cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Renaming APG to OpenPGP Keychain

Browse Source
This commit is contained in:
Dominik Schürmann
2013-01-16 14:31:16 +01:00
parent dbbd8f6856
commit 1feb948acf
752 changed files with 1196 additions and 1251 deletions
Download Patch File Download Diff File Expand all files Collapse all files

146
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/IKeychainApiService.aidl Normal file
View File

@@ -0,0 +1,146 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import org.sufficientlysecure.keychain.service.handler.IKeychainEncryptHandler;
import org.sufficientlysecure.keychain.service.handler.IKeychainDecryptHandler;
import org.sufficientlysecure.keychain.service.handler.IKeychainGetDecryptionKeyIdHandler;
/**
* All methods are oneway, which means they are asynchronous and non-blocking.
* Results are returned into given Handler, which has to be implemented on client side.
*/
interface IKeychainApiService {
/**
* Encrypt
*
* Either inputBytes or inputUri is given, the other should be null.
*
* @param inputBytes
* Byte array you want to encrypt
* @param inputUri
* Blob in ContentProvider you want to encrypt
* @param useAsciiArmor
* Convert bytes to ascii armored text to guard against encoding problems
* @param compression
* Compression: 0x21070001: none, 1: Zip, 2: Zlib, 3: BZip2
* @param encryptionKeyIds
* Ids of public keys used for encryption
* @param symmetricEncryptionAlgorithm
* 7: AES-128, 8: AES-192, 9: AES-256, 4: Blowfish, 10: Twofish, 3: CAST5,
* 6: DES, 2: Triple DES, 1: IDEA
* @param handler
* Results are returned to this IKeychainEncryptDecryptHandler Handler
* to onSuccessEncrypt(in byte[] output), after successful encryption
*/
oneway void encryptAsymmetric(in byte[] inputBytes, in String inputUri, in boolean useAsciiArmor,
in int compression, in long[] encryptionKeyIds, in int symmetricEncryptionAlgorithm,
in IKeychainEncryptHandler handler);
/**
* Same as encryptAsymmetric but using a passphrase for symmetric encryption
*
* @param encryptionPassphrase
* Passphrase for direct symmetric encryption using symmetricEncryptionAlgorithm
*/
oneway void encryptSymmetric(in byte[] inputBytes, in String inputUri, in boolean useAsciiArmor,
in int compression, in String encryptionPassphrase, in int symmetricEncryptionAlgorithm,
in IKeychainEncryptHandler handler);
/**
* Encrypt and sign
*
* Either inputBytes or inputUri is given, the other should be null.
*
* @param inputBytes
* Byte array you want to encrypt
* @param inputUri
* Blob in ContentProvider you want to encrypt
* @param useAsciiArmor
* Convert bytes to ascii armored text to guard against encoding problems
* @param compression
* Compression: 0x21070001: none, 1: Zip, 2: Zlib, 3: BZip2
* @param encryptionKeyIds
* Ids of public keys used for encryption
* @param symmetricEncryptionAlgorithm
* 7: AES-128, 8: AES-192, 9: AES-256, 4: Blowfish, 10: Twofish, 3: CAST5,
* 6: DES, 2: Triple DES, 1: IDEA
* @param signatureKeyId
* Key id of key to sign with
* @param signatureHashAlgorithm
* 1: MD5, 3: RIPEMD-160, 2: SHA-1, 11: SHA-224, 8: SHA-256, 9: SHA-384,
* 10: SHA-512
* @param signatureForceV3
* Force V3 signatures
* @param signaturePassphrase
* Passphrase to unlock signature key
* @param handler
* Results are returned to this IKeychainEncryptDecryptHandler Handler
* to onSuccessEncrypt(in byte[] output), after successful encryption and signing
*/
oneway void encryptAndSignAsymmetric(in byte[] inputBytes, in String inputUri,
in boolean useAsciiArmor, in int compression, in long[] encryptionKeyIds,
in int symmetricEncryptionAlgorithm, in long signatureKeyId, in int signatureHashAlgorithm,
in boolean signatureForceV3, in String signaturePassphrase,
in IKeychainEncryptHandler handler);
/**
* Same as encryptAndSignAsymmetric but using a passphrase for symmetric encryption
*
* @param encryptionPassphrase
* Passphrase for direct symmetric encryption using symmetricEncryptionAlgorithm
*/
oneway void encryptAndSignSymmetric(in byte[] inputBytes, in String inputUri,
in boolean useAsciiArmor, in int compression, in String encryptionPassphrase,
in int symmetricEncryptionAlgorithm, in long signatureKeyId, in int signatureHashAlgorithm,
in boolean signatureForceV3, in String signaturePassphrase,
in IKeychainEncryptHandler handler);
/**
* Decrypts and verifies given input bytes. If no signature is present this method
* will only decrypt.
*
* @param inputBytes
* Byte array you want to decrypt and verify
* @param inputUri
* Blob in ContentProvider you want to decrypt and verify
* @param keyPassphrase
* Passphrase to unlock secret key for decryption.
* @param handler
* Handler where to return results to after successful encryption
*/
oneway void decryptAndVerifyAsymmetric(in byte[] inputBytes, in String inputUri,
in String keyPassphrase, in IKeychainDecryptHandler handler);
/**
* Same as decryptAndVerifyAsymmetric but for symmetric decryption.
*
* @param encryptionPassphrase
* Passphrase to decrypt
*/
oneway void decryptAndVerifySymmetric(in byte[] inputBytes, in String inputUri,
in String encryptionPassphrase, in IKeychainDecryptHandler handler);
/**
*
*/
oneway void getDecryptionKeyId(in byte[] inputBytes, in String inputUri,
in IKeychainGetDecryptionKeyIdHandler handler);
}

32
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/IKeychainKeyService.aidl Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import org.sufficientlysecure.keychain.service.handler.IKeychainGetKeyringsHandler;
/**
* All methods are oneway, which means they are asynchronous and non-blocking.
* Results are returned into given Handler, which has to be implemented on client side.
*/
interface IKeychainKeyService {
oneway void getPublicKeyRings(in long[] masterKeyIds, in boolean asAsciiArmoredStringArray,
in IKeychainGetKeyringsHandler handler);
oneway void getSecretKeyRings(in long[] masterKeyIds, in boolean asAsciiArmoredStringArray,
in IKeychainGetKeyringsHandler handler);
}

323
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/KeychainApiService.java Normal file
View File

