Merge pull request #2066 from open-keychain/db-interactor

Refactor database access

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java

@@ -44,16 +44,18 @@ import org.sufficientlysecure.keychain.operations.results.ExportResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
-import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
 import org.sufficientlysecure.keychain.pgp.PgpSignEncryptData;
 import org.sufficientlysecure.keychain.pgp.PgpSignEncryptInputParcel;
 import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
 import org.sufficientlysecure.keychain.service.BackupKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -77,23 +79,19 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
 
     private static final String[] PROJECTION = new String[] {
             KeyRings.MASTER_KEY_ID,
-            KeyRings.PUBKEY_DATA,
-            KeyRings.PRIVKEY_DATA,
             KeyRings.HAS_ANY_SECRET
     };
     private static final int INDEX_MASTER_KEY_ID = 0;
-    private static final int INDEX_PUBKEY_DATA = 1;
-    private static final int INDEX_SECKEY_DATA = 2;
-    private static final int INDEX_HAS_ANY_SECRET = 3;
+    private static final int INDEX_HAS_ANY_SECRET = 1;
 
-    public BackupOperation(Context context, ProviderHelper providerHelper, Progressable
+    public BackupOperation(Context context, KeyRepository keyRepository, Progressable
             progressable) {
-        super(context, providerHelper, progressable);
+        super(context, keyRepository, progressable);
     }
 
-    public BackupOperation(Context context, ProviderHelper providerHelper,
+    public BackupOperation(Context context, KeyRepository keyRepository,
                            Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, keyRepository, progressable, cancelled);
     }
 
     @NonNull
@@ -170,7 +168,7 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
     private PgpSignEncryptResult encryptBackupData(@NonNull BackupKeyringParcel backupInput,
             @NonNull CryptoInputParcel cryptoInput, @Nullable OutputStream outputStream, Uri plainUri, long exportedDataSize)
             throws FileNotFoundException {
-        PgpSignEncryptOperation signEncryptOperation = new PgpSignEncryptOperation(mContext, mProviderHelper, mProgressable, mCancelled);
+        PgpSignEncryptOperation signEncryptOperation = new PgpSignEncryptOperation(mContext, mKeyRepository, mProgressable, mCancelled);
 
         PgpSignEncryptData data = new PgpSignEncryptData();
         data.setSymmetricPassphrase(cryptoInput.getPassphrase());
@@ -230,16 +228,16 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
             // For each public masterKey id
             while (!cursor.isAfterLast()) {
 
-                long keyId = cursor.getLong(INDEX_MASTER_KEY_ID);
-                log.add(LogType.MSG_BACKUP_PUBLIC, 1, KeyFormattingUtils.beautifyKeyId(keyId));
+                long masterKeyId = cursor.getLong(INDEX_MASTER_KEY_ID);
+                log.add(LogType.MSG_BACKUP_PUBLIC, 1, KeyFormattingUtils.beautifyKeyId(masterKeyId));
 
-                if (writePublicKeyToStream(log, outStream, cursor)) {
+                if (writePublicKeyToStream(masterKeyId, log, outStream)) {
                     okPublic += 1;
 
                     boolean hasSecret = cursor.getInt(INDEX_HAS_ANY_SECRET) > 0;
                     if (exportSecret && hasSecret) {
-                        log.add(LogType.MSG_BACKUP_SECRET, 2, KeyFormattingUtils.beautifyKeyId(keyId));
-                        if (writeSecretKeyToStream(log, outStream, cursor)) {
+                        log.add(LogType.MSG_BACKUP_SECRET, 2, KeyFormattingUtils.beautifyKeyId(masterKeyId));
+                        if (writeSecretKeyToStream(masterKeyId, log, outStream)) {
                             okSecret += 1;
                         }
                     }
@@ -267,17 +265,16 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
         return true;
     }
 
-    private boolean writePublicKeyToStream(OperationLog log, OutputStream outStream, Cursor cursor)
-            throws IOException {
+    private boolean writePublicKeyToStream(long masterKeyId, OperationLog log, OutputStream outStream) throws IOException {
         ArmoredOutputStream arOutStream = null;
 
         try {
             arOutStream = new ArmoredOutputStream(outStream);
-            byte[] data = cursor.getBlob(INDEX_PUBKEY_DATA);
-            CanonicalizedKeyRing ring = UncachedKeyRing.decodeFromData(data).canonicalize(log, 2, true);
+            byte[] data = mKeyRepository.loadPublicKeyRingData(masterKeyId);
+            UncachedKeyRing uncachedKeyRing = UncachedKeyRing.decodeFromData(data);
+            CanonicalizedPublicKeyRing ring = (CanonicalizedPublicKeyRing) uncachedKeyRing.canonicalize(log, 2, true);
             ring.encode(arOutStream);
-
-        } catch (PgpGeneralException e) {
+        } catch (PgpGeneralException | NotFoundException e) {
             log.add(LogType.MSG_UPLOAD_ERROR_IO, 2);
         } finally {
             if (arOutStream != null) {
@@ -287,17 +284,17 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
         return true;
     }
 
-    private boolean writeSecretKeyToStream(OperationLog log, OutputStream outStream, Cursor cursor)
+    private boolean writeSecretKeyToStream(long masterKeyId, OperationLog log, OutputStream outStream)
             throws IOException {
         ArmoredOutputStream arOutStream = null;
 
         try {
             arOutStream = new ArmoredOutputStream(outStream);
-            byte[] data = cursor.getBlob(INDEX_SECKEY_DATA);
-            CanonicalizedKeyRing ring = UncachedKeyRing.decodeFromData(data).canonicalize(log, 2, true);
+            byte[] data = mKeyRepository.loadSecretKeyRingData(masterKeyId);
+            UncachedKeyRing uncachedKeyRing = UncachedKeyRing.decodeFromData(data);
+            CanonicalizedSecretKeyRing ring = (CanonicalizedSecretKeyRing) uncachedKeyRing.canonicalize(log, 2, true);
             ring.encode(arOutStream);
-
-        } catch (PgpGeneralException e) {
+        } catch (PgpGeneralException | NotFoundException e) {
             log.add(LogType.MSG_UPLOAD_ERROR_IO, 2);
         } finally {
             if (arOutStream != null) {
@@ -326,7 +323,7 @@ public class BackupOperation extends BaseOperation<BackupKeyringParcel> {
                     + " IN (" + placeholders + ")";
         }
 
-        return mProviderHelper.getContentResolver().query(
+        return mKeyRepository.getContentResolver().query(
                 KeyRings.buildUnifiedKeyRingsUri(), PROJECTION, selection, selectionArgs,
                 Tables.KEYS + "." + KeyRings.MASTER_KEY_ID
         );

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BaseOperation.java

@@ -17,6 +17,9 @@
 
 package org.sufficientlysecure.keychain.operations;
 
+
+import java.util.concurrent.atomic.AtomicBoolean;
+
 import android.content.Context;
 import android.os.Parcelable;
 import android.support.annotation.NonNull;
@@ -26,21 +29,19 @@ import org.sufficientlysecure.keychain.Constants.key;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.pgp.PassphraseCacheInterface;
 import org.sufficientlysecure.keychain.pgp.Progressable;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.util.Passphrase;
 
-import java.util.concurrent.atomic.AtomicBoolean;
-
-public abstract class BaseOperation <T extends Parcelable> implements PassphraseCacheInterface {
+public abstract class BaseOperation<T extends Parcelable> implements PassphraseCacheInterface {
 
     final public Context mContext;
     final public Progressable mProgressable;
     final public AtomicBoolean mCancelled;
 
-    final public ProviderHelper mProviderHelper;
+    final public KeyRepository mKeyRepository;
 
