From 109bea754207e960a22eaea7df819273df51112f Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Mon, 16 Jun 2014 22:00:19 +0200 Subject: import-log: distinguish master/subkeys, distinguish redundant/bad certs, more docs --- .../keychain/pgp/UncachedKeyRing.java | 99 +++++++++++++--------- .../keychain/provider/ProviderHelper.java | 64 +++++++++----- .../keychain/service/OperationResultParcel.java | 40 +++++++-- OpenKeychain/src/main/res/values/strings.xml | 26 ++++-- 4 files changed, 150 insertions(+), 79 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java index e309ed632..9b9818c2f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java @@ -185,7 +185,12 @@ public class UncachedKeyRing { * - Remove all non-verifying self-certificates * - Remove all "future" self-certificates * - Remove all certificates flagged as "local" - * - Remove all certificates which are superseded by a newer one on the same target + * - Remove all certificates which are superseded by a newer one on the same target, + * including revocations with later re-certifications. + * - Remove all certificates of unknown type: + * - key revocation signatures on the master key + * - subkey binding signatures for subkeys + * - certifications and certification revocations for user ids * * After this cleaning, a number of checks are done: TODO implement * - See if each subkey retains a valid self certificate @@ -208,7 +213,7 @@ public class UncachedKeyRing { final Date now = new Date(); - int removedCerts = 0; + int redundantCerts = 0, badCerts = 0; PGPPublicKeyRing ring = (PGPPublicKeyRing) mRing; PGPPublicKey masterKey = mRing.getPublicKey(); @@ -240,7 +245,7 @@ public class UncachedKeyRing { "0x" + Integer.toString(type, 16) }, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -248,7 +253,7 @@ public class UncachedKeyRing { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -256,7 +261,7 @@ public class UncachedKeyRing { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -265,13 +270,13 @@ public class UncachedKeyRing { if (!cert.verifySignature(masterKey)) { log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } } catch (PgpGeneralException e) { log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_ERR, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -281,12 +286,12 @@ public class UncachedKeyRing { // more revocations? at least one is superfluous, then. } else if (revocation.getCreationTime().before(zert.getCreationTime())) { modified = PGPPublicKey.removeCertification(modified, revocation); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent); revocation = zert; } else { modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent); } } @@ -312,14 +317,14 @@ public class UncachedKeyRing { "0x" + Integer.toString(zert.getSignatureType(), 16) }, indent); modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + badCerts += 1; } if (cert.getCreationTime().after(now)) { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -327,7 +332,7 @@ public class UncachedKeyRing { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent); modified = PGPPublicKey.removeCertification(modified, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -343,14 +348,14 @@ public class UncachedKeyRing { log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD, new String[] { userId }, indent); modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + badCerts += 1; continue; } } catch (PgpGeneralException e) { log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_ERR, new String[] { userId }, indent); modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + badCerts += 1; continue; } @@ -363,13 +368,13 @@ public class UncachedKeyRing { selfCert = zert; } else if (selfCert.getCreationTime().before(cert.getCreationTime())) { modified = PGPPublicKey.removeCertification(modified, userId, selfCert); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP, new String[] { userId }, indent); selfCert = zert; } else { modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP, new String[] { userId }, indent); } @@ -378,7 +383,7 @@ public class UncachedKeyRing { && revocation.getCreationTime().before(selfCert.getCreationTime())) { modified = PGPPublicKey.removeCertification(modified, userId, revocation); revocation = null; - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD, new String[] { userId }, indent); } @@ -388,7 +393,7 @@ public class UncachedKeyRing { // If this is older than the (latest) self cert, drop it if (selfCert != null && selfCert.getCreationTime().after(zert.getCreationTime())) { modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD, new String[] { userId }, indent); continue; @@ -399,13 +404,13 @@ public class UncachedKeyRing { // more revocations? at least one is superfluous, then. } else if (revocation.getCreationTime().before(cert.getCreationTime())) { modified = PGPPublicKey.removeCertification(modified, userId, revocation); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP, new String[] { userId }, indent); revocation = zert; } else { modified = PGPPublicKey.removeCertification(modified, userId, zert); - removedCerts += 1; + redundantCerts += 1; log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP, new String[] { userId }, indent); } @@ -418,8 +423,6 @@ public class UncachedKeyRing { // Replace modified key in the keyring ring = PGPPublicKeyRing.insertPublicKey(ring, modified); - - log.add(LogLevel.DEBUG, LogType.MSG_KC_MASTER_SUCCESS, null, indent); indent -= 1; } @@ -437,18 +440,17 @@ public class UncachedKeyRing { // certificate. PGPPublicKey modified = key; PGPSignature selfCert = null, revocation = null; - uids: for (PGPSignature zig : new IterableIterator(key.getSignatures())) { + uids: for (PGPSignature zert : new IterableIterator(key.getSignatures())) { // remove from keyring (for now) - modified = PGPPublicKey.removeCertification(modified, zig); - // add this too, easier than adding it for every single "continue" case - removedCerts += 1; + modified = PGPPublicKey.removeCertification(modified, zert); - WrappedSignature cert = new WrappedSignature(zig); + WrappedSignature cert = new WrappedSignature(zert); int type = cert.getSignatureType(); // filter out bad key types... if (cert.getKeyId() != masterKey.getKeyID()) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_KEYID, null, indent); + badCerts += 1; continue; } @@ -456,18 +458,21 @@ public class UncachedKeyRing { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TYPE, new String[]{ "0x" + Integer.toString(type, 16) }, indent); + badCerts += 1; continue; } if (cert.getCreationTime().after(now)) { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TIME, null, indent); + badCerts += 1; continue; } if (cert.isLocal()) { // Creation date in the future? No way! log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_LOCAL, null, indent); + badCerts += 1; continue; } @@ -478,20 +483,22 @@ public class UncachedKeyRing { cert.init(masterKey); if (!cert.verifySignature(masterKey, key)) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD, null, indent); + badCerts += 1; continue; } } catch (PgpGeneralException e) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_ERR, null, indent); + badCerts += 1; continue; } - if (zig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) { - int flags = ((KeyFlags) zig.getHashedSubPackets() + if (zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) { + int flags = ((KeyFlags) zert.getHashedSubPackets() .getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags(); // If this subkey is allowed to sign data, if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) { try { - PGPSignatureList list = zig.getUnhashedSubPackets().getEmbeddedSignatures(); + PGPSignatureList list = zert.getUnhashedSubPackets().getEmbeddedSignatures(); boolean ok = false; for (int i = 0; i < list.size(); i++) { WrappedSignature subsig = new WrappedSignature(list.get(i)); @@ -501,16 +508,19 @@ public class UncachedKeyRing { ok = true; } else { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD, null, indent); + badCerts += 1; continue uids; } } } if (!ok) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, null, indent); + badCerts += 1; continue; } } catch (Exception e) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, null, indent); + badCerts += 1; continue; } } @@ -518,10 +528,11 @@ public class UncachedKeyRing { // if we already have a cert, and this one is