@@ -0,0 +1,323 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import org.spongycastle.openpgp.PGPException;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.helper.PgpMain;
import org.sufficientlysecure.keychain.helper.PgpMain.PgpGeneralException;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.service.IKeychainApiService;
import org.sufficientlysecure.keychain.service.handler.IKeychainDecryptHandler;
import org.sufficientlysecure.keychain.service.handler.IKeychainEncryptHandler;
import org.sufficientlysecure.keychain.service.handler.IKeychainGetDecryptionKeyIdHandler;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.IBinder;
import android.os.RemoteException;
public class KeychainApiService extends Service {
Context mContext;
@Override
public void onCreate() {
super.onCreate();
mContext = this;
Log.d(Constants.TAG, "KeychainApiService, onCreate()");
}
@Override
public void onDestroy() {
super.onDestroy();
Log.d(Constants.TAG, "KeychainApiService, onDestroy()");
}
@Override
public IBinder onBind(Intent intent) {
return mBinder;
}
// private static void writeToOutputStream(InputStream is, OutputStream os) throws IOException {
// byte[] buffer = new byte[8];
// int len = 0;
// while ((len = is.read(buffer)) != -1) {
// os.write(buffer, 0, len);
// }
// }
private synchronized void encryptAndSignSafe(byte[] inputBytes, String inputUri,
boolean useAsciiArmor, int compression, long[] encryptionKeyIds,
String encryptionPassphrase, int symmetricEncryptionAlgorithm, long signatureKeyId,
int signatureHashAlgorithm, boolean signatureForceV3, String signaturePassphrase,
IKeychainEncryptHandler handler) throws RemoteException {
try {
// TODO use inputUri
// InputStream inStream = null;
// if (isBlob) {
// ContentResolver cr = getContentResolver();
// try {
// inStream = cr.openInputStream(Uri.parse(pArgs.getString(arg.BLOB.name())));
// } catch (Exception e) {
// Log.e(TAG, "... exception on opening blob", e);
// }
// } else {
// inStream = new ByteArrayInputStream(pArgs.getString(arg.MESSAGE.name()).getBytes());
// }
// InputData in = new InputData(inStream, 0); // XXX Size second param?
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData input = new InputData(inputStream, inputLength);
OutputStream output = new ByteArrayOutputStream();
PgpMain.encryptAndSign(mContext, null, input, output, useAsciiArmor, compression,
encryptionKeyIds, encryptionPassphrase, symmetricEncryptionAlgorithm,
signatureKeyId, signatureHashAlgorithm, signatureForceV3, signaturePassphrase);
output.close();
// if (isBlob) {
// ContentResolver cr = getContentResolver();
// try {
// OutputStream outStream = cr.openOutputStream(Uri.parse(pArgs.getString(arg.BLOB
// .name())));
// writeToOutputStream(new ByteArrayInputStream(out.toString().getBytes()), outStream);
// outStream.close();
// } catch (Exception e) {
// Log.e(TAG, "... exception on writing blob", e);
// }
// } else {
// pReturn.putString(ret.RESULT.name(), out.toString());
// }
byte[] outputBytes = ((ByteArrayOutputStream) output).toByteArray();
// return over handler on client side
handler.onSuccess(outputBytes, null);
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
handler.onException(getExceptionId(e), e.getMessage());
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
private synchronized void decryptAndVerifySafe(byte[] inputBytes, String inputUri,
String passphrase, boolean assumeSymmetric, IKeychainDecryptHandler handler)
throws RemoteException {
try {
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData inputData = new InputData(inputStream, inputLength);
OutputStream outputStream = new ByteArrayOutputStream();
Bundle outputBundle = PgpMain.decryptAndVerify(mContext, null, inputData, outputStream,
passphrase, assumeSymmetric);
outputStream.close();
byte[] outputBytes = ((ByteArrayOutputStream) outputStream).toByteArray();
// get signature informations from bundle
boolean signature = outputBundle.getBoolean(KeychainIntentService.RESULT_SIGNATURE);
long signatureKeyId = outputBundle
.getLong(KeychainIntentService.RESULT_SIGNATURE_KEY_ID);
String signatureUserId = outputBundle
.getString(KeychainIntentService.RESULT_SIGNATURE_USER_ID);
boolean signatureSuccess = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS);
boolean signatureUnknown = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_UNKNOWN);
// return over handler on client side
handler.onSuccess(outputBytes, null, signature, signatureKeyId, signatureUserId,
signatureSuccess, signatureUnknown);
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
handler.onException(getExceptionId(e), e.getMessage());
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
private synchronized void getDecryptionKeySafe(byte[] inputBytes, String inputUri,
IKeychainGetDecryptionKeyIdHandler handler) {
// TODO: implement inputUri
try {
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long secretKeyId = Id.key.none;
boolean symmetric;
try {
secretKeyId = PgpMain.getDecryptionKeyId(KeychainApiService.this, inputStream);
if (secretKeyId == Id.key.none) {
throw new PgpGeneralException(getString(R.string.error_noSecretKeyFound));
}
symmetric = false;
} catch (PgpMain.NoAsymmetricEncryptionException e) {
secretKeyId = Id.key.symmetric;
if (!PgpMain.hasSymmetricEncryption(KeychainApiService.this, inputStream)) {
throw new PgpGeneralException(getString(R.string.error_noKnownEncryptionFound));
}
symmetric = true;
}
handler.onSuccess(secretKeyId, symmetric);
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
handler.onException(getExceptionId(e), e.getMessage());
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
/**
* This is the implementation of the interface IKeychainService. All methods are oneway, meaning
* asynchronous and return to the client using IKeychainHandler.
*
* The real PGP code is located in PGPMain.
*/
private final IKeychainApiService.Stub mBinder = new IKeychainApiService.Stub() {
@Override
public void encryptAsymmetric(byte[] inputBytes, String inputUri, boolean useAsciiArmor,
int compression, long[] encryptionKeyIds, int symmetricEncryptionAlgorithm,
IKeychainEncryptHandler handler) throws RemoteException {
encryptAndSignSafe(inputBytes, inputUri, useAsciiArmor, compression, encryptionKeyIds,
null, symmetricEncryptionAlgorithm, Id.key.none, 0, false, null, handler);
}
@Override
public void encryptSymmetric(byte[] inputBytes, String inputUri, boolean useAsciiArmor,
int compression, String encryptionPassphrase, int symmetricEncryptionAlgorithm,
IKeychainEncryptHandler handler) throws RemoteException {
encryptAndSignSafe(inputBytes, inputUri, useAsciiArmor, compression, null,
encryptionPassphrase, symmetricEncryptionAlgorithm, Id.key.none, 0, false,
null, handler);
}
@Override
public void encryptAndSignAsymmetric(byte[] inputBytes, String inputUri,
boolean useAsciiArmor, int compression, long[] encryptionKeyIds,
int symmetricEncryptionAlgorithm, long signatureKeyId, int signatureHashAlgorithm,
boolean signatureForceV3, String signaturePassphrase,
IKeychainEncryptHandler handler) throws RemoteException {
encryptAndSignSafe(inputBytes, inputUri, useAsciiArmor, compression, encryptionKeyIds,
null, symmetricEncryptionAlgorithm, signatureKeyId, signatureHashAlgorithm,
signatureForceV3, signaturePassphrase, handler);
}
@Override
public void encryptAndSignSymmetric(byte[] inputBytes, String inputUri,
boolean useAsciiArmor, int compression, String encryptionPassphrase,
int symmetricEncryptionAlgorithm, long signatureKeyId, int signatureHashAlgorithm,
boolean signatureForceV3, String signaturePassphrase,
IKeychainEncryptHandler handler) throws RemoteException {
encryptAndSignSafe(inputBytes, inputUri, useAsciiArmor, compression, null,
encryptionPassphrase, symmetricEncryptionAlgorithm, signatureKeyId,
signatureHashAlgorithm, signatureForceV3, signaturePassphrase, handler);
}
@Override
public void decryptAndVerifyAsymmetric(byte[] inputBytes, String inputUri,
String keyPassphrase, IKeychainDecryptHandler handler) throws RemoteException {
decryptAndVerifySafe(inputBytes, inputUri, keyPassphrase, false, handler);
}
@Override
public void decryptAndVerifySymmetric(byte[] inputBytes, String inputUri,
String encryptionPassphrase, IKeychainDecryptHandler handler)
throws RemoteException {
decryptAndVerifySafe(inputBytes, inputUri, encryptionPassphrase, true, handler);
}
@Override
public void getDecryptionKeyId(byte[] inputBytes, String inputUri,
IKeychainGetDecryptionKeyIdHandler handler) throws RemoteException {
getDecryptionKeySafe(inputBytes, inputUri, handler);
}
};
/**
* As we can not throw an exception through Android RPC, we assign identifiers to the exception
* types.
*
* @param e
* @return
*/
private int getExceptionId(Exception e) {
if (e instanceof NoSuchProviderException) {
return 0;
} else if (e instanceof NoSuchAlgorithmException) {
return 1;
} else if (e instanceof SignatureException) {
return 2;
} else if (e instanceof IOException) {
return 3;
} else if (e instanceof PgpGeneralException) {
return 4;
} else if (e instanceof PGPException) {
return 5;
} else {
return -1;
}
}
}

