use autovalue for SubkeyAdd and SubkeyChange
This commit is contained in:
Vincent Breitmoser
@@ -24,6 +24,7 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|||||||
import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
|
import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
|
||||||
import org.sufficientlysecure.keychain.securitytoken.RSAKeyFormat;
|
import org.sufficientlysecure.keychain.securitytoken.RSAKeyFormat;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.net.Proxy;
|
import java.net.Proxy;
|
||||||
@@ -179,11 +180,11 @@ public final class Constants {
|
|||||||
* Default key configuration: 3072 bit RSA (certify, sign, encrypt)
|
* Default key configuration: 3072 bit RSA (certify, sign, encrypt)
|
||||||
*/
|
*/
|
||||||
public static void addDefaultSubkeys(SaveKeyringParcel saveKeyringParcel) {
|
public static void addDefaultSubkeys(SaveKeyringParcel saveKeyringParcel) {
|
||||||
saveKeyringParcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
saveKeyringParcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
||||||
3072, null, KeyFlags.CERTIFY_OTHER, 0L));
|
3072, null, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
saveKeyringParcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
saveKeyringParcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
||||||
3072, null, KeyFlags.SIGN_DATA, 0L));
|
3072, null, KeyFlags.SIGN_DATA, 0L));
|
||||||
saveKeyringParcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
saveKeyringParcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
||||||
3072, null, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, 0L));
|
3072, null, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, 0L));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -29,6 +29,7 @@ import java.security.NoSuchProviderException;
|
|||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.security.SignatureException;
|
import java.security.SignatureException;
|
||||||
import java.security.spec.ECGenParameterSpec;
|
import java.security.spec.ECGenParameterSpec;
|
||||||
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
@@ -81,6 +82,7 @@ import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
|||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Curve;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Curve;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
|
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
|
||||||
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.SecurityTokenKeyToCardOperationsBuilder;
|
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.SecurityTokenKeyToCardOperationsBuilder;
|
||||||
@@ -166,17 +168,17 @@ public class PgpKeyOperation {
|
|||||||
|
|
||||||
try {
|
try {
|
||||||
// Some safety checks
|
// Some safety checks
|
||||||
if (add.mAlgorithm == Algorithm.ECDH || add.mAlgorithm == Algorithm.ECDSA) {
|
if (add.getAlgorithm() == Algorithm.ECDH || add.getAlgorithm() == Algorithm.ECDSA) {
|
||||||
if (add.mCurve == null) {
|
if (add.getCurve() == null) {
|
||||||
log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (add.mKeySize == null) {
|
if (add.getKeySize() == null) {
|
||||||
log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
if (add.mKeySize < 2048) {
|
if (add.getKeySize() < 2048) {
|
||||||
log.add(LogType.MSG_CR_ERROR_KEYSIZE_2048, indent);
|
log.add(LogType.MSG_CR_ERROR_KEYSIZE_2048, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
@@ -185,27 +187,27 @@ public class PgpKeyOperation {
|
|||||||
int algorithm;
|
int algorithm;
|
||||||
KeyPairGenerator keyGen;
|
KeyPairGenerator keyGen;
|
||||||
|
|
||||||
switch (add.mAlgorithm) {
|
switch (add.getAlgorithm()) {
|
||||||
case DSA: {
|
case DSA: {
|
||||||
if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
if ((add.getFlags() & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||||
log.add(LogType.MSG_CR_ERROR_FLAGS_DSA, indent);
|
log.add(LogType.MSG_CR_ERROR_FLAGS_DSA, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
progress(R.string.progress_generating_dsa, 30);
|
progress(R.string.progress_generating_dsa, 30);
|
||||||
keyGen = KeyPairGenerator.getInstance("DSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
keyGen = KeyPairGenerator.getInstance("DSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
keyGen.initialize(add.mKeySize, new SecureRandom());
|
keyGen.initialize(add.getKeySize(), new SecureRandom());
|
||||||
algorithm = PGPPublicKey.DSA;
|
algorithm = PGPPublicKey.DSA;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case ELGAMAL: {
|
case ELGAMAL: {
|
||||||
if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
if ((add.getFlags() & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ELGAMAL, indent);
|
log.add(LogType.MSG_CR_ERROR_FLAGS_ELGAMAL, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
progress(R.string.progress_generating_elgamal, 30);
|
progress(R.string.progress_generating_elgamal, 30);
|
||||||
keyGen = KeyPairGenerator.getInstance("ElGamal", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
keyGen = KeyPairGenerator.getInstance("ElGamal", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
BigInteger p = Primes.getBestPrime(add.mKeySize);
|
BigInteger p = Primes.getBestPrime(add.getKeySize());
|
||||||
BigInteger g = new BigInteger("2");
|
BigInteger g = new BigInteger("2");
|
||||||
|
|
||||||
ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g);
|
ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g);
|
||||||
@@ -218,19 +220,19 @@ public class PgpKeyOperation {
|
|||||||
case RSA: {
|
case RSA: {
|
||||||
progress(R.string.progress_generating_rsa, 30);
|
progress(R.string.progress_generating_rsa, 30);
|
||||||
keyGen = KeyPairGenerator.getInstance("RSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
keyGen = KeyPairGenerator.getInstance("RSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
keyGen.initialize(add.mKeySize, new SecureRandom());
|
keyGen.initialize(add.getKeySize(), new SecureRandom());
|
||||||
|
|
||||||
algorithm = PGPPublicKey.RSA_GENERAL;
|
algorithm = PGPPublicKey.RSA_GENERAL;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
case ECDSA: {
|
case ECDSA: {
|
||||||
if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
if ((add.getFlags() & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
progress(R.string.progress_generating_ecdsa, 30);
|
progress(R.string.progress_generating_ecdsa, 30);
|
||||||
ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.mCurve);
|
ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.getCurve());
|
||||||
keyGen = KeyPairGenerator.getInstance("ECDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
keyGen = KeyPairGenerator.getInstance("ECDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
keyGen.initialize(ecParamSpec, new SecureRandom());
|
keyGen.initialize(ecParamSpec, new SecureRandom());
|
||||||
|
|
||||||
@@ -240,12 +242,12 @@ public class PgpKeyOperation {
|
|||||||
|
|
||||||
case ECDH: {
|
case ECDH: {
|
||||||
// make sure there are no sign or certify flags set
|
// make sure there are no sign or certify flags set
|
||||||
if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
if ((add.getFlags() & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDH, indent);
|
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDH, indent);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
progress(R.string.progress_generating_ecdh, 30);
|
progress(R.string.progress_generating_ecdh, 30);
|
||||||
ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.mCurve);
|
ECGenParameterSpec ecParamSpec = getEccParameterSpec(add.getCurve());
|
||||||
keyGen = KeyPairGenerator.getInstance("ECDH", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
keyGen = KeyPairGenerator.getInstance("ECDH", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
keyGen.initialize(ecParamSpec, new SecureRandom());
|
keyGen.initialize(ecParamSpec, new SecureRandom());
|
||||||
|
|
||||||
@@ -296,12 +298,12 @@ public class PgpKeyOperation {
|
|||||||
}
|
}
|
||||||
|
|
||||||
SubkeyAdd add = saveParcel.mAddSubKeys.remove(0);
|
SubkeyAdd add = saveParcel.mAddSubKeys.remove(0);
|
||||||
if ((add.mFlags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
if ((add.getFlags() & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
||||||
log.add(LogType.MSG_CR_ERROR_NO_CERTIFY, indent);
|
log.add(LogType.MSG_CR_ERROR_NO_CERTIFY, indent);
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (add.mExpiry == null) {
|
if (add.getExpiry() == null) {
|
||||||
log.add(LogType.MSG_CR_ERROR_NULL_EXPIRY, indent);
|
log.add(LogType.MSG_CR_ERROR_NULL_EXPIRY, indent);
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
@@ -337,7 +339,7 @@ public class PgpKeyOperation {
|
|||||||
|
|
||||||
subProgressPush(50, 100);
|
subProgressPush(50, 100);
|
||||||
CryptoInputParcel cryptoInput = CryptoInputParcel.createCryptoInputParcel(creationTime, new Passphrase(""));
|
CryptoInputParcel cryptoInput = CryptoInputParcel.createCryptoInputParcel(creationTime, new Passphrase(""));
|
||||||
return internal(sKR, masterSecretKey, add.mFlags, add.mExpiry, cryptoInput, saveParcel, log, indent);
|
return internal(sKR, masterSecretKey, add.getFlags(), add.getExpiry(), cryptoInput, saveParcel, log, indent);
|
||||||
|
|
||||||
} catch (PGPException e) {
|
} catch (PGPException e) {
|
||||||
log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
||||||
@@ -417,25 +419,25 @@ public class PgpKeyOperation {
|
|||||||
boolean hasSign = false;
|
boolean hasSign = false;
|
||||||
boolean hasEncrypt = false;
|
boolean hasEncrypt = false;
|
||||||
boolean hasAuth = false;
|
boolean hasAuth = false;
|
||||||
for(SaveKeyringParcel.SubkeyChange change : saveParcel.mChangeSubKeys) {
|
for (SaveKeyringParcel.SubkeyChange change : new ArrayList<>(saveParcel.mChangeSubKeys)) {
|
||||||
if (change.mMoveKeyToSecurityToken) {
|
if (change.getMoveKeyToSecurityToken()) {
|
||||||
// If this is a moveKeyToSecurityToken operation, see if it was completed: look for a hash
|
// If this is a moveKeyToSecurityToken operation, see if it was completed: look for a hash
|
||||||
// matching the given subkey ID in cryptoData.
