cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
75cf861674c40534421087feb716c1788e71ca3a
open-keychain/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainDatabase.java

464 lines
21 KiB
Java
Raw Normal View History

started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
/*
Adapt copyright headers according to CLA
2017-12-15 15:16:48 +01:00
* Copyright (C) 2017 Schürmann & Breitmoser GbR
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
*
Relicensing from Apache License v2 to GPLv3+. This is only done on classes that (have copyright by Dominik Schürmann or Markus Doits) or (are completly refactored by me and contain no remaining code by Thialfihar). Code by Thialfihar (not reachable by mail) and Shaun Senecal (disagreed on license change) remain Apache License v2.
2013-09-06 16:17:01 +02:00
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
*
Relicensing from Apache License v2 to GPLv3+. This is only done on classes that (have copyright by Dominik Schürmann or Markus Doits) or (are completly refactored by me and contain no remaining code by Thialfihar). Code by Thialfihar (not reachable by mail) and Shaun Senecal (disagreed on license change) remain Apache License v2.
2013-09-06 16:17:01 +02:00
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
*
Relicensing from Apache License v2 to GPLv3+. This is only done on classes that (have copyright by Dominik Schürmann or Markus Doits) or (are completly refactored by me and contain no remaining code by Thialfihar). Code by Thialfihar (not reachable by mail) and Shaun Senecal (disagreed on license change) remain Apache License v2.
2013-09-06 16:17:01 +02:00
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
*/
clean up package structure
2018-07-02 15:07:11 +02:00
package org.sufficientlysecure.keychain;
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
focus all read access for key ring data into DatabaseInteractor methods
2017-02-20 21:57:38 +01:00
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
import android.arch.persistence.db.SupportSQLiteDatabase;
import android.arch.persistence.db.SupportSQLiteOpenHelper;
import android.arch.persistence.db.SupportSQLiteOpenHelper.Callback;
import android.arch.persistence.db.SupportSQLiteOpenHelper.Configuration;
import android.arch.persistence.db.framework.FrameworkSQLiteOpenHelperFactory;
final code style changes
2014-03-13 23:03:08 +02:00
import android.content.Context;
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
import android.database.Cursor;
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
import android.database.SQLException;
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
import android.database.sqlite.SQLiteException;
extract database access from CachedPublicKeyRing
2018-06-26 10:24:19 +02:00
import android.support.annotation.VisibleForTesting;
Fix constraints and insert
2014-03-26 00:11:49 +01:00
clean up package structure
2018-07-02 15:07:11 +02:00
import org.sufficientlysecure.keychain.daos.LocalSecretKeyStorage;
Optimize imports
2014-04-15 22:52:21 +02:00
import org.sufficientlysecure.keychain.provider.KeychainContract.CertsColumns;
introduce updateTrustDb to use instead of a full consolidate
2017-09-22 04:20:09 +02:00
import org.sufficientlysecure.keychain.provider.KeychainContract.KeysColumns;
make user_ids table typed, with attribute_data support Conflicts: OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyMainFragment.java
2015-01-13 23:09:48 +01:00
import org.sufficientlysecure.keychain.provider.KeychainContract.UserPacketsColumns;
remember if key signatures table has been initialized
2017-09-23 01:00:14 +02:00
import org.sufficientlysecure.keychain.util.Preferences;
Use Timber instead of Android.Log
2018-01-20 02:12:43 +01:00
import timber.log.Timber;
remember if key signatures table has been initialized
2017-09-23 01:00:14 +02:00
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
Clarify sqlite datatypes
2014-04-29 10:19:10 +02:00
/**
* SQLite Datatypes (from http://www.sqlite.org/datatype3.html)
* - NULL. The value is a NULL value.
* - INTEGER. The value is a signed integer, stored in 1, 2, 3, 4, 6, or 8 bytes depending on the magnitude of the value.
* - REAL. The value is a floating point value, stored as an 8-byte IEEE floating point number.
* - TEXT. The value is a text string, stored using the database encoding (UTF-8, UTF-16BE or UTF-16LE).
* - BLOB. The value is a blob of data, stored exactly as it was input.
