diff options
Diffstat (limited to 'OpenKeychain/src')
27 files changed, 307 insertions, 482 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 9a08290e4..8dbc2208c 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -65,10 +65,8 @@ import java.security.NoSuchProviderException; import java.security.SecureRandom; import java.security.SignatureException; import java.util.Arrays; -import java.util.Calendar; import java.util.Date; import java.util.Iterator; -import java.util.TimeZone; /** * This class is the single place where ALL operations that actually modify a PGP public or secret @@ -166,16 +164,21 @@ public class PgpKeyOperation { try { - log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_KEYID, indent); + log.add(LogLevel.START, LogType.MSG_CR, indent); indent += 1; updateProgress(R.string.progress_building_key, 0, 100); - if (saveParcel.addSubKeys == null || saveParcel.addSubKeys.isEmpty()) { + if (saveParcel.mAddSubKeys == null || saveParcel.mAddSubKeys.isEmpty()) { log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_MASTER, indent); return null; } - SubkeyAdd add = saveParcel.addSubKeys.remove(0); + SubkeyAdd add = saveParcel.mAddSubKeys.remove(0); + if ((add.mFlags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) { + log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_CERTIFY, indent); + return null; + } + PGPKeyPair keyPair = createKey(add.mAlgorithm, add.mKeysize); if (add.mAlgorithm == Constants.choice.algorithm.elgamal) { @@ -195,7 +198,7 @@ public class PgpKeyOperation { PGPSecretKeyRing sKR = new PGPSecretKeyRing( masterSecretKey.getEncoded(), new JcaKeyFingerprintCalculator()); - return internal(sKR, masterSecretKey, saveParcel, "", log, indent); + return internal(sKR, masterSecretKey, add.mFlags, saveParcel, "", log, indent); } catch (PGPException e) { Log.e(Constants.TAG, "pgp error encoding key", e); @@ -257,11 +260,16 @@ public class PgpKeyOperation { return null; } - return internal(sKR, masterSecretKey, saveParcel, passphrase, log, indent); + // read masterKeyFlags, and use the same as before. + // since this is the master key, this contains at least CERTIFY_OTHER + int masterKeyFlags = readKeyFlags(masterSecretKey.getPublicKey()) | KeyFlags.CERTIFY_OTHER; + + return internal(sKR, masterSecretKey, masterKeyFlags, saveParcel, passphrase, log, indent); } private UncachedKeyRing internal(PGPSecretKeyRing sKR, PGPSecretKey masterSecretKey, + int masterKeyFlags, SaveKeyringParcel saveParcel, String passphrase, OperationLog log, int indent) { @@ -289,7 +297,7 @@ public class PgpKeyOperation { PGPPublicKey modifiedPublicKey = masterPublicKey; // 2a. Add certificates for new user ids - for (String userId : saveParcel.addUserIds) { + for (String userId : saveParcel.mAddUserIds) { log.add(LogLevel.INFO, LogType.MSG_MF_UID_ADD, indent); // this operation supersedes all previous binding and revocation certificates, @@ -314,27 +322,31 @@ public class PgpKeyOperation { } // if it's supposed to be primary, we can do that here as well - boolean isPrimary = saveParcel.changePrimaryUserId != null - && userId.equals(saveParcel.changePrimaryUserId); + boolean isPrimary = saveParcel.mChangePrimaryUserId != null + && userId.equals(saveParcel.mChangePrimaryUserId); // generate and add new certificate PGPSignature cert = generateUserIdSignature(masterPrivateKey, - masterPublicKey, userId, isPrimary); - modifiedPublicKey = PGPPublicKey.addCertification(masterPublicKey, userId, cert); + masterPublicKey, userId, isPrimary, masterKeyFlags); + modifiedPublicKey = PGPPublicKey.addCertification(modifiedPublicKey, userId, cert); } // 2b. Add revocations for revoked user ids - for (String userId : saveParcel.revokeUserIds) { + for (String userId : saveParcel.mRevokeUserIds) { log.add(LogLevel.INFO, LogType.MSG_MF_UID_REVOKE, indent); - // a duplicate revocatin will be removed during canonicalization, so no need to + // a duplicate revocation will be removed during canonicalization, so no need to // take care of that here. PGPSignature cert = generateRevocationSignature(masterPrivateKey, masterPublicKey, userId); - modifiedPublicKey = PGPPublicKey.addCertification(masterPublicKey, userId, cert); + modifiedPublicKey = PGPPublicKey.addCertification(modifiedPublicKey, userId, cert); } // 3. If primary user id changed, generate new certificates for both old and new - if (saveParcel.changePrimaryUserId != null) { + if (saveParcel.mChangePrimaryUserId != null) { + + // keep track if we actually changed one + boolean ok = false; log.add(LogLevel.INFO, LogType.MSG_MF_UID_PRIMARY, indent); + indent += 1; // we work on the modifiedPublicKey here, to respect new or newly revoked uids // noinspection unchecked @@ -343,7 +355,7 @@ public class PgpKeyOperation { PGPSignature currentCert = null; // noinspection unchecked for (PGPSignature cert : new IterableIterator<PGPSignature>( - masterPublicKey.getSignaturesForID(userId))) { + modifiedPublicKey.getSignaturesForID(userId))) { // if it's not a self cert, never mind if (cert.getKeyID() != masterPublicKey.getKeyID()) { continue; @@ -373,7 +385,7 @@ public class PgpKeyOperation { // we definitely should not update certifications of revoked keys, so just leave it. if (isRevoked) { // revoked user ids cannot be primary! - if (userId.equals(saveParcel.changePrimaryUserId)) { + if (userId.equals(saveParcel.mChangePrimaryUserId)) { log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_REVOKED_PRIMARY, indent); return null; } @@ -383,14 +395,16 @@ public class PgpKeyOperation { // if this is~ the/a primary user id if (currentCert.hasSubpackets() && currentCert.getHashedSubPackets().isPrimaryUserID()) { // if it's the one we want, just leave it as is - if (userId.equals(saveParcel.changePrimaryUserId)) { + if (userId.equals(saveParcel.mChangePrimaryUserId)) { + ok = true; continue; } // otherwise, generate new non-primary certification + log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_REPLACE_OLD, indent); modifiedPublicKey = PGPPublicKey.removeCertification( modifiedPublicKey, userId, currentCert); PGPSignature newCert = generateUserIdSignature( - masterPrivateKey, masterPublicKey, userId, false); + masterPrivateKey, masterPublicKey, userId, false, masterKeyFlags); modifiedPublicKey = PGPPublicKey.addCertification( modifiedPublicKey, userId, newCert); continue; @@ -399,20 +413,28 @@ public class PgpKeyOperation { // if we are here, this is not currently a primary user id // if it should be - if (userId.equals(saveParcel.changePrimaryUserId)) { + if (userId.equals(saveParcel.mChangePrimaryUserId)) { // add shiny new primary user id certificate + log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_NEW, indent); modifiedPublicKey = PGPPublicKey.removeCertification( modifiedPublicKey, userId, currentCert); PGPSignature newCert = generateUserIdSignature( - masterPrivateKey, masterPublicKey, userId, true); + masterPrivateKey, masterPublicKey, userId, true, masterKeyFlags); modifiedPublicKey = PGPPublicKey.addCertification( modifiedPublicKey, userId, newCert); + ok = true; } // user id is not primary and is not supposed to be - nothing to do here. } + indent -= 1; + + if (!ok) { + log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NOEXIST_PRIMARY, indent); + return null; + } } // Update the secret key ring @@ -423,9 +445,16 @@ public class PgpKeyOperation { } // 4a. For each subkey change, generate new subkey binding certificate - for (SaveKeyringParcel.SubkeyChange change : saveParcel.changeSubKeys) { + for (SaveKeyringParcel.SubkeyChange change : saveParcel.mChangeSubKeys) { log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_CHANGE, indent, PgpKeyHelper.convertKeyIdToHex(change.mKeyId)); + + // TODO allow changes in master key? this implies generating new user id certs... + if (change.mKeyId == masterPublicKey.getKeyID()) { + Log.e(Constants.TAG, "changing the master key not supported"); + return null; + } + PGPSecretKey sKey = sKR.getSecretKey(change.mKeyId); if (sKey == null) { log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_MISSING, @@ -434,22 +463,45 @@ public class PgpKeyOperation { } PGPPublicKey pKey = sKey.getPublicKey(); - if (change.mExpiry != null && new Date(change.mExpiry).before(new Date())) { + // expiry must not be in the past + if (change.mExpiry != null && new Date(change.mExpiry*1000).before(new Date())) { log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_PAST_EXPIRY, indent + 1, PgpKeyHelper.convertKeyIdToHex(change.mKeyId)); return null; } - // generate and add new signature. we can be sloppy here and just leave the old one, - // it will be removed during canonicalization + // keep old flags, or replace with new ones + int flags = change.mFlags == null ? readKeyFlags(pKey) : change.mFlags; + long expiry; + if (change.mExpiry == null) { + long valid = pKey.getValidSeconds(); + expiry = valid == 0 + ? 0 + : pKey.getCreationTime().getTime() / 1000 + pKey.getValidSeconds(); + } else { + expiry = change.mExpiry; + } + + // drop all old signatures, they will be superseded by the new one + //noinspection unchecked + for (PGPSignature sig : new IterableIterator<PGPSignature>(pKey.getSignatures())) { + // special case: if there is a revocation, don't use expiry from before + if (change.mExpiry == null + && sig.getSignatureType() == PGPSignature.SUBKEY_REVOCATION) { + expiry = 0; + } + pKey = PGPPublicKey.removeCertification(pKey, sig); + } + + // generate and add new signature PGPSignature sig = generateSubkeyBindingSignature(masterPublicKey, masterPrivateKey, - sKey, pKey, change.mFlags, change.mExpiry, passphrase); + sKey, pKey, flags, expiry, passphrase); pKey = PGPPublicKey.addCertification(pKey, sig); sKR = PGPSecretKeyRing.insertSecretKey(sKR, PGPSecretKey.replacePublicKey(sKey, pKey)); } // 4b. For each subkey revocation, generate new subkey revocation certificate - for (long revocation : saveParcel.revokeSubKeys) { + for (long revocation : saveParcel.mRevokeSubKeys) { log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_REVOKE, indent, PgpKeyHelper.convertKeyIdToHex(revocation)); PGPSecretKey sKey = sKR.getSecretKey(revocation); @@ -468,10 +520,10 @@ public class PgpKeyOperation { } // 5. Generate and add new subkeys - for (SaveKeyringParcel.SubkeyAdd add : saveParcel.addSubKeys) { + for (SaveKeyringParcel.SubkeyAdd add : saveParcel.mAddSubKeys) { try { - if (add.mExpiry != null && new Date(add.mExpiry).before(new Date())) { + if (add.mExpiry != null && new Date(add.mExpiry*1000).before(new Date())) { log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_PAST_EXPIRY, indent +1); return null; } @@ -485,7 +537,7 @@ public class PgpKeyOperation { PGPPublicKey pKey = keyPair.getPublicKey(); PGPSignature cert = generateSubkeyBindingSignature( masterPublicKey, masterPrivateKey, keyPair.getPrivateKey(), pKey, - add.mFlags, add.mExpiry); + add.mFlags, add.mExpiry == null ? 0 : add.mExpiry); pKey = PGPPublicKey.addSubkeyBindingCertification(pKey, cert); PGPSecretKey sKey; { @@ -513,7 +565,7 @@ public class PgpKeyOperation { } // 6. If requested, change passphrase - if (saveParcel.newPassphrase != null) { + if (saveParcel.mNewPassphrase != null) { log.add(LogLevel.INFO, LogType.MSG_MF_PASSPHRASE, indent); PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build() .get(HashAlgorithmTags.SHA1); @@ -523,7 +575,7 @@ public class PgpKeyOperation { PBESecretKeyEncryptor keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder( PGPEncryptedData.CAST5, sha1Calc) .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build( - saveParcel.newPassphrase.toCharArray()); + saveParcel.mNewPassphrase.toCharArray()); sKR = PGPSecretKeyRing.copyWithNewPassword(sKR, keyDecryptor, keyEncryptorNew); } @@ -546,7 +598,7 @@ public class PgpKeyOperation { } private static PGPSignature generateUserIdSignature( - PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary) + PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary, int flags) throws IOException, PGPException, SignatureException { PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder( pKey.getAlgorithm(), PGPUtil.SHA1) @@ -558,6 +610,7 @@ public class PgpKeyOperation { subHashedPacketsGen.setPreferredHashAlgorithms(true, PREFERRED_HASH_ALGORITHMS); subHashedPacketsGen.setPreferredCompressionAlgorithms(true, PREFERRED_COMPRESSION_ALGORITHMS); subHashedPacketsGen.setPrimaryUserID(false, primary); + subHashedPacketsGen.setKeyFlags(false, flags); sGen.setHashedSubpackets(subHashedPacketsGen.generate()); sGen.init(PGPSignature.POSITIVE_CERTIFICATION, masterPrivateKey); return sGen.generateCertification(userId, pKey); @@ -599,7 +652,7 @@ public class PgpKeyOperation { private static PGPSignature generateSubkeyBindingSignature( PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey, - PGPSecretKey sKey, PGPPublicKey pKey, int flags, Long expiry, String passphrase) + PGPSecretKey sKey, PGPPublicKey pKey, int flags, long expiry, String passphrase) throws IOException, PGPException, SignatureException { PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder() .