|
// matching the given subkey ID in cryptoData.
|
||||||
byte[] subKeyId = new byte[8];
|
byte[] subKeyId = new byte[8];
|
||||||
ByteBuffer buf = ByteBuffer.wrap(subKeyId);
|
ByteBuffer buf = ByteBuffer.wrap(subKeyId);
|
||||||
buf.putLong(change.mKeyId).rewind();
|
buf.putLong(change.getSubKeyId()).rewind();
|
||||||
|
|
||||||
byte[] serialNumber = cryptoInput.getCryptoData().get(buf);
|
byte[] serialNumber = cryptoInput.getCryptoData().get(buf);
|
||||||
if (serialNumber != null) {
|
if (serialNumber != null) {
|
||||||
change.mMoveKeyToSecurityToken = false;
|
saveParcel.addOrReplaceSubkeyChange(
|
||||||
change.mSecurityTokenSerialNo = serialNumber;
|
SubkeyChange.createSecurityTokenSerialNo(change.getSubKeyId(), serialNumber));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (change.mMoveKeyToSecurityToken) {
|
if (change.getMoveKeyToSecurityToken()) {
|
||||||
// Pending moveKeyToSecurityToken operation. Need to make sure that we don't have multiple
|
// Pending moveKeyToSecurityToken operation. Need to make sure that we don't have multiple
|
||||||
// subkeys pending for the same slot.
|
// subkeys pending for the same slot.
|
||||||
CanonicalizedSecretKey wsK = wsKR.getSecretKey(change.mKeyId);
|
CanonicalizedSecretKey wsK = wsKR.getSecretKey(change.getSubKeyId());
|
||||||
|
|
||||||
if ((wsK.canSign() || wsK.canCertify())) {
|
if ((wsK.canSign() || wsK.canCertify())) {
|
||||||
if (hasSign) {
|
if (hasSign) {
|
||||||
@@ -806,62 +808,62 @@ public class PgpKeyOperation {
|
|||||||
progress(R.string.progress_modify_subkeychange, (i-1) * (100 / saveParcel.mChangeSubKeys.size()));
|
progress(R.string.progress_modify_subkeychange, (i-1) * (100 / saveParcel.mChangeSubKeys.size()));
|
||||||
SaveKeyringParcel.SubkeyChange change = saveParcel.mChangeSubKeys.get(i);
|
SaveKeyringParcel.SubkeyChange change = saveParcel.mChangeSubKeys.get(i);
|
||||||
log.add(LogType.MSG_MF_SUBKEY_CHANGE,
|
log.add(LogType.MSG_MF_SUBKEY_CHANGE,
|
||||||
indent, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
|
|
||||||
PGPSecretKey sKey = sKR.getSecretKey(change.mKeyId);
|
PGPSecretKey sKey = sKR.getSecretKey(change.getSubKeyId());
|
||||||
if (sKey == null) {
|
if (sKey == null) {
|
||||||
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (change.mDummyStrip) {
|
if (change.getDummyStrip()) {
|
||||||
// IT'S DANGEROUS~
|
// IT'S DANGEROUS~
|
||||||
// no really, it is. this operation irrevocably removes the private key data from the key
|
// no really, it is. this operation irrevocably removes the private key data from the key
|
||||||
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey());
|
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey());
|
||||||
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
||||||
} else if (change.mMoveKeyToSecurityToken) {
|
} else if (change.getMoveKeyToSecurityToken()) {
|
||||||
if (checkSecurityTokenCompatibility(sKey, log, indent + 1)) {
|
if (checkSecurityTokenCompatibility(sKey, log, indent + 1)) {
|
||||||
log.add(LogType.MSG_MF_KEYTOCARD_START, indent + 1,
|
log.add(LogType.MSG_MF_KEYTOCARD_START, indent + 1,
|
||||||
KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
nfcKeyToCardOps.addSubkey(change.mKeyId);
|
nfcKeyToCardOps.addSubkey(change.getSubKeyId());
|
||||||
} else {
|
} else {
|
||||||
// Appropriate log message already set by checkSecurityTokenCompatibility
|
// Appropriate log message already set by checkSecurityTokenCompatibility
|
||||||
return new PgpEditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
} else if (change.mSecurityTokenSerialNo != null) {
|
} else if (change.getSecurityTokenSerialNo() != null) {
|
||||||
// NOTE: Does this code get executed? Or always handled in internalRestricted?
|
// NOTE: Does this code get executed? Or always handled in internalRestricted?
|
||||||
if (change.mSecurityTokenSerialNo.length != 16) {
|
if (change.getSecurityTokenSerialNo().length != 16) {
|
||||||
log.add(LogType.MSG_MF_ERROR_DIVERT_SERIAL,
|
log.add(LogType.MSG_MF_ERROR_DIVERT_SERIAL,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
log.add(LogType.MSG_MF_KEYTOCARD_FINISH, indent + 1,
|
log.add(LogType.MSG_MF_KEYTOCARD_FINISH, indent + 1,
|
||||||
KeyFormattingUtils.convertKeyIdToHex(change.mKeyId),
|
KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()),
|
||||||
Hex.toHexString(change.mSecurityTokenSerialNo, 8, 6));
|
Hex.toHexString(change.getSecurityTokenSerialNo(), 8, 6));
|
||||||
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey(), change.mSecurityTokenSerialNo);
|
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey(), change.getSecurityTokenSerialNo());
|
||||||
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
// This doesn't concern us any further
|
// This doesn't concern us any further
|
||||||
if (!change.mRecertify && (change.mExpiry == null && change.mFlags == null)) {
|
if (!change.getRecertify() && (change.getExpiry() == null && change.getFlags() == null)) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
// expiry must not be in the past
|
// expiry must not be in the past
|
||||||
if (change.mExpiry != null && change.mExpiry != 0 &&
|
if (change.getExpiry() != null && change.getExpiry() != 0 &&
|
||||||
new Date(change.mExpiry*1000).before(new Date())) {
|
new Date(change.getExpiry() * 1000).before(new Date())) {
|
||||||
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY,
|
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
// if this is the master key, update uid certificates instead
|
// if this is the master key, update uid certificates instead
|
||||||
if (change.mKeyId == masterPublicKey.getKeyID()) {
|
if (change.getSubKeyId() == masterPublicKey.getKeyID()) {
|
||||||
int flags = change.mFlags == null ? masterKeyFlags : change.mFlags;
|
int flags = change.getFlags() == null ? masterKeyFlags : change.getFlags();
|
||||||
long expiry = change.mExpiry == null ? masterKeyExpiry : change.mExpiry;
|
long expiry = change.getExpiry() == null ? masterKeyExpiry : change.getExpiry();
|
||||||
|
|
||||||
if ((flags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
if ((flags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
||||||
log.add(LogType.MSG_MF_ERROR_NO_CERTIFY, indent + 1);
|
log.add(LogType.MSG_MF_ERROR_NO_CERTIFY, indent + 1);
|
||||||
@@ -886,22 +888,22 @@ public class PgpKeyOperation {
|
|||||||
PGPPublicKey pKey = sKey.getPublicKey();
|
PGPPublicKey pKey = sKey.getPublicKey();
|
||||||
|
|
||||||
// keep old flags, or replace with new ones
|
// keep old flags, or replace with new ones
|
||||||
int flags = change.mFlags == null ? readKeyFlags(pKey) : change.mFlags;
|
int flags = change.getFlags() == null ? readKeyFlags(pKey) : change.getFlags();
|
||||||
long expiry;
|
long expiry;
|
||||||
if (change.mExpiry == null) {
|
if (change.getExpiry() == null) {
|
||||||
long valid = pKey.getValidSeconds();
|
long valid = pKey.getValidSeconds();
|
||||||
expiry = valid == 0
|
expiry = valid == 0
|
||||||
? 0
|
? 0
|
||||||
: pKey.getCreationTime().getTime() / 1000 + pKey.getValidSeconds();
|
: pKey.getCreationTime().getTime() / 1000 + pKey.getValidSeconds();
|
||||||
} else {
|
} else {
|
||||||
expiry = change.mExpiry;
|
expiry = change.getExpiry();
|
||||||
}
|
}
|
||||||
|
|
||||||
// drop all old signatures, they will be superseded by the new one
|
// drop all old signatures, they will be superseded by the new one
|
||||||
//noinspection unchecked
|
//noinspection unchecked
|
||||||
for (PGPSignature sig : new IterableIterator<PGPSignature>(pKey.getSignatures())) {
|
for (PGPSignature sig : new IterableIterator<PGPSignature>(pKey.getSignatures())) {
|
||||||
// special case: if there is a revocation, don't use expiry from before
|
// special case: if there is a revocation, don't use expiry from before
|
||||||
if ( (change.mExpiry == null || change.mExpiry == 0L)
|
if ( (change.getExpiry() == null || change.getExpiry() == 0L)
|
||||||
&& sig.getSignatureType() == PGPSignature.SUBKEY_REVOCATION) {
|
&& sig.getSignatureType() == PGPSignature.SUBKEY_REVOCATION) {
|
||||||
expiry = 0;
|
expiry = 0;
|
||||||
}
|
}
|
||||||
@@ -917,7 +919,7 @@ public class PgpKeyOperation {
|
|||||||
// super special case: subkey is allowed to sign, but isn't available
|
// super special case: subkey is allowed to sign, but isn't available
|
||||||
if (subPrivateKey == null) {
|
if (subPrivateKey == null) {
|
||||||
log.add(LogType.MSG_MF_ERROR_SUB_STRIPPED,
|
log.add(LogType.MSG_MF_ERROR_SUB_STRIPPED,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
@@ -985,19 +987,19 @@ public class PgpKeyOperation {
|
|||||||
progress(R.string.progress_modify_subkeyadd, (i-1) * (100 / saveParcel.mAddSubKeys.size()));
|