*/
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
public class KeychainDatabase {
Break a lot of stuff. Also, database redesign. Change entire database design. This introduces a lot of changes, notably all URIs and almost all projections. Some features (like key deletion) have been simply commented out for now since they need serious reconsideration. There are a couple of new TODOs marking places where more work is needed. The migration path works fine from what I tested. The old database is not deleted for now, ie, it is reimported at every start of the application making all intermediate changes transient. Tested and working (for me): - All activities in the main drawer - Multiselect and Search - ViewKeyActivity, with and without secret key available - CertifyKeyActivity - SelectSecretKeyActivity (from CertifyKeyActivity) - SelectPublicKeyActivity (from encrypt activity) What doesn't work: - Actually certifying keys (pending a TODO in ProviderHelper) - Importing keys doesn't preserve secret keys - "Encrypt to this contact" doesn't pass key - Editing keys. All controls are disabled, I'm not sure why... (is this even my fault?) - Deleting keys What I didn't test: - Key export - API stuff - Creating keys (since editing doesn't even work)
2014-04-03 01:34:35 +02:00
private static final String DATABASE_NAME = "openkeychain.db";
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
private static final int DATABASE_VERSION = 29;
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
private final SupportSQLiteOpenHelper supportSQLiteOpenHelper;
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private static KeychainDatabase sInstance;
public static KeychainDatabase getInstance(Context context) {
sInstance = new KeychainDatabase(context.getApplicationContext());
return sInstance;
}
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
extract database access from CachedPublicKeyRing
2018-06-26 10:24:19 +02:00
@VisibleForTesting
public static void resetSingleton() {
sInstance = null;
}
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
public interface Tables {
Break a lot of stuff. Also, database redesign. Change entire database design. This introduces a lot of changes, notably all URIs and almost all projections. Some features (like key deletion) have been simply commented out for now since they need serious reconsideration. There are a couple of new TODOs marking places where more work is needed. The migration path works fine from what I tested. The old database is not deleted for now, ie, it is reimported at every start of the application making all intermediate changes transient. Tested and working (for me): - All activities in the main drawer - Multiselect and Search - ViewKeyActivity, with and without secret key available - CertifyKeyActivity - SelectSecretKeyActivity (from CertifyKeyActivity) - SelectPublicKeyActivity (from encrypt activity) What doesn't work: - Actually certifying keys (pending a TODO in ProviderHelper) - Importing keys doesn't preserve secret keys - "Encrypt to this contact" doesn't pass key - Editing keys. All controls are disabled, I'm not sure why... (is this even my fault?) - Deleting keys What I didn't test: - Key export - API stuff - Creating keys (since editing doesn't even work)
2014-04-03 01:34:35 +02:00
String KEY_RINGS_PUBLIC = "keyrings_public";
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
String KEYS = "keys";
introduce key signatures table
2017-09-22 04:18:14 +02:00
String KEY_SIGNATURES = "key_signatures";
change user_id primary key in database, use keyring rather than unified query in consolidate
2015-03-11 18:28:36 +01:00
String USER_PACKETS = "user_packets";
(preliminary) certs table
2014-03-11 00:09:11 +01:00
String CERTS = "certs";
Introduce allowed keys table per API client
2015-01-29 17:46:27 +01:00
String API_ALLOWED_KEYS = "api_allowed_keys";
add database structure for remembering overridden warnings
2017-04-28 23:38:37 +02:00