     /** An abstract base class for all *Operation classes. It provides a number
      * of common methods for progress, cancellation and passphrase cache handling.
@@ -64,18 +65,18 @@ public abstract class BaseOperation <T extends Parcelable> implements Passphrase
      * if there is no prefix it is considered Android-related.
      *
      */
-    public BaseOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
+    public BaseOperation(Context context, KeyRepository keyRepository, Progressable progressable) {
         this.mContext = context;
         this.mProgressable = progressable;
-        this.mProviderHelper = providerHelper;
+        this.mKeyRepository = keyRepository;
         mCancelled = null;
     }
 
-    public BaseOperation(Context context, ProviderHelper providerHelper,
-                         Progressable progressable, AtomicBoolean cancelled) {
+    public BaseOperation(Context context, KeyRepository keyRepository,
+            Progressable progressable, AtomicBoolean cancelled) {
         mContext = context;
         mProgressable = progressable;
-        mProviderHelper = providerHelper;
+        mKeyRepository = keyRepository;
         mCancelled = cancelled;
     }
 
@@ -114,7 +115,7 @@ public abstract class BaseOperation <T extends Parcelable> implements Passphrase
     public Passphrase getCachedPassphrase(long subKeyId) throws NoSecretKeyException {
         try {
             if (subKeyId != key.symmetric) {
-                long masterKeyId = mProviderHelper.getMasterKeyId(subKeyId);
+                long masterKeyId = mKeyRepository.getMasterKeyId(subKeyId);
                 return getCachedPassphrase(masterKeyId, subKeyId);
             }
             return getCachedPassphrase(key.symmetric, key.symmetric);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BaseReadWriteOperation.java

@@ -0,0 +1,30 @@
+package org.sufficientlysecure.keychain.operations;
+
+
+import java.util.concurrent.atomic.AtomicBoolean;
+
+import android.content.Context;
+import android.os.Parcelable;
+
+import org.sufficientlysecure.keychain.pgp.Progressable;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
+
+
+abstract class BaseReadWriteOperation<T extends Parcelable> extends BaseOperation<T> {
+    final KeyWritableRepository mKeyWritableRepository;
+
+    BaseReadWriteOperation(Context context,
+            KeyWritableRepository databaseInteractor,
+            Progressable progressable) {
+        super(context, databaseInteractor, progressable);
+
+        mKeyWritableRepository = databaseInteractor;
+    }
+
+    BaseReadWriteOperation(Context context, KeyWritableRepository databaseInteractor,
+            Progressable progressable, AtomicBoolean cancelled) {
+        super(context, databaseInteractor, progressable, cancelled);
+
+        mKeyWritableRepository = databaseInteractor;
+    }
+}

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BenchmarkOperation.java

@@ -41,12 +41,11 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.Operat
 import org.sufficientlysecure.keychain.operations.results.SignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
-import org.sufficientlysecure.keychain.pgp.PgpSecurityConstants;
 import org.sufficientlysecure.keychain.pgp.PgpSecurityConstants.OpenKeychainSymmetricKeyAlgorithmTags;
 import org.sufficientlysecure.keychain.pgp.PgpSignEncryptData;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.BenchmarkInputParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.util.Log;
@@ -56,9 +55,9 @@ import org.sufficientlysecure.keychain.util.ProgressScaler;
 
 public class BenchmarkOperation extends BaseOperation<BenchmarkInputParcel> {
 
-    public BenchmarkOperation(Context context, ProviderHelper providerHelper, Progressable
+    public BenchmarkOperation(Context context, KeyWritableRepository databaseInteractor, Progressable
             progressable) {
-        super(context, providerHelper, progressable);
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -82,7 +81,7 @@ public class BenchmarkOperation extends BaseOperation<BenchmarkInputParcel> {
         int i = 0;
         do {
             SignEncryptOperation op =
-                    new SignEncryptOperation(mContext, mProviderHelper,
+                    new SignEncryptOperation(mContext, mKeyRepository,
                             new ProgressScaler(mProgressable, i*(50/numRepeats), (i+1)*(50/numRepeats), 100), mCancelled);
             PgpSignEncryptData data = new PgpSignEncryptData();
             data.setSymmetricPassphrase(passphrase);
@@ -104,7 +103,7 @@ public class BenchmarkOperation extends BaseOperation<BenchmarkInputParcel> {
         do {
             DecryptVerifyResult decryptResult;
             PgpDecryptVerifyOperation op =
-                    new PgpDecryptVerifyOperation(mContext, mProviderHelper,
+                    new PgpDecryptVerifyOperation(mContext, mKeyRepository,
                             new ProgressScaler(mProgressable, 50 +i*(50/numRepeats), 50 +(i+1)*(50/numRepeats), 100));
             PgpDecryptVerifyInputParcel input = new PgpDecryptVerifyInputParcel(encryptResult.getResultBytes());
             input.setAllowSymmetricDecryption(true);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java

@@ -39,8 +39,8 @@ import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.CertifyActionsParcel;
 import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction;
 import org.sufficientlysecure.keychain.service.ContactSyncAdapterService;
@@ -60,11 +60,11 @@ import org.sufficientlysecure.keychain.util.Passphrase;
  *
  * @see CertifyActionsParcel
  */
-public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
+public class CertifyOperation extends BaseReadWriteOperation<CertifyActionsParcel> {
 
-    public CertifyOperation(Context context, ProviderHelper providerHelper, Progressable progressable, AtomicBoolean
+    public CertifyOperation(Context context, KeyWritableRepository databaseInteractor, Progressable progressable, AtomicBoolean
             cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, databaseInteractor, progressable, cancelled);
     }
 
     @NonNull
@@ -81,7 +81,7 @@ public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
 
             log.add(LogType.MSG_CRT_MASTER_FETCH, 1);
 
-            CachedPublicKeyRing cachedPublicKeyRing = mProviderHelper.getCachedPublicKeyRing(masterKeyId);
+            CachedPublicKeyRing cachedPublicKeyRing = mKeyRepository.getCachedPublicKeyRing(masterKeyId);
             Passphrase passphrase;
 
             switch (cachedPublicKeyRing.getSecretKeyType(masterKeyId)) {
@@ -121,7 +121,7 @@ public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
 
             // Get actual secret key
             CanonicalizedSecretKeyRing secretKeyRing =
-                    mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
+                    mKeyRepository.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
             certificationKey = secretKeyRing.getSecretKey();
 
             log.add(LogType.MSG_CRT_UNLOCK, 1);
@@ -165,7 +165,7 @@ public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
                 }
 
                 CanonicalizedPublicKeyRing publicRing =
-                        mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
+                        mKeyRepository.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
 
                 PgpCertifyOperation op = new PgpCertifyOperation();
                 PgpCertifyResult result = op.certify(certificationKey, publicRing,
@@ -206,7 +206,7 @@ public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
         // these variables are used inside the following loop, but they need to be created only once
         UploadOperation uploadOperation = null;
         if (parcel.keyServerUri != null) {
-            uploadOperation = new UploadOperation(mContext, mProviderHelper, mProgressable, mCancelled);
+            uploadOperation = new UploadOperation(mContext, mKeyRepository, mProgressable, mCancelled);
         }
 
         // Write all certified keys into the database
@@ -222,8 +222,8 @@ public class CertifyOperation extends BaseOperation<CertifyActionsParcel> {
             log.add(LogType.MSG_CRT_SAVE, 2,
                     KeyFormattingUtils.convertKeyIdToHex(certifiedKey.getMasterKeyId()));
             // store the signed key in our local cache
-            mProviderHelper.clearLog();
-            SaveKeyringResult result = mProviderHelper.savePublicKeyRing(certifiedKey);
+            mKeyRepository.clearLog();
+            SaveKeyringResult result = mKeyWritableRepository.savePublicKeyRing(certifiedKey);
 
             if (uploadOperation != null) {
                 UploadKeyringParcel uploadInput =