progress(R.string.progress_modify_subkeyadd, (i-1) * (100 / saveParcel.mAddSubKeys.size()));
|
||||||
SaveKeyringParcel.SubkeyAdd add = saveParcel.mAddSubKeys.get(i);
|
SaveKeyringParcel.SubkeyAdd add = saveParcel.mAddSubKeys.get(i);
|
||||||
log.add(LogType.MSG_MF_SUBKEY_NEW, indent,
|
log.add(LogType.MSG_MF_SUBKEY_NEW, indent,
|
||||||
KeyFormattingUtils.getAlgorithmInfo(add.mAlgorithm, add.mKeySize, add.mCurve) );
|
KeyFormattingUtils.getAlgorithmInfo(add.getAlgorithm(), add.getKeySize(), add.getCurve()) );
|
||||||
|
|
||||||
if (isDivertToCard(masterSecretKey)) {
|
if (isDivertToCard(masterSecretKey)) {
|
||||||
log.add(LogType.MSG_MF_ERROR_DIVERT_NEWSUB, indent +1);
|
log.add(LogType.MSG_MF_ERROR_DIVERT_NEWSUB, indent +1);
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (add.mExpiry == null) {
|
if (add.getExpiry() == null) {
|
||||||
log.add(LogType.MSG_MF_ERROR_NULL_EXPIRY, indent +1);
|
log.add(LogType.MSG_MF_ERROR_NULL_EXPIRY, indent +1);
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (add.mExpiry > 0L && new Date(add.mExpiry*1000).before(new Date())) {
|
if (add.getExpiry() > 0L && new Date(add.getExpiry() * 1000).before(new Date())) {
|
||||||
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY, indent +1);
|
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY, indent +1);
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
@@ -1022,7 +1024,7 @@ public class PgpKeyOperation {
|
|||||||
cryptoInput.getSignatureTime(),
|
cryptoInput.getSignatureTime(),
|
||||||
masterPublicKey, masterPrivateKey,
|
masterPublicKey, masterPrivateKey,
|
||||||
getSignatureGenerator(pKey, cryptoInput, false), keyPair.getPrivateKey(), pKey,
|
getSignatureGenerator(pKey, cryptoInput, false), keyPair.getPrivateKey(), pKey,
|
||||||
add.mFlags, add.mExpiry);
|
add.getFlags(), add.getExpiry());
|
||||||
pKey = PGPPublicKey.addSubkeyBindingCertification(pKey, cert);
|
pKey = PGPPublicKey.addSubkeyBindingCertification(pKey, cert);
|
||||||
} catch (NfcInteractionNeeded e) {
|
} catch (NfcInteractionNeeded e) {
|
||||||
nfcSignOps.addHash(e.hashToSign, e.hashAlgo);
|
nfcSignOps.addHash(e.hashToSign, e.hashAlgo);
|
||||||
@@ -1158,31 +1160,31 @@ public class PgpKeyOperation {
|
|||||||
progress(R.string.progress_modify_subkeychange, (i - 1) * (100 / saveParcel.mChangeSubKeys.size()));
|
progress(R.string.progress_modify_subkeychange, (i - 1) * (100 / saveParcel.mChangeSubKeys.size()));
|
||||||
SaveKeyringParcel.SubkeyChange change = saveParcel.mChangeSubKeys.get(i);
|
SaveKeyringParcel.SubkeyChange change = saveParcel.mChangeSubKeys.get(i);
|
||||||
log.add(LogType.MSG_MF_SUBKEY_CHANGE,
|
log.add(LogType.MSG_MF_SUBKEY_CHANGE,
|
||||||
indent, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
|
|
||||||
PGPSecretKey sKey = sKR.getSecretKey(change.mKeyId);
|
PGPSecretKey sKey = sKR.getSecretKey(change.getSubKeyId());
|
||||||
if (sKey == null) {
|
if (sKey == null) {
|
||||||
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (change.mDummyStrip || change.mSecurityTokenSerialNo != null) {
|
if (change.getDummyStrip() || change.getSecurityTokenSerialNo() != null) {
|
||||||
// IT'S DANGEROUS~
|
// IT'S DANGEROUS~
|
||||||
// no really, it is. this operation irrevocably removes the private key data from the key
|
// no really, it is. this operation irrevocably removes the private key data from the key
|
||||||
if (change.mDummyStrip) {
|
if (change.getDummyStrip()) {
|
||||||
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey());
|
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey());
|
||||||
} else {
|
} else {
|
||||||
// the serial number must be 16 bytes in length
|
// the serial number must be 16 bytes in length
|
||||||
if (change.mSecurityTokenSerialNo.length != 16) {
|
if (change.getSecurityTokenSerialNo().length != 16) {
|
||||||
log.add(LogType.MSG_MF_ERROR_DIVERT_SERIAL,
|
log.add(LogType.MSG_MF_ERROR_DIVERT_SERIAL,
|
||||||
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.mKeyId));
|
indent + 1, KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()));
|
||||||
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
|
||||||
}
|
}
|
||||||
log.add(LogType.MSG_MF_KEYTOCARD_FINISH, indent + 1,
|
log.add(LogType.MSG_MF_KEYTOCARD_FINISH, indent + 1,
|
||||||
KeyFormattingUtils.convertKeyIdToHex(change.mKeyId),
|
KeyFormattingUtils.convertKeyIdToHex(change.getSubKeyId()),
|
||||||
Hex.toHexString(change.mSecurityTokenSerialNo, 8, 6));
|
Hex.toHexString(change.getSecurityTokenSerialNo(), 8, 6));
|
||||||
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey(), change.mSecurityTokenSerialNo);
|
sKey = PGPSecretKey.constructGnuDummyKey(sKey.getPublicKey(), change.getSecurityTokenSerialNo());
|
||||||
}
|
}
|
||||||
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,6 +18,7 @@
|
|||||||
|
|
||||||
package org.sufficientlysecure.keychain.pgp;
|
package org.sufficientlysecure.keychain.pgp;
|
||||||
|
|
||||||
|
import com.google.auto.value.AutoValue;
|
||||||
import org.bouncycastle.bcpg.BCPGInputStream;
|
import org.bouncycastle.bcpg.BCPGInputStream;
|
||||||
import org.bouncycastle.bcpg.BCPGOutputStream;
|
import org.bouncycastle.bcpg.BCPGOutputStream;
|
||||||
import org.bouncycastle.bcpg.Packet;
|
import org.bouncycastle.bcpg.Packet;
|
||||||
|
|||||||
@@ -24,6 +24,8 @@ import org.bouncycastle.asn1.x9.X9ECParameters;
|
|||||||
import org.bouncycastle.bcpg.sig.KeyFlags;
|
import org.bouncycastle.bcpg.sig.KeyFlags;
|
||||||
import org.bouncycastle.math.ec.ECCurve;
|
import org.bouncycastle.math.ec.ECCurve;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
|
|
||||||
|
|
||||||
// 4.3.3.6 Algorithm Attributes
|
// 4.3.3.6 Algorithm Attributes
|
||||||
public class ECKeyFormat extends KeyFormat {
|
public class ECKeyFormat extends KeyFormat {
|
||||||
@@ -105,7 +107,7 @@ public class ECKeyFormat extends KeyFormat {
|
|||||||
throw new IllegalArgumentException("Unsupported curve " + mECCurveOID);
|
throw new IllegalArgumentException("Unsupported curve " + mECCurveOID);
|
||||||
}
|
}
|
||||||
|
|
||||||
keyring.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(algo,
|
keyring.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(algo,
|
||||||
curve.getFieldSize(), scurve, keyFlags, 0L));
|
curve.getFieldSize(), scurve, keyFlags, 0L));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,6 +18,8 @@
|
|||||||
package org.sufficientlysecure.keychain.securitytoken;
|
package org.sufficientlysecure.keychain.securitytoken;
|
||||||
|
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
|
|
||||||
|
|
||||||
// 4.3.3.6 Algorithm Attributes
|
// 4.3.3.6 Algorithm Attributes
|
||||||
public class RSAKeyFormat extends KeyFormat {
|
public class RSAKeyFormat extends KeyFormat {
|
||||||
@@ -85,7 +87,7 @@ public class RSAKeyFormat extends KeyFormat {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public void addToSaveKeyringParcel(SaveKeyringParcel keyring, int keyFlags) {
|
public void addToSaveKeyringParcel(SaveKeyringParcel keyring, int keyFlags) {
|
||||||
keyring.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
keyring.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(SaveKeyringParcel.Algorithm.RSA,
|
||||||
mModulusLength, null, keyFlags, 0L));
|
mModulusLength, null, keyFlags, 0L));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -20,7 +20,9 @@ package org.sufficientlysecure.keychain.service;
|
|||||||
|
|
||||||
import android.os.Parcel;
|
import android.os.Parcel;
|
||||||
import android.os.Parcelable;
|
import android.os.Parcelable;
|
||||||
|
import android.support.annotation.Nullable;
|
||||||
|
|
||||||
|
import com.google.auto.value.AutoValue;
|
||||||
import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute;
|
import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute;
|
||||||
import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
|
import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
|
||||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||||
@@ -137,8 +139,8 @@ public class SaveKeyringParcel implements Parcelable {
|
|||||||
}
|
}
|
||||||
|
|
||||||
for (SubkeyChange change : mChangeSubKeys) {
|
for (SubkeyChange change : mChangeSubKeys) {
|
||||||
if (change.mRecertify || change.mFlags != null || change.mExpiry != null
|
if (change.getRecertify() || change.getFlags() != null || change.getExpiry() != null
|
||||||
|| change.mMoveKeyToSecurityToken) {
|
|| change.getMoveKeyToSecurityToken()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -148,109 +150,84 @@ public class SaveKeyringParcel implements Parcelable {
|
|||||||
|
|
||||||
// performance gain for using Parcelable here would probably be negligible,
|
// performance gain for using Parcelable here would probably be negligible,
|
||||||
// use Serializable instead.