String OVERRIDDEN_WARNINGS = "overridden_warnings";
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
}
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private KeychainDatabase(Context context) {
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
supportSQLiteOpenHelper =
new FrameworkSQLiteOpenHelperFactory()
.create(Configuration.builder(context).name(DATABASE_NAME).callback(
new Callback(DATABASE_VERSION) {
@Override
public void onCreate(SupportSQLiteDatabase db) {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
KeychainDatabase.this.onCreate(db, context);
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
}
@Override
public void onUpgrade(SupportSQLiteDatabase db, int oldVersion, int newVersion) {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
KeychainDatabase.this.onUpgrade(db, context, oldVersion, newVersion);
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
}
@Override
public void onDowngrade(SupportSQLiteDatabase db, int oldVersion, int newVersion) {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
KeychainDatabase.this.onDowngrade();
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
}
@Override
public void onOpen(SupportSQLiteDatabase db) {
super.onOpen(db);
if (!db.isReadOnly()) {
// Enable foreign key constraints
db.execSQL("PRAGMA foreign_keys=ON;");
}
}
}).build());
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
}
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
public SupportSQLiteDatabase getReadableDatabase() {
return supportSQLiteOpenHelper.getReadableDatabase();
}
public SupportSQLiteDatabase getWritableDatabase() {
return supportSQLiteOpenHelper.getWritableDatabase();
}
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private void onCreate(SupportSQLiteDatabase db, Context context) {
Use Timber instead of Android.Log
2018-01-20 02:12:43 +01:00
Timber.w("Creating database...");
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
extract UpdatedKeys access from KeychainProvider into KeyMetadataDao
2018-06-18 11:40:39 +02:00
db.execSQL(KeyRingsPublicModel.CREATE_TABLE);
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
db.execSQL(KeysModel.CREATE_TABLE);
use FlexibleAdapter with LiveData in KeyListFragment
2018-06-20 00:45:34 +02:00
db.execSQL(UserPacketsModel.CREATE_TABLE);
db.execSQL(CertsModel.CREATE_TABLE);
extract UpdatedKeys access from KeychainProvider into KeyMetadataDao
2018-06-18 11:40:39 +02:00
db.execSQL(KeyMetadataModel.CREATE_TABLE);
extract select by signer from KeychainProvider
2018-06-22 19:58:17 +02:00
db.execSQL(KeySignaturesModel.CREATE_TABLE);
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
db.execSQL(ApiAppsModel.CREATE_TABLE);
db.execSQL(OverriddenWarningsModel.CREATE_TABLE);
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
db.execSQL(AutocryptPeersModel.CREATE_TABLE);
extract database access from CachedPublicKeyRing
2018-06-26 10:24:19 +02:00
db.execSQL(ApiAllowedKeysModel.CREATE_TABLE);
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
db.execSQL(KeysModel.UNIFIEDKEYVIEW);
some optimizations and indexes for the main key list query
2015-11-15 02:45:21 +01:00
better index for Keys table
2018-01-15 17:01:21 +01:00
db.execSQL("CREATE INDEX keys_by_rank ON keys (" + KeysColumns.RANK + ", " + KeysColumns.MASTER_KEY_ID + ");");
some optimizations and indexes for the main key list query
2015-11-15 02:45:21 +01:00
db.execSQL("CREATE INDEX uids_by_rank ON user_packets (" + UserPacketsColumns.RANK + ", "
+ UserPacketsColumns.USER_ID + ", " + UserPacketsColumns.MASTER_KEY_ID + ");");
db.execSQL("CREATE INDEX verified_certs ON certs ("
+ CertsColumns.VERIFIED + ", " + CertsColumns.MASTER_KEY_ID + ");");
Fix and optimize Autocrypt 1.0 logic
2018-01-15 02:55:57 +01:00
db.execSQL("CREATE INDEX uids_by_email ON user_packets ("
+ UserPacketsColumns.EMAIL + ");");
some optimizations and indexes for the main key list query
2015-11-15 02:45:21 +01:00
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
