From 478b2a4d8ba9de9a1c6756c592c9d26f6ce06c52 Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Sat, 25 Oct 2014 01:59:15 +0200
Subject: add logging to import and change order of import, keyservers first

---
 .../keychain/operations/ImportExportOperation.java | 61 ++++++++++++++--------
 .../operations/results/OperationResult.java        | 11 ++++
 OpenKeychain/src/main/res/values/strings.xml       | 10 ++++
 3 files changed, 59 insertions(+), 23 deletions(-)

(limited to 'OpenKeychain/src/main')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java
index 2c1f2e1cf..4db48015f 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportExportOperation.java
@@ -155,21 +155,8 @@ public class ImportExportOperation extends BaseOperation {
                 // Otherwise, we need to fetch the data from a server first
                 else {
 
-                    // If we have a keybase name, try to fetch from there
-                    if (entry.mKeybaseName != null) {
-                        // Make sure we have this cached
-                        if (keybaseServer == null) {
-                            keybaseServer = new KeybaseKeyserver();
-                        }
-
-                        try {
-                            byte[] data = keybaseServer.get(entry.mKeybaseName).getBytes();
-                            key = UncachedKeyRing.decodeFromData(data);
-                        } catch (Keyserver.QueryFailedException e) {
-                            // download failed, too bad. just proceed
-                        }
-
-                    }
+                    // We fetch from keyservers first, because we tend to get more certificates
+                    // from there, so the number of certificates which are merged in later is smaller.
 
                     // If we have a keyServerUri and a fingerprint or at least a keyId,
                     // download from HKP
@@ -177,6 +164,7 @@ public class ImportExportOperation extends BaseOperation {
                             && (entry.mKeyIdHex != null || entry.mExpectedFingerprint != null)) {
                         // Make sure we have the keyserver instance cached
                         if (keyServer == null) {
+                            log.add(LogType.MSG_IMPORT_KEYSERVER, 1, keyServerUri);
                             keyServer = new HkpKeyserver(keyServerUri);
                         }
 
@@ -184,15 +172,41 @@ public class ImportExportOperation extends BaseOperation {
                             byte[] data;
                             // Download by fingerprint, or keyId - whichever is available
                             if (entry.mExpectedFingerprint != null) {
+                                log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER, 1, "0x" + entry.mExpectedFingerprint);
                                 data = keyServer.get("0x" + entry.mExpectedFingerprint).getBytes();
                             } else {
+                                log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER, 1, entry.mKeyIdHex);
                                 data = keyServer.get(entry.mKeyIdHex).getBytes();
                             }
+                            key = UncachedKeyRing.decodeFromData(data);
+                            if (key != null) {
+                                log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER_OK, 2);
+                            } else {
+                                log.add(LogType.MSG_IMPORT_FETCH_ERROR_DECODE, 2);
+                            }
+                        } catch (Keyserver.QueryFailedException e) {
+                            Log.e(Constants.TAG, "query failed", e);
+                            log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER_ERROR, 2);
+                        }
+                    }
+
+                    // If we have a keybase name, try to fetch from there
+                    if (entry.mKeybaseName != null) {
+                        // Make sure we have this cached
+                        if (keybaseServer == null) {
+                            keybaseServer = new KeybaseKeyserver();
+                        }
+
+                        try {
+                            log.add(LogType.MSG_IMPORT_FETCH_KEYBASE, 1, entry.mKeybaseName);
+                            byte[] data = keybaseServer.get(entry.mKeybaseName).getBytes();
+                            key = UncachedKeyRing.decodeFromData(data);
+
                             // If there already is a key (of keybase origin), merge the two
                             if (key != null) {
+                                log.add(LogType.MSG_IMPORT_MERGE, 2);
                                 UncachedKeyRing merged = UncachedKeyRing.decodeFromData(data);
-                                // TODO log pollution?
-                                merged = key.merge(merged, log, 2);
+                                merged = key.merge(merged, log, 3);
                                 // If the merge didn't fail, use the new merged key
                                 if (merged != null) {
                                     key = merged;
@@ -201,12 +215,15 @@ public class ImportExportOperation extends BaseOperation {
                                 key = UncachedKeyRing.decodeFromData(data);
                             }
                         } catch (Keyserver.QueryFailedException e) {
-                            break;
+                            // download failed, too bad. just proceed
+                            Log.e(Constants.TAG, "query failed", e);
+                            log.add(LogType.MSG_IMPORT_FETCH_KEYSERVER_ERROR, 2);
                         }
                     }
                 }
 