|
// use Serializable instead.
|
||||||
public static class SubkeyAdd implements Serializable {
|
@AutoValue
|
||||||
public Algorithm mAlgorithm;
|
public abstract static class SubkeyAdd implements Serializable {
|
||||||
public Integer mKeySize;
|
public abstract Algorithm getAlgorithm();
|
||||||
public Curve mCurve;
|
@Nullable
|
||||||
public int mFlags;
|
public abstract Integer getKeySize();
|
||||||
public Long mExpiry;
|
@Nullable
|
||||||
|
public abstract Curve getCurve();
|
||||||
|
public abstract int getFlags();
|
||||||
|
@Nullable
|
||||||
|
public abstract Long getExpiry();
|
||||||
|
|
||||||
public SubkeyAdd(Algorithm algorithm, Integer keySize, Curve curve, int flags, Long expiry) {
|
public static SubkeyAdd createSubkeyAdd(Algorithm algorithm, Integer keySize, Curve curve, int flags,
|
||||||
mAlgorithm = algorithm;
|
Long expiry) {
|
||||||
mKeySize = keySize;
|
return new AutoValue_SaveKeyringParcel_SubkeyAdd(algorithm, keySize, curve, flags, expiry);
|
||||||
mCurve = curve;
|
|
||||||
mFlags = flags;
|
|
||||||
mExpiry = expiry;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public String toString() {
|
|
||||||
String out = "mAlgorithm: " + mAlgorithm + ", ";
|
|
||||||
out += "mKeySize: " + mKeySize + ", ";
|
|
||||||
out += "mCurve: " + mCurve + ", ";
|
|
||||||
out += "mFlags: " + mFlags;
|
|
||||||
out += "mExpiry: " + mExpiry;
|
|
||||||
|
|
||||||
return out;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class SubkeyChange implements Serializable {
|
@AutoValue
|
||||||
public final long mKeyId;
|
public abstract static class SubkeyChange implements Serializable {
|
||||||
public Integer mFlags;
|
public abstract long getSubKeyId();
|
||||||
|
@Nullable
|
||||||
|
public abstract Integer getFlags();
|
||||||
// this is a long unix timestamp, in seconds (NOT MILLISECONDS!)
|
// this is a long unix timestamp, in seconds (NOT MILLISECONDS!)
|
||||||
public Long mExpiry;
|
@Nullable
|
||||||
|
public abstract Long getExpiry();
|
||||||
// if this flag is true, the key will be recertified even if all above
|
// if this flag is true, the key will be recertified even if all above
|
||||||
// values are no-ops
|
// values are no-ops
|
||||||
public boolean mRecertify;
|
public abstract boolean getRecertify();
|
||||||
// if this flag is true, the subkey should be changed to a stripped key
|
// if this flag is true, the subkey should be changed to a stripped key
|
||||||
public boolean mDummyStrip;
|
public abstract boolean getDummyStrip();
|
||||||
// if this flag is true, the subkey should be moved to a security token
|
// if this flag is true, the subkey should be moved to a security token
|
||||||
public boolean mMoveKeyToSecurityToken;
|
public abstract boolean getMoveKeyToSecurityToken();
|
||||||
// if this is non-null, the subkey will be changed to a divert-to-card
|
// if this is non-null, the subkey will be changed to a divert-to-card
|
||||||
// (security token) key for the given serial number
|
// (security token) key for the given serial number
|
||||||
public byte[] mSecurityTokenSerialNo;
|
@Nullable
|
||||||
|
public abstract byte[] getSecurityTokenSerialNo();
|
||||||
|
|
||||||
public SubkeyChange(long keyId) {
|
public static SubkeyChange createRecertifyChange(long keyId, boolean recertify) {
|
||||||
mKeyId = keyId;
|
return new AutoValue_SaveKeyringParcel_SubkeyChange(keyId, null, null, recertify, false, false, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public SubkeyChange(long keyId, boolean recertify) {
|
public static SubkeyChange createFlagsOrExpiryChange(long keyId, Integer flags, Long expiry) {
|
||||||
mKeyId = keyId;
|
return new AutoValue_SaveKeyringParcel_SubkeyChange(keyId, flags, expiry, false, false, false, null);
|
||||||
mRecertify = recertify;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public SubkeyChange(long keyId, Integer flags, Long expiry) {
|
public static SubkeyChange createStripChange(long keyId) {
|
||||||
mKeyId = keyId;
|
return new AutoValue_SaveKeyringParcel_SubkeyChange(keyId, null, null, false, true, false, null);
|
||||||
mFlags = flags;
|
|
||||||
mExpiry = expiry;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public SubkeyChange(long keyId, boolean dummyStrip, boolean moveKeyToSecurityToken) {
|
public static SubkeyChange createMoveToSecurityTokenChange(long keyId) {
|
||||||
this(keyId, null, null);
|
return new AutoValue_SaveKeyringParcel_SubkeyChange(keyId, null, null, false, false, true, null);
|
||||||
|
|
||||||
// these flags are mutually exclusive!
|
|
||||||
if (dummyStrip && moveKeyToSecurityToken) {
|
|
||||||
throw new AssertionError(
|
|
||||||
"cannot set strip and moveKeyToSecurityToken" +
|
|
||||||
" flags at the same time - this is a bug!");
|
|
||||||
}
|
|
||||||
mDummyStrip = dummyStrip;
|
|
||||||
mMoveKeyToSecurityToken = moveKeyToSecurityToken;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
public static SubkeyChange createSecurityTokenSerialNo(long keyId, byte[] securityTokenSerialNo) {
|
||||||
public String toString() {
|
return new AutoValue_SaveKeyringParcel_SubkeyChange(keyId, null, null, false, false, false, securityTokenSerialNo);
|
||||||
String out = "mKeyId: " + mKeyId + ", ";
|
|
||||||
out += "mFlags: " + mFlags + ", ";
|
|
||||||
out += "mExpiry: " + mExpiry + ", ";
|
|
||||||
out += "mDummyStrip: " + mDummyStrip + ", ";
|
|
||||||
out += "mMoveKeyToSecurityToken: " + mMoveKeyToSecurityToken + ", ";
|
|
||||||
out += "mSecurityTokenSerialNo: [" + (mSecurityTokenSerialNo == null ? 0 : mSecurityTokenSerialNo.length) + " bytes]";
|
|
||||||
|
|
||||||
return out;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public SubkeyChange getSubkeyChange(long keyId) {
|
public SubkeyChange getSubkeyChange(long keyId) {
|
||||||
for (SubkeyChange subkeyChange : mChangeSubKeys) {
|
for (SubkeyChange subkeyChange : mChangeSubKeys) {
|
||||||
if (subkeyChange.mKeyId == keyId) {
|
if (subkeyChange.getSubKeyId() == keyId) {
|
||||||
return subkeyChange;
|
return subkeyChange;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public SubkeyChange getOrCreateSubkeyChange(long keyId) {
|
public void addOrReplaceSubkeyChange(SubkeyChange change) {
|
||||||
SubkeyChange foundSubkeyChange = getSubkeyChange(keyId);
|
SubkeyChange foundSubkeyChange = getSubkeyChange(change.getSubKeyId());
|
||||||
if (foundSubkeyChange != null) {
|
if (foundSubkeyChange != null) {
|
||||||
return foundSubkeyChange;
|
mChangeSubKeys.remove(foundSubkeyChange);
|
||||||
} else {
|
|
||||||
// else, create a new one
|
|
||||||
SubkeyChange newSubkeyChange = new SubkeyChange(keyId);
|
|
||||||
mChangeSubKeys.add(newSubkeyChange);
|
|
||||||
return newSubkeyChange;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
mChangeSubKeys.add(change);
|
||||||
|
}
|
||||||
|
|
||||||
|
public void removeSubkeyChange(SubkeyChange change) {
|
||||||
|
mChangeSubKeys.remove(change);
|
||||||
}
|
}
|
||||||
|
|
||||||
@SuppressWarnings("unchecked") // we verify the reads against writes in writeToParcel
|
@SuppressWarnings("unchecked") // we verify the reads against writes in writeToParcel
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ import org.sufficientlysecure.keychain.provider.KeyRepository;
|
|||||||
import org.sufficientlysecure.keychain.provider.KeychainContract;
|
import org.sufficientlysecure.keychain.provider.KeychainContract;
|
||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange;
|
||||||
import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
|
import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
|
import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
|
||||||
@@ -444,7 +445,7 @@ public class CreateKeyFinalFragment extends Fragment {
|
|||||||
try {
|
try {
|
||||||
while (cursor != null && cursor.moveToNext()) {
|
while (cursor != null && cursor.moveToNext()) {
|
||||||
long subkeyId = cursor.getLong(0);
|
long subkeyId = cursor.getLong(0);
|
||||||
changeKeyringParcel.getOrCreateSubkeyChange(subkeyId).mMoveKeyToSecurityToken = true;
|
changeKeyringParcel.mChangeSubKeys.add(SubkeyChange.createMoveToSecurityTokenChange(subkeyId));
|
||||||
}
|
}
|
||||||
} finally {
|
} finally {
|
||||||
if (cursor != null) {
|
if (cursor != null) {
|
||||||
|
|||||||
@@ -431,15 +431,10 @@ public class EditKeyFragment extends QueueingCryptoOperationFragment<SaveKeyring
|
|||||||
}
|
}
|
||||||
|
|
||||||
SubkeyChange change = mSaveKeyringParcel.getSubkeyChange(keyId);
|
SubkeyChange change = mSaveKeyringParcel.getSubkeyChange(keyId);
|
||||||
if (change == null) {
|
if (change == null || !change.getDummyStrip()) {
|
||||||
mSaveKeyringParcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false));
|
mSaveKeyringParcel.addOrReplaceSubkeyChange(SubkeyChange.createStripChange(keyId));
|
||||||
break;
|
} else {
|
||||||
}
|
mSaveKeyringParcel.removeSubkeyChange(change);
|
||||||
// toggle
|
|
||||||
change.mDummyStrip = !change.mDummyStrip;
|
|
||||||
if (change.mDummyStrip && change.mMoveKeyToSecurityToken) {
|
|
||||||
// User had chosen to divert key, but now wants to strip it instead.