Preferences.getPreferences(context).setKeySignaturesTableInitialized();
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
}
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private void onUpgrade(SupportSQLiteDatabase db, Context context, int oldVersion, int newVersion) {
Use Timber instead of Android.Log
2018-01-20 02:12:43 +01:00
Timber.d("Upgrading db from " + oldVersion + " to " + newVersion);
Consolidate on database upgrade
2014-09-09 09:26:03 +02:00
add ecc support
2014-08-24 05:12:09 +02:00
switch (oldVersion) {
case 1:
Consolidate on database upgrade
2014-09-09 09:26:03 +02:00
// add has_secret for all who are upgrading from a beta version
add ecc support
2014-08-24 05:12:09 +02:00
try {
Always use INTEGER instead of BOOLEAN in database to avoid confusion
2014-10-29 23:41:10 +01:00
db.execSQL("ALTER TABLE keys ADD COLUMN has_secret INTEGER");
3.0 beta3
2014-09-30 17:50:16 +02:00
} catch (Exception e) {
add ecc support
2014-08-24 05:12:09 +02:00
// never mind, the column probably already existed
}
Consolidate on database upgrade
2014-09-09 09:26:03 +02:00
// fall through
add ecc support
2014-08-24 05:12:09 +02:00
case 2:
Consolidate on database upgrade
2014-09-09 09:26:03 +02:00
// ECC support
add ecc support
2014-08-24 05:12:09 +02:00
try {
New key flags icons, subkey adapter redesign, support authanticate flag in database
2014-09-20 20:36:37 +02:00
db.execSQL("ALTER TABLE keys ADD COLUMN key_curve_oid TEXT");
3.0 beta3
2014-09-30 17:50:16 +02:00
} catch (Exception e) {
add ecc support
2014-08-24 05:12:09 +02:00
// never mind, the column probably already existed
}
Consolidate on database upgrade
2014-09-09 09:26:03 +02:00
// fall through
case 3:
// better s2k detection, we need consolidate
// fall through
New key flags icons, subkey adapter redesign, support authanticate flag in database
2014-09-20 20:36:37 +02:00
case 4:
try {
Always use INTEGER instead of BOOLEAN in database to avoid confusion
2014-10-29 23:41:10 +01:00
db.execSQL("ALTER TABLE keys ADD COLUMN can_authenticate INTEGER");
3.0 beta3
2014-09-30 17:50:16 +02:00
} catch (Exception e) {
New key flags icons, subkey adapter redesign, support authanticate flag in database
2014-09-20 20:36:37 +02:00
// never mind, the column probably already existed
}
// fall through
3.0 beta3
2014-09-30 17:50:16 +02:00
case 5:
// do consolidate for 3.0 beta3
// fall through
make user_ids table typed, with attribute_data support Conflicts: OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyMainFragment.java
2015-01-13 23:09:48 +01:00
case 6:
db.execSQL("ALTER TABLE user_ids ADD COLUMN type INTEGER");
db.execSQL("ALTER TABLE user_ids ADD COLUMN attribute_data BLOB");
Introduce allowed keys table per API client
2015-01-29 17:46:27 +01:00
case 7:
// new table for allowed key ids in API
try {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
db.execSQL(ApiAppsModel.CREATE_TABLE);
Introduce allowed keys table per API client
2015-01-29 17:46:27 +01:00
} catch (Exception e) {
// never mind, the column probably already existed
}
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 8:
change user_id primary key in database, use keyring rather than unified query in consolidate
2015-03-11 18:28:36 +01:00
// tbale name for user_ids changed to user_packets
db.execSQL("DROP TABLE IF EXISTS certs");
db.execSQL("DROP TABLE IF EXISTS user_ids");
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
db.execSQL("CREATE TABLE IF NOT EXISTS user_packets("
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "master_key_id INTEGER, "
+ "type INT, "
+ "user_id TEXT, "
+ "attribute_data BLOB, "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "is_primary INTEGER, "
+ "is_revoked INTEGER, "
+ "rank INTEGER, "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "PRIMARY KEY(master_key_id, rank), "
+ "FOREIGN KEY(master_key_id) REFERENCES "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
+ "keyrings_public(master_key_id) ON DELETE CASCADE"
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ ")");