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ChangeUnlockOperation.java

@@ -29,17 +29,17 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
 import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
 
 
-public class ChangeUnlockOperation extends BaseOperation<ChangeUnlockParcel> {
+public class ChangeUnlockOperation extends BaseReadWriteOperation<ChangeUnlockParcel> {
 
-    public ChangeUnlockOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public ChangeUnlockOperation(Context context, KeyWritableRepository databaseInteractor, Progressable progressable) {
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -63,7 +63,7 @@ public class ChangeUnlockOperation extends BaseOperation<ChangeUnlockParcel> {
                             KeyFormattingUtils.convertKeyIdToHex(unlockParcel.mMasterKeyId));
 
                     CanonicalizedSecretKeyRing secRing =
-                            mProviderHelper.getCanonicalizedSecretKeyRing(unlockParcel.mMasterKeyId);
+                            mKeyRepository.getCanonicalizedSecretKeyRing(unlockParcel.mMasterKeyId);
                     modifyResult = keyOperations.modifyKeyRingPassphrase(secRing, cryptoInput, unlockParcel);
 
                     if (modifyResult.isPending()) {
@@ -71,7 +71,7 @@ public class ChangeUnlockOperation extends BaseOperation<ChangeUnlockParcel> {
                         log.add(modifyResult, 1);
                         return new EditKeyResult(log, modifyResult);
                     }
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyWritableRepository.NotFoundException e) {
                 log.add(OperationResult.LogType.MSG_ED_ERROR_KEY_NOT_FOUND, 2);
                 return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
             }
@@ -90,7 +90,7 @@ public class ChangeUnlockOperation extends BaseOperation<ChangeUnlockParcel> {
         // It's a success, so this must be non-null now
         UncachedKeyRing ring = modifyResult.getRing();
 
-        SaveKeyringResult saveResult = mProviderHelper
+        SaveKeyringResult saveResult = mKeyWritableRepository
                 .saveSecretKeyRing(ring, new ProgressScaler(mProgressable, 70, 95, 100));
         log.add(saveResult, 1);
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ConsolidateOperation.java

@@ -24,15 +24,15 @@ import android.support.annotation.NonNull;
 
 import org.sufficientlysecure.keychain.operations.results.ConsolidateResult;
 import org.sufficientlysecure.keychain.pgp.Progressable;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ConsolidateInputParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 
-public class ConsolidateOperation extends BaseOperation<ConsolidateInputParcel> {
+public class ConsolidateOperation extends BaseReadWriteOperation<ConsolidateInputParcel> {
 
-    public ConsolidateOperation(Context context, ProviderHelper providerHelper, Progressable
+    public ConsolidateOperation(Context context, KeyWritableRepository databaseInteractor, Progressable
             progressable) {
-        super(context, providerHelper, progressable);
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -40,9 +40,9 @@ public class ConsolidateOperation extends BaseOperation<ConsolidateInputParcel>
     public ConsolidateResult execute(ConsolidateInputParcel consolidateInputParcel,
                                      CryptoInputParcel cryptoInputParcel) {
         if (consolidateInputParcel.mConsolidateRecovery) {
-            return mProviderHelper.consolidateDatabaseStep2(mProgressable);
+            return mKeyWritableRepository.consolidateDatabaseStep2(mProgressable);
         } else {
-            return mProviderHelper.consolidateDatabaseStep1(mProgressable);
+            return mKeyWritableRepository.consolidateDatabaseStep1(mProgressable);
         }
     }
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/DeleteOperation.java

@@ -17,6 +17,7 @@
 
 package org.sufficientlysecure.keychain.operations;
 
+
 import android.content.Context;
 import android.support.annotation.NonNull;
 
@@ -26,8 +27,7 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
 import org.sufficientlysecure.keychain.pgp.Progressable;
-import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ContactSyncAdapterService;
 import org.sufficientlysecure.keychain.service.DeleteKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -41,10 +41,10 @@ import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
  * a list.
  *
  */
-public class DeleteOperation extends BaseOperation<DeleteKeyringParcel> {
+public class DeleteOperation extends BaseReadWriteOperation<DeleteKeyringParcel> {
 
-    public DeleteOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public DeleteOperation(Context context, KeyWritableRepository databaseInteractor, Progressable progressable) {
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -81,10 +81,8 @@ public class DeleteOperation extends BaseOperation<DeleteKeyringParcel> {
                 cancelled = true;
                 break;
             }
-            int count = mProviderHelper.getContentResolver().delete(
-                    KeyRingData.buildPublicKeyRingUri(masterKeyId), null, null
-            );
-            if (count > 0) {
+            boolean deleteSuccess = mKeyWritableRepository.deleteKeyRing(masterKeyId);
+            if (deleteSuccess) {
                 log.add(LogType.MSG_DEL_KEY, 1, KeyFormattingUtils.beautifyKeyId(masterKeyId));
                 success += 1;
             } else {
@@ -95,7 +93,7 @@ public class DeleteOperation extends BaseOperation<DeleteKeyringParcel> {
 
         if (isSecret && success > 0) {
             log.add(LogType.MSG_DEL_CONSOLIDATE, 1);
-            ConsolidateResult sub = mProviderHelper.consolidateDatabaseStep1(mProgressable);
+            ConsolidateResult sub = mKeyWritableRepository.consolidateDatabaseStep1(mProgressable);
             log.add(sub, 2);
         }
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/EditKeyOperation.java

@@ -35,10 +35,9 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
 import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ContactSyncAdapterService;
-import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
 import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -56,11 +55,11 @@ import org.sufficientlysecure.keychain.util.ProgressScaler;
  * @see SaveKeyringParcel
  *
  */
-public class EditKeyOperation extends BaseOperation<SaveKeyringParcel> {
+public class EditKeyOperation extends BaseReadWriteOperation<SaveKeyringParcel> {
 
-    public EditKeyOperation(Context context, ProviderHelper providerHelper,
+    public EditKeyOperation(Context context, KeyWritableRepository databaseInteractor,
                             Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, databaseInteractor, progressable, cancelled);
     }
 
     /**
@@ -95,7 +94,7 @@ public class EditKeyOperation extends BaseOperation<SaveKeyringParcel> {
                     log.add(LogType.MSG_ED_FETCHING, 1,
                             KeyFormattingUtils.convertKeyIdToHex(saveParcel.mMasterKeyId));
                     CanonicalizedSecretKeyRing secRing =
-                            mProviderHelper.getCanonicalizedSecretKeyRing(saveParcel.mMasterKeyId);
+                            mKeyRepository.getCanonicalizedSecretKeyRing(saveParcel.mMasterKeyId);
 
                     modifyResult = keyOperations.modifySecretKeyRing(secRing, cryptoInput, saveParcel);
                     if (modifyResult.isPending()) {
@@ -148,7 +147,7 @@ public class EditKeyOperation extends BaseOperation<SaveKeyringParcel> {
                     new UploadKeyringParcel(saveParcel.getUploadKeyserver(), keyringBytes);
 
             UploadResult uploadResult =
-                    new UploadOperation(mContext, mProviderHelper, mProgressable, mCancelled)
+                    new UploadOperation(mContext, mKeyRepository, mProgressable, mCancelled)
                             .execute(exportKeyringParcel, cryptoInput);
 
             log.add(uploadResult, 2);
@@ -162,7 +161,7 @@ public class EditKeyOperation extends BaseOperation<SaveKeyringParcel> {
         }
 
         // Save the new keyring.
-        SaveKeyringResult saveResult = mProviderHelper
+        SaveKeyringResult saveResult = mKeyWritableRepository
                 .saveSecretKeyRing(ring, new ProgressScaler(mProgressable, 60, 95, 100));
         log.add(saveResult, 1);
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportOperation.java