|
|
||||||
change.mMoveKeyToSecurityToken = false;
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -479,19 +474,13 @@ public class EditKeyFragment extends QueueingCryptoOperationFragment<SaveKeyring
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
SubkeyChange change;
|
SubkeyChange change = mSaveKeyringParcel.getSubkeyChange(keyId);
|
||||||
change = mSaveKeyringParcel.getSubkeyChange(keyId);
|
if (change == null || !change.getMoveKeyToSecurityToken()) {
|
||||||
if (change == null) {
|
mSaveKeyringParcel.addOrReplaceSubkeyChange(
|
||||||
mSaveKeyringParcel.mChangeSubKeys.add(
|
SubkeyChange.createMoveToSecurityTokenChange(keyId));
|
||||||
new SubkeyChange(keyId, false, true)
|
|
||||||
);
|
|
||||||
break;
|
break;
|
||||||
}
|
} else {
|
||||||
// toggle
|
mSaveKeyringParcel.removeSubkeyChange(change);
|
||||||
change.mMoveKeyToSecurityToken = !change.mMoveKeyToSecurityToken;
|
|
||||||
if (change.mMoveKeyToSecurityToken && change.mDummyStrip) {
|
|
||||||
// User had chosen to strip key, but now wants to divert it.
|
|
||||||
change.mDummyStrip = false;
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -523,9 +512,10 @@ public class EditKeyFragment extends QueueingCryptoOperationFragment<SaveKeyring
|
|||||||
public void handleMessage(Message message) {
|
public void handleMessage(Message message) {
|
||||||
switch (message.what) {
|
switch (message.what) {
|
||||||
case EditSubkeyExpiryDialogFragment.MESSAGE_NEW_EXPIRY:
|
case EditSubkeyExpiryDialogFragment.MESSAGE_NEW_EXPIRY:
|
||||||
mSaveKeyringParcel.getOrCreateSubkeyChange(keyId).mExpiry =
|
Long expiry = (Long) message.getData().getSerializable(
|
||||||
(Long) message.getData().getSerializable(
|
EditSubkeyExpiryDialogFragment.MESSAGE_DATA_EXPIRY);
|
||||||
EditSubkeyExpiryDialogFragment.MESSAGE_DATA_EXPIRY);
|
mSaveKeyringParcel.addOrReplaceSubkeyChange(
|
||||||
|
SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
|
getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
|
||||||
|
|||||||
@@ -337,15 +337,10 @@ public class ViewKeyAdvSubkeysFragment extends LoaderFragment implements
|
|||||||
}
|
}
|
||||||
|
|
||||||
SubkeyChange change = mEditModeSaveKeyringParcel.getSubkeyChange(keyId);
|
SubkeyChange change = mEditModeSaveKeyringParcel.getSubkeyChange(keyId);
|
||||||
if (change == null) {
|
if (change == null || !change.getDummyStrip()) {
|
||||||
mEditModeSaveKeyringParcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false));
|
mEditModeSaveKeyringParcel.addOrReplaceSubkeyChange(SubkeyChange.createStripChange(keyId));
|
||||||
break;
|
} else {
|
||||||
}
|
mEditModeSaveKeyringParcel.removeSubkeyChange(change);
|
||||||
// toggle
|
|
||||||
change.mDummyStrip = !change.mDummyStrip;
|
|
||||||
if (change.mDummyStrip && change.mMoveKeyToSecurityToken) {
|
|
||||||
// User had chosen to divert key, but now wants to strip it instead.
|
|
||||||
change.mMoveKeyToSecurityToken = false;
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -385,19 +380,12 @@ public class ViewKeyAdvSubkeysFragment extends LoaderFragment implements
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
SubkeyChange change;
|
SubkeyChange change = mEditModeSaveKeyringParcel.getSubkeyChange(keyId);
|
||||||
change = mEditModeSaveKeyringParcel.getSubkeyChange(keyId);
|
if (change == null || !change.getMoveKeyToSecurityToken()) {
|
||||||
if (change == null) {
|
mEditModeSaveKeyringParcel.addOrReplaceSubkeyChange(
|
||||||
mEditModeSaveKeyringParcel.mChangeSubKeys.add(
|
SubkeyChange.createMoveToSecurityTokenChange(keyId));
|
||||||
new SubkeyChange(keyId, false, true)
|
} else {
|
||||||
);
|
mEditModeSaveKeyringParcel.removeSubkeyChange(change);
|
||||||
break;
|
|
||||||
}
|
|
||||||
// toggle
|
|
||||||
change.mMoveKeyToSecurityToken = !change.mMoveKeyToSecurityToken;
|
|
||||||
if (change.mMoveKeyToSecurityToken && change.mDummyStrip) {
|
|
||||||
// User had chosen to strip key, but now wants to divert it.