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
db.execSQL("CREATE TABLE IF NOT EXISTS certs("
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "master_key_id INTEGER,"
+ "rank INTEGER, " // rank of certified uid
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "key_id_certifier INTEGER, " // certifying key
+ "type INTEGER, "
+ "verified INTEGER, "
+ "creation INTEGER, "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "data BLOB, "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "PRIMARY KEY(master_key_id, rank, "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
+ "key_id_certifier), "
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "FOREIGN KEY(master_key_id) REFERENCES "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
+ "keyrings_public(master_key_id) ON DELETE CASCADE,"
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ "FOREIGN KEY(master_key_id, rank) REFERENCES "
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
+ "user_packets(master_key_id, rank) ON DELETE CASCADE"
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ ")");
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 9:
update database to trigger consolidate
2015-05-28 22:43:10 +02:00
// do nothing here, just consolidate
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 10:
comment for database fix
2015-07-08 03:33:46 +02:00
// fix problems in database, see #1402 for details
// https://github.com/open-keychain/open-keychain/issues/1402
remove database references to accounts (but don't delete yet)
2017-04-23 13:38:40 +02:00
// no longer needed, api_accounts is deprecated
// db.execSQL("DELETE FROM api_accounts WHERE key_id BETWEEN 0 AND 3");
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 11:
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
db.execSQL("CREATE TABLE IF NOT EXISTS updated_keys ("
+ "master_key_id INTEGER PRIMARY KEY, "
+ "last_updated INTEGER, "
+ "FOREIGN KEY(master_key_id) REFERENCES "
+ "keyrings_public(master_key_id) ON DELETE CASCADE"
+ ")");
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 12:
Prevent database downgrade (OKC-01-012)
2015-09-25 00:01:24 +02:00
// do nothing here, just consolidate
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 13:
some optimizations and indexes for the main key list query
2015-11-15 02:45:21 +01:00
db.execSQL("CREATE INDEX keys_by_rank ON keys (" + KeysColumns.RANK + ");");
db.execSQL("CREATE INDEX uids_by_rank ON user_packets (" + UserPacketsColumns.RANK + ", "
+ UserPacketsColumns.USER_ID + ", " + UserPacketsColumns.MASTER_KEY_ID + ");");
db.execSQL("CREATE INDEX verified_certs ON certs ("
+ CertsColumns.VERIFIED + ", " + CertsColumns.MASTER_KEY_ID + ");");
fix ridiculous database migration bug introduced by d6e4936fa54dc3577296dbadaeb556178dcad2c3
2016-03-15 23:30:50 +01:00
case 14:
Increased version DB and added a migration path from an old database format
2016-03-07 16:40:26 +02:00
db.execSQL("ALTER TABLE user_packets ADD COLUMN name TEXT");
db.execSQL("ALTER TABLE user_packets ADD COLUMN email TEXT");
db.execSQL("ALTER TABLE user_packets ADD COLUMN comment TEXT");
update null-check for duplicates, and add matching indexes to name and email columns
2016-03-16 00:33:09 +01:00
case 15:
db.execSQL("CREATE INDEX uids_by_name ON user_packets (name COLLATE NOCASE)");
db.execSQL("CREATE INDEX uids_by_email ON user_packets (email COLLATE NOCASE)");
Increase DB version to re-execute splitUserId for each key
2017-01-26 23:04:09 +01:00
case 16:
// splitUserId changed: Execute consolidate for new parsing of name, email
case 17:
// splitUserId changed: Execute consolidate for new parsing of name, email
Added warnings for insecure keys
2017-02-03 16:11:29 +05:30
case 18:
db.execSQL("ALTER TABLE keys ADD COLUMN is_secure INTEGER");
emergency fix for crashing consolidate
2017-02-07 13:15:35 +01:00
case 19:
// emergency fix for crashing consolidate
db.execSQL("UPDATE keys SET is_secure = 1;");