@@ -39,7 +39,7 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ContactSyncAdapterService;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -80,20 +80,20 @@ import java.util.concurrent.atomic.AtomicBoolean;
  * method here will generally import keyrings in the order given by the
  * iterator, so this should be ensured beforehand.
  */
-public class ImportOperation extends BaseOperation<ImportKeyringParcel> {
+public class ImportOperation extends BaseReadWriteOperation<ImportKeyringParcel> {
 
     private static final int MAX_THREADS = 10;
 
     public static final String CACHE_FILE_NAME = "key_import.pcl";
 
-    public ImportOperation(Context context, ProviderHelper providerHelper, Progressable
+    public ImportOperation(Context context, KeyWritableRepository databaseInteractor, Progressable
             progressable) {
-        super(context, providerHelper, progressable);
+        super(context, databaseInteractor, progressable);
     }
 
-    public ImportOperation(Context context, ProviderHelper providerHelper,
+    public ImportOperation(Context context, KeyWritableRepository databaseInteractor,
                            Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, databaseInteractor, progressable, cancelled);
     }
 
     // Overloaded functions for using progressable supplied in constructor during import
@@ -314,15 +314,15 @@ public class ImportOperation extends BaseOperation<ImportKeyringParcel> {
                 SaveKeyringResult result;
                 // synchronizing prevents https://github.com/open-keychain/open-keychain/issues/1221
                 // and https://github.com/open-keychain/open-keychain/issues/1480
-                synchronized (mProviderHelper) {
-                    mProviderHelper.clearLog();
+                synchronized (mKeyRepository) {
+                    mKeyRepository.clearLog();
                     ProgressScaler progressScaler = new ProgressScaler(progressable, (int) (position * progSteps),
                             (int) ((position + 1) * progSteps), 100);
                     if (key.isSecret()) {
-                        result = mProviderHelper.saveSecretKeyRing(key, progressScaler,
+                        result = mKeyWritableRepository.saveSecretKeyRing(key, progressScaler,
                                 canKeyRings, skipSave);
                     } else {
-                        result = mProviderHelper.savePublicKeyRing(key, progressScaler,
+                        result = mKeyWritableRepository.savePublicKeyRing(key, progressScaler,
                                 entry.mExpectedFingerprint, canKeyRings, skipSave);
                     }
                 }
@@ -343,7 +343,7 @@ public class ImportOperation extends BaseOperation<ImportKeyringParcel> {
                         // synonymous to isDownloadFromKeyserver.
                         // If no byte data was supplied, import from keyserver took place
                         // this prevents file imports being noted as keyserver imports
-                        mProviderHelper.renewKeyLastUpdatedTime(key.getMasterKeyId(),
+                        mKeyWritableRepository.renewKeyLastUpdatedTime(key.getMasterKeyId(),
                                 GregorianCalendar.getInstance().getTimeInMillis(),
                                 TimeUnit.MILLISECONDS);
                     }
@@ -365,8 +365,8 @@ public class ImportOperation extends BaseOperation<ImportKeyringParcel> {
         if (!skipSave && (secret > 0)) {
             setPreventCancel();
             ConsolidateResult result;
-            synchronized (mProviderHelper) {
-                result = mProviderHelper.consolidateDatabaseStep1(progressable);
+            synchronized (mKeyRepository) {
+                result = mKeyWritableRepository.consolidateDatabaseStep1(progressable);
             }
             log.add(result, 1);
         }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/InputDataOperation.java

@@ -50,7 +50,7 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.Operat
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
 import org.sufficientlysecure.keychain.service.InputDataParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -71,8 +71,8 @@ public class InputDataOperation extends BaseOperation<InputDataParcel> {
 
     private final byte[] buf = new byte[256];
 
-    public InputDataOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public InputDataOperation(Context context, KeyRepository keyRepository, Progressable progressable) {
+        super(context, keyRepository, progressable);
     }
 
     Uri mSignedDataUri;
@@ -101,7 +101,7 @@ public class InputDataOperation extends BaseOperation<InputDataParcel> {
             log.add(LogType.MSG_DATA_OPENPGP, 1);
 
             PgpDecryptVerifyOperation op =
-                    new PgpDecryptVerifyOperation(mContext, mProviderHelper, mProgressable);
+                    new PgpDecryptVerifyOperation(mContext, mKeyRepository, mProgressable);
 
             decryptInput.setInputUri(input.getInputUri());
 
@@ -269,7 +269,7 @@ public class InputDataOperation extends BaseOperation<InputDataParcel> {
                 decryptInput.setDetachedSignature(detachedSig.toByteArray());
 
                 PgpDecryptVerifyOperation op =
-                        new PgpDecryptVerifyOperation(mContext, mProviderHelper, mProgressable);
+                        new PgpDecryptVerifyOperation(mContext, mKeyRepository, mProgressable);
                 DecryptVerifyResult verifyResult = op.execute(decryptInput, cryptoInput);
 
                 log.addByMerge(verifyResult, 4);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/KeybaseVerificationOperation.java

@@ -36,7 +36,7 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.KeybaseVerificationParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -59,9 +59,9 @@ import de.measite.minidns.record.TXT;
 
 public class KeybaseVerificationOperation extends BaseOperation<KeybaseVerificationParcel> {
 
-    public KeybaseVerificationOperation(Context context, ProviderHelper providerHelper,
+    public KeybaseVerificationOperation(Context context, KeyWritableRepository databaseInteractor,
                                         Progressable progressable) {
-        super(context, providerHelper, progressable);
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -147,7 +147,7 @@ public class KeybaseVerificationOperation extends BaseOperation<KeybaseVerificat
                 }
             }
 
-            PgpDecryptVerifyOperation op = new PgpDecryptVerifyOperation(mContext, mProviderHelper, mProgressable);
+            PgpDecryptVerifyOperation op = new PgpDecryptVerifyOperation(mContext, mKeyRepository, mProgressable);
 
             PgpDecryptVerifyInputParcel input = new PgpDecryptVerifyInputParcel(messageBytes)
                     .setRequiredSignerFingerprint(requiredFingerprint);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperation.java

@@ -33,8 +33,8 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKey;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.PromoteKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
@@ -47,11 +47,10 @@ import org.sufficientlysecure.keychain.util.ProgressScaler;
  * without secret key material, using a GNU_DUMMY s2k type.
  *
  */
-public class PromoteKeyOperation extends BaseOperation<PromoteKeyringParcel> {
-
-    public PromoteKeyOperation(Context context, ProviderHelper providerHelper,
+public class PromoteKeyOperation extends BaseReadWriteOperation<PromoteKeyringParcel> {
+    public PromoteKeyOperation(Context context, KeyWritableRepository databaseInteractor,
                                Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, databaseInteractor, progressable, cancelled);
     }
 
     @NonNull
@@ -70,7 +69,7 @@ public class PromoteKeyOperation extends BaseOperation<PromoteKeyringParcel> {
                 log.add(LogType.MSG_PR_FETCHING, 1,
                         KeyFormattingUtils.convertKeyIdToHex(promoteKeyringParcel.mKeyRingId));
                 CanonicalizedPublicKeyRing pubRing =
-                        mProviderHelper.getCanonicalizedPublicKeyRing(promoteKeyringParcel.mKeyRingId);
+                        mKeyRepository.getCanonicalizedPublicKeyRing(promoteKeyringParcel.mKeyRingId);
 
                 if (promoteKeyringParcel.mSubKeyIds == null) {
                     log.add(LogType.MSG_PR_ALL, 1);
@@ -114,7 +113,7 @@ public class PromoteKeyOperation extends BaseOperation<PromoteKeyringParcel> {
         setPreventCancel();
 