|
|
||||||
change.mDummyStrip = false;
|
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -429,9 +417,10 @@ public class ViewKeyAdvSubkeysFragment extends LoaderFragment implements
|
|||||||
public void handleMessage(Message message) {
|
public void handleMessage(Message message) {
|
||||||
switch (message.what) {
|
switch (message.what) {
|
||||||
case EditSubkeyExpiryDialogFragment.MESSAGE_NEW_EXPIRY:
|
case EditSubkeyExpiryDialogFragment.MESSAGE_NEW_EXPIRY:
|
||||||
mEditModeSaveKeyringParcel.getOrCreateSubkeyChange(keyId).mExpiry =
|
Long expiry = (Long) message.getData().getSerializable(
|
||||||
(Long) message.getData().getSerializable(
|
EditSubkeyExpiryDialogFragment.MESSAGE_DATA_EXPIRY);
|
||||||
EditSubkeyExpiryDialogFragment.MESSAGE_DATA_EXPIRY);
|
mEditModeSaveKeyringParcel.addOrReplaceSubkeyChange(
|
||||||
|
SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
|
getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
|
||||||
|
|||||||
@@ -181,8 +181,8 @@ public class SubkeysAdapter extends CursorAdapter {
|
|||||||
? mSaveKeyringParcel.getSubkeyChange(keyId)
|
? mSaveKeyringParcel.getSubkeyChange(keyId)
|
||||||
: null;
|
: null;
|
||||||
|
|
||||||
if (change != null && (change.mDummyStrip || change.mMoveKeyToSecurityToken)) {
|
if (change != null && (change.getDummyStrip() || change.getMoveKeyToSecurityToken())) {
|
||||||
if (change.mDummyStrip) {
|
if (change.getDummyStrip()) {
|
||||||
algorithmStr.append(", ");
|
algorithmStr.append(", ");
|
||||||
final SpannableString boldStripped = new SpannableString(
|
final SpannableString boldStripped = new SpannableString(
|
||||||
context.getString(R.string.key_stripped)
|
context.getString(R.string.key_stripped)
|
||||||
@@ -190,7 +190,7 @@ public class SubkeysAdapter extends CursorAdapter {
|
|||||||
boldStripped.setSpan(new StyleSpan(Typeface.BOLD), 0, boldStripped.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE);
|
boldStripped.setSpan(new StyleSpan(Typeface.BOLD), 0, boldStripped.length(), Spannable.SPAN_EXCLUSIVE_EXCLUSIVE);
|
||||||
algorithmStr.append(boldStripped);
|
algorithmStr.append(boldStripped);
|
||||||
}
|
}
|
||||||
if (change.mMoveKeyToSecurityToken) {
|
if (change.getMoveKeyToSecurityToken()) {
|
||||||
algorithmStr.append(", ");
|
algorithmStr.append(", ");
|
||||||
final SpannableString boldDivert = new SpannableString(
|
final SpannableString boldDivert = new SpannableString(
|
||||||
context.getString(R.string.key_divert)
|
context.getString(R.string.key_divert)
|
||||||
@@ -253,10 +253,10 @@ public class SubkeysAdapter extends CursorAdapter {
|
|||||||
|
|
||||||
SaveKeyringParcel.SubkeyChange subkeyChange = mSaveKeyringParcel.getSubkeyChange(keyId);
|
SaveKeyringParcel.SubkeyChange subkeyChange = mSaveKeyringParcel.getSubkeyChange(keyId);
|
||||||
if (subkeyChange != null) {
|
if (subkeyChange != null) {
|
||||||
if (subkeyChange.mExpiry == null || subkeyChange.mExpiry == 0L) {
|
if (subkeyChange.getExpiry() == null || subkeyChange.getExpiry() == 0L) {
|
||||||
expiryDate = null;
|
expiryDate = null;
|
||||||
} else {
|
} else {
|
||||||
expiryDate = new Date(subkeyChange.mExpiry * 1000);
|
expiryDate = new Date(subkeyChange.getExpiry() * 1000);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -100,9 +100,9 @@ public class SubkeysAddedAdapter extends ArrayAdapter<SaveKeyringParcel.SubkeyAd
|
|||||||
|
|
||||||
String algorithmStr = KeyFormattingUtils.getAlgorithmInfo(
|
String algorithmStr = KeyFormattingUtils.getAlgorithmInfo(
|
||||||
mActivity,
|
mActivity,
|
||||||
holder.mModel.mAlgorithm,
|
holder.mModel.getAlgorithm(),
|
||||||
holder.mModel.mKeySize,
|
holder.mModel.getKeySize(),
|
||||||
holder.mModel.mCurve
|
holder.mModel.getCurve()
|
||||||
);
|
);
|
||||||
|
|
||||||
boolean isMasterKey = mNewKeyring && position == 0;
|
boolean isMasterKey = mNewKeyring && position == 0;
|
||||||
@@ -148,8 +148,8 @@ public class SubkeysAddedAdapter extends ArrayAdapter<SaveKeyringParcel.SubkeyAd
|
|||||||
holder.vKeyId.setText(R.string.edit_key_new_subkey);
|
holder.vKeyId.setText(R.string.edit_key_new_subkey);
|
||||||
holder.vKeyDetails.setText(algorithmStr);
|
holder.vKeyDetails.setText(algorithmStr);
|
||||||
|
|
||||||
if (holder.mModel.mExpiry != 0L) {
|
if (holder.mModel.getExpiry() != 0L) {
|
||||||
Date expiryDate = new Date(holder.mModel.mExpiry * 1000);
|
Date expiryDate = new Date(holder.mModel.getExpiry() * 1000);
|
||||||
Calendar expiryCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
|
Calendar expiryCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
|
||||||
expiryCal.setTime(expiryDate);
|
expiryCal.setTime(expiryDate);
|
||||||
// convert from UTC to time zone of device
|
// convert from UTC to time zone of device
|
||||||
@@ -162,7 +162,7 @@ public class SubkeysAddedAdapter extends ArrayAdapter<SaveKeyringParcel.SubkeyAd
|
|||||||
+ getContext().getString(R.string.none));
|
+ getContext().getString(R.string.none));
|
||||||
}
|
}
|
||||||
|
|
||||||
int flags = holder.mModel.mFlags;
|
int flags = holder.mModel.getFlags();
|
||||||
if ((flags & KeyFlags.CERTIFY_OTHER) > 0) {
|
if ((flags & KeyFlags.CERTIFY_OTHER) > 0) {
|
||||||
holder.vCertifyIcon.setVisibility(View.VISIBLE);
|
holder.vCertifyIcon.setVisibility(View.VISIBLE);
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ import org.sufficientlysecure.keychain.R;
|
|||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Curve;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Curve;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.util.Choice;
|
import org.sufficientlysecure.keychain.util.Choice;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
@@ -304,7 +305,7 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||||||
expiry = selectedCal.getTime().getTime() / 1000;
|
expiry = selectedCal.getTime().getTime() / 1000;
|
||||||
}
|
}
|
||||||
|
|
||||||
SaveKeyringParcel.SubkeyAdd newSubkey = new SaveKeyringParcel.SubkeyAdd(
|
SaveKeyringParcel.SubkeyAdd newSubkey = SubkeyAdd.createSubkeyAdd(
|
||||||
algorithm, keySize, curve, flags, expiry
|
algorithm, keySize, curve, flags, expiry
|
||||||
);
|
);
|
||||||
mAlgorithmSelectedListener.onAlgorithmSelected(newSubkey);
|
mAlgorithmSelectedListener.onAlgorithmSelected(newSubkey);
|
||||||
|
|||||||
@@ -58,6 +58,7 @@ import org.sufficientlysecure.keychain.service.BackupKeyringParcel;
|
|||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
||||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||||
@@ -95,11 +96,11 @@ public class BackupOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
parcel.mAddUserIds.add("snips");
|
parcel.mAddUserIds.add("snips");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
||||||
@@ -113,11 +114,11 @@ public class BackupOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
parcel.mAddUserIds.add("snails");
|
parcel.mAddUserIds.add("snails");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(new Passphrase("1234")));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(new Passphrase("1234")));
|
||||||
|
|||||||
@@ -48,6 +48,7 @@ import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyActio
|
|||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||||
import org.sufficientlysecure.keychain.util.TestingUtils;
|
import org.sufficientlysecure.keychain.util.TestingUtils;
|
||||||
@@ -73,11 +74,11 @@ public class CertifyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
parcel.mAddUserIds.add("derp");
|
parcel.mAddUserIds.add("derp");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
||||||
@@ -91,11 +92,11 @@ public class CertifyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("ditz");
|
parcel.mAddUserIds.add("ditz");
|
||||||
|
|||||||
@@ -47,6 +47,7 @@ import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
|||||||
import org.sufficientlysecure.keychain.service.PromoteKeyringParcel;
|
import org.sufficientlysecure.keychain.service.PromoteKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
||||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||||
import org.sufficientlysecure.keychain.util.TestingUtils;
|
import org.sufficientlysecure.keychain.util.TestingUtils;
|
||||||
@@ -69,11 +70,11 @@ public class PromoteKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
parcel.mAddUserIds.add("derp");
|
parcel.mAddUserIds.add("derp");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(mKeyPhrase1));
|
||||||
|
|||||||
@@ -623,7 +623,7 @@ public class PgpEncryptDecryptTest {
|
|||||||
|
|
||||||
SaveKeyringParcel parcel =
|
SaveKeyringParcel parcel =
|
||||||
new SaveKeyringParcel(mStaticRing1.getMasterKeyId(), mStaticRing1.getFingerprint());
|
new SaveKeyringParcel(mStaticRing1.getMasterKeyId(), mStaticRing1.getFingerprint());
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(encKeyId1, true, false));
|
parcel.mChangeSubKeys.add(SubkeyChange.createStripChange(encKeyId1));
|
||||||
UncachedKeyRing modified = PgpKeyOperationTest.applyModificationWithChecks(parcel, mStaticRing1,
|
UncachedKeyRing modified = PgpKeyOperationTest.applyModificationWithChecks(parcel, mStaticRing1,
|
||||||
new ArrayList<RawPacket>(), new ArrayList<RawPacket>(),
|
new ArrayList<RawPacket>(), new ArrayList<RawPacket>(),
|
||||||
CryptoInputParcel.createCryptoInputParcel(new Date(), mKeyPhrase1));