884
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/KeychainIntentService.java Normal file
View File

@@ -0,0 +1,884 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import org.spongycastle.openpgp.PGPPublicKeyRing;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.helper.FileHelper;
import org.sufficientlysecure.keychain.helper.OtherHelper;
import org.sufficientlysecure.keychain.helper.PgpConversionHelper;
import org.sufficientlysecure.keychain.helper.PgpMain;
import org.sufficientlysecure.keychain.helper.Preferences;
import org.sufficientlysecure.keychain.helper.PgpMain.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.provider.KeychainContract.DataStream;
import org.sufficientlysecure.keychain.util.HkpKeyServer;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.ProgressDialogUpdater;
import org.sufficientlysecure.keychain.util.KeyServer.KeyInfo;
import org.sufficientlysecure.keychain.R;
import android.app.IntentService;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.os.Message;
import android.os.Messenger;
import android.os.RemoteException;
/**
* This Service contains all important long lasting operations for APG. It receives Intents with
* data from the activities or other apps, queues these intents, executes them, and stops itself
* after doing them.
*/
public class KeychainIntentService extends IntentService implements ProgressDialogUpdater {
/* extras that can be given by intent */
public static final String EXTRA_MESSENGER = "messenger";
public static final String EXTRA_ACTION = "action";
public static final String EXTRA_DATA = "data";
/* possible EXTRA_ACTIONs */
public static final int ACTION_ENCRYPT_SIGN = 10;
public static final int ACTION_DECRYPT_VERIFY = 20;
public static final int ACTION_SAVE_KEYRING = 30;
public static final int ACTION_GENERATE_KEY = 31;
public static final int ACTION_GENERATE_DEFAULT_RSA_KEYS = 32;
public static final int ACTION_DELETE_FILE_SECURELY = 40;
public static final int ACTION_IMPORT_KEYRING = 50;
public static final int ACTION_EXPORT_KEYRING = 51;
public static final int ACTION_UPLOAD_KEYRING = 60;
public static final int ACTION_QUERY_KEYRING = 61;
public static final int ACTION_SIGN_KEYRING = 70;
/* keys for data bundle */
// encrypt, decrypt, import export
public static final String TARGET = "target";
// possible targets:
public static final int TARGET_BYTES = 1;
public static final int TARGET_FILE = 2;
public static final int TARGET_STREAM = 3;
// encrypt
public static final String ENCRYPT_SECRET_KEY_ID = "secretKeyId";
public static final String ENCRYPT_USE_ASCII_AMOR = "useAsciiAmor";
public static final String ENCRYPT_ENCRYPTION_KEYS_IDS = "encryptionKeysIds";
public static final String ENCRYPT_COMPRESSION_ID = "compressionId";
public static final String ENCRYPT_GENERATE_SIGNATURE = "generateSignature";
public static final String ENCRYPT_SIGN_ONLY = "signOnly";
public static final String ENCRYPT_MESSAGE_BYTES = "messageBytes";
public static final String ENCRYPT_INPUT_FILE = "inputFile";
public static final String ENCRYPT_OUTPUT_FILE = "outputFile";
public static final String ENCRYPT_PROVIDER_URI = "providerUri";
// decrypt/verify
public static final String DECRYPT_SIGNED_ONLY = "signedOnly";
public static final String DECRYPT_RETURN_BYTES = "returnBinary";
public static final String DECRYPT_CIPHERTEXT_BYTES = "ciphertextBytes";
public static final String DECRYPT_ASSUME_SYMMETRIC = "assumeSymmetric";
public static final String DECRYPT_LOOKUP_UNKNOWN_KEY = "lookupUnknownKey";
// save keyring
public static final String SAVE_KEYRING_NEW_PASSPHRASE = "newPassphrase";
public static final String SAVE_KEYRING_CURRENT_PASSPHRASE = "currentPassphrase";
public static final String SAVE_KEYRING_USER_IDS = "userIds";
public static final String SAVE_KEYRING_KEYS = "keys";
public static final String SAVE_KEYRING_KEYS_USAGES = "keysUsages";
public static final String SAVE_KEYRING_MASTER_KEY_ID = "masterKeyId";
// generate key
public static final String GENERATE_KEY_ALGORITHM = "algorithm";
public static final String GENERATE_KEY_KEY_SIZE = "keySize";
public static final String GENERATE_KEY_SYMMETRIC_PASSPHRASE = "passphrase";
public static final String GENERATE_KEY_MASTER_KEY = "masterKey";
// delete file securely
public static final String DELETE_FILE = "deleteFile";
// import key
public static final String IMPORT_INPUT_STREAM = "importInputStream";
public static final String IMPORT_FILENAME = "importFilename";
public static final String IMPORT_BYTES = "importBytes";
// public static final String IMPORT_KEY_TYPE = "importKeyType";
// export key
public static final String EXPORT_OUTPUT_STREAM = "exportOutputStream";
public static final String EXPORT_FILENAME = "exportFilename";
public static final String EXPORT_KEY_TYPE = "exportKeyType";
public static final String EXPORT_ALL = "exportAll";
public static final String EXPORT_KEY_RING_MASTER_KEY_ID = "exportKeyRingId";
// upload key
public static final String UPLOAD_KEY_SERVER = "uploadKeyServer";
public static final String UPLOAD_KEY_KEYRING_ROW_ID = "uploadKeyRingId";
// query key
public static final String QUERY_KEY_SERVER = "queryKeyServer";
public static final String QUERY_KEY_TYPE = "queryKeyType";
public static final String QUERY_KEY_STRING = "queryKeyString";
public static final String QUERY_KEY_ID = "queryKeyId";
// sign key
public static final String SIGN_KEY_MASTER_KEY_ID = "signKeyMasterKeyId";
public static final String SIGN_KEY_PUB_KEY_ID = "signKeyPubKeyId";
/*
* possible data keys as result send over messenger
*/
// keys
public static final String RESULT_NEW_KEY = "newKey";
public static final String RESULT_NEW_KEY2 = "newKey2";
// encrypt
public static final String RESULT_SIGNATURE_BYTES = "signatureData";
public static final String RESULT_SIGNATURE_STRING = "signatureText";
public static final String RESULT_ENCRYPTED_STRING = "encryptedMessage";
public static final String RESULT_ENCRYPTED_BYTES = "encryptedData";
public static final String RESULT_URI = "resultUri";
// decrypt/verify
public static final String RESULT_DECRYPTED_STRING = "decryptedMessage";
public static final String RESULT_DECRYPTED_BYTES = "decryptedData";
public static final String RESULT_SIGNATURE = "signature";
public static final String RESULT_SIGNATURE_KEY_ID = "signatureKeyId";
public static final String RESULT_SIGNATURE_USER_ID = "signatureUserId";
public static final String RESULT_SIGNATURE_SUCCESS = "signatureSuccess";
public static final String RESULT_SIGNATURE_UNKNOWN = "signatureUnknown";
public static final String RESULT_SIGNATURE_LOOKUP_KEY = "lookupKey";
// import
public static final String RESULT_IMPORT_ADDED = "added";
public static final String RESULT_IMPORT_UPDATED = "updated";
public static final String RESULT_IMPORT_BAD = "bad";
// export
public static final String RESULT_EXPORT = "exported";
// query
public static final String RESULT_QUERY_KEY_KEY_DATA = "queryKeyKeyData";
public static final String RESULT_QUERY_KEY_SEARCH_RESULT = "queryKeySearchResult";
Messenger mMessenger;
public KeychainIntentService() {
super("ApgService");
}
/**
* The IntentService calls this method from the default worker thread with the intent that
* started the service. When this method returns, IntentService stops the service, as
* appropriate.
*/
@Override
protected void onHandleIntent(Intent intent) {
Bundle extras = intent.getExtras();
if (extras == null) {
Log.e(Constants.TAG, "Extras bundle is null!");
return;
}
if (!(extras.containsKey(EXTRA_MESSENGER) || extras.containsKey(EXTRA_DATA) || extras
.containsKey(EXTRA_ACTION))) {
Log.e(Constants.TAG,
"Extra bundle must contain a messenger, a data bundle, and an action!");
return;
}
mMessenger = (Messenger) extras.get(EXTRA_MESSENGER);
Bundle data = extras.getBundle(EXTRA_DATA);
OtherHelper.logDebugBundle(data, "EXTRA_DATA");
int action = extras.getInt(EXTRA_ACTION);
// execute action from extra bundle
switch (action) {
case ACTION_ENCRYPT_SIGN:
try {
/* Input */
int target = data.getInt(TARGET);
long secretKeyId = data.getLong(ENCRYPT_SECRET_KEY_ID);