         // Save the new keyring.
-        SaveKeyringResult saveResult = mProviderHelper
+        SaveKeyringResult saveResult = mKeyWritableRepository
                 .saveSecretKeyRing(promotedRing, new ProgressScaler(mProgressable, 60, 95, 100));
         log.add(saveResult, 1);
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/RevokeOperation.java

@@ -31,18 +31,18 @@ import org.sufficientlysecure.keychain.operations.results.RevokeResult;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.RevokeKeyringParcel;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 
-public class RevokeOperation extends BaseOperation<RevokeKeyringParcel> {
+public class RevokeOperation extends BaseReadWriteOperation<RevokeKeyringParcel> {
 
-    public RevokeOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public RevokeOperation(Context context, KeyWritableRepository databaseInteractor, Progressable progressable) {
+        super(context, databaseInteractor, progressable);
     }
 
     @NonNull
@@ -62,7 +62,7 @@ public class RevokeOperation extends BaseOperation<RevokeKeyringParcel> {
         try {
 
             Uri secretUri = KeychainContract.KeyRings.buildUnifiedKeyRingUri(masterKeyId);
-            CachedPublicKeyRing keyRing = mProviderHelper.getCachedPublicKeyRing(secretUri);
+            CachedPublicKeyRing keyRing = mKeyRepository.getCachedPublicKeyRing(secretUri);
 
             // check if this is a master secret key we can work with
             switch (keyRing.getSecretKeyType(masterKeyId)) {
@@ -81,7 +81,7 @@ public class RevokeOperation extends BaseOperation<RevokeKeyringParcel> {
             saveKeyringParcel.mRevokeSubKeys.add(masterKeyId);
 
             EditKeyResult revokeAndUploadResult = new EditKeyOperation(mContext,
-                    mProviderHelper, mProgressable, mCancelled).execute(saveKeyringParcel, cryptoInputParcel);
+                    mKeyWritableRepository, mProgressable, mCancelled).execute(saveKeyringParcel, cryptoInputParcel);
 
             if (revokeAndUploadResult.isPending()) {
                 return revokeAndUploadResult;
@@ -97,7 +97,7 @@ public class RevokeOperation extends BaseOperation<RevokeKeyringParcel> {
                 return new RevokeResult(RevokeResult.RESULT_ERROR, log, masterKeyId);
             }
 
-        } catch (PgpKeyNotFoundException | ProviderHelper.NotFoundException e) {
+        } catch (PgpKeyNotFoundException | KeyWritableRepository.NotFoundException e) {
             Log.e(Constants.TAG, "could not find key to revoke", e);
             log.add(OperationResult.LogType.MSG_REVOKE_ERROR_KEY_FAIL, 1);
             return new RevokeResult(RevokeResult.RESULT_ERROR, log, masterKeyId);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/SignEncryptOperation.java

@@ -18,6 +18,10 @@
 package org.sufficientlysecure.keychain.operations;
 
 
+import java.util.ArrayDeque;
+import java.util.ArrayList;
+import java.util.concurrent.atomic.AtomicBoolean;
+
 import android.content.Context;
 import android.net.Uri;
 import android.support.annotation.NonNull;
@@ -33,18 +37,14 @@ import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
-import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.SecurityTokenSignOperationsBuilder;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.RequiredInputType;
+import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.SecurityTokenSignOperationsBuilder;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
 
-import java.util.ArrayDeque;
-import java.util.ArrayList;
-import java.util.concurrent.atomic.AtomicBoolean;
-
 
 /**
  * This is a high-level operation, which encapsulates one or more sign/encrypt
@@ -55,9 +55,9 @@ import java.util.concurrent.atomic.AtomicBoolean;
  */
 public class SignEncryptOperation extends BaseOperation<SignEncryptParcel> {
 
-    public SignEncryptOperation(Context context, ProviderHelper providerHelper,
+    public SignEncryptOperation(Context context, KeyRepository keyRepository,
                                 Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+        super(context, keyRepository, progressable, cancelled);
     }
 
 
@@ -81,7 +81,7 @@ public class SignEncryptOperation extends BaseOperation<SignEncryptParcel> {
         if (data.getSignatureMasterKeyId() != Constants.key.none
                 && data.getSignatureSubKeyId() == null) {
             try {
-                long signKeyId = mProviderHelper.getCachedPublicKeyRing(
+                long signKeyId = mKeyRepository.getCachedPublicKeyRing(
                         data.getSignatureMasterKeyId()).getSecretSignId();
                 data.setSignatureSubKeyId(signKeyId);
             } catch (PgpKeyNotFoundException e) {
@@ -96,7 +96,7 @@ public class SignEncryptOperation extends BaseOperation<SignEncryptParcel> {
                 return new SignEncryptResult(SignEncryptResult.RESULT_CANCELLED, log, results);
             }
 
-            PgpSignEncryptOperation op = new PgpSignEncryptOperation(mContext, mProviderHelper,
+            PgpSignEncryptOperation op = new PgpSignEncryptOperation(mContext, mKeyRepository,
                     new ProgressScaler(mProgressable, 100 * count / total, 100 * ++count / total, 100), mCancelled);
             PgpSignEncryptInputParcel inputParcel = new PgpSignEncryptInputParcel(input.getData());
             if (inputBytes != null) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/UploadOperation.java

@@ -37,7 +37,8 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -58,9 +59,9 @@ import java.util.concurrent.atomic.AtomicBoolean;
  */
 public class UploadOperation extends BaseOperation<UploadKeyringParcel> {
 
-    public UploadOperation(Context context, ProviderHelper providerHelper,
-                           Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+    public UploadOperation(Context context, KeyRepository keyRepository,
+            Progressable progressable, AtomicBoolean cancelled) {
+        super(context, keyRepository, progressable, cancelled);
     }
 
     @NonNull
@@ -120,7 +121,7 @@ public class UploadOperation extends BaseOperation<UploadKeyringParcel> {
 
             if (hasMasterKeyId) {
                 log.add(LogType.MSG_UPLOAD_KEY, 0, KeyFormattingUtils.convertKeyIdToHex(uploadInput.mMasterKeyId));
-                return mProviderHelper.getCanonicalizedPublicKeyRing(uploadInput.mMasterKeyId);
+                return mKeyRepository.getCanonicalizedPublicKeyRing(uploadInput.mMasterKeyId);
             }
 
             CanonicalizedKeyRing canonicalizedRing =
@@ -132,7 +133,7 @@ public class UploadOperation extends BaseOperation<UploadKeyringParcel> {
             log.add(LogType.MSG_UPLOAD_KEY, 0, KeyFormattingUtils.convertKeyIdToHex(canonicalizedRing.getMasterKeyId()));
             return (CanonicalizedPublicKeyRing) canonicalizedRing;
 
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (KeyWritableRepository.NotFoundException e) {
             log.add(LogType.MSG_UPLOAD_ERROR_NOT_FOUND, 1);
             return null;
         } catch (IOException | PgpGeneralException e) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java

@@ -47,7 +47,7 @@ import org.bouncycastle.openpgp.operator.jcajce.SessionKeySecretKeyDecryptorBuil
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
@@ -127,7 +127,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
      * passphrase in the process.
      *
      * This method can potentially take a LONG time (i.e. seconds), so it should only
-     * ever be called by {@link ProviderHelper} for the purpose of caching its output
+     * ever be called by {@link KeyWritableRepository} for the purpose of caching its output
      * in the database.
      */
     public SecretKeyType getSecretKeyTypeSuperExpensive() {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKeyRing.java

@@ -25,7 +25,6 @@ import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
 import org.sufficientlysecure.keychain.Constants;
-import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.util.IterableIterator;
 import org.sufficientlysecure.keychain.util.Log;
 