                 if (key == null) {
+                    log.add(LogType.MSG_IMPORT_FETCH_ERROR, 2);
                     badKeys += 1;
                     continue;
                 }
@@ -214,13 +231,11 @@ public class ImportExportOperation extends BaseOperation {
                 // If we have an expected fingerprint, make sure it matches
                 if (entry.mExpectedFingerprint != null) {
                     if(!KeyFormattingUtils.convertFingerprintToHex(key.getFingerprint()).equals(entry.mExpectedFingerprint)) {
-                        Log.d(Constants.TAG, "fingerprint: " + KeyFormattingUtils.convertFingerprintToHex(key.getFingerprint()));
-                        Log.d(Constants.TAG, "expected fingerprint: " + entry.mExpectedFingerprint);
-                        Log.e(Constants.TAG, "Actual key fingerprint is not the same as expected!");
+                        log.add(LogType.MSG_IMPORT_FINGERPRINT_ERROR, 2);
                         badKeys += 1;
                         continue;
                     } else {
-                        Log.d(Constants.TAG, "Actual key fingerprint matches expected one.");
+                        log.add(LogType.MSG_IMPORT_FINGERPRINT_OK, 2);
                     }
                 }
 
@@ -252,7 +267,7 @@ public class ImportExportOperation extends BaseOperation {
                     importedMasterKeyIds.add(key.getMasterKeyId());
                 }
 
-                log.add(result, 1);
+                log.add(result, 2);
 
             } catch (IOException e) {
                 Log.e(Constants.TAG, "Encountered bad key on import!", e);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
index 9d04dec38..aa360609f 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@@ -581,6 +581,17 @@ public abstract class OperationResult implements Parcelable {
         MSG_CRT_WARN_SAVE_FAILED (LogLevel.WARN, R.string.msg_crt_warn_save_failed),
 
         MSG_IMPORT (LogLevel.START, R.plurals.msg_import),
+
+        MSG_IMPORT_FETCH_ERROR (LogLevel.ERROR, R.string.msg_import_fetch_error),
+        MSG_IMPORT_FETCH_ERROR_DECODE (LogLevel.ERROR, R.string.msg_import_fetch_error_decode),
+        MSG_IMPORT_FETCH_KEYSERVER (LogLevel.INFO, R.string.msg_import_fetch_keyserver),
+        MSG_IMPORT_FETCH_KEYSERVER_OK (LogLevel.DEBUG, R.string.msg_import_fetch_keyserver_ok),
+        MSG_IMPORT_FETCH_KEYSERVER_ERROR (LogLevel.ERROR, R.string.msg_import_fetch_keyserver_error),
+        MSG_IMPORT_FETCH_KEYBASE (LogLevel.INFO, R.string.msg_import_fetch_keybase),
+        MSG_IMPORT_KEYSERVER (LogLevel.DEBUG, R.string.msg_import_keyserver),
+        MSG_IMPORT_MERGE (LogLevel.DEBUG, R.string.msg_import_merge),
+        MSG_IMPORT_FINGERPRINT_ERROR (LogLevel.ERROR, R.string.msg_import_fingerprint_error),
+        MSG_IMPORT_FINGERPRINT_OK (LogLevel.DEBUG, R.string.msg_import_fingerprint_ok),
         MSG_IMPORT_ERROR (LogLevel.ERROR, R.string.msg_import_error),
         MSG_IMPORT_PARTIAL (LogLevel.ERROR, R.string.msg_import_partial),
         MSG_IMPORT_SUCCESS (LogLevel.OK, R.string.msg_import_success),
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index 3cfacbfd5..a65894fcc 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -946,6 +946,16 @@
         <item quantity="one">"Importing key"</item>
         <item quantity="other">"Importing %d keys"</item>
     </plurals>
+    <string name="msg_import_fetch_error_decode">"Error decoding retrieved keyring!"</string>
+    <string name="msg_import_fetch_error">"Key could not be fetched! (Network problems?)"</string>
+    <string name="msg_import_fetch_keybase">"Fetching from keybase.io: %s"</string>
+    <string name="msg_import_fetch_keyserver_error">"Could not fetch key from keybase!"</string>
+    <string name="msg_import_fetch_keyserver">"Fetching from keyserver: %s"</string>
+    <string name="msg_import_fetch_keyserver_ok">"Fingerprint of fetched key didn't match expected!"</string>
+    <string name="msg_import_keyserver">"Using keyserver %s"</string>
+    <string name="msg_import_fingerprint_error">"Fingerprint of fetched key didn't match expected!"</string>
+    <string name="msg_import_fingerprint_ok">"Fingerprint check OK"</string>
+    <string name="msg_import_merge">"Merging keys…"</string>
     <string name="msg_import_error">"Import operation failed!"</string>
     <string name="msg_import_partial">"Import operation successful, with errors!"</string>
     <string name="msg_import_success">"Import operation successful"</string>
-- 
cgit v1.2.3