String encryptionPassphrase = data.getString(GENERATE_KEY_SYMMETRIC_PASSPHRASE);
boolean useAsciiArmor = data.getBoolean(ENCRYPT_USE_ASCII_AMOR);
long encryptionKeyIds[] = data.getLongArray(ENCRYPT_ENCRYPTION_KEYS_IDS);
int compressionId = data.getInt(ENCRYPT_COMPRESSION_ID);
boolean generateSignature = data.getBoolean(ENCRYPT_GENERATE_SIGNATURE);
boolean signOnly = data.getBoolean(ENCRYPT_SIGN_ONLY);
InputStream inStream = null;
long inLength = -1;
InputData inputData = null;
OutputStream outStream = null;
String streamFilename = null;
switch (target) {
case TARGET_BYTES: /* encrypting bytes directly */
byte[] bytes = data.getByteArray(ENCRYPT_MESSAGE_BYTES);
inStream = new ByteArrayInputStream(bytes);
inLength = bytes.length;
inputData = new InputData(inStream, inLength);
outStream = new ByteArrayOutputStream();
break;
case TARGET_FILE: /* encrypting file */
String inputFile = data.getString(ENCRYPT_INPUT_FILE);
String outputFile = data.getString(ENCRYPT_OUTPUT_FILE);
// check if storage is ready
if (!FileHelper.isStorageMounted(inputFile)
|| !FileHelper.isStorageMounted(outputFile)) {
throw new PgpGeneralException(
getString(R.string.error_externalStorageNotReady));
}
inStream = new FileInputStream(inputFile);
File file = new File(inputFile);
inLength = file.length();
inputData = new InputData(inStream, inLength);
outStream = new FileOutputStream(outputFile);
break;
case TARGET_STREAM: /* Encrypting stream from content uri */
Uri providerUri = (Uri) data.getParcelable(ENCRYPT_PROVIDER_URI);
// InputStream
InputStream in = getContentResolver().openInputStream(providerUri);
inLength = PgpMain.getLengthOfStream(in);
inputData = new InputData(in, inLength);
// OutputStream
try {
while (true) {
streamFilename = PgpMain.generateRandomFilename(32);
if (streamFilename == null) {
throw new PgpMain.PgpGeneralException(
"couldn't generate random file name");
}
openFileInput(streamFilename).close();
}
} catch (FileNotFoundException e) {
// found a name that isn't used yet
}
outStream = openFileOutput(streamFilename, Context.MODE_PRIVATE);
break;
default:
throw new PgpMain.PgpGeneralException("No target choosen!");
}
/* Operation */
if (generateSignature) {
Log.d(Constants.TAG, "generating signature...");
PgpMain.generateSignature(this, this, inputData, outStream, useAsciiArmor,
false, secretKeyId, PassphraseCacheService.getCachedPassphrase(this,
secretKeyId), Preferences.getPreferences(this)
.getDefaultHashAlgorithm(), Preferences.getPreferences(this)
.getForceV3Signatures());
} else if (signOnly) {
Log.d(Constants.TAG, "sign only...");
PgpMain.signText(this, this, inputData, outStream, secretKeyId,
PassphraseCacheService.getCachedPassphrase(this, secretKeyId),
Preferences.getPreferences(this).getDefaultHashAlgorithm(), Preferences
.getPreferences(this).getForceV3Signatures());
} else {
Log.d(Constants.TAG, "encrypt...");
PgpMain.encryptAndSign(this, this, inputData, outStream, useAsciiArmor,
compressionId, encryptionKeyIds, encryptionPassphrase, Preferences
.getPreferences(this).getDefaultEncryptionAlgorithm(),
secretKeyId,
Preferences.getPreferences(this).getDefaultHashAlgorithm(), Preferences
.getPreferences(this).getForceV3Signatures(),
PassphraseCacheService.getCachedPassphrase(this, secretKeyId));
}
outStream.close();
/* Output */
Bundle resultData = new Bundle();
switch (target) {
case TARGET_BYTES:
if (useAsciiArmor) {
String output = new String(
((ByteArrayOutputStream) outStream).toByteArray());
if (generateSignature) {
resultData.putString(RESULT_SIGNATURE_STRING, output);
} else {
resultData.putString(RESULT_ENCRYPTED_STRING, output);
}
} else {
byte output[] = ((ByteArrayOutputStream) outStream).toByteArray();
if (generateSignature) {
resultData.putByteArray(RESULT_SIGNATURE_BYTES, output);
} else {
resultData.putByteArray(RESULT_ENCRYPTED_BYTES, output);
}
}
break;
case TARGET_FILE:
// nothing, file was written, just send okay
break;
case TARGET_STREAM:
String uri = DataStream.buildDataStreamUri(streamFilename).toString();
resultData.putString(RESULT_URI, uri);
break;
}
OtherHelper.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_DECRYPT_VERIFY:
try {
/* Input */
int target = data.getInt(TARGET);
long secretKeyId = data.getLong(ENCRYPT_SECRET_KEY_ID);
byte[] bytes = data.getByteArray(DECRYPT_CIPHERTEXT_BYTES);
boolean signedOnly = data.getBoolean(DECRYPT_SIGNED_ONLY);
boolean returnBytes = data.getBoolean(DECRYPT_RETURN_BYTES);
boolean assumeSymmetricEncryption = data.getBoolean(DECRYPT_ASSUME_SYMMETRIC);
boolean lookupUnknownKey = data.getBoolean(DECRYPT_LOOKUP_UNKNOWN_KEY);
InputStream inStream = null;
long inLength = -1;
InputData inputData = null;
OutputStream outStream = null;
String streamFilename = null;
switch (target) {
case TARGET_BYTES: /* decrypting bytes directly */
inStream = new ByteArrayInputStream(bytes);
inLength = bytes.length;
inputData = new InputData(inStream, inLength);
outStream = new ByteArrayOutputStream();
break;
case TARGET_FILE: /* decrypting file */
String inputFile = data.getString(ENCRYPT_INPUT_FILE);
String outputFile = data.getString(ENCRYPT_OUTPUT_FILE);
// check if storage is ready
if (!FileHelper.isStorageMounted(inputFile)
|| !FileHelper.isStorageMounted(outputFile)) {
throw new PgpGeneralException(
getString(R.string.error_externalStorageNotReady));
}
// InputStream
inLength = -1;
inStream = new FileInputStream(inputFile);
File file = new File(inputFile);
inLength = file.length();
inputData = new InputData(inStream, inLength);
// OutputStream
outStream = new FileOutputStream(outputFile);
break;
case TARGET_STREAM: /* decrypting stream from content uri */
Uri providerUri = (Uri) data.getParcelable(ENCRYPT_PROVIDER_URI);
// InputStream
InputStream in = getContentResolver().openInputStream(providerUri);
inLength = PgpMain.getLengthOfStream(in);
inputData = new InputData(in, inLength);
// OutputStream
try {
while (true) {
streamFilename = PgpMain.generateRandomFilename(32);
if (streamFilename == null) {
throw new PgpMain.PgpGeneralException(
"couldn't generate random file name");
}
openFileInput(streamFilename).close();
}
} catch (FileNotFoundException e) {
// found a name that isn't used yet
}
outStream = openFileOutput(streamFilename, Context.MODE_PRIVATE);
break;
default:
throw new PgpMain.PgpGeneralException("No target choosen!");
}
/* Operation */
Bundle resultData = new Bundle();
// verifyText and decrypt returning additional resultData values for the
// verification of signatures
if (signedOnly) {
resultData = PgpMain.verifyText(this, this, inputData, outStream,
lookupUnknownKey);
} else {
resultData = PgpMain.decryptAndVerify(this, this, inputData, outStream,
PassphraseCacheService.getCachedPassphrase(this, secretKeyId),
assumeSymmetricEncryption);
}
outStream.close();
/* Output */
switch (target) {
case TARGET_BYTES:
if (returnBytes) {
byte output[] = ((ByteArrayOutputStream) outStream).toByteArray();
resultData.putByteArray(RESULT_DECRYPTED_BYTES, output);
} else {
String output = new String(
((ByteArrayOutputStream) outStream).toByteArray());
resultData.putString(RESULT_DECRYPTED_STRING, output);
}
break;
case TARGET_FILE:
// nothing, file was written, just send okay and verification bundle
break;
case TARGET_STREAM:
String uri = DataStream.buildDataStreamUri(streamFilename).toString();
resultData.putString(RESULT_URI, uri);
break;
}
OtherHelper.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_SAVE_KEYRING:
try {
/* Input */
String oldPassPhrase = data.getString(SAVE_KEYRING_CURRENT_PASSPHRASE);
String newPassPhrase = data.getString(SAVE_KEYRING_NEW_PASSPHRASE);
if (newPassPhrase == null) {
newPassPhrase = oldPassPhrase;
}
ArrayList<String> userIds = data.getStringArrayList(SAVE_KEYRING_USER_IDS);
ArrayList<PGPSecretKey> keys = PgpConversionHelper.BytesToPGPSecretKeyList(data
.getByteArray(SAVE_KEYRING_KEYS));
ArrayList<Integer> keysUsages = data.getIntegerArrayList(SAVE_KEYRING_KEYS_USAGES);
long masterKeyId = data.getLong(SAVE_KEYRING_MASTER_KEY_ID);
/* Operation */