add database structure for remembering overridden warnings
2017-04-28 23:38:37 +02:00
case 20:
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
db.execSQL(
"CREATE TABLE IF NOT EXISTS overridden_warnings ("
+ "_id INTEGER PRIMARY KEY AUTOINCREMENT, "
+ "identifier TEXT NOT NULL UNIQUE "
+ ")");
fix overridden warnings table creation (whoops)
2017-07-24 11:42:38 +02:00
save whether key was seen on keyservers
2017-05-20 21:37:04 +02:00
case 21:
make database upgrade path more reliable
2017-08-04 13:08:39 +02:00
try {
db.execSQL("ALTER TABLE updated_keys ADD COLUMN seen_on_keyservers INTEGER;");
} catch (SQLiteException e) {
// don't bother, the column probably already existed
}
save whether key was seen on keyservers
2017-05-20 21:37:04 +02:00
add trust id database table
2016-11-28 08:11:34 +01:00
case 22:
trust id -> autocrypt peer
2017-06-13 18:33:21 +02:00
db.execSQL("CREATE TABLE IF NOT EXISTS api_autocrypt_peers ("
+ "package_name TEXT NOT NULL, "
+ "identifier TEXT NOT NULL, "
+ "last_updated INTEGER NOT NULL, "
fix migration
2017-07-25 23:19:02 +02:00
+ "last_seen_key INTEGER NOT NULL, "
+ "state INTEGER NOT NULL, "
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
+ "master_key_id INTEGER, "
trust id -> autocrypt peer
2017-06-13 18:33:21 +02:00
+ "PRIMARY KEY(package_name, identifier), "
+ "FOREIGN KEY(package_name) REFERENCES api_apps(package_name) ON DELETE CASCADE"
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
+ ")");
add trust id database table
2016-11-28 08:11:34 +01:00
introduce key signatures table
2017-09-22 04:18:14 +02:00
case 23:
db.execSQL("CREATE TABLE IF NOT EXISTS key_signatures ("
+ "master_key_id INTEGER NOT NULL, "
+ "signer_key_id INTEGER NOT NULL, "
+ "PRIMARY KEY(master_key_id, signer_key_id), "
+ "FOREIGN KEY(master_key_id) REFERENCES keyrings_public(master_key_id) ON DELETE CASCADE"
+ ")");
Fix up logic to match Autocrypt 1.0
2018-01-08 12:38:57 +01:00
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
case 24: {
Improve migration mechanism
2018-01-30 11:20:23 +01:00
try {
db.beginTransaction();
db.execSQL("ALTER TABLE api_autocrypt_peers RENAME TO tmp");
db.execSQL("CREATE TABLE api_autocrypt_peers ("
+ "package_name TEXT NOT NULL, "
+ "identifier TEXT NOT NULL, "
+ "last_seen INTEGER, "
+ "last_seen_key INTEGER, "
+ "is_mutual INTEGER, "
+ "master_key_id INTEGER, "
+ "gossip_master_key_id INTEGER, "
+ "gossip_last_seen_key INTEGER, "
+ "gossip_origin INTEGER, "
+ "PRIMARY KEY(package_name, identifier), "
+ "FOREIGN KEY(package_name) REFERENCES api_apps (package_name) ON DELETE CASCADE"
+ ")");
// Note: Keys from Autocrypt 0.X with state == "reset" (0) are dropped
db.execSQL("INSERT INTO api_autocrypt_peers " +
"(package_name, identifier, last_seen, gossip_last_seen_key, gossip_master_key_id, gossip_origin) " +
"SELECT package_name, identifier, last_updated, last_seen_key, master_key_id, 0 " +
"FROM tmp WHERE state = 1"); // Autocrypt 0.X, "gossip" -> now origin=autocrypt
db.execSQL("INSERT INTO api_autocrypt_peers " +
"(package_name, identifier, last_seen, gossip_last_seen_key, gossip_master_key_id, gossip_origin) " +
"SELECT package_name, identifier, last_updated, last_seen_key, master_key_id, 20 " +
"FROM tmp WHERE state = 2"); // "selected" keys -> now origin=dedup
db.execSQL("INSERT INTO api_autocrypt_peers " +
"(package_name, identifier, last_seen, last_seen_key, master_key_id, is_mutual) " +
"SELECT package_name, identifier, last_updated, last_seen_key, master_key_id, 0 " +
Remember "origin" of gossip keys
2018-01-20 22:08:51 +01:00
"FROM tmp WHERE state = 3"); // Autocrypt 0.X, state = "available"
Improve migration mechanism
2018-01-30 11:20:23 +01:00
db.execSQL("INSERT INTO api_autocrypt_peers " +
"(package_name, identifier, last_seen, last_seen_key, master_key_id, is_mutual) " +
"SELECT package_name, identifier, last_updated, last_seen_key, master_key_id, 1 " +
Remember "origin" of gossip keys
2018-01-20 22:08:51 +01:00
"FROM tmp WHERE state = 4"); // from Autocrypt 0.X, state = "mutual"