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build( @@ -611,7 +664,7 @@ public class PgpKeyOperation { private static PGPSignature generateSubkeyBindingSignature( PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey, - PGPPrivateKey subPrivateKey, PGPPublicKey pKey, int flags, Long expiry) + PGPPrivateKey subPrivateKey, PGPPublicKey pKey, int flags, long expiry) throws IOException, PGPException, SignatureException { // date for signing @@ -640,17 +693,9 @@ public class PgpKeyOperation { hashedPacketsGen.setKeyFlags(false, flags); } - if (expiry != null) { - Calendar creationDate = Calendar.getInstance(TimeZone.getTimeZone("UTC")); - creationDate.setTime(pKey.getCreationTime()); - - // (Just making sure there's no programming error here, this MUST have been checked above!) - if (new Date(expiry).before(todayDate)) { - throw new RuntimeException("Bad subkey creation date, this is a bug!"); - } - hashedPacketsGen.setKeyExpirationTime(false, expiry - creationDate.getTimeInMillis()); - } else { - hashedPacketsGen.setKeyExpirationTime(false, 0); + if (expiry > 0) { + long creationTime = pKey.getCreationTime().getTime() / 1000; + hashedPacketsGen.setKeyExpirationTime(false, expiry - creationTime); } PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder( @@ -665,4 +710,22 @@ public class PgpKeyOperation { } + /** Returns all flags valid for this key. + * + * This method does not do any validity checks on the signature, so it should not be used on + * a non-canonicalized key! + * + */ + private static int readKeyFlags(PGPPublicKey key) { + int flags = 0; + //noinspection unchecked + for(PGPSignature sig : new IterableIterator<PGPSignature>(key.getSignatures())) { + if (!sig.hasSubpackets()) { + continue; + } + flags |= sig.getHashedSubPackets().getKeyFlags(); + } + return flags; + } + } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java index 441e2762a..691e867b2 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java @@ -81,6 +81,10 @@ public class UncachedKeyRing { return new UncachedPublicKey(mRing.getPublicKey()); } + public UncachedPublicKey getPublicKey(long keyId) { + return new UncachedPublicKey(mRing.getPublicKey(keyId)); + } + public Iterator<UncachedPublicKey> getPublicKeys() { final Iterator<PGPPublicKey> it = mRing.getPublicKeys(); return new Iterator<UncachedPublicKey>() { @@ -558,7 +562,7 @@ public class UncachedKeyRing { // make sure the certificate checks out try { cert.init(masterKey); - if (!cert.verifySignature(key)) { + if (!cert.verifySignature(masterKey, key)) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, indent); badCerts += 1; continue; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java index 33db7771b..0bd2c2c02 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java @@ -9,6 +9,7 @@ import org.spongycastle.openpgp.PGPSignatureSubpacketVector; import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider; import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.util.IterableIterator; +import org.sufficientlysecure.keychain.util.Log; import java.security.SignatureException; import java.util.ArrayList; @@ -44,14 +45,19 @@ public class UncachedPublicKey { } public Date getExpiryTime() { - Date creationDate = getCreationTime(); - if (mPublicKey.getValidDays() == 0) { + long seconds = mPublicKey.getValidSeconds(); + if (seconds > Integer.MAX_VALUE) { + Log.e(Constants.TAG, "error, expiry time too large"); + return null; + } + if (seconds == 0) { // no expiry return null; } + Date creationDate = getCreationTime(); Calendar calendar = GregorianCalendar.getInstance(); calendar.setTime(creationDate); - calendar.add(Calendar.DATE, mPublicKey.getValidDays()); + calendar.add(Calendar.SECOND, (int) seconds); return calendar.getTime(); } @@ -77,26 +83,65 @@ public class UncachedPublicKey { return mPublicKey.getBitStrength(); } + /** Returns the primary user id, as indicated by the public key's self certificates. + * + * This is an expensive operation, since potentially a lot of certificates (and revocations) + * have to be checked, and even then the result is NOT guaranteed to be constant through a + * canonicalization operation. + * + * Returns null if there is no primary user id (as indicated by certificates) + * + */ public String getPrimaryUserId() { + String found = null; + PGPSignature foundSig = null; for (String userId : new IterableIterator<String>(mPublicKey.getUserIDs())) { + PGPSignature revocation = null; + for (PGPSignature sig : new IterableIterator<PGPSignature>(mPublicKey.getSignaturesForID(userId))) { - if (sig.getHashedSubPackets() != null - && sig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.PRIMARY_USER_ID)) { - try { + try { + + // if this is a revocation, this is not the user id + if (sig.getSignatureType() == PGPSignature.CERTIFICATION_REVOCATION) { + // make sure it's actually valid + sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider( + Constants.BOUNCY_CASTLE_PROVIDER_NAME), mPublicKey); + if (!sig.verifyCertification(userId, mPublicKey)) { + continue; + } + if (found != null && found.equals(userId)) { + found = null; + } + revocation = sig; + // this revocation may still be overridden by a newer cert + continue; + } + + if (sig.getHashedSubPackets() != null && sig.getHashedSubPackets().isPrimaryUserID()) { + if (foundSig != null && sig.getCreationTime().before(foundSig.getCreationTime())) { + continue; + } + // ignore if there is a newer revocation for this user id + if (revocation != null && sig.getCreationTime().before(revocation.getCreationTime())) { + continue; + } // make sure it's actually valid sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider( Constants.BOUNCY_CASTLE_PROVIDER_NAME), mPublicKey); if (sig.verifyCertification(userId, mPublicKey)) { - return userId; + found = userId; + foundSig = sig; + // this one can't be relevant anymore at this point + revocation = null; } - } catch (Exception e) { - // nothing bad happens, the key is just not considered the primary key id } - } + } catch (Exception e) { + // nothing bad happens, the key is just not considered the primary key id + } } } - return null; + return found; } public ArrayList<String> getUnorderedUserIds() { @@ -186,6 +231,21 @@ public class UncachedPublicKey { return mPublicKey; } + public Iterator<WrappedSignature> getSignatures() { + final Iterator<PGPSignature> it = mPublicKey.getSignatures(); + return new Iterator<WrappedSignature>() { + public void remove() { + it.remove(); + } + public WrappedSignature next() { + return new WrappedSignature(it.next()); + } + public boolean hasNext() { + return it.hasNext(); + } + }; + } + public Iterator<WrappedSignature> getSignaturesForId(String userId) { final Iterator<PGPSignature> it = mPublicKey.getSignaturesForID(userId); return new Iterator<WrappedSignature>() { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java index 6f3068261..2fcd05204 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java @@ -101,8 +101,8 @@ public abstract class WrappedKeyRing extends KeyRing { abstract public IterableIterator<WrappedPublicKey> publicKeyIterator(); - public UncachedKeyRing getUncached() { - return new UncachedKeyRing(getRing()); + public