PgpMain.buildSecretKey(this, userIds, keys, keysUsages, masterKeyId, oldPassPhrase,
newPassPhrase, this);
PassphraseCacheService.addCachedPassphrase(this, masterKeyId, newPassPhrase);
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_GENERATE_KEY:
try {
/* Input */
int algorithm = data.getInt(GENERATE_KEY_ALGORITHM);
String passphrase = data.getString(GENERATE_KEY_SYMMETRIC_PASSPHRASE);
int keysize = data.getInt(GENERATE_KEY_KEY_SIZE);
PGPSecretKey masterKey = null;
if (data.containsKey(GENERATE_KEY_MASTER_KEY)) {
masterKey = PgpConversionHelper.BytesToPGPSecretKey(data
.getByteArray(GENERATE_KEY_MASTER_KEY));
}
/* Operation */
PGPSecretKeyRing newKeyRing = PgpMain.createKey(this, algorithm, keysize,
passphrase, masterKey);
/* Output */
Bundle resultData = new Bundle();
resultData.putByteArray(RESULT_NEW_KEY,
PgpConversionHelper.PGPSecretKeyRingToBytes(newKeyRing));
OtherHelper.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_GENERATE_DEFAULT_RSA_KEYS:
// generate one RSA 2048 key for signing and one subkey for encrypting!
try {
/* Input */
String passphrase = data.getString(GENERATE_KEY_SYMMETRIC_PASSPHRASE);
/* Operation */
PGPSecretKeyRing masterKeyRing = PgpMain.createKey(this, Id.choice.algorithm.rsa,
2048, passphrase, null);
PGPSecretKeyRing subKeyRing = PgpMain.createKey(this, Id.choice.algorithm.rsa,
2048, passphrase, masterKeyRing.getSecretKey());
/* Output */
Bundle resultData = new Bundle();
resultData.putByteArray(RESULT_NEW_KEY,
PgpConversionHelper.PGPSecretKeyRingToBytes(masterKeyRing));
resultData.putByteArray(RESULT_NEW_KEY2,
PgpConversionHelper.PGPSecretKeyRingToBytes(subKeyRing));
OtherHelper.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_DELETE_FILE_SECURELY:
try {
/* Input */
String deleteFile = data.getString(DELETE_FILE);
/* Operation */
try {
PgpMain.deleteFileSecurely(this, this, new File(deleteFile));
} catch (FileNotFoundException e) {
throw new PgpMain.PgpGeneralException(getString(R.string.error_fileNotFound,
deleteFile));
} catch (IOException e) {
throw new PgpMain.PgpGeneralException(getString(
R.string.error_fileDeleteFailed, deleteFile));
}
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_IMPORT_KEYRING:
try {
/* Input */
int target = data.getInt(TARGET);
// int keyType = Id.type.public_key;
// if (data.containsKey(IMPORT_KEY_TYPE)) {
// keyType = data.getInt(IMPORT_KEY_TYPE);
// }
/* Operation */
InputStream inStream = null;
long inLength = -1;
InputData inputData = null;
switch (target) {
case TARGET_BYTES: /* import key from bytes directly */
byte[] bytes = data.getByteArray(IMPORT_BYTES);
inStream = new ByteArrayInputStream(bytes);
inLength = bytes.length;
inputData = new InputData(inStream, inLength);
break;
case TARGET_FILE: /* import key from file */
String inputFile = data.getString(IMPORT_FILENAME);
inStream = new FileInputStream(inputFile);
File file = new File(inputFile);
inLength = file.length();
inputData = new InputData(inStream, inLength);
break;
case TARGET_STREAM:
// TODO: not implemented
break;
}
Bundle resultData = new Bundle();
resultData = PgpMain.importKeyRings(this, inputData, this);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_EXPORT_KEYRING:
try {
/* Input */
int keyType = Id.type.public_key;
if (data.containsKey(EXPORT_KEY_TYPE)) {
keyType = data.getInt(EXPORT_KEY_TYPE);
}
String outputFile = data.getString(EXPORT_FILENAME);
boolean exportAll = data.getBoolean(EXPORT_ALL);
long keyRingMasterKeyId = -1;
if (!exportAll) {
keyRingMasterKeyId = data.getLong(EXPORT_KEY_RING_MASTER_KEY_ID);
}
/* Operation */
// check if storage is ready
if (!FileHelper.isStorageMounted(outputFile)) {
throw new PgpGeneralException(getString(R.string.error_externalStorageNotReady));
}
// OutputStream
FileOutputStream outStream = new FileOutputStream(outputFile);
ArrayList<Long> keyRingMasterKeyIds = new ArrayList<Long>();
if (exportAll) {
// get all key ring row ids based on export type
if (keyType == Id.type.public_key) {
keyRingMasterKeyIds = ProviderHelper.getPublicKeyRingsMasterKeyIds(this);
} else {
keyRingMasterKeyIds = ProviderHelper.getSecretKeyRingsMasterKeyIds(this);
}
} else {
keyRingMasterKeyIds.add(keyRingMasterKeyId);
}
Bundle resultData = new Bundle();
resultData = PgpMain.exportKeyRings(this, keyRingMasterKeyIds, keyType, outStream,
this);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_UPLOAD_KEYRING:
try {
/* Input */
int keyRingRowId = data.getInt(UPLOAD_KEY_KEYRING_ROW_ID);
String keyServer = data.getString(UPLOAD_KEY_SERVER);
/* Operation */
HkpKeyServer server = new HkpKeyServer(keyServer);
PGPPublicKeyRing keyring = ProviderHelper.getPGPPublicKeyRingByRowId(this,
keyRingRowId);
if (keyring != null) {
boolean uploaded = PgpMain.uploadKeyRingToServer(server,
(PGPPublicKeyRing) keyring);
if (!uploaded) {
throw new PgpGeneralException("Unable to export key to selected server");
}
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_QUERY_KEYRING:
try {
/* Input */
int queryType = data.getInt(QUERY_KEY_TYPE);
String keyServer = data.getString(QUERY_KEY_SERVER);
String queryString = data.getString(QUERY_KEY_STRING);
long keyId = data.getLong(QUERY_KEY_ID);
/* Operation */
Bundle resultData = new Bundle();
HkpKeyServer server = new HkpKeyServer(keyServer);
if (queryType == Id.keyserver.search) {
ArrayList<KeyInfo> searchResult = server.search(queryString);
resultData.putParcelableArrayList(RESULT_QUERY_KEY_SEARCH_RESULT, searchResult);
} else if (queryType == Id.keyserver.get) {
String keyData = server.get(keyId);
resultData.putString(RESULT_QUERY_KEY_KEY_DATA, keyData);
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
case ACTION_SIGN_KEYRING:
try {
/* Input */
long masterKeyId = data.getLong(SIGN_KEY_MASTER_KEY_ID);
long pubKeyId = data.getLong(SIGN_KEY_PUB_KEY_ID);
/* Operation */
String signaturePassPhrase = PassphraseCacheService.getCachedPassphrase(this,
masterKeyId);
PGPPublicKeyRing signedPubKeyRing = PgpMain.signKey(this, masterKeyId, pubKeyId,
signaturePassPhrase);
// store the signed key in our local cache
int retval = PgpMain.storeKeyRingInCache(this, signedPubKeyRing);
if (retval != Id.return_value.ok && retval != Id.return_value.updated) {
throw new PgpGeneralException("Failed to store signed key in local cache");
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
break;
default:
break;
}
}
private void sendErrorToHandler(Exception e) {
Log.e(Constants.TAG, "ApgService Exception: ", e);
e.printStackTrace();
Bundle data = new Bundle();
data.putString(KeychainIntentServiceHandler.DATA_ERROR, e.getMessage());
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_EXCEPTION, null, data);
}
private void sendMessageToHandler(Integer arg1, Integer arg2, Bundle data) {
Message msg = Message.obtain();
msg.arg1 = arg1;
if (arg2 != null) {
msg.arg2 = arg2;
}
if (data != null) {
msg.setData(data);
}
try {
mMessenger.send(msg);
} catch (RemoteException e) {
Log.w(Constants.TAG, "Exception sending message, Is handler present?", e);
} catch (NullPointerException e) {
Log.w(Constants.TAG, "Messenger is null!", e);
}
}
private void sendMessageToHandler(Integer arg1, Bundle data) {
sendMessageToHandler(arg1, null, data);
}
private void sendMessageToHandler(Integer arg1) {
sendMessageToHandler(arg1, null, null);
}
/**
* Set progress of ProgressDialog by sending message to handler on UI thread
*/
public void setProgress(String message, int progress, int max) {
Log.d(Constants.TAG, "Send message by setProgress with progress=" + progress + ", max="
+ max);
Bundle data = new Bundle();
if (message != null) {
data.putString(KeychainIntentServiceHandler.DATA_MESSAGE, message);
}
data.putInt(KeychainIntentServiceHandler.DATA_PROGRESS, progress);
data.putInt(KeychainIntentServiceHandler.DATA_PROGRESS_MAX, max);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_UPDATE_PROGRESS, null, data);
}
public void setProgress(int resourceId, int progress, int max) {
setProgress(getString(resourceId), progress, max);
}
public void setProgress(int progress, int max) {
setProgress(null, progress, max);
}
}