not newer: skip it if (selfCert != null && selfCert.getCreationTime().before(cert.getCreationTime())) { + redundantCerts += 1; continue; } - selfCert = zig; + selfCert = zert; // if this is newer than a possibly existing revocation, drop that one if (revocation != null && selfCert.getCreationTime().after(revocation.getCreationTime())) { revocation = null; @@ -535,17 +546,22 @@ public class UncachedKeyRing { cert.init(masterKey); if (!cert.verifySignature(key)) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, null, indent); + badCerts += 1; continue; } } catch (PgpGeneralException e) { log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD_ERR, null, indent); + badCerts += 1; continue; } // if there is no binding (yet), or the revocation is newer than the binding: keep it - if (selfCert == null || selfCert.getCreationTime().before(cert.getCreationTime())) { - revocation = zig; + if (selfCert != null && selfCert.getCreationTime().after(cert.getCreationTime())) { + redundantCerts += 1; + continue; } + + revocation = zert; } } @@ -561,22 +577,25 @@ public class UncachedKeyRing { // re-add certification modified = PGPPublicKey.addCertification(modified, selfCert); - removedCerts -= 1; // add revocation, if any if (revocation != null) { modified = PGPPublicKey.addCertification(modified, revocation); - removedCerts -= 1; } // replace pubkey in keyring ring = PGPPublicKeyRing.insertPublicKey(ring, modified); - - log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_SUCCESS, null, indent); indent -= 1; } - if (removedCerts > 0) { - log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_REMOVED, - new String[] { Integer.toString(removedCerts) }, indent); + if (badCerts > 0 && redundantCerts > 0) { + log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD_AND_RED, + new String[] { Integer.toString(badCerts), + Integer.toString(redundantCerts) }, indent); + } else if (badCerts > 0) { + log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD, + new String[] { Integer.toString(badCerts) }, indent); + } else if (redundantCerts > 0) { + log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_REDUNDANT, + new String[] { Integer.toString(redundantCerts) }, indent); } else { log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS, null, indent); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index 102c8e6d0..80de65e0e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -302,7 +302,6 @@ public class ProviderHelper { log(LogLevel.INFO, LogType.MSG_IP_INSERT_KEYRING); { // insert keyring - // insert new version of this keyRing ContentValues values = new ContentValues(); values.put(KeyRingData.MASTER_KEY_ID, masterKeyId); try { @@ -322,8 +321,9 @@ public class ProviderHelper { Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId)); int rank = 0; for (UncachedPublicKey key : new IterableIterator(keyRing.getPublicKeys())) { - log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY, new String[]{ - PgpKeyHelper.convertKeyIdToHex(key.getKeyId()) + long keyId = key.getKeyId(); + log(LogLevel.DEBUG, keyId == masterKeyId ? LogType.MSG_IP_MASTER : LogType.MSG_IP_SUBKEY, new String[]{ + PgpKeyHelper.convertKeyIdToHex(keyId) }); mIndent += 1; @@ -341,21 +341,41 @@ public class ProviderHelper { values.put(Keys.CAN_ENCRYPT, e); values.put(Keys.CAN_SIGN, s); values.put(Keys.IS_REVOKED, key.isRevoked()); - if (c) { - if (e) { - log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CES - : LogType.MSG_IP_SUBKEY_FLAGS_CEX, null); + if (masterKeyId == keyId) { + if (c) { + if (e) { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_CES + : LogType.MSG_IP_MASTER_FLAGS_CEX, null); + } else { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_CXS + : LogType.MSG_IP_MASTER_FLAGS_CXX, null); + } } else { - log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CXS - : LogType.MSG_IP_SUBKEY_FLAGS_CXX, null); + if (e) { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_XES + : LogType.MSG_IP_MASTER_FLAGS_XEX, null); + } else { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_XXS + : LogType.MSG_IP_MASTER_FLAGS_XXX, null); + } } } else { - if (e) { - log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XES - : LogType.MSG_IP_SUBKEY_FLAGS_XEX, null); + if (c) { + if (e) { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CES + : LogType.MSG_IP_SUBKEY_FLAGS_CEX, null); + } else { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CXS + : LogType.MSG_IP_SUBKEY_FLAGS_CXX, null); + } } else { - log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XXS - : LogType.MSG_IP_SUBKEY_FLAGS_XXX, null); + if (e) { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XES + : LogType.MSG_IP_SUBKEY_FLAGS_XEX, null); + } else { + log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XXS + : LogType.MSG_IP_SUBKEY_FLAGS_XXX, null); + } } } @@ -365,13 +385,13 @@ public class ProviderHelper { if (expiryDate != null) { values.put(Keys.EXPIRY, expiryDate.getTime() / 1000); if (key.isExpired()) { - log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY_EXPIRED, new String[]{ - expiryDate.toString() - }); + log(LogLevel.DEBUG, keyId == masterKeyId ? + LogType.MSG_IP_MASTER_EXPIRED : LogType.MSG_IP_SUBKEY_EXPIRED, + new String[]{ expiryDate.toString() }); } else { - log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY_EXPIRES, new String[]{ - expiryDate.toString() - }); + log(LogLevel.DEBUG, keyId == masterKeyId ? + LogType.MSG_IP_MASTER_EXPIRES : LogType.MSG_IP_SUBKEY_EXPIRES, + new String[] { expiryDate.toString() }); } } @@ -415,10 +435,9 @@ public class ProviderHelper { if (!cert.isRevocation()) { item.selfCert = cert; item.isPrimary = cert.isPrimaryUserId(); - log(LogLevel.DEBUG, LogType.MSG_IP_UID_SELF_GOOD); } else { item.isRevoked = true; - log(LogLevel.DEBUG, LogType.MSG_IP_UID_REVOKED); + log(LogLevel.INFO, LogType.MSG_IP_UID_REVOKED); } } @@ -479,7 +498,6 @@ public class ProviderHelper { } } - log(LogLevel.DEBUG, LogType.MSG_IP_PREPARE_SUCCESS); mIndent -= 1; } catch (IOException e) { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java index b5f01ce4d..b9531f83f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java @@ -16,6 +16,7 @@ import java.util.ArrayList; * list (ie, enum) of all possible log types, which should in all cases be tied * to string resource ids. * + * */ public class OperationResultParcel implements Parcelable { /** Holds the overall result, the number specifying varying degrees of success. The first bit @@ -101,6 +102,23 @@ public class OperationResultParcel implements Parcelable { } + /** This is an enum of all possible log events. + * + * Element names should generally be prefixed with MSG_XX_ where XX is an + * identifier based on the related activity. + * + * Log messages should occur for each distinguishable action group. For + * each such group, one message is displayed followed by warnings or + * errors, and optionally subactions. The granularity should generally be + * optimistic: No "success" messages are printed except for the outermost + * operations - the success of an action group is indicated by the + * beginning message of the next action group. + * + * Log messages should be in present tense, There should be no trailing + * punctuation, except for error messages which may end in an exclamation + * mark. + * + */ public static enum LogType { // import public @@ -114,15 +132,24 @@ public class OperationResultParcel implements Parcelable { MSG_IP_FAIL_OP_EX (R.string.msg_ip_fail_op_ex), MSG_IP_FAIL_REMOTE_EX (R.string.msg_ip_fail_remote_ex), MSG_IP_INSERT_KEYRING (R.string.msg_ip_insert_keyring), - MSG_IP_INSERT_SUBKEYS (R.string.msg_ip_insert_subkeys), + MSG_IP_INSERT_SUBKEYS (R.string.msg_ip_insert_keys), MSG_IP_PREPARE (R.string.msg_ip_prepare), - MSG_IP_PREPARE_SUCCESS(R.string.msg_ip_prepare_success), MSG_IP_PRESERVING_SECRET (R.string.msg_ip_preserving_secret), MSG_IP_REINSERT_SECRET (R.string.msg_ip_reinsert_secret), + MSG_IP_MASTER (R.string.msg_ip_master), + MSG_IP_MASTER_EXPIRED (R.string.msg_ip_master_expired), + MSG_IP_MASTER_EXPIRES (R.string.msg_ip_master_expires), + MSG_IP_MASTER_FLAGS_CES (R.string.msg_ip_master_flags_ces), + MSG_IP_MASTER_FLAGS_CEX (R.string.msg_ip_master_flags_cex), + MSG_IP_MASTER_FLAGS_CXS (R.string.msg_ip_master_flags_cxs), + MSG_IP_MASTER_FLAGS_XES (R.string.msg_ip_master_flags_xes), + MSG_IP_MASTER_FLAGS_CXX (R.string.msg_ip_master_flags_cxx), + MSG_IP_MASTER_FLAGS_XEX (R.string.msg_ip_master_flags_xex), + MSG_IP_MASTER_FLAGS_XXS (R.string.msg_ip_master_flags_xxs), + MSG_IP_MASTER_FLAGS_XXX (R.string.msg_ip_master_flags_xxx), MSG_IP_SUBKEY (R.string.msg_ip_subkey), MSG_IP_SUBKEY_EXPIRED (R.string.msg_ip_subkey_expired), MSG_IP_SUBKEY_EXPIRES (R.string.msg_ip_subkey_expires), - MSG_IP_SUBKEY_FLAGS (R.string.msg_ip_subkey_flags), MSG_IP_SUBKEY_FLAGS_CES (R.string.msg_ip_subkey_flags_ces), MSG_IP_SUBKEY_FLAGS_CEX (R.string.msg_ip_subkey_flags_cex), MSG_IP_SUBKEY_FLAGS_CXS (R.string.msg_ip_subkey_flags_cxs), @@ -140,7 +167,6 @@ public class OperationResultParcel implements Parcelable { MSG_IP_UID_REORDER(R.string.msg_ip_uid_reorder), MSG_IP_UID_PROCESSING (R.string.msg_ip_uid_processing), MSG_IP_UID_REVOKED (R.string.msg_ip_uid_revoked), - MSG_IP_UID_SELF_GOOD (R.string.msg_ip_uid_self_good), // import secret MSG_IS(R.string.msg_is), @@ -155,7 +181,6 @@ public class OperationResultParcel implements Parcelable { // keyring canonicalization MSG_KC (R.string.msg_kc), MSG_KC_MASTER (R.string.msg_kc_master), - MSG_KC_MASTER_SUCCESS (R.string.msg_kc_master_success), MSG_KC_REVOKE_BAD_ERR (R.string.msg_kc_revoke_bad_err), MSG_KC_REVOKE_BAD_LOCAL (R.string.msg_kc_revoke_bad_local), MSG_KC_REVOKE_BAD_TIME (R.string.msg_kc_revoke_bad_time), @@ -176,8 +201,9 @@ public class OperationResultParcel implements Parcelable { MSG_KC_SUB_REVOKE_BAD_ERR (R.string.msg_kc_sub_revoke_bad_err), MSG_KC_SUB_REVOKE_BAD (R.string.msg_kc_sub_revoke_bad), MSG_KC_SUB_REVOKE_DUP (R.string.msg_kc_sub_revoke_dup), - MSG_KC_SUB_SUCCESS (R.string.msg_kc_sub_success), - MSG_KC_SUCCESS_REMOVED (R.string.msg_kc_success_removed), + MSG_KC_SUCCESS_BAD (R.string.msg_kc_success_bad), + MSG_KC_SUCCESS_BAD_AND_RED (R.string.msg_kc_success_bad_and_red), + MSG_KC_SUCCESS_REDUNDANT (R.string.msg_kc_success_redundant), MSG_KC_SUCCESS (R.string.msg_kc_success), MSG_KC_UID_BAD_ERR (R.string.msg_kc_uid_bad_err), MSG_KC_UID_BAD_LOCAL (R.string.msg_kc_uid_bad_local), diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index 5a2c38419..d365302d9 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -516,14 +516,23 @@ Operation failed due to internal error Importing public keyring %s Encoding keyring data - Evaluating subkeys + Parsing keys Preparing database operations - OK Preserving available secret key + Processing master key %s + Keyring expired on %s + Keyring expires on %s + Master key flags: certify, encrypt, sign + Master key flags: certify, encrypt + Master key flags: certify, sign + Master key flags: encrypt, sign + Master key flags: certify + Master key flags: encrypt + Master key flags: sign + Master key flags: none Processing subkey %s Subkey expired on %s Subkey expires on %s - Subkey flags: %s Subkey flags: certify, encrypt, sign Subkey flags: certify, encrypt Subkey flags: certify, sign @@ -536,13 +545,12 @@ Re-inserting secret key Encountered bad certificate! Error processing certificate! - Found good certificate from %1$s (%2$s) + User id is certified by %1$s (%2$s) Ignoring %s certificates from unknown pubkeys Classifying user ids, using %s trusted signatures Re-ordering user ids Processing user id %s - Found uid revocation certificate - Found good self certificate + User id is revoked Tried to import public keyring as secret. This is a bug, please file a report! @@ -557,7 +565,6 @@ Canonicalizing keyring %s Processing master key - OK Removing bad keyring revocation certificate Removing keyring revocation certificate with "local" flag Removing keyring revocation certificate with future timestamp @@ -578,9 +585,10 @@ Removing bad subkey revocation key Removing bad subkey revocation key Removing redundant keyring revocation key - Subkey binding OK Keyring canonicalization successful - Keyring canonicalization successful, removed %s certificates + Keyring canonicalization successful, removed %s erroneous certificates + Keyring canonicalization successful, removed %1$s erroneous and %2$s redundant certificates + Keyring canonicalization successful, removed %s redundant certificates Removing bad self certificate for user id %s Removing user id certificate with "local" flag Removing user id with future timestamp -- cgit v1.2.3