byte[] getEncoded() throws IOException { + return getRing().getEncoded(); } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java index 196ac1dee..c87b23222 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java @@ -15,6 +15,7 @@ import org.sufficientlysecure.keychain.util.Log; import java.io.IOException; import java.security.SignatureException; +import java.util.ArrayList; import java.util.Date; /** OpenKeychain wrapper around PGPSignature objects. @@ -55,6 +56,31 @@ public class WrappedSignature { return mSig.getCreationTime(); } + public ArrayList<WrappedSignature> getEmbeddedSignatures() { + ArrayList<WrappedSignature> sigs = new ArrayList<WrappedSignature>(); + if (!mSig.hasSubpackets()) { + return sigs; + } + try { + PGPSignatureList list; + list = mSig.getHashedSubPackets().getEmbeddedSignatures(); + for(int i = 0; i < list.size(); i++) { + sigs.add(new WrappedSignature(list.get(i))); + } + list = mSig.getUnhashedSubPackets().getEmbeddedSignatures(); + for(int i = 0; i < list.size(); i++) { + sigs.add(new WrappedSignature(list.get(i))); + } + } catch (PGPException e) { + // no matter + Log.e(Constants.TAG, "exception reading embedded signatures", e); + } catch (IOException e) { + // no matter + Log.e(Constants.TAG, "exception reading embedded signatures", e); + } + return sigs; + } + public byte[] getEncoded() throws IOException { return mSig.getEncoded(); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index b5609a327..c338c9d95 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -450,8 +450,7 @@ public class ProviderHelper { if (cert.verifySignature(masterKey, userId)) { item.trustedCerts.add(cert); log(LogLevel.INFO, LogType.MSG_IP_UID_CERT_GOOD, - PgpKeyHelper.convertKeyIdToHexShort(trustedKey.getKeyId()), - trustedKey.getPrimaryUserId() + PgpKeyHelper.convertKeyIdToHexShort(trustedKey.getKeyId()) ); } else { log(LogLevel.WARN, LogType.MSG_IP_UID_CERT_BAD); @@ -670,7 +669,7 @@ public class ProviderHelper { // If there is an old keyring, merge it try { - UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncached(); + UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing(); // Merge data from new public ring into the old one publicRing = oldPublicRing.merge(publicRing, mLog, mIndent); @@ -706,7 +705,7 @@ public class ProviderHelper { // If there is a secret key, merge new data (if any) and save the key for later UncachedKeyRing secretRing; try { - secretRing = getWrappedSecretKeyRing(publicRing.getMasterKeyId()).getUncached(); + secretRing = getWrappedSecretKeyRing(publicRing.getMasterKeyId()).getUncachedKeyRing(); // Merge data from new public ring into secret one secretRing = secretRing.merge(publicRing, mLog, mIndent); @@ -754,7 +753,7 @@ public class ProviderHelper { // If there is an old secret key, merge it. try { - UncachedKeyRing oldSecretRing = getWrappedSecretKeyRing(masterKeyId).getUncached(); + UncachedKeyRing oldSecretRing = getWrappedSecretKeyRing(masterKeyId).getUncachedKeyRing(); // Merge data from new secret ring into old one secretRing = oldSecretRing.merge(secretRing, mLog, mIndent); @@ -791,7 +790,7 @@ public class ProviderHelper { // Merge new data into public keyring as well, if there is any UncachedKeyRing publicRing; try { - UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncached(); + UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing(); // Merge data from new public ring into secret one publicRing = oldPublicRing.merge(secretRing, mLog, mIndent); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index c4c31bdad..172e1418f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -349,9 +349,9 @@ public class KeychainIntentService extends IntentService providerHelper.saveSecretKeyRing(ring, new ProgressScaler(this, 10, 95, 100)); // cache new passphrase - if (saveParcel.newPassphrase != null) { + if (saveParcel.mNewPassphrase != null) { PassphraseCacheService.addCachedPassphrase(this, ring.getMasterKeyId(), - saveParcel.newPassphrase); + saveParcel.mNewPassphrase); } } catch (ProviderHelper.NotFoundException e) { sendErrorToHandler(e); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java index f868d931c..c160da483 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java @@ -9,6 +9,7 @@ import org.sufficientlysecure.keychain.util.IterableIterator; import org.sufficientlysecure.keychain.util.Log; import java.util.ArrayList; +import java.util.Arrays; import java.util.Iterator; import java.util.List; @@ -70,9 +71,6 @@ public class OperationResultParcel implements Parcelable { mParameters = parameters; mIndent = indent; } - public LogEntryParcel(LogLevel level, LogType type, Object... parameters) { - this(level, type, 0, parameters); - } public LogEntryParcel(Parcel source) { mLevel = LogLevel.values()[source.readInt()]; @@ -104,6 +102,15 @@ public class OperationResultParcel implements Parcelable { } }; + @Override + public String toString() { + return "LogEntryParcel{" + + "mLevel=" + mLevel + + ", mType=" + mType + + ", mParameters=" + Arrays.toString(mParameters) + + ", mIndent=" + mIndent + + '}'; + } } /** This is an enum of all possible log events. @@ -237,7 +244,9 @@ public class OperationResultParcel implements Parcelable { MSG_MG_FOUND_NEW (R.string.msg_mg_found_new), // secret key create - MSG_CR_ERROR_NO_MASTER (R.string.msg_mr), + MSG_CR (R.string.msg_cr), + MSG_CR_ERROR_NO_MASTER (R.string.msg_cr_error_no_master), + MSG_CR_ERROR_NO_CERTIFY (R.string.msg_cr_error_no_certify), // secret key modify MSG_MF (R.string.msg_mr), @@ -245,10 +254,13 @@ public class OperationResultParcel implements Parcelable { MSG_MF_ERROR_FINGERPRINT (R.string.msg_mf_error_fingerprint), MSG_MF_ERROR_KEYID (R.string.msg_mf_error_keyid), MSG_MF_ERROR_INTEGRITY (R.string.msg_mf_error_integrity), + MSG_MF_ERROR_NOEXIST_PRIMARY (R.string.msg_mf_error_noexist_primary), MSG_MF_ERROR_REVOKED_PRIMARY (R.string.msg_mf_error_revoked_primary), MSG_MF_ERROR_PGP (R.string.msg_mf_error_pgp), MSG_MF_ERROR_SIG (R.string.msg_mf_error_sig), MSG_MF_PASSPHRASE (R.string.msg_mf_passphrase), + MSG_MF_PRIMARY_REPLACE_OLD (R.string.msg_mf_primary_replace_old), + MSG_MF_PRIMARY_NEW (R.string.msg_mf_primary_new), MSG_MF_SUBKEY_CHANGE (R.string.msg_mf_subkey_change), MSG_MF_SUBKEY_MISSING (R.string.msg_mf_subkey_missing), MSG_MF_SUBKEY_NEW_ID (R.string.msg_mf_subkey_new_id), @@ -314,6 +326,7 @@ public class OperationResultParcel implements Parcelable { } public void add(LogLevel level, LogType type, int indent) { + Log.d(Constants.TAG, type.toString()); mParcels.add(new OperationResultParcel.LogEntryParcel(level, type, indent, (Object[]) null)); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java index a56095767..5e90b396e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java @@ -27,23 +27,19 @@ public class SaveKeyringParcel implements Parcelable { // the key fingerprint, for safety. MUST be null for a new key. public byte[] mFingerprint; - public String newPassphrase; + public String mNewPassphrase; - public ArrayList<String> addUserIds; - public ArrayList<SubkeyAdd> addSubKeys; + public ArrayList<String> mAddUserIds; + public ArrayList<SubkeyAdd> mAddSubKeys; - public ArrayList<SubkeyChange> changeSubKeys; - public String changePrimaryUserId; + public ArrayList<SubkeyChange> mChangeSubKeys; + public String mChangePrimaryUserId; - public ArrayList<String> revokeUserIds; - public ArrayList<Long> revokeSubKeys; + public ArrayList<String> mRevokeUserIds; + public ArrayList<Long> mRevokeSubKeys; public SaveKeyringParcel() { - addUserIds = new ArrayList<String>(); - addSubKeys = new ArrayList<SubkeyAdd>(); - changeSubKeys = new ArrayList<SubkeyChange>(); - revokeUserIds = new ArrayList<String>(); - revokeSubKeys = new ArrayList<Long>(); + reset(); } public SaveKeyringParcel(long masterKeyId, byte[] fingerprint) { @@ -52,6 +48,16 @@ public class SaveKeyringParcel implements Parcelable { mFingerprint = fingerprint; } + public void reset() { + mNewPassphrase = null; + mAddUserIds = new ArrayList<String>(); + mAddSubKeys = new ArrayList<SubkeyAdd>(); + mChangePrimaryUserId = null; + mChangeSubKeys = new ArrayList<SubkeyChange>(); + mRevokeUserIds = new ArrayList<String>(); + mRevokeSubKeys = new ArrayList<Long>(); + } + // performance gain for using Parcelable here would probably be negligible, // use Serializable instead. public static class SubkeyAdd implements Serializable { @@ -70,6 +76,7 @@ public class SaveKeyringParcel implements Parcelable { public static class SubkeyChange implements Serializable { public long mKeyId; public Integer mFlags; + // this is a long unix timestamp, in seconds (NOT MILLISECONDS!) public Long mExpiry; public SubkeyChange(long keyId, Integer flags, Long expiry) { mKeyId = keyId; @@ -82,16 +89,16 @@ public class SaveKeyringParcel implements Parcelable { mMasterKeyId = source.readInt() != 0 ? source.readLong() : null; mFingerprint = source.createByteArray(); - newPassphrase = source.readString(); + mNewPassphrase = source.readString(); - addUserIds = source.createStringArrayList(); - addSubKeys = (ArrayList<SubkeyAdd>) source.readSerializable(); + mAddUserIds = source.createStringArrayList(); + mAddSubKeys = (ArrayList<SubkeyAdd>) source.readSerializable(); - changeSubKeys = (ArrayList<SubkeyChange>) source.readSerializable(); - changePrimaryUserId = source.readString(); + mChangeSubKeys = (ArrayList<SubkeyChange>) source.readSerializable(); + mChangePrimaryUserId = source.readString(); - revokeUserIds = source.createStringArrayList(); - revokeSubKeys = (ArrayList<Long>) source.readSerializable(); + mRevokeUserIds = source.createStringArrayList(); + mRevokeSubKeys = (ArrayList<Long>) source.readSerializable(); } @Override @@ -102,16 +109,16 @@ public class SaveKeyringParcel implements Parcelable { } destination.writeByteArray(mFingerprint); - destination.writeString(newPassphrase); + destination.writeString(mNewPassphrase); - destination.writeStringList(addUserIds); - destination.writeSerializable(addSubKeys); + destination.writeStringList(mAddUserIds); + destination.writeSerializable(mAddSubKeys); - destination.writeSerializable(changeSubKeys); - destination.writeString(changePrimaryUserId); + destination.writeSerializable(mChangeSubKeys); + destination.writeString(mChangePrimaryUserId); - destination.writeStringList(revokeUserIds); - destination.writeSerializable(revokeSubKeys); + destination.writeStringList(mRevokeUserIds); + destination.writeSerializable(mRevokeSubKeys); } public static final Creator<SaveKeyringParcel> CREATOR = new Creator<SaveKeyringParcel>() { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java deleted file mode 100644 index a565f0707..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java +++ /dev/null @@ -1,56 +0,0 @@ -package org.sufficientlysecure.keychain.testsupport; - -import android.content.Context; - -import org.sufficientlysecure.keychain.pgp.NullProgressable; -import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; -import org.sufficientlysecure.keychain.provider.ProviderHelper; -import org.sufficientlysecure.keychain.service.OperationResults; - -import java.util.Collection; - -/** - * Helper for tests of the Keyring import in ProviderHelper. - */ -public class KeyringTestingHelper { - - private final Context context; - - public KeyringTestingHelper(Context robolectricContext) { - this.context = robolectricContext; - } - - public boolean addKeyring(Collection<String> blobFiles) throws Exception { - - ProviderHelper providerHelper = new ProviderHelper(context); - - byte[] data = TestDataUtil.readAllFully(blobFiles); - UncachedKeyRing ring = UncachedKeyRing.decodeFromData(data); - long masterKeyId = ring.getMasterKeyId(); - - // Should throw an exception; key is not yet saved - retrieveKeyAndExpectNotFound(providerHelper, masterKeyId); - - OperationResults.SaveKeyringResult saveKeyringResult = providerHelper.savePublicKeyRing(ring, new NullProgressable()); - - boolean saveSuccess = saveKeyringResult.success(); - - // Now re-retrieve the saved key. Should not throw an exception. - providerHelper.getWrappedPublicKeyRing(masterKeyId); - - // A different ID should still fail - retrieveKeyAndExpectNotFound(providerHelper, masterKeyId - 1); - - return saveSuccess; - } - - - private void retrieveKeyAndExpectNotFound(ProviderHelper providerHelper, long masterKeyId) { - try { - providerHelper.getWrappedPublicKeyRing(masterKeyId); - throw new AssertionError("Was expecting the previous call to fail!"); - } catch (ProviderHelper.NotFoundException expectedException) { - // good - } - } -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java deleted file mode 100644 index 1ab5878cc..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java +++ /dev/null @@ -1,49 +0,0 @@ -package org.sufficientlysecure.keychain.testsupport; - -import android.content.Context; - -import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify; -import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyResult; -import org.sufficientlysecure.keychain.provider.ProviderHelper; -import org.sufficientlysecure.keychain.util.InputData; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.InputStream; -import java.io.OutputStream; - -/** - * For functional tests of PgpDecryptVerify - */ -public class PgpVerifyTestingHelper { - - private final Context context; - - public PgpVerifyTestingHelper(Context robolectricContext) { - this.context = robolectricContext; - } - - public int doTestFile(String testFileName) throws Exception { - ProviderHelper providerHelper = new ProviderHelperStub(context); - - PgpDecryptVerify.PassphraseCache passphraseCache = new PgpDecryptVerify.PassphraseCache() { - public String getCachedPassphrase(long masterKeyId) { - return "I am a passphrase"; - } - }; - - byte[] sampleInputBytes = TestDataUtil.readFully(getClass().getResourceAsStream(testFileName)); - - InputStream sampleInput = new ByteArrayInputStream(sampleInputBytes); - - InputData data = new InputData(sampleInput, sampleInputBytes.length); - OutputStream outStream = new ByteArrayOutputStream(); - - PgpDecryptVerify verify = new PgpDecryptVerify.Builder(providerHelper, passphraseCache, data, outStream).build(); - PgpDecryptVerifyResult result = verify.execute(); - - return result.getSignatureResult().getStatus(); - } - - -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java deleted file mode 100644 index c6d834bf9..