cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

redesign certify action to work with parcel input and result

Browse Source
This commit is contained in:
Vincent Breitmoser
2014-10-04 14:11:51 +02:00
parent dcd22d9815
commit 0e0e3d8dd0
10 changed files with 389 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
View File

@@ -51,6 +51,10 @@ public abstract class CanonicalizedKeyRing extends KeyRing {
return mVerified;
}
public byte[] getFingerprint() {
return getRing().getPublicKey().getFingerprint();
}
public String getPrimaryUserId() throws PgpGeneralException {
return getPublicKey().getPrimaryUserId();
}

9
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
View File

@@ -278,13 +278,12 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
* Certify the given pubkeyid with the given masterkeyid.
*
* @param publicKeyRing Keyring to add certification to.
* @param userIds User IDs to certify, must not be null or empty
* @param userIds User IDs to certify, or all if null
* @return A keyring with added certifications
*/
public UncachedKeyRing certifyUserIds(CanonicalizedPublicKeyRing publicKeyRing, List<String> userIds,
byte[] nfcSignedHash, Date nfcCreationTimestamp)
throws PgpGeneralMsgIdException, NoSuchAlgorithmException, NoSuchProviderException,
PGPException, SignatureException {
throws PGPException {
if (mPrivateKeyState == PRIVATE_KEY_STATE_LOCKED) {
throw new PrivateKeyNotUnlockedException();
}
@@ -314,7 +313,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
PGPPublicKey publicKey = publicKeyRing.getPublicKey().getPublicKey();
// fetch public key ring, add the certification and return it
for (String userId : new IterableIterator<String>(userIds.iterator())) {
Iterable<String> it = userIds != null ? userIds
: new IterableIterator<String>(publicKey.getUserIDs());
for (String userId : it) {
PGPSignature sig = signatureGenerator.generateCertification(userId, publicKey);
publicKey = PGPPublicKey.addCertification(publicKey, userId, sig);
}

149
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpCertifyOperation.java Normal file
View File

@@ -0,0 +1,149 @@
package org.sufficientlysecure.keychain.pgp;
import android.content.Context;
import org.spongycastle.openpgp.PGPException;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction;
import org.sufficientlysecure.keychain.service.results.CertifyResult;
import org.sufficientlysecure.keychain.service.results.EditKeyResult;
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.service.results.SaveKeyringResult;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.Log;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.concurrent.atomic.AtomicBoolean;
public class PgpCertifyOperation {
private AtomicBoolean mCancelled;
private ProviderHelper mProviderHelper;
public PgpCertifyOperation(ProviderHelper providerHelper, AtomicBoolean cancelled) {
mProviderHelper = providerHelper;
mCancelled = cancelled;
}
private boolean checkCancelled() {
return mCancelled != null && mCancelled.get();
}
public CertifyResult certify(CertifyActionsParcel parcel, String passphrase) {
OperationLog log = new OperationLog();
log.add(LogType.MSG_CRT, 0);
// Retrieve and unlock secret key
CanonicalizedSecretKey certificationKey;
try {
log.add(LogType.MSG_CRT_MASTER_FETCH, 1);
CanonicalizedSecretKeyRing secretKeyRing =
mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
log.add(LogType.MSG_CRT_UNLOCK, 1);
certificationKey = secretKeyRing.getSecretKey();
if (!certificationKey.unlock(passphrase)) {
log.add(LogType.MSG_CRT_ERROR_UNLOCK, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
}
} catch (PgpGeneralException e) {
log.add(LogType.MSG_CRT_ERROR_UNLOCK, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
} catch (NotFoundException e) {
log.add(LogType.MSG_CRT_ERROR_MASTER_NOT_FOUND, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
}
ArrayList<UncachedKeyRing> certifiedKeys = new ArrayList<UncachedKeyRing>();
log.add(LogType.MSG_CRT_CERTIFYING, 1);
int certifyOk = 0, certifyError = 0;
// Work through all requested certifications
for (CertifyAction action : parcel.mCertifyActions) {
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log);
}
try {
if (action.mUserIds == null) {
log.add(LogType.MSG_CRT_CERTIFY_ALL, 2,
KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId));
} else {
log.add(LogType.MSG_CRT_CERTIFY_SOME, 2, action.mUserIds.size(),
KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId));
}
CanonicalizedPublicKeyRing publicRing =
mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
if ( ! Arrays.equals(publicRing.getFingerprint(), action.mFingerprint)) {
log.add(LogType.MSG_CRT_FP_MISMATCH, 3);
certifyError += 1;
continue;
}
UncachedKeyRing certifiedKey = certificationKey.certifyUserIds(publicRing, action.mUserIds, null, null);
certifiedKeys.add(certifiedKey);
} catch (NotFoundException e) {
certifyError += 1;
log.add(LogType.MSG_CRT_WARN_NOT_FOUND, 3);
} catch (PGPException e) {
certifyError += 1;
log.add(LogType.MSG_CRT_WARN_CERT_FAILED, 3);
Log.e(Constants.TAG, "Encountered PGPException during certification", e);
}
}
log.add(LogType.MSG_CRT_SAVING, 1);
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log);
}
// Write all certified keys into the database
for (UncachedKeyRing certifiedKey : certifiedKeys) {
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log, certifyOk, certifyError);
}
log.add(LogType.MSG_CRT_SAVE, 2,
KeyFormattingUtils.convertKeyIdToHex(certifiedKey.getMasterKeyId()));
// store the signed key in our local cache
SaveKeyringResult result = mProviderHelper.savePublicKeyRing(certifiedKey);
if (result.success()) {
certifyOk += 1;
} else {
log.add(LogType.MSG_CRT_WARN_SAVE_FAILED, 3);
}
// TODO do something with import results
}
log.add(LogType.MSG_CRT_SUCCESS, 0);
return new CertifyResult(CertifyResult.RESULT_OK, log, certifyOk, certifyError);
}
}

1
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
View File

@@ -38,7 +38,6 @@ import org.sufficientlysecure.keychain.service.results.OperationResult.Operation
import org.sufficientlysecure.keychain.service.results.ImportKeyResult;
import org.sufficientlysecure.keychain.service.results.SaveKeyringResult;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.ProgressScaler;