109
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/KeychainIntentServiceHandler.java Normal file
View File

@@ -0,0 +1,109 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import org.sufficientlysecure.keychain.ui.dialog.ProgressDialogFragment;
import org.sufficientlysecure.keychain.R;
import android.app.Activity;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.support.v4.app.FragmentActivity;
import android.widget.Toast;
public class KeychainIntentServiceHandler extends Handler {
// possible messages send from this service to handler on ui
public static final int MESSAGE_OKAY = 1;
public static final int MESSAGE_EXCEPTION = 2;
public static final int MESSAGE_UPDATE_PROGRESS = 3;
// possible data keys for messages
public static final String DATA_ERROR = "error";
public static final String DATA_PROGRESS = "progress";
public static final String DATA_PROGRESS_MAX = "max";
public static final String DATA_MESSAGE = "message";
public static final String DATA_MESSAGE_ID = "message_id";
Activity mActivity;
ProgressDialogFragment mProgressDialogFragment;
public KeychainIntentServiceHandler(Activity activity) {
this.mActivity = activity;
}
public KeychainIntentServiceHandler(Activity activity, ProgressDialogFragment progressDialogFragment) {
this.mActivity = activity;
this.mProgressDialogFragment = progressDialogFragment;
}
public KeychainIntentServiceHandler(Activity activity, int progressDialogMessageId, int progressDialogStyle) {
this.mActivity = activity;
this.mProgressDialogFragment = ProgressDialogFragment.newInstance(progressDialogMessageId,
progressDialogStyle);
}
public void showProgressDialog(FragmentActivity activity) {
mProgressDialogFragment.show(activity.getSupportFragmentManager(), "progressDialog");
}
@Override
public void handleMessage(Message message) {
Bundle data = message.getData();
switch (message.arg1) {
case MESSAGE_OKAY:
mProgressDialogFragment.dismiss();
break;
case MESSAGE_EXCEPTION:
mProgressDialogFragment.dismiss();
// show error from service
if (data.containsKey(DATA_ERROR)) {
Toast.makeText(mActivity,
mActivity.getString(R.string.errorMessage, data.getString(DATA_ERROR)),
Toast.LENGTH_SHORT).show();
}
break;
case MESSAGE_UPDATE_PROGRESS:
if (data.containsKey(DATA_PROGRESS) && data.containsKey(DATA_PROGRESS_MAX)) {
// update progress from service
if (data.containsKey(DATA_MESSAGE)) {
mProgressDialogFragment.setProgress(data.getString(DATA_MESSAGE),
data.getInt(DATA_PROGRESS), data.getInt(DATA_PROGRESS_MAX));
} else if (data.containsKey(DATA_MESSAGE_ID)) {
mProgressDialogFragment.setProgress(data.getInt(DATA_MESSAGE_ID),
data.getInt(DATA_PROGRESS), data.getInt(DATA_PROGRESS_MAX));
} else {
mProgressDialogFragment.setProgress(data.getInt(DATA_PROGRESS),
data.getInt(DATA_PROGRESS_MAX));
}
}
break;
default:
break;
}
}
}