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java +++ /dev/null @@ -1,22 +0,0 @@ -package org.sufficientlysecure.keychain.testsupport; - -import android.content.Context; -import android.net.Uri; - -import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing; -import org.sufficientlysecure.keychain.provider.ProviderHelper; - -/** - * Created by art on 21/06/14. - */ -class ProviderHelperStub extends ProviderHelper { - public ProviderHelperStub(Context context) { - super(context); - } - - @Override - public WrappedPublicKeyRing getWrappedPublicKeyRing(Uri id) throws NotFoundException { - byte[] data = TestDataUtil.readFully(getClass().getResourceAsStream("/public-key-for-sample.blob")); - return new WrappedPublicKeyRing(data, false, 0); - } -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java deleted file mode 100644 index 9e6ede761..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java +++ /dev/null @@ -1,44 +0,0 @@ -package org.sufficientlysecure.keychain.testsupport; - -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.util.Collection; - -/** - * Misc support functions. Would just use Guava / Apache Commons but - * avoiding extra dependencies. - */ -public class TestDataUtil { - public static byte[] readFully(InputStream input) { - ByteArrayOutputStream output = new ByteArrayOutputStream(); - appendToOutput(input, output); - return output.toByteArray(); - } - - private static void appendToOutput(InputStream input, ByteArrayOutputStream output) { - byte[] buffer = new byte[8192]; - int bytesRead; - try { - while ((bytesRead = input.read(buffer)) != -1) { - output.write(buffer, 0, bytesRead); - } - } catch (IOException e) { - throw new RuntimeException(e); - } - } - - public static byte[] readAllFully(Collection<String> inputResources) { - ByteArrayOutputStream output = new ByteArrayOutputStream(); - - for (String inputResource : inputResources) { - appendToOutput(getResourceAsStream(inputResource), output); - } - return output.toByteArray(); - } - - - public static InputStream getResourceAsStream(String resourceName) { - return TestDataUtil.class.getResourceAsStream(resourceName); - } -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java deleted file mode 100644 index 1cc0f9a95..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java +++ /dev/null @@ -1,7 +0,0 @@ -/** - * Test support classes. - * This is only in main code because of gradle-Android Studio-robolectric issues. Having - * classes in main code means IDE autocomplete, class detection, etc., all works. - * TODO Move into test package when possible - */ -package org.sufficientlysecure.keychain.testsupport; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyActivityOld.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyActivityOld.java index 51457cd45..d9deb802c 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyActivityOld.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyActivityOld.java @@ -556,7 +556,7 @@ public class EditKeyActivityOld extends ActionBarActivity implements EditorListe saveParams.deletedKeys = mKeysView.getDeletedKeys(); saveParams.keysExpiryDates = getKeysExpiryDates(mKeysView); saveParams.keysUsages = getKeysUsages(mKeysView); - saveParams.newPassphrase = mNewPassphrase; + saveParams.mNewPassphrase = mNewPassphrase; saveParams.oldPassphrase = mCurrentPassphrase; saveParams.newKeys = toPrimitiveArray(mKeysView.getNewKeysArray()); saveParams.keys = getKeys(mKeysView); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java index 78ccafcbc..4998ced58 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java @@ -226,7 +226,7 @@ public class EditKeyFragment extends LoaderFragment implements } }); - mSubkeysAddedAdapter = new SubkeysAddedAdapter(getActivity(), mSaveKeyringParcel.addSubKeys); + mSubkeysAddedAdapter = new SubkeysAddedAdapter(getActivity(), mSaveKeyringParcel.mAddSubKeys); mSubkeysAddedList.setAdapter(mSubkeysAddedAdapter); // Prepare the loaders. Either re-connect with an existing ones, @@ -296,7 +296,7 @@ public class EditKeyFragment extends LoaderFragment implements Bundle data = message.getData(); // cache new returned passphrase! - mSaveKeyringParcel.newPassphrase = data + mSaveKeyringParcel.mNewPassphrase = data .getString(SetPassphraseDialogFragment.MESSAGE_NEW_PASSPHRASE); } } @@ -318,19 +318,19 @@ public class EditKeyFragment extends LoaderFragment implements switch (message.what) { case EditUserIdDialogFragment.MESSAGE_CHANGE_PRIMARY_USER_ID: // toggle - if (mSaveKeyringParcel.changePrimaryUserId != null - && mSaveKeyringParcel.changePrimaryUserId.equals(userId)) { - mSaveKeyringParcel.changePrimaryUserId = null; + if (mSaveKeyringParcel.mChangePrimaryUserId != null + && mSaveKeyringParcel.mChangePrimaryUserId.equals(userId)) { + mSaveKeyringParcel.mChangePrimaryUserId = null; } else { - mSaveKeyringParcel.changePrimaryUserId = userId; + mSaveKeyringParcel.mChangePrimaryUserId = userId; } break; case EditUserIdDialogFragment.MESSAGE_REVOKE: // toggle - if (mSaveKeyringParcel.revokeUserIds.contains(userId)) { - mSaveKeyringParcel.revokeUserIds.remove(userId); + if (mSaveKeyringParcel.mRevokeUserIds.contains(userId)) { + mSaveKeyringParcel.mRevokeUserIds.remove(userId); } else { - mSaveKeyringParcel.revokeUserIds.add(userId); + mSaveKeyringParcel.mRevokeUserIds.add(userId); } break; } @@ -367,10 +367,10 @@ public class EditKeyFragment extends LoaderFragment implements break; case EditSubkeyDialogFragment.MESSAGE_REVOKE: // toggle - if (mSaveKeyringParcel.revokeSubKeys.contains(keyId)) { - mSaveKeyringParcel.revokeSubKeys.remove(keyId); + if (mSaveKeyringParcel.mRevokeSubKeys.contains(keyId)) { + mSaveKeyringParcel.mRevokeSubKeys.remove(keyId); } else { - mSaveKeyringParcel.revokeSubKeys.add(keyId); + mSaveKeyringParcel.mRevokeSubKeys.add(keyId); } break; } @@ -423,9 +423,9 @@ public class EditKeyFragment extends LoaderFragment implements private void save(String passphrase) { Log.d(Constants.TAG, "add userids to parcel: " + mUserIdsAddedAdapter.getDataAsStringList()); - Log.d(Constants.TAG, "mSaveKeyringParcel.newPassphrase: " + mSaveKeyringParcel.newPassphrase); + Log.d(Constants.TAG, "mSaveKeyringParcel.mNewPassphrase: " + mSaveKeyringParcel.mNewPassphrase); - mSaveKeyringParcel.addUserIds = mUserIdsAddedAdapter.getDataAsStringList(); + mSaveKeyringParcel.mAddUserIds = mUserIdsAddedAdapter.getDataAsStringList(); // Message is received after importing is done in KeychainIntentService KeychainIntentServiceHandler saveHandler = new KeychainIntentServiceHandler( @@ -481,4 +481,4 @@ public class EditKeyFragment extends LoaderFragment implements // start service with intent getActivity().startService(intent); } -}