@@ -42,7 +41,7 @@ public class CanonicalizedSecretKeyRing extends CanonicalizedKeyRing {
         mRing = ring;
     }
 
-    public CanonicalizedSecretKeyRing(byte[] blob, boolean isRevoked, int verified)
+    public CanonicalizedSecretKeyRing(byte[] blob, int verified)
     {
         super(verified);
         JcaPGPObjectFactory factory = new JcaPGPObjectFactory(blob);
@@ -63,15 +62,15 @@ public class CanonicalizedSecretKeyRing extends CanonicalizedKeyRing {
     }
 
     public CanonicalizedSecretKey getSecretKey() {
-        return new CanonicalizedSecretKey(this, mRing.getSecretKey());
+        return new CanonicalizedSecretKey(this, getRing().getSecretKey());
     }
 
     public CanonicalizedSecretKey getSecretKey(long id) {
-        return new CanonicalizedSecretKey(this, mRing.getSecretKey(id));
+        return new CanonicalizedSecretKey(this, getRing().getSecretKey(id));
     }
 
     public IterableIterator<CanonicalizedSecretKey> secretKeyIterator() {
-        final Iterator<PGPSecretKey> it = mRing.getSecretKeys();
+        final Iterator<PGPSecretKey> it = getRing().getSecretKeys();
         return new IterableIterator<>(new Iterator<CanonicalizedSecretKey>() {
             @Override
             public boolean hasNext() {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/OpenPgpSignatureResultBuilder.java

@@ -27,8 +27,8 @@ import org.openintents.openpgp.util.OpenPgpUtils;
 import org.openintents.openpgp.util.OpenPgpUtils.UserId;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.util.Log;
 
 /**
@@ -37,7 +37,7 @@ import org.sufficientlysecure.keychain.util.Log;
  */
 public class OpenPgpSignatureResultBuilder {
     // injected
-    private final ProviderHelper mProviderHelper;
+    private final KeyRepository mKeyRepository;
 
     // OpenPgpSignatureResult
     private String mPrimaryUserId;
@@ -57,8 +57,8 @@ public class OpenPgpSignatureResultBuilder {
     private String mSenderAddress;
     private Date mSignatureTimestamp;
 
-    public OpenPgpSignatureResultBuilder(ProviderHelper providerHelper) {
-        this.mProviderHelper = providerHelper;
+    public OpenPgpSignatureResultBuilder(KeyRepository keyRepository) {
+        this.mKeyRepository = keyRepository;
     }
 
     public void setPrimaryUserId(String userId) {
@@ -127,7 +127,7 @@ public class OpenPgpSignatureResultBuilder {
 
         try {
             ArrayList<String> allUserIds = signingRing.getUnorderedUserIds();
-            ArrayList<String> confirmedUserIds = mProviderHelper.getConfirmedUserIds(signingRing.getMasterKeyId());
+            ArrayList<String> confirmedUserIds = mKeyRepository.getConfirmedUserIds(signingRing.getMasterKeyId());
             setUserIds(allUserIds, confirmedUserIds);
 
             if (mSenderAddress != null) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java

@@ -71,8 +71,9 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
@@ -87,8 +88,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
 
     public static final int PROGRESS_STRIDE_MILLISECONDS = 200;
 
-    public PgpDecryptVerifyOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public PgpDecryptVerifyOperation(Context context, KeyRepository keyRepository, Progressable progressable) {
+        super(context, keyRepository, progressable);
     }
 
     /** Decrypts and/or verifies data based on parameters of PgpDecryptVerifyInputParcel. */
@@ -355,7 +356,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
             plainFact = fact;
         }
 
-        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mProviderHelper, input.getSenderAddress());
+        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mKeyRepository, input.getSenderAddress());
         if (signatureChecker.initializeOnePassSignature(dataChunk, log, indent +1)) {
             dataChunk = plainFact.nextObject();
         }
@@ -594,7 +595,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
                 CachedPublicKeyRing cachedPublicKeyRing;
                 try {
                     // get actual keyring object based on master key id
-                    cachedPublicKeyRing = mProviderHelper.getCachedPublicKeyRing(
+                    cachedPublicKeyRing = mKeyRepository.getCachedPublicKeyRing(
                             KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId)
                     );
                     long masterKeyId = cachedPublicKeyRing.getMasterKeyId();
@@ -622,7 +623,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
                     }
 
                     // get actual subkey which has been used for this encryption packet
-                    CanonicalizedSecretKeyRing canonicalizedSecretKeyRing = mProviderHelper
+                    CanonicalizedSecretKeyRing canonicalizedSecretKeyRing = mKeyRepository
                             .getCanonicalizedSecretKeyRing(masterKeyId);
                     CanonicalizedSecretKey candidateDecryptionKey = canonicalizedSecretKeyRing.getSecretKey(subKeyId);
 
@@ -668,7 +669,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
                     encryptedDataAsymmetric = encData;
                     decryptionKey = candidateDecryptionKey;
 
-                } catch (PgpKeyNotFoundException | ProviderHelper.NotFoundException e) {
+                } catch (PgpKeyNotFoundException | KeyWritableRepository.NotFoundException e) {
                     // continue with the next packet in the while loop
                     log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                     continue;
@@ -879,7 +880,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
         updateProgress(R.string.progress_processing_signature, 60, 100);
         JcaSkipMarkerPGPObjectFactory pgpFact = new JcaSkipMarkerPGPObjectFactory(aIn);
 
-        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mProviderHelper, input.getSenderAddress());
+        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mKeyRepository, input.getSenderAddress());
 
         Object o = pgpFact.nextObject();
         if (!signatureChecker.initializeSignature(o, log, indent+1)) {
@@ -934,7 +935,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
             o = pgpFact.nextObject();
         }
 
-        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mProviderHelper, input.getSenderAddress());
+        PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mKeyRepository, input.getSenderAddress());
 
         if ( ! signatureChecker.initializeSignature(o, log, indent+1)) {
             log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java

@@ -44,8 +44,9 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.Operat
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.operations.results.SignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
@@ -98,12 +99,12 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
         }
     }
 
-    public PgpSignEncryptOperation(Context context, ProviderHelper providerHelper, Progressable progressable, AtomicBoolean cancelled) {
-        super(context, providerHelper, progressable, cancelled);
+    public PgpSignEncryptOperation(Context context, KeyRepository keyRepository, Progressable progressable, AtomicBoolean cancelled) {
+        super(context, keyRepository, progressable, cancelled);
     }
 
-    public PgpSignEncryptOperation(Context context, ProviderHelper providerHelper, Progressable progressable) {
-        super(context, providerHelper, progressable);
+    public PgpSignEncryptOperation(Context context, KeyRepository keyRepository, Progressable progressable) {
+        super(context, keyRepository, progressable);
     }
 
     @NonNull
@@ -223,7 +224,7 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
                 long signingSubKeyId = data.getSignatureSubKeyId();
 
                 CanonicalizedSecretKeyRing signingKeyRing =
-                        mProviderHelper.getCanonicalizedSecretKeyRing(signingMasterKeyId);
+                        mKeyRepository.getCanonicalizedSecretKeyRing(signingMasterKeyId);
                 signingKey = signingKeyRing.getSecretKey(data.getSignatureSubKeyId());
 
                 if (input.getAllowedKeyIds() != null) {
@@ -248,7 +249,7 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
                     return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
                 }
 
-                switch (mProviderHelper.getCachedPublicKeyRing(signingMasterKeyId).getSecretKeyType(signingSubKeyId)) {
+                switch (mKeyRepository.getCachedPublicKeyRing(signingMasterKeyId).getSecretKeyType(signingSubKeyId)) {
                     case DIVERT_TO_CARD:
                     case PASSPHRASE_EMPTY: {
                         if (!signingKey.unlock(new Passphrase())) {
@@ -292,7 +293,7 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
 