138
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/KeychainKeyService.java Normal file
View File

@@ -0,0 +1,138 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import java.util.ArrayList;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.service.IKeychainKeyService;
import org.sufficientlysecure.keychain.service.handler.IKeychainGetKeyringsHandler;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.os.IBinder;
import android.os.RemoteException;
public class KeychainKeyService extends Service {
Context mContext;
@Override
public void onCreate() {
super.onCreate();
mContext = this;
Log.d(Constants.TAG, "ApgKeyService, onCreate()");
}
@Override
public void onDestroy() {
super.onDestroy();
Log.d(Constants.TAG, "ApgKeyService, onDestroy()");
}
@Override
public IBinder onBind(Intent intent) {
return mBinder;
}
/**
* Synchronized implementation of getPublicKeyRings
*/
private synchronized void getPublicKeyRingsSafe(long[] masterKeyIds,
boolean asAsciiArmoredStringArray, IKeychainGetKeyringsHandler handler)
throws RemoteException {
if (asAsciiArmoredStringArray) {
ArrayList<String> output = ProviderHelper.getPublicKeyRingsAsArmoredString(mContext,
masterKeyIds);
handler.onSuccess(null, output);
} else {
byte[] outputBytes = ProviderHelper
.getPublicKeyRingsAsByteArray(mContext, masterKeyIds);
handler.onSuccess(outputBytes, null);
}
}
/**
* Synchronized implementation of getSecretKeyRings
*/
private synchronized void getSecretKeyRingsSafe(long[] masterKeyIds,
boolean asAsciiArmoredStringArray, IKeychainGetKeyringsHandler handler)
throws RemoteException {
if (asAsciiArmoredStringArray) {
ArrayList<String> output = ProviderHelper.getSecretKeyRingsAsArmoredString(mContext,
masterKeyIds);
handler.onSuccess(null, output);
} else {
byte[] outputBytes = ProviderHelper
.getSecretKeyRingsAsByteArray(mContext, masterKeyIds);
handler.onSuccess(outputBytes, null);
}
}
/**
* This is the implementation of the interface IApgKeyService. All methods are oneway, meaning
* asynchronous and return to the client using handlers.
*
* The real PGP code is located in PGPMain.
*/
private final IKeychainKeyService.Stub mBinder = new IKeychainKeyService.Stub() {
@Override
public void getPublicKeyRings(long[] masterKeyIds, boolean asAsciiArmoredStringArray,
IKeychainGetKeyringsHandler handler) throws RemoteException {
getPublicKeyRingsSafe(masterKeyIds, asAsciiArmoredStringArray, handler);
}
@Override
public void getSecretKeyRings(long[] masterKeyIds, boolean asAsciiArmoredStringArray,
IKeychainGetKeyringsHandler handler) throws RemoteException {
getSecretKeyRingsSafe(masterKeyIds, asAsciiArmoredStringArray, handler);
}
};
/**
* As we can not throw an exception through Android RPC, we assign identifiers to the exception
* types.
*
* @param e
* @return
*/
// private int getExceptionId(Exception e) {
// if (e instanceof NoSuchProviderException) {
// return 0;
// } else if (e instanceof NoSuchAlgorithmException) {
// return 1;
// } else if (e instanceof SignatureException) {
// return 2;
// } else if (e instanceof IOException) {
// return 3;
// } else if (e instanceof ApgGeneralException) {
// return 4;
// } else if (e instanceof PGPException) {
// return 5;
// } else {
// return -1;
// }
// }
}

230
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/PassphraseCacheService.java Normal file
View File