|
CryptoInputParcel.createCryptoInputParcel(new Date(), mKeyPhrase1));
|
||||||
@@ -646,7 +646,7 @@ public class PgpEncryptDecryptTest {
|
|||||||
|
|
||||||
SaveKeyringParcel parcel =
|
SaveKeyringParcel parcel =
|
||||||
new SaveKeyringParcel(mStaticRing1.getMasterKeyId(), mStaticRing1.getFingerprint());
|
new SaveKeyringParcel(mStaticRing1.getMasterKeyId(), mStaticRing1.getFingerprint());
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(encKeyId1, KeyFlags.CERTIFY_OTHER, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(encKeyId1, KeyFlags.CERTIFY_OTHER, null));
|
||||||
UncachedKeyRing modified = PgpKeyOperationTest.applyModificationWithChecks(parcel, mStaticRing1,
|
UncachedKeyRing modified = PgpKeyOperationTest.applyModificationWithChecks(parcel, mStaticRing1,
|
||||||
new ArrayList<RawPacket>(), new ArrayList<RawPacket>(),
|
new ArrayList<RawPacket>(), new ArrayList<RawPacket>(),
|
||||||
CryptoInputParcel.createCryptoInputParcel(new Date(), mKeyPhrase1));
|
CryptoInputParcel.createCryptoInputParcel(new Date(), mKeyPhrase1));
|
||||||
|
|||||||
@@ -89,11 +89,11 @@ public class PgpKeyOperationTest {
|
|||||||
ShadowLog.stream = System.out;
|
ShadowLog.stream = System.out;
|
||||||
|
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("twi");
|
parcel.mAddUserIds.add("twi");
|
||||||
@@ -143,7 +143,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.RSA, new Random().nextInt(256)+255, null, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.RSA, new Random().nextInt(256)+255, null, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddUserIds.add("shy");
|
parcel.mAddUserIds.add("shy");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
||||||
@@ -154,7 +154,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ELGAMAL, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ELGAMAL, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddUserIds.add("shy");
|
parcel.mAddUserIds.add("shy");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
||||||
@@ -165,7 +165,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, null));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, null));
|
||||||
parcel.mAddUserIds.add("lotus");
|
parcel.mAddUserIds.add("lotus");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
||||||
@@ -176,7 +176,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddUserIds.add("shy");
|
parcel.mAddUserIds.add("shy");
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
||||||
@@ -187,7 +187,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
parcel.setNewUnlock(ChangeUnlockParcel.createUnLockParcelForNewKey(passphrase));
|
||||||
|
|
||||||
@@ -211,7 +211,7 @@ public class PgpKeyOperationTest {
|
|||||||
// subkey binding certificates
|
// subkey binding certificates
|
||||||
public void testMasterFlags() throws Exception {
|
public void testMasterFlags() throws Exception {
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddUserIds.add("luna");
|
parcel.mAddUserIds.add("luna");
|
||||||
ring = assertCreateSuccess("creating ring with master key flags must succeed", parcel);
|
ring = assertCreateSuccess("creating ring with master key flags must succeed", parcel);
|
||||||
@@ -343,7 +343,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
long expiry = new Date().getTime() / 1000 + 159;
|
long expiry = new Date().getTime() / 1000 + 159;
|
||||||
int flags = KeyFlags.SIGN_DATA;
|
int flags = KeyFlags.SIGN_DATA;
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, flags, expiry));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, flags, expiry));
|
||||||
|
|
||||||
UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
||||||
@@ -382,7 +382,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // bad keysize should fail
|
{ // bad keysize should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.RSA, new Random().nextInt(512), null, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.RSA, new Random().nextInt(512), null, KeyFlags.SIGN_DATA, 0L));
|
||||||
assertModifyFailure("creating a subkey with keysize < 2048 should fail", ring, parcel,
|
assertModifyFailure("creating a subkey with keysize < 2048 should fail", ring, parcel,
|
||||||
LogType.MSG_CR_ERROR_KEYSIZE_2048);
|
LogType.MSG_CR_ERROR_KEYSIZE_2048);
|
||||||
@@ -390,7 +390,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // null expiry should fail
|
{ // null expiry should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, null));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, null));
|
||||||
assertModifyFailure("creating master key with null expiry should fail", ring, parcel,
|
assertModifyFailure("creating master key with null expiry should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_NULL_EXPIRY);
|
LogType.MSG_MF_ERROR_NULL_EXPIRY);
|
||||||
@@ -398,7 +398,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // a past expiry should fail
|
{ // a past expiry should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, new Date().getTime()/1000-10));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, new Date().getTime()/1000-10));
|
||||||
assertModifyFailure("creating subkey with past expiry date should fail", ring, parcel,
|
assertModifyFailure("creating subkey with past expiry date should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
||||||
@@ -414,7 +414,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
UncachedKeyRing modified = ring;
|
UncachedKeyRing modified = ring;
|
||||||
{
|
{
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
||||||
@@ -441,7 +441,7 @@ public class PgpKeyOperationTest {
|
|||||||
{ // change expiry
|
{ // change expiry
|
||||||
expiry += 60*60*24;
|
expiry += 60*60*24;
|
||||||
|
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertNotNull("modified key must have an expiry date",
|
Assert.assertNotNull("modified key must have an expiry date",
|
||||||
@@ -455,7 +455,7 @@ public class PgpKeyOperationTest {
|
|||||||
{
|
{
|
||||||
int flags = KeyFlags.SIGN_DATA | KeyFlags.ENCRYPT_COMMS;
|
int flags = KeyFlags.SIGN_DATA | KeyFlags.ENCRYPT_COMMS;
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, flags, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, flags, null));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("old packet must be signature",
|
Assert.assertEquals("old packet must be signature",
|
||||||
@@ -478,7 +478,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // expiry of 0 should be "no expiry"
|
{ // expiry of 0 should be "no expiry"
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, 0L));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, 0L));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("old packet must be signature",
|
Assert.assertEquals("old packet must be signature",
|
||||||
@@ -496,7 +496,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // a past expiry should fail
|
{ // a past expiry should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime()/1000-10));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, new Date().getTime()/1000-10));
|
||||||
|
|
||||||
assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel,
|
assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
||||||
@@ -504,7 +504,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // modifying nonexistent subkey should fail
|
{ // modifying nonexistent subkey should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(123, null, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(123, null, null));
|
||||||
|
|
||||||
assertModifyFailure("modifying non-existent subkey should fail", ring, parcel,
|
assertModifyFailure("modifying non-existent subkey should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_SUBKEY_MISSING);
|
LogType.MSG_MF_ERROR_SUBKEY_MISSING);
|
||||||
@@ -528,7 +528,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
// this implies that only the two non-revoked signatures were changed!
|
// this implies that only the two non-revoked signatures were changed!
|
||||||
@@ -555,7 +555,7 @@ public class PgpKeyOperationTest {
|
|||||||
{ // change expiry
|
{ // change expiry
|
||||||
expiry += 60*60*24;
|
expiry += 60*60*24;
|
||||||
|
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, expiry));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertNotNull("modified key must have an expiry date",
|
Assert.assertNotNull("modified key must have an expiry date",
|
||||||
@@ -575,7 +575,7 @@ public class PgpKeyOperationTest {
|
|||||||
{
|
{
|
||||||
int flags = KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA;
|
int flags = KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA;
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, flags, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, flags, null));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("modified key must have expected flags",
|
Assert.assertEquals("modified key must have expected flags",
|
||||||
@@ -595,7 +595,7 @@ public class PgpKeyOperationTest {
|
|||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, 0L));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, 0L));
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
// for this check, it is relevant that we DON'T use the unsafe one!
|
// for this check, it is relevant that we DON'T use the unsafe one!