Improve migration mechanism
2018-01-30 11:20:23 +01:00
db.execSQL("DROP TABLE tmp");
db.setTransactionSuccessful();
} finally {
db.endTransaction();
}
Add migration for autocrypt peers
2018-01-17 15:40:46 +01:00
Improve migration mechanism
2018-01-30 11:20:23 +01:00
db.execSQL("CREATE INDEX IF NOT EXISTS uids_by_email ON user_packets (email);");
better index for Keys table
2018-01-15 17:01:21 +01:00
db.execSQL("DROP INDEX keys_by_rank");
db.execSQL("CREATE INDEX keys_by_rank ON keys(rank, master_key_id);");
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
}
case 25: {
try {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
migrateSecretKeysFromDbToLocalStorage(db, context);
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
} catch (IOException e) {
throw new IllegalStateException("Error migrating secret keys! This is bad!!");
}
}
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
case 26:
extract UpdatedKeys access from KeychainProvider into KeyMetadataDao
2018-06-18 11:40:39 +02:00
migrateUpdatedKeysToKeyMetadataTable(db);
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
case 27:
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
renameApiAutocryptPeersTable(db);
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
case 28:
recreateUnifiedKeyView(db);
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
// drop old table from version 20
db.execSQL("DROP TABLE IF EXISTS api_accounts");
add has_secret for all who are upgrading from a beta version
2014-04-22 11:38:39 +02:00
}
Break a lot of stuff. Also, database redesign. Change entire database design. This introduces a lot of changes, notably all URIs and almost all projections. Some features (like key deletion) have been simply commented out for now since they need serious reconsideration. There are a couple of new TODOs marking places where more work is needed. The migration path works fine from what I tested. The old database is not deleted for now, ie, it is reimported at every start of the application making all intermediate changes transient. Tested and working (for me): - All activities in the main drawer - Multiselect and Search - ViewKeyActivity, with and without secret key available - CertifyKeyActivity - SelectSecretKeyActivity (from CertifyKeyActivity) - SelectPublicKeyActivity (from encrypt activity) What doesn't work: - Actually certifying keys (pending a TODO in ProviderHelper) - Importing keys doesn't preserve secret keys - "Encrypt to this contact" doesn't pass key - Editing keys. All controls are disabled, I'm not sure why... (is this even my fault?) - Deleting keys What I didn't test: - Key export - API stuff - Creating keys (since editing doesn't even work)
2014-04-03 01:34:35 +02:00
}
(preliminary) certs table
2014-03-11 00:09:11 +01:00
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
private void recreateUnifiedKeyView(SupportSQLiteDatabase db) {
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
// noinspection deprecation
extract findByUserId and findByEmail usage from KeychainProvider
2018-06-25 14:12:22 +02:00
db.execSQL("DROP VIEW IF EXISTS " + KeysModel.UNIFIEDKEYVIEW_VIEW_NAME);
db.execSQL(KeysModel.UNIFIEDKEYVIEW);
}
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private void migrateSecretKeysFromDbToLocalStorage(SupportSQLiteDatabase db, Context context) throws IOException {
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
LocalSecretKeyStorage localSecretKeyStorage = LocalSecretKeyStorage.getInstance(context);
Cursor cursor = db.query("SELECT master_key_id, key_ring_data FROM keyrings_secret");
Store secret keys in private storage instead of database
2018-06-15 14:34:38 +02:00
while (cursor.moveToNext()) {
long masterKeyId = cursor.getLong(0);
byte[] secretKeyBlob = cursor.getBlob(1);
localSecretKeyStorage.writeSecretKey(masterKeyId, secretKeyBlob);
}
cursor.close();
// we'll keep this around for now, but make sure to delete when migration looks ok!!