@@ -0,0 +1,230 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service;
import java.util.Date;
import java.util.HashMap;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.helper.PgpHelper;
import org.sufficientlysecure.keychain.helper.Preferences;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import android.app.AlarmManager;
import android.app.PendingIntent;
import android.app.Service;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Binder;
import android.os.IBinder;
import android.util.Log;
public class PassphraseCacheService extends Service {
public static final String TAG = Constants.TAG + ": PassphraseCacheService";
public static final String BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE = Constants.INTENT_PREFIX
+ "PASSPHRASE_CACHE_SERVICE";
public static final String EXTRA_TTL = "ttl";
public static final String EXTRA_KEY_ID = "keyId";
public static final String EXTRA_PASSPHRASE = "passphrase";
private static final int REQUEST_ID = 0;
private static final long DEFAULT_TTL = 15;
private BroadcastReceiver mIntentReceiver;
// This is static to be easily retrieved by getCachedPassphrase() without the need of callback
// functions
private static HashMap<Long, String> mPassphraseCache = new HashMap<Long, String>();
/**
* This caches a new passphrase by sending a new command to the service. An android service is
* only run once. Thus, when the service is already started, new commands just add new events to
* the alarm manager for new passphrases to let them timeout in the future.
*
* @param context
* @param keyId
* @param passphrase
*/
public static void addCachedPassphrase(Context context, long keyId, String passphrase) {
Log.d(TAG, "cacheNewPassphrase() for " + keyId);
Intent intent = new Intent(context, PassphraseCacheService.class);
intent.putExtra(EXTRA_TTL, Preferences.getPreferences(context).getPassPhraseCacheTtl());
intent.putExtra(EXTRA_PASSPHRASE, passphrase);
intent.putExtra(EXTRA_KEY_ID, keyId);
context.startService(intent);
}
/**
* Gets a cached passphrase from memory
*
* @param context
* @param keyId
* @return
*/
public static String getCachedPassphrase(Context context, long keyId) {
// try to get master key id which is used as an identifier for cached passphrases
long masterKeyId = keyId;
if (masterKeyId != Id.key.symmetric) {
PGPSecretKeyRing keyRing = ProviderHelper.getPGPSecretKeyRingByKeyId(context, keyId);
if (keyRing == null) {
return null;
}
PGPSecretKey masterKey = PgpHelper.getMasterKey(keyRing);
if (masterKey == null) {
return null;
}
masterKeyId = masterKey.getKeyID();
}
// get cached passphrase
String cachedPassphrase = mPassphraseCache.get(masterKeyId);
if (cachedPassphrase == null) {
return null;
}
// set it again to reset the cache life cycle
Log.d(TAG, "Cache passphrase again when getting it!");
addCachedPassphrase(context, masterKeyId, cachedPassphrase);
return cachedPassphrase;
}
/**
* Register BroadcastReceiver that is unregistered when service is destroyed. This
* BroadcastReceiver hears on intents with ACTION_PASSPHRASE_CACHE_SERVICE to then timeout
* specific passphrases in memory.
*/
private void registerReceiver() {
if (mIntentReceiver == null) {
mIntentReceiver = new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
String action = intent.getAction();
Log.d(TAG, "Received broadcast...");
if (action.equals(BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE)) {
long keyId = intent.getLongExtra(EXTRA_KEY_ID, -1);
timeout(context, keyId);
}
}
};
IntentFilter filter = new IntentFilter();
filter.addAction(BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE);
registerReceiver(mIntentReceiver, filter);
}
}
/**
* Build pending intent that is executed by alarm manager to time out a specific passphrase
*
* @param context
* @param keyId
* @return
*/
private static PendingIntent buildIntent(Context context, long keyId) {
Intent intent = new Intent(BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE);
intent.putExtra(EXTRA_KEY_ID, keyId);
PendingIntent sender = PendingIntent.getBroadcast(context, REQUEST_ID, intent,
PendingIntent.FLAG_CANCEL_CURRENT);
return sender;
}
@Override
public void onCreate() {
Log.d(TAG, "onCreate()");
}
/**
* Executed when service is started by intent
*/
@Override
public int onStartCommand(Intent intent, int flags, int startId) {
Log.d(TAG, "onStartCommand()");
// register broadcastreceiver
registerReceiver();
if (intent != null) {
long ttl = intent.getLongExtra(EXTRA_TTL, DEFAULT_TTL);
long keyId = intent.getLongExtra(EXTRA_KEY_ID, -1);
String passphrase = intent.getStringExtra(EXTRA_PASSPHRASE);
Log.d(TAG, "Received intent in onStartCommand() with keyId: " + keyId + ", ttl: " + ttl);
// add keyId and passphrase to memory
mPassphraseCache.put(keyId, passphrase);
// register new alarm with keyId for this passphrase
long triggerTime = new Date().getTime() + (ttl * 1000);
AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE);
am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, keyId));
}
return START_STICKY;
}
/**
* Called when one specific passphrase for keyId timed out
*
* @param context
* @param keyId
*/
private void timeout(Context context, long keyId) {
// remove passphrase corresponding to keyId from memory
mPassphraseCache.remove(keyId);
Log.d(TAG, "Timeout of " + keyId + ", removed from memory!");
// stop whole service if no cached passphrases remaining
if (mPassphraseCache.isEmpty()) {
Log.d(TAG, "No passphrases remaining in memory, stopping service!");
stopSelf();
}
}
@Override
public void onDestroy() {
Log.d(TAG, "onDestroy()");
unregisterReceiver(mIntentReceiver);
}
public class PassphraseCacheBinder extends Binder {
public PassphraseCacheService getService() {
return PassphraseCacheService.this;
}
}
private final IBinder mBinder = new PassphraseCacheBinder();
@Override
public IBinder onBind(Intent intent) {
return mBinder;
}
}

27
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainDecryptHandler.aidl Normal file
View File

@@ -0,0 +1,27 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainDecryptHandler {
oneway void onSuccess(in byte[] outputBytes, in String outputUri, in boolean signature,
in long signatureKeyId, in String signatureUserId, in boolean signatureSuccess,
in boolean signatureUnknown);
oneway void onException(in int exceptionNumber, in String message);
}

28
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainEncryptHandler.aidl Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainEncryptHandler {
/**
* Either output or streamUri is given. One of them is null
*
*/
oneway void onSuccess(in byte[] outputBytes, in String outputUri);
oneway void onException(in int exceptionNumber, in String message);
}

25
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainGetDecryptionKeyIdHandler.aidl Normal file
View File

@@ -0,0 +1,25 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainGetDecryptionKeyIdHandler {
oneway void onSuccess(in long secretKeyId, in boolean symmetric);
oneway void onException(in int exceptionNumber, in String message);
}

28
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainGetKeyringsHandler.aidl Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainGetKeyringsHandler {
/**
* Either outputBytes or outputString is given. One of them is null
*
*/
oneway void onSuccess(in byte[] outputBytes, in List<String> outputString);
oneway void onException(in int exceptionNumber, in String message);
}

28
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainSignHandler.aidl Normal file
View File

@@ -0,0 +1,28 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainSignHandler {
/**
* Either output or streamUri is given. One of them is null
*
*/
oneway void onSuccess(in byte[] outputBytes, in String outputUri);
oneway void onException(in int exceptionNumber, in String message);
}

26
OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/handler/IKeychainVerifyHandler.aidl Normal file
View File

@@ -0,0 +1,26 @@
/*
* Copyright (C) 2012 Dominik Schürmann <dominik@dominikschuermann.de>
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.sufficientlysecure.keychain.service.handler;
interface IKeychainVerifyHandler {
oneway void onSuccess(in boolean signature, in long signatureKeyId,
in String signatureUserId, in boolean signatureSuccess, in boolean signatureUnknown);
oneway void onException(in int exceptionNumber, in String message);
}