|
||||||
@@ -610,7 +610,7 @@ public class PgpKeyOperationTest {
|
|||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mRevokeUserIds.add("twi");
|
parcel.mRevokeUserIds.add("twi");
|
||||||
parcel.mRevokeUserIds.add("pink");
|
parcel.mRevokeUserIds.add("pink");
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, KeyFlags.CERTIFY_OTHER, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, KeyFlags.CERTIFY_OTHER, null));
|
||||||
|
|
||||||
assertModifyFailure("master key modification with all user ids revoked should fail", ring, parcel,
|
assertModifyFailure("master key modification with all user ids revoked should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_MASTER_NONE);
|
LogType.MSG_MF_ERROR_MASTER_NONE);
|
||||||
@@ -618,7 +618,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // any flag not including CERTIFY_OTHER should fail
|
{ // any flag not including CERTIFY_OTHER should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, KeyFlags.SIGN_DATA, null));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, KeyFlags.SIGN_DATA, null));
|
||||||
|
|
||||||
assertModifyFailure("setting master key flags without certify should fail", ring, parcel,
|
assertModifyFailure("setting master key flags without certify should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_NO_CERTIFY);
|
LogType.MSG_MF_ERROR_NO_CERTIFY);
|
||||||
@@ -626,7 +626,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // a past expiry should fail
|
{ // a past expiry should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime()/1000-10));
|
parcel.mChangeSubKeys.add(SubkeyChange.createFlagsOrExpiryChange(keyId, null, new Date().getTime()/1000-10));
|
||||||
|
|
||||||
assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel,
|
assertModifyFailure("setting subkey expiry to a past date should fail", ring, parcel,
|
||||||
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
LogType.MSG_MF_ERROR_PAST_EXPIRY);
|
||||||
@@ -707,7 +707,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
// re-certify the revoked subkey
|
// re-certify the revoked subkey
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true));
|
parcel.mChangeSubKeys.add(SubkeyChange.createRecertifyChange(keyId, true));
|
||||||
|
|
||||||
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
|
||||||
|
|
||||||
@@ -749,7 +749,7 @@ public class PgpKeyOperationTest {
|
|||||||
public void testSubkeyStrip() throws Exception {
|
public void testSubkeyStrip() throws Exception {
|
||||||
|
|
||||||
long keyId = KeyringTestingHelper.getSubkeyId(ring, 1);
|
long keyId = KeyringTestingHelper.getSubkeyId(ring, 1);
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false));
|
parcel.mChangeSubKeys.add(SubkeyChange.createStripChange(keyId));
|
||||||
applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
||||||
@@ -775,7 +775,7 @@ public class PgpKeyOperationTest {
|
|||||||
public void testMasterStrip() throws Exception {
|
public void testMasterStrip() throws Exception {
|
||||||
|
|
||||||
long keyId = ring.getMasterKeyId();
|
long keyId = ring.getMasterKeyId();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false));
|
parcel.mChangeSubKeys.add(SubkeyChange.createStripChange(keyId));
|
||||||
applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
applyModificationWithChecks(parcel, ring, onlyA, onlyB);
|
||||||
|
|
||||||
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
Assert.assertEquals("one extra packet in original", 1, onlyA.size());
|
||||||
@@ -804,7 +804,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // we should be able to change the stripped status of subkeys without passphrase
|
{ // we should be able to change the stripped status of subkeys without passphrase
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true, false));
|
parcel.mChangeSubKeys.add(SubkeyChange.createStripChange(keyId));
|
||||||
modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB,
|
modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB,
|
||||||
CryptoInputParcel.createCryptoInputParcel());
|
CryptoInputParcel.createCryptoInputParcel());
|
||||||
Assert.assertEquals("one extra packet in modified", 1, onlyB.size());
|
Assert.assertEquals("one extra packet in modified", 1, onlyB.size());
|
||||||
@@ -817,7 +817,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // trying to edit a subkey with signing capability should fail
|
{ // trying to edit a subkey with signing capability should fail
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, true));
|
parcel.mChangeSubKeys.add(SubkeyChange.createRecertifyChange(keyId, true));
|
||||||
|
|
||||||
assertModifyFailure("subkey modification for signing-enabled but stripped subkey should fail",
|
assertModifyFailure("subkey modification for signing-enabled but stripped subkey should fail",
|
||||||
modified, parcel, LogType.MSG_MF_ERROR_SUB_STRIPPED);
|
modified, parcel, LogType.MSG_MF_ERROR_SUB_STRIPPED);
|
||||||
@@ -830,11 +830,11 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
// Special keyring for security token tests with 2048 bit RSA as a subkey
|
// Special keyring for security token tests with 2048 bit RSA as a subkey
|
||||||
SaveKeyringParcel parcelKey = new SaveKeyringParcel();
|
SaveKeyringParcel parcelKey = new SaveKeyringParcel();
|
||||||
parcelKey.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcelKey.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.DSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.DSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcelKey.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcelKey.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.RSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.RSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcelKey.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcelKey.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.RSA, 3072, null, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.RSA, 3072, null, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
|
|
||||||
parcelKey.mAddUserIds.add("yubikey");
|
parcelKey.mAddUserIds.add("yubikey");
|
||||||
@@ -857,7 +857,7 @@ public class PgpKeyOperationTest {
|
|||||||
{ // moveKeyToSecurityToken should fail with BAD_NFC_ALGO when presented with the DSA-1024 key
|
{ // moveKeyToSecurityToken should fail with BAD_NFC_ALGO when presented with the DSA-1024 key
|
||||||
long keyId = KeyringTestingHelper.getSubkeyId(ringSecurityToken, 0);
|
long keyId = KeyringTestingHelper.getSubkeyId(ringSecurityToken, 0);
|
||||||
parcelSecurityToken.reset();
|
parcelSecurityToken.reset();
|
||||||
parcelSecurityToken.mChangeSubKeys.add(new SubkeyChange(keyId, false, true));
|
parcelSecurityToken.mChangeSubKeys.add(SubkeyChange.createMoveToSecurityTokenChange(keyId));
|
||||||
|
|
||||||
assertModifyFailure("moveKeyToSecurityToken operation should fail on invalid key algorithm", ringSecurityToken,
|
assertModifyFailure("moveKeyToSecurityToken operation should fail on invalid key algorithm", ringSecurityToken,
|
||||||
parcelSecurityToken, cryptoInput, LogType.MSG_MF_ERROR_BAD_SECURITY_TOKEN_ALGO);
|
parcelSecurityToken, cryptoInput, LogType.MSG_MF_ERROR_BAD_SECURITY_TOKEN_ALGO);
|
||||||
@@ -868,7 +868,7 @@ public class PgpKeyOperationTest {
|
|||||||
{ // moveKeyToSecurityToken should return a pending SECURITY_TOKEN_MOVE_KEY_TO_CARD result when presented with the RSA-2048
|
{ // moveKeyToSecurityToken should return a pending SECURITY_TOKEN_MOVE_KEY_TO_CARD result when presented with the RSA-2048
|
||||||
// key, and then make key divert-to-card when it gets a serial in the cryptoInputParcel.
|
// key, and then make key divert-to-card when it gets a serial in the cryptoInputParcel.
|
||||||
parcelSecurityToken.reset();
|
parcelSecurityToken.reset();
|
||||||
parcelSecurityToken.mChangeSubKeys.add(new SubkeyChange(keyId, false, true));
|
parcelSecurityToken.mChangeSubKeys.add(SubkeyChange.createMoveToSecurityTokenChange(keyId));
|
||||||
|
|
||||||
CanonicalizedSecretKeyRing secretRing =
|
CanonicalizedSecretKeyRing secretRing =
|
||||||
new CanonicalizedSecretKeyRing(ringSecurityToken.getEncoded(), 0);
|
new CanonicalizedSecretKeyRing(ringSecurityToken.getEncoded(), 0);
|
||||||
@@ -902,7 +902,7 @@ public class PgpKeyOperationTest {
|
|||||||
|
|
||||||
{ // editing a signing subkey requires a primary key binding sig -> pendinginput
|
{ // editing a signing subkey requires a primary key binding sig -> pendinginput
|
||||||
parcelSecurityToken.reset();
|
parcelSecurityToken.reset();
|
||||||
parcelSecurityToken.mChangeSubKeys.add(new SubkeyChange(keyId, true));
|
parcelSecurityToken.mChangeSubKeys.add(SubkeyChange.createRecertifyChange(keyId, true));
|
||||||
|
|
||||||
CanonicalizedSecretKeyRing secretRing =
|
CanonicalizedSecretKeyRing secretRing =
|
||||||
new CanonicalizedSecretKeyRing(modified.getEncoded(), 0);
|
new CanonicalizedSecretKeyRing(modified.getEncoded(), 0);
|
||||||
|
|||||||
@@ -59,6 +59,7 @@ import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult;
|
|||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
||||||
import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
|
import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
|
||||||
@@ -96,11 +97,11 @@ public class UncachedKeyringCanonicalizeTest {
|
|||||||
ShadowLog.stream = System.out;
|
ShadowLog.stream = System.out;
|
||||||
|
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("twi");
|
parcel.mAddUserIds.add("twi");
|
||||||
@@ -352,7 +353,7 @@ public class UncachedKeyringCanonicalizeTest {
|
|||||||
@Test public void testForeignSignature() throws Exception {
|
@Test public void testForeignSignature() throws Exception {
|
||||||
|
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddUserIds.add("trix");
|
parcel.mAddUserIds.add("trix");
|
||||||
PgpKeyOperation op = new PgpKeyOperation(null);
|
PgpKeyOperation op = new PgpKeyOperation(null);
|
||||||
|
|||||||
@@ -48,6 +48,7 @@ import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyActio
|
|||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
|
||||||
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
|
||||||
import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
|
import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
|
||||||
@@ -97,9 +98,9 @@ public class UncachedKeyringMergeTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("twi");
|
parcel.mAddUserIds.add("twi");
|
||||||
@@ -123,7 +124,7 @@ public class UncachedKeyringMergeTest {
|
|||||||
|
|
||||||
{
|
{
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("shy");
|
parcel.mAddUserIds.add("shy");
|
||||||
@@ -232,7 +233,7 @@ public class UncachedKeyringMergeTest {
|
|||||||
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ringA.getEncoded(), 0);
|
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ringA.getEncoded(), 0);
|
||||||
|
|
||||||
parcel.reset();
|
parcel.reset();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
modifiedA = op.modifySecretKeyRing(secretRing,
|
modifiedA = op.modifySecretKeyRing(secretRing,
|
||||||
CryptoInputParcel.createCryptoInputParcel(new Date(), new Passphrase()), parcel).getRing();
|
CryptoInputParcel.createCryptoInputParcel(new Date(), new Passphrase()), parcel).getRing();
|
||||||
|
|||||||
@@ -33,6 +33,7 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
|||||||
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||||
|
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||||
import org.sufficientlysecure.keychain.util.Passphrase;
|
import org.sufficientlysecure.keychain.util.Passphrase;
|
||||||
|
|
||||||
import java.io.ByteArrayInputStream;
|
import java.io.ByteArrayInputStream;
|
||||||
@@ -54,11 +55,11 @@ public class UncachedKeyringTest {
|
|||||||
ShadowLog.stream = System.out;
|
ShadowLog.stream = System.out;
|
||||||
|
|
||||||
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
SaveKeyringParcel parcel = new SaveKeyringParcel();
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.CERTIFY_OTHER, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
Algorithm.ECDSA, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.SIGN_DATA, 0L));
|
||||||
parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
|
parcel.mAddSubKeys.add(SubkeyAdd.createSubkeyAdd(
|
||||||
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
Algorithm.ECDH, 0, SaveKeyringParcel.Curve.NIST_P256, KeyFlags.ENCRYPT_COMMS, 0L));
|
||||||
|
|
||||||
parcel.mAddUserIds.add("twi");
|
parcel.mAddUserIds.add("twi");
|
||||||
|
|||||||
Reference in New Issue
Block a user