\ No newline at end of file +} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java index 849576284..da9986890 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java @@ -32,8 +32,6 @@ import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants.choice.algorithm; import org.sufficientlysecure.keychain.R; import org.sufficientlysecure.keychain.helper.ExportHelper; -import org.sufficientlysecure.keychain.helper.OtherHelper; -import org.sufficientlysecure.keychain.keyimport.ImportKeysListEntry; import org.sufficientlysecure.keychain.provider.KeychainContract; import org.sufficientlysecure.keychain.provider.KeychainDatabase; import org.sufficientlysecure.keychain.service.KeychainIntentService; @@ -43,7 +41,6 @@ import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd; import org.sufficientlysecure.keychain.util.Log; import java.io.IOException; -import java.util.ArrayList; public class KeyListActivity extends DrawerActivity { @@ -153,10 +150,10 @@ public class KeyListActivity extends DrawerActivity { Bundle data = new Bundle(); SaveKeyringParcel parcel = new SaveKeyringParcel(); - parcel.addSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null)); - parcel.addSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null)); - parcel.addUserIds.add("swagerinho"); - parcel.newPassphrase = "swag"; + parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null)); + parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null)); + parcel.mAddUserIds.add("swagerinho"); + parcel.mNewPassphrase = "swag"; // get selected key entries data.putParcelable(KeychainIntentService.SAVE_KEYRING_PARCEL, parcel); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java index 601fc09f9..7a2233524 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java @@ -328,7 +328,7 @@ public class WizardActivity extends ActionBarActivity { && isEditTextNotEmpty(this, passphraseEdit)) { // SaveKeyringParcel newKey = new SaveKeyringParcel(); -// newKey.addUserIds.add(nameEdit.getText().toString() + " <" +// newKey.mAddUserIds.add(nameEdit.getText().toString() + " <" // + emailEdit.getText().toString() + ">"); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java index ccc5960c8..e5dbebe01 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java @@ -143,7 +143,7 @@ public class SubkeysAdapter extends CursorAdapter { // for edit key if (mSaveKeyringParcel != null) { - boolean revokeThisSubkey = (mSaveKeyringParcel.revokeSubKeys.contains(keyId)); + boolean revokeThisSubkey = (mSaveKeyringParcel.mRevokeSubKeys.contains(keyId)); if (revokeThisSubkey) { if (!isRevoked) { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java index 10e299ae3..18312660a 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java @@ -131,10 +131,10 @@ public class UserIdsAdapter extends CursorAdapter implements AdapterView.OnItemC // for edit key if (mSaveKeyringParcel != null) { - boolean changeAnyPrimaryUserId = (mSaveKeyringParcel.changePrimaryUserId != null); - boolean changeThisPrimaryUserId = (mSaveKeyringParcel.changePrimaryUserId != null - && mSaveKeyringParcel.changePrimaryUserId.equals(userId)); - boolean revokeThisUserId = (mSaveKeyringParcel.revokeUserIds.contains(userId)); + boolean changeAnyPrimaryUserId = (mSaveKeyringParcel.mChangePrimaryUserId != null); + boolean changeThisPrimaryUserId = (mSaveKeyringParcel.mChangePrimaryUserId != null + && mSaveKeyringParcel.mChangePrimaryUserId.equals(userId)); + boolean revokeThisUserId = (mSaveKeyringParcel.mRevokeUserIds.contains(userId)); // only if primary user id will be changed // (this is not triggered if the user id is currently the primary one) diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index 274309fd0..d8e102b04 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -510,7 +510,7 @@ <string name="cert_casual">casual</string> <string name="cert_positive">positive</string> <string name="cert_revoke">revoked</string> - <string name="cert_verify_ok">ok</string> + <string name="cert_verify_ok">OK</string> <string name="cert_verify_failed">failed!</string> <string name="cert_verify_error">error!</string> <string name="cert_verify_unavailable">key unavailable</string> @@ -555,7 +555,7 @@ <string name="msg_ip_reinsert_secret">Re-inserting secret key</string> <string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string> <string name="msg_ip_uid_cert_error">Error processing certificate!</string> - <string name="msg_ip_uid_cert_good">User id is certified by %1$s (%2$s)</string> + <string name="msg_ip_uid_cert_good">User id is certified by %1$s</string> <plurals name="msg_ip_uid_certs_unknown"> <item quantity="one">Ignoring one certificate issued by an unknown public key</item> <item quantity="other">Ignoring %s certificates issued by unknown public keys</item> @@ -637,16 +637,24 @@ <string name="msg_mg_new_subkey">Adding new subkey %s</string> <string name="msg_mg_found_new">Found %s new certificates in keyring</string> + <!-- createSecretKeyRing --> + <string name="msg_cr">Generating new master key</string> + <string name="msg_cr_error_no_master">No master key options specified!</string> + <string name="msg_cr_error_no_certify">Master key must have certify flag!</string> + <!-- modifySecretKeyRing --> <string name="msg_mr">Modifying keyring %s</string> <string name="msg_mf_error_encode">Encoding exception!</string> <string name="msg_mf_error_fingerprint">Actual key fingerprint does not match the expected one!</string> <string name="msg_mf_error_keyid">No key ID. This is an internal error, please file a bug report!</string> <string name="msg_mf_error_integrity">Internal error, integrity check failed!</string> + <string name="msg_mf_error_noexist_primary">Bad primary user id specified!</string> <string name="msg_mf_error_revoked_primary">Revoked user ids cannot be primary!</string> <string name="msg_mf_error_pgp">PGP internal exception!</string> <string name="msg_mf_error_sig">Signature exception!