                 }
 
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyWritableRepository.NotFoundException e) {
                 log.add(LogType.MSG_PSE_ERROR_SIGN_KEY, indent);
                 return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
             } catch (PgpGeneralException e) {
@@ -337,7 +338,7 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
                 // Asymmetric encryption
                 for (long id : data.getEncryptionMasterKeyIds()) {
                     try {
-                        CanonicalizedPublicKeyRing keyRing = mProviderHelper.getCanonicalizedPublicKeyRing(
+                        CanonicalizedPublicKeyRing keyRing = mKeyRepository.getCanonicalizedPublicKeyRing(
                                 KeyRings.buildUnifiedKeyRingUri(id));
                         Set<Long> encryptSubKeyIds = keyRing.getEncryptIds();
                         for (Long subKeyId : encryptSubKeyIds) {
@@ -356,7 +357,7 @@ public class PgpSignEncryptOperation extends BaseOperation<PgpSignEncryptInputPa
                             log.add(LogType.MSG_PSE_ERROR_REVOKED_OR_EXPIRED, indent);
                             return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
                         }
-                    } catch (ProviderHelper.NotFoundException e) {
+                    } catch (KeyWritableRepository.NotFoundException e) {
                         log.add(LogType.MSG_PSE_KEY_UNKNOWN, indent + 1,
                                 KeyFormattingUtils.convertKeyIdToHex(id));
                         return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignatureChecker.java

@@ -36,8 +36,9 @@ import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProv
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.util.Log;
 
 
@@ -55,12 +56,12 @@ class PgpSignatureChecker {
     PGPOnePassSignature onePassSignature;
     PGPSignature signature;
 
-    ProviderHelper mProviderHelper;
+    KeyRepository mKeyRepository;
 
-    PgpSignatureChecker(ProviderHelper providerHelper, String senderAddress) {
-        mProviderHelper = providerHelper;
+    PgpSignatureChecker(KeyRepository keyRepository, String senderAddress) {
+        mKeyRepository = keyRepository;
 
-        signatureResultBuilder = new OpenPgpSignatureResultBuilder(providerHelper);
+        signatureResultBuilder = new OpenPgpSignatureResultBuilder(keyRepository);
         signatureResultBuilder.setSenderAddress(senderAddress);
     }
 
@@ -150,7 +151,7 @@ class PgpSignatureChecker {
         for (int i = 0; i < sigList.size(); ++i) {
             try {
                 long sigKeyId = sigList.get(i).getKeyID();
-                CanonicalizedPublicKeyRing signingRing = mProviderHelper.getCanonicalizedPublicKeyRing(
+                CanonicalizedPublicKeyRing signingRing = mKeyRepository.getCanonicalizedPublicKeyRing(
                         KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(sigKeyId)
                 );
                 CanonicalizedPublicKey keyCandidate = signingRing.getPublicKey(sigKeyId);
@@ -161,7 +162,7 @@ class PgpSignatureChecker {
                 signingKey = keyCandidate;
                 onePassSignature = sigList.get(i);
                 return;
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyWritableRepository.NotFoundException e) {
                 Log.d(Constants.TAG, "key not found, trying next signature...");
             }
         }
@@ -173,7 +174,7 @@ class PgpSignatureChecker {
         for (int i = 0; i < sigList.size(); ++i) {
             try {
                 long sigKeyId = sigList.get(i).getKeyID();
-                CanonicalizedPublicKeyRing signingRing = mProviderHelper.getCanonicalizedPublicKeyRing(
+                CanonicalizedPublicKeyRing signingRing = mKeyRepository.getCanonicalizedPublicKeyRing(
                         KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(sigKeyId)
                 );
                 CanonicalizedPublicKey keyCandidate = signingRing.getPublicKey(sigKeyId);
@@ -184,7 +185,7 @@ class PgpSignatureChecker {
                 signingKey = keyCandidate;
                 signature = sigList.get(i);
                 return;
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyWritableRepository.NotFoundException e) {
                 Log.d(Constants.TAG, "key not found, trying next signature...");
             }
         }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java

@@ -18,16 +18,16 @@
 
 package org.sufficientlysecure.keychain.provider;
 
-import android.database.Cursor;
+
 import android.net.Uri;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.KeychainContract.Keys;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.util.Log;
 
 /** This implementation of KeyRing provides a cached view of PublicKeyRing
@@ -48,21 +48,21 @@ import org.sufficientlysecure.keychain.util.Log;
  */
 public class CachedPublicKeyRing extends KeyRing {
 
-    final ProviderHelper mProviderHelper;
+    final KeyRepository mKeyRepository;
     final Uri mUri;
 
-    public CachedPublicKeyRing(ProviderHelper providerHelper, Uri uri) {
-        mProviderHelper = providerHelper;
+    public CachedPublicKeyRing(KeyRepository keyRepository, Uri uri) {
+        mKeyRepository = keyRepository;
         mUri = uri;
     }
 
     @Override
     public long getMasterKeyId() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
-                    KeychainContract.KeyRings.MASTER_KEY_ID, ProviderHelper.FIELD_TYPE_INTEGER);
+            Object data = mKeyRepository.getGenericData(mUri,
+                    KeychainContract.KeyRings.MASTER_KEY_ID, KeyRepository.FIELD_TYPE_INTEGER);
             return (Long) data;
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -85,10 +85,10 @@ public class CachedPublicKeyRing extends KeyRing {
 
     public byte[] getFingerprint() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
-                    KeychainContract.KeyRings.FINGERPRINT, ProviderHelper.FIELD_TYPE_BLOB);
+            Object data = mKeyRepository.getGenericData(mUri,
+                    KeychainContract.KeyRings.FINGERPRINT, KeyRepository.FIELD_TYPE_BLOB);
             return (byte[]) data;
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -96,11 +96,11 @@ public class CachedPublicKeyRing extends KeyRing {
     @Override
     public String getPrimaryUserId() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeychainContract.KeyRings.USER_ID,
-                    ProviderHelper.FIELD_TYPE_STRING);
+                    KeyRepository.FIELD_TYPE_STRING);
             return (String) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -111,22 +111,22 @@ public class CachedPublicKeyRing extends KeyRing {
 
     public String getName() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeyRings.NAME,
-                    ProviderHelper.FIELD_TYPE_STRING);
+                    KeyRepository.FIELD_TYPE_STRING);
             return (String) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
 
     public String getEmail() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeyRings.EMAIL,
-                    ProviderHelper.FIELD_TYPE_STRING);
+                    KeyRepository.FIELD_TYPE_STRING);
             return (String) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -134,11 +134,11 @@ public class CachedPublicKeyRing extends KeyRing {
 
     public String getComment() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeyRings.COMMENT,
-                    ProviderHelper.FIELD_TYPE_STRING);
+                    KeyRepository.FIELD_TYPE_STRING);
             return (String) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -146,11 +146,11 @@ public class CachedPublicKeyRing extends KeyRing {
     @Override
     public boolean isRevoked() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeychainContract.KeyRings.IS_REVOKED,
-                    ProviderHelper.FIELD_TYPE_INTEGER);
+                    KeyRepository.FIELD_TYPE_INTEGER);
             return (Long) data > 0;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -158,11 +158,11 @@ public class CachedPublicKeyRing extends KeyRing {
     @Override
     public boolean canCertify() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeychainContract.KeyRings.HAS_CERTIFY,
-                    ProviderHelper.FIELD_TYPE_NULL);
+                    KeyRepository.FIELD_TYPE_NULL);
             return !((Boolean) data);
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -170,11 +170,11 @@ public class CachedPublicKeyRing extends KeyRing {
     @Override
     public long getEncryptId() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeyRings.HAS_ENCRYPT,
-                    ProviderHelper.FIELD_TYPE_INTEGER);
+                    KeyRepository.FIELD_TYPE_INTEGER);
             return (Long) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -192,11 +192,11 @@ public class CachedPublicKeyRing extends KeyRing {
      */
     public long getSecretSignId() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeyRings.HAS_SIGN,
-                    ProviderHelper.FIELD_TYPE_INTEGER);
+                    KeyRepository.FIELD_TYPE_INTEGER);
             return (Long) data;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
@@ -204,37 +204,39 @@ public class CachedPublicKeyRing extends KeyRing {
     @Override
     public int getVerified() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeychainContract.KeyRings.VERIFIED,
-                    ProviderHelper.FIELD_TYPE_INTEGER);
+                    KeyRepository.FIELD_TYPE_INTEGER);
             return ((Long) data).intValue();
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
 