// db.execSQL("DROP TABLE keyrings_secret");
}
extract UpdatedKeys access from KeychainProvider into KeyMetadataDao
2018-06-18 11:40:39 +02:00
private void migrateUpdatedKeysToKeyMetadataTable(SupportSQLiteDatabase db) {
Split up FlexibleKeyItem, re-add support for dummy item if user has no secret keys
2018-06-21 14:24:52 +02:00
try {
db.execSQL("ALTER TABLE updated_keys RENAME TO key_metadata;");
} catch (SQLException e) {
if (Constants.DEBUG) {
Timber.e(e, "Ignoring migration exception, this probably happened before");
return;
}
throw e;
}
extract UpdatedKeys access from KeychainProvider into KeyMetadataDao
2018-06-18 11:40:39 +02:00
}
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
private void renameApiAutocryptPeersTable(SupportSQLiteDatabase db) {
Split up FlexibleKeyItem, re-add support for dummy item if user has no secret keys
2018-06-21 14:24:52 +02:00
try {
db.execSQL("ALTER TABLE api_autocrypt_peers RENAME TO autocrypt_peers;");
} catch (SQLException e) {
if (Constants.DEBUG) {
Timber.e(e, "Ignoring migration exception, this probably happened before");
return;
}
throw e;
}
extract autocrypt_peers from KeychainProvider into AutocryptPeerDao
2018-06-18 23:03:09 +02:00
}
clean up KeychainDatabase a bit
2018-06-25 15:11:08 +02:00
private void onDowngrade() {
allow database downgrade for debug builds
2015-11-15 03:10:30 +01:00
// Downgrade is ok for the debug version, makes it easier to work with branches
if (Constants.DEBUG) {
return;
}
Prevent database downgrade (OKC-01-012)
2015-09-25 00:01:24 +02:00
// NOTE: downgrading the database is explicitly not allowed to prevent
// someone from exploiting old bugs to export the database
throw new RuntimeException("Downgrading the database is not allowed!");
}
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
private static void copy(File in, File out) throws IOException {
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
FileInputStream is = new FileInputStream(in);
FileOutputStream os = new FileOutputStream(out);
fix rest of resource leaks (#1351)
2015-06-17 21:30:25 +02:00
try {
byte[] buf = new byte[512];
while (is.available() > 0) {
int count = is.read(buf, 0, 512);
os.write(buf, 0, count);
}
} finally {
is.close();
os.close();
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
}
}
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
public static void debugBackup(Context context, boolean restore) throws IOException {
Formatting KeychainDatabase
2014-04-29 14:02:22 +02:00
if (!Constants.DEBUG) {
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
return;
}
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
File in;
File out;
if (restore) {
in = context.getDatabasePath("debug_backup.db");
Cleanup, prevent encrypt Intent inception
2014-08-04 14:42:03 +02:00
out = context.getDatabasePath(DATABASE_NAME);
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
} else {
Cleanup, prevent encrypt Intent inception
2014-08-04 14:42:03 +02:00
in = context.getDatabasePath(DATABASE_NAME);
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
out = context.getDatabasePath("debug_backup.db");
apply database fix for bogus rows introduced by issue #1402
2015-07-08 02:55:35 +02:00
// noinspection ResultOfMethodCallIgnored - this is a pure debug feature, anyways
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
out.createNewFile();
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
}
Formatting KeychainDatabase
2014-04-29 14:02:22 +02:00
if (!in.canRead()) {
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
throw new IOException("Cannot read " + in.getName());
}
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
if (!out.canWrite()) {
add debug backup/restore options to main menu Closes #543
2014-04-11 20:25:50 +02:00
throw new IOException("Cannot write " + out.getName());
}
copy(in, out);
}
Fix debug backup/restore methods
2014-08-04 11:19:46 +02:00
consolidate: use KeychainProvider for deletion operation
2014-08-20 19:31:51 +02:00
// DANGEROUS, use in test code ONLY!
tests: add ProviderHelperSaveTest, with long key id collision test
2014-08-14 17:10:08 +02:00
public void clearDatabase() {
extract database access from CachedPublicKeyRing
2018-06-26 10:24:19 +02:00
getWritableDatabase().execSQL("delete from " + KeyRingsPublicModel.TABLE_NAME);
getWritableDatabase().execSQL("delete from " + ApiAllowedKeysModel.TABLE_NAME);
use SQLDelight, remove ApiApps access from KeychainProvider
2018-06-15 19:46:55 +02:00
getWritableDatabase().execSQL("delete from api_apps");
tests: add ProviderHelperSaveTest, with long key id collision test
2014-08-14 17:10:08 +02:00
}
started restructuring APGs Provider and Database
2012-09-18 18:35:14 +02:00
}
Reference in New Issue Copy Permalink