX, LogType.MSG_IP_MASTER_FLAGS_XXSX, LogType.MSG_IP_MASTER_FLAGS_CXSX, @@ -317,7 +320,7 @@ public class ProviderHelper { }; // same as above, but for subkeys - static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[] { + static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[]{ LogType.MSG_IP_SUBKEY_FLAGS_XXXX, LogType.MSG_IP_SUBKEY_FLAGS_CXXX, LogType.MSG_IP_SUBKEY_FLAGS_XEXX, LogType.MSG_IP_SUBKEY_FLAGS_CEXX, LogType.MSG_IP_SUBKEY_FLAGS_XXSX, LogType.MSG_IP_SUBKEY_FLAGS_CXSX, @@ -328,8 +331,9 @@ public class ProviderHelper { LogType.MSG_IP_SUBKEY_FLAGS_XESA, LogType.MSG_IP_SUBKEY_FLAGS_CESA }; - /** Saves an UncachedKeyRing of the public variant into the db. - * + /** + * Saves an UncachedKeyRing of the public variant into the db. + * <p/> * This method will not delete all previous data for this masterKeyId from the database prior * to inserting. All public data is effectively re-inserted, secret keyrings are left deleted * and need to be saved externally to be preserved past the operation. @@ -403,7 +407,7 @@ public class ProviderHelper { if (key.getKeyUsage() == null) { log(LogType.MSG_IP_MASTER_FLAGS_UNSPECIFIED); } else { - log(LOG_TYPES_FLAG_MASTER[(c?1:0) + (e?2:0) + (s?4:0) + (a?8:0)]); + log(LOG_TYPES_FLAG_MASTER[(c ? 1 : 0) + (e ? 2 : 0) + (s ? 4 : 0) + (a ? 8 : 0)]); } } else { if (key.getKeyUsage() == null) { @@ -492,7 +496,7 @@ public class ProviderHelper { try { cert.init(trustedKey); // if it doesn't certify, leave a note and skip - if ( ! cert.verifySignature(masterKey, rawUserId)) { + if (!cert.verifySignature(masterKey, rawUserId)) { log(LogType.MSG_IP_UID_CERT_BAD); continue; } @@ -537,7 +541,7 @@ public class ProviderHelper { ArrayList<WrappedUserAttribute> userAttributes = masterKey.getUnorderedUserAttributes(); // Don't spam the log if there aren't even any attributes - if ( ! userAttributes.isEmpty()) { + if (!userAttributes.isEmpty()) { log(LogType.MSG_IP_UAT_CLASSIFYING); } @@ -592,7 +596,7 @@ public class ProviderHelper { try { cert.init(trustedKey); // if it doesn't certify, leave a note and skip - if ( ! cert.verifySignature(masterKey, userAttribute)) { + if (!cert.verifySignature(masterKey, userAttribute)) { log(LogType.MSG_IP_UAT_CERT_BAD); continue; } @@ -660,7 +664,7 @@ public class ProviderHelper { selfCertsAreTrusted ? Certs.VERIFIED_SECRET : Certs.VERIFIED_SELF)); // iterate over signatures - for (int i = 0; i < item.trustedCerts.size() ; i++) { + for (int i = 0; i < item.trustedCerts.size(); i++) { WrappedSignature sig = item.trustedCerts.valueAt(i); // if it's a revocation if (sig.isRevocation()) { @@ -725,7 +729,7 @@ public class ProviderHelper { public int compareTo(UserPacketItem o) { // revoked keys always come last! //noinspection DoubleNegation - if ( (selfRevocation != null) != (o.selfRevocation != null)) { + if ((selfRevocation != null) != (o.selfRevocation != null)) { return selfRevocation != null ? 1 : -1; } // if one is a user id, but the other isn't, the user id always comes first. @@ -742,7 +746,8 @@ public class ProviderHelper { } } - /** Saves an UncachedKeyRing of the secret variant into the db. + /** + * Saves an UncachedKeyRing of the secret variant into the db. * This method will fail if no corresponding public keyring is in the database! */ private int saveCanonicalizedSecretKeyRing(CanonicalizedSecretKeyRing keyRing) { @@ -789,7 +794,7 @@ public class ProviderHelper { SecretKeyType mode = sub.getSecretKeyType(); values.put(Keys.HAS_SECRET, mode.getNum()); int upd = mContentResolver.update(uri, values, Keys.KEY_ID + " = ?", - new String[]{ Long.toString(id) }); + new String[]{Long.toString(id)}); if (upd == 1) { switch (mode) { case PASSPHRASE: @@ -843,8 +848,9 @@ public class ProviderHelper { return savePublicKeyRing(keyRing, new ProgressScaler()); } - /** Save a public keyring into the database. - * + /** + * Save a public keyring into the database. + * <p/> * This is a high level method, which takes care of merging all new information into the old and * keep public and secret keyrings in sync. */ @@ -949,7 +955,7 @@ public class ProviderHelper { log(LogType.MSG_IS, KeyFormattingUtils.convertKeyIdToHex(masterKeyId)); mIndent += 1; - if ( ! secretRing.isSecret()) { + if (!secretRing.isSecret()) { log(LogType.MSG_IS_BAD_TYPE_PUBLIC); return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null); } @@ -1417,9 +1423,13 @@ public class ProviderHelper { ContentValues values = new ContentValues(); values.put(KeychainContract.ApiAccounts.ACCOUNT_NAME, accSettings.getAccountName()); values.put(KeychainContract.ApiAccounts.KEY_ID, accSettings.getKeyId()); - values.put(KeychainContract.ApiAccounts.COMPRESSION, accSettings.getCompression()); - values.put(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM, accSettings.getEncryptionAlgorithm()); - values.put(KeychainContract.ApiAccounts.HASH_ALORITHM, accSettings.getHashAlgorithm()); + + // DEPRECATED and thus hardcoded + values.put(KeychainContract.ApiAccounts.COMPRESSION, CompressionAlgorithmTags.ZLIB); + values.put(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM, + PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED); + values.put(KeychainContract.ApiAccounts.HASH_ALORITHM, + PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED); return values; } @@ -1475,12 +1485,6 @@ public class ProviderHelper { cursor.getColumnIndex(KeychainContract.ApiAccounts.ACCOUNT_NAME))); settings.setKeyId(cursor.getLong( cursor.getColumnIndex(KeychainContract.ApiAccounts.KEY_ID))); - settings.setCompression(cursor.getInt( - cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.COMPRESSION))); - settings.setHashAlgorithm(cursor.getInt( - cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.HASH_ALORITHM))); - settings.setEncryptionAlgorithm(cursor.getInt( - cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM))); } } finally { if (cursor != null) { @@ -1544,26 +1548,32 @@ public class ProviderHelper { } } + public void addAllowedKeyIdForApp(Uri uri, long allowedKeyId) { + ContentValues values = new ContentValues(); + values.put(ApiAllowedKeys.KEY_ID, allowedKeyId); + mContentResolver.insert(uri, values); + } + public Set<String> getAllFingerprints(Uri uri) { - Set<String> fingerprints = new HashSet<>(); - String[] projection = new String[]{KeyRings.FINGERPRINT}; - Cursor cursor = mContentResolver.query(uri, projection, null, null, null); - try { - if(cursor != null) { - int fingerprintColumn = cursor.getColumnIndex(KeyRings.FINGERPRINT); - while(cursor.moveToNext()) { - fingerprints.add( + Set<String> fingerprints = new HashSet<>(); + String[] projection = new String[]{KeyRings.FINGERPRINT}; + Cursor cursor = mContentResolver.query(uri, projection, null, null, null); + try { + if (cursor != null) { + int fingerprintColumn = cursor.getColumnIndex(KeyRings.FINGERPRINT); + while (cursor.moveToNext()) { + fingerprints.add( KeyFormattingUtils.convertFingerprintToHex(cursor.getBlob(fingerprintColumn)) - ); - } - } - } finally { - if (cursor != null) { - cursor.close(); - } - } - return fingerprints; - } + ); + } + } + } finally { + if (cursor != null) { + cursor.close(); + } + } + return fingerprints; + } public byte[] getApiAppSignature(String packageName) { Uri queryUri = ApiApps.buildByPackageNameUri(packageName); |