</string> <string name="msg_mf_passphrase">Changing passphrase</string> + <string name="msg_mf_primary_replace_old">Replacing certificate of previous primary user id</string> + <string name="msg_mf_primary_new">Generating new certificate for new primary user id</string> <string name="msg_mf_subkey_change">Modifying subkey %s</string> <string name="msg_mf_subkey_missing">Tried to operate on missing subkey %s!</string> <string name="msg_mf_subkey_new">Generating new %1$s bit %2$s subkey</string> diff --git a/OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java b/OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java deleted file mode 100644 index d759bce05..000000000 --- a/OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java +++ /dev/null @@ -1,36 +0,0 @@ -package tests; - -import org.junit.Assert; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.robolectric.*; -import org.openintents.openpgp.OpenPgpSignatureResult; -import org.sufficientlysecure.keychain.testsupport.PgpVerifyTestingHelper; - -@RunWith(RobolectricTestRunner.class) -@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19 -public class PgpDecryptVerifyTest { - - @Test - public void testVerifySuccess() throws Exception { - - String testFileName = "/sample.txt"; - int expectedSignatureResult = OpenPgpSignatureResult.SIGNATURE_SUCCESS_UNCERTIFIED; - - int status = new PgpVerifyTestingHelper(Robolectric.application).doTestFile(testFileName); - - Assert.assertEquals(expectedSignatureResult, status); - } - - @Test - public void testVerifyFailure() throws Exception { - - String testFileName = "/sample-altered.txt"; - int expectedSignatureResult = OpenPgpSignatureResult.SIGNATURE_ERROR; - - int status = new PgpVerifyTestingHelper(Robolectric.application).doTestFile(testFileName); - - Assert.assertEquals(expectedSignatureResult, status); - } - -} diff --git a/OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java b/OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java deleted file mode 100644 index 3d48c2f97..000000000 --- a/OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java +++ /dev/null @@ -1,86 +0,0 @@ -package tests; - -import java.util.Collections; -import java.util.Arrays; -import java.util.Collection; -import java.util.ArrayList; - -import org.junit.Assert; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.robolectric.*; -import org.openintents.openpgp.OpenPgpSignatureResult; -import org.sufficientlysecure.keychain.testsupport.KeyringTestingHelper; -import org.sufficientlysecure.keychain.testsupport.PgpVerifyTestingHelper; - -@RunWith(RobolectricTestRunner.class) -@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19 -public class ProviderHelperKeyringTest { - - @Test - public void testSavePublicKeyring() throws Exception { - Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(Collections.singleton( - "/public-key-for-sample.blob" - ))); - } - - @Test - public void testSavePublicKeyringRsa() throws Exception { - Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList( - "000001-006.public_key", - "000002-013.user_id", - "000003-002.sig", - "000004-012.ring_trust", - "000005-002.sig", - "000006-012.ring_trust", - "000007-002.sig", - "000008-012.ring_trust", - "000009-002.sig", - "000010-012.ring_trust", - "000011-002.sig", - "000012-012.ring_trust", - "000013-014.public_subkey", - "000014-002.sig", - "000015-012.ring_trust" - )))); - } - - @Test - public void testSavePublicKeyringDsa() throws Exception { - Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList( - "000016-006.public_key", - "000017-002.sig", - "000018-012.ring_trust", - "000019-013.user_id", - "000020-002.sig", - "000021-012.ring_trust", - "000022-002.sig", - "000023-012.ring_trust", - "000024-014.public_subkey", - "000025-002.sig", - "000026-012.ring_trust" - )))); - } - - @Test - public void testSavePublicKeyringDsa2() throws Exception { - Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList( - "000027-006.public_key", - "000028-002.sig", - "000029-012.ring_trust", - "000030-013.user_id", - "000031-002.sig", - "000032-012.ring_trust", - "000033-002.sig", - "000034-012.ring_trust" - )))); - } - - private static Collection<String> prependResourcePath(Collection<String> files) { - Collection<String> prependedFiles = new ArrayList<String>(); - for (String file: files) { - prependedFiles.add("/extern/OpenPGP-Haskell/tests/data/" + file); - } - return prependedFiles; - } -} diff --git a/OpenKeychain/src/test/resources/extern/OpenPGP-Haskell b/OpenKeychain/src/test/resources/extern/OpenPGP-Haskell deleted file mode 160000 -Subproject eba7e4fdce3de6622b4ec3862b405b0acd01637 diff --git a/OpenKeychain/src/test/resources/public-key-for-sample.blob b/OpenKeychain/src/test/resources/public-key-for-sample.blob Binary files differdeleted file mode 100644 index 4aa91510b..000000000 --- a/OpenKeychain/src/test/resources/public-key-for-sample.blob +++ /dev/null diff --git a/OpenKeychain/src/test/resources/sample-altered.txt b/OpenKeychain/src/test/resources/sample-altered.txt deleted file mode 100644 index 458821f81..000000000 --- a/OpenKeychain/src/test/resources/sample-altered.txt +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -This is a simple text document, which is used to illustrate -the concept of signing simple text files. There are no -control characters or special formatting commands in this -text, just simple printable ASCII characters. -MALICIOUS TEXT -To make this a slightly less uninteresting document, there -follows a short shopping list. - - eggs, 1 doz - milk, 1 gal - bacon, 1 lb - olive oil - bread, 1 loaf - -That's all there is to this document. - ------BEGIN PGP SIGNATURE----- -Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com> - -iQA/AwUBN78ib3S9RCOKzj55EQKqDACg1NV2/iyPKrDlOVJvJwz6ArcQ0UQAnjNC -CDxKAFyaaGa835l1vpbFkAJk -=3r/N ------END PGP SIGNATURE----- diff --git a/OpenKeychain/src/test/resources/sample.txt b/OpenKeychain/src/test/resources/sample.txt deleted file mode 100644 index c0065f78d..000000000 --- a/OpenKeychain/src/test/resources/sample.txt +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -This is a simple text document, which is used to illustrate -the concept of signing simple text files. There are no -control characters or special formatting commands in this -text, just simple printable ASCII characters. - -To make this a slightly less uninteresting document, there -follows a short shopping list. - - eggs, 1 doz - milk, 1 gal - bacon, 1 lb - olive oil - bread, 1 loaf - -That's all there is to this document. - ------BEGIN PGP SIGNATURE----- -Version: PGPfreeware 5.5.5 for non-commercial use <http://www.nai.com> - -iQA/AwUBN78ib3S9RCOKzj55EQKqDACg1NV2/iyPKrDlOVJvJwz6ArcQ0UQAnjNC -CDxKAFyaaGa835l1vpbFkAJk -=3r/N ------END PGP SIGNATURE----- |