     public boolean hasAnySecret() throws PgpKeyNotFoundException {
         try {
-            Object data = mProviderHelper.getGenericData(mUri,
+            Object data = mKeyRepository.getGenericData(mUri,
                     KeychainContract.KeyRings.HAS_ANY_SECRET,
-                    ProviderHelper.FIELD_TYPE_INTEGER);
+                    KeyRepository.FIELD_TYPE_INTEGER);
             return (Long) data > 0;
-        } catch(ProviderHelper.NotFoundException e) {
+        } catch(KeyWritableRepository.NotFoundException e) {
             throw new PgpKeyNotFoundException(e);
         }
     }
 
-    private Cursor getSubkeys() throws PgpKeyNotFoundException {
-        Uri keysUri = KeychainContract.Keys.buildKeysUri(extractOrGetMasterKeyId());
-        return mProviderHelper.getContentResolver().query(keysUri, null, null, null, null);
-    }
-
     public SecretKeyType getSecretKeyType(long keyId) throws NotFoundException {
-        Object data = mProviderHelper.getGenericData(Keys.buildKeysUri(mUri),
+        Object data = mKeyRepository.getGenericData(Keys.buildKeysUri(mUri),
                 KeyRings.HAS_SECRET,
-                ProviderHelper.FIELD_TYPE_INTEGER,
+                KeyRepository.FIELD_TYPE_INTEGER,
                 KeyRings.KEY_ID + " = " + Long.toString(keyId));
         return SecretKeyType.fromNum(((Long) data).intValue());
     }
 
+    public byte[] getEncoded() throws PgpKeyNotFoundException {
+        try {
+            return mKeyRepository.loadPublicKeyRingData(getMasterKeyId());
+        } catch(KeyWritableRepository.NotFoundException e) {
+            throw new PgpKeyNotFoundException(e);
+        }
+    }
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeyRepository.java

@@ -0,0 +1,295 @@
+package org.sufficientlysecure.keychain.provider;
+
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+
+import android.content.ContentResolver;
+import android.content.Context;
+import android.database.Cursor;
+import android.net.Uri;
+import android.util.Log;
+
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
+import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
+import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
+import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
+import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
+
+
+public class KeyRepository {
+    // If we ever switch to api level 11, we can ditch this whole mess!
+    public static final int FIELD_TYPE_NULL = 1;
+    // this is called integer to stay coherent with the constants in Cursor (api level 11)
+    public static final int FIELD_TYPE_INTEGER = 2;
+    public static final int FIELD_TYPE_FLOAT = 3;
+    public static final int FIELD_TYPE_STRING = 4;
+    public static final int FIELD_TYPE_BLOB = 5;
+
+    final ContentResolver mContentResolver;
+    final LocalPublicKeyStorage mLocalPublicKeyStorage;
+    OperationLog mLog;
+    int mIndent;
+
+    public static KeyRepository createDatabaseInteractor(Context context) {
+        ContentResolver contentResolver = context.getContentResolver();
+        LocalPublicKeyStorage localPublicKeyStorage = LocalPublicKeyStorage.getInstance(context);
+
+        return new KeyRepository(contentResolver, localPublicKeyStorage);
+    }
+
+    private KeyRepository(ContentResolver contentResolver, LocalPublicKeyStorage localPublicKeyStorage) {
+        this(contentResolver, localPublicKeyStorage, new OperationLog(), 0);
+    }
+
+    KeyRepository(ContentResolver contentResolver, LocalPublicKeyStorage localPublicKeyStorage,
+            OperationLog log, int indent) {
+        mContentResolver = contentResolver;
+        mLocalPublicKeyStorage = localPublicKeyStorage;
+        mIndent = indent;
+        mLog = log;
+    }
+
+    public OperationLog getLog() {
+        return mLog;
+    }
+
+    public void log(LogType type) {
+        if (mLog != null) {
+            mLog.add(type, mIndent);
+        }
+    }
+
+    public void log(LogType type, Object... parameters) {
+        if (mLog != null) {
+            mLog.add(type, mIndent, parameters);
+        }
+    }
+
+    public void clearLog() {
+        mLog = new OperationLog();
+    }
+
+    Object getGenericData(Uri uri, String column, int type) throws NotFoundException {
+        Object result = getGenericData(uri, new String[]{column}, new int[]{type}, null).get(column);
+        if (result == null) {
+            throw new NotFoundException();
+        }
+        return result;
+    }
+
+    Object getGenericDataOrNull(Uri uri, String column, int type) throws NotFoundException {
+        return getGenericData(uri, new String[]{column}, new int[]{type}, null).get(column);
+    }
+
+    Object getGenericData(Uri uri, String column, int type, String selection)
+            throws NotFoundException {
+        return getGenericData(uri, new String[]{column}, new int[]{type}, selection).get(column);
+    }
+
+    private HashMap<String, Object> getGenericData(Uri uri, String[] proj, int[] types)
+            throws NotFoundException {
+        return getGenericData(uri, proj, types, null);
+    }
+
+    private HashMap<String, Object> getGenericData(Uri uri, String[] proj, int[] types, String selection)
+            throws NotFoundException {
+        Cursor cursor = mContentResolver.query(uri, proj, selection, null, null);
+
+        try {
+            HashMap<String, Object> result = new HashMap<>(proj.length);
+            if (cursor != null && cursor.moveToFirst()) {
+                int pos = 0;
+                for (String p : proj) {
+                    switch (types[pos]) {
+                        case FIELD_TYPE_NULL:
+                            result.put(p, cursor.isNull(pos));
+                            break;
+                        case FIELD_TYPE_INTEGER:
+                            result.put(p, cursor.getLong(pos));
+                            break;
+                        case FIELD_TYPE_FLOAT:
+                            result.put(p, cursor.getFloat(pos));
+                            break;
+                        case FIELD_TYPE_STRING:
+                            result.put(p, cursor.getString(pos));
+                            break;
+                        case FIELD_TYPE_BLOB:
+                            result.put(p, cursor.getBlob(pos));
+                            break;
+                    }
+                    pos += 1;
+                }
+            } else {
+                // If no data was found, throw an appropriate exception
+                throw new NotFoundException();
+            }
+
+            return result;
+        } finally {
+            if (cursor != null) {
+                cursor.close();
+            }
+        }
+    }
+
+    public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
+            throws NotFoundException {
+        return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
+    }
+
+    public long getMasterKeyId(long subKeyId) throws NotFoundException {
+        return (Long) getGenericData(KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId),
+                KeyRings.MASTER_KEY_ID, FIELD_TYPE_INTEGER);
+    }
+
+    public CachedPublicKeyRing getCachedPublicKeyRing(Uri queryUri) throws PgpKeyNotFoundException {
+        long masterKeyId = new CachedPublicKeyRing(this, queryUri).extractOrGetMasterKeyId();
+        return getCachedPublicKeyRing(masterKeyId);
+    }
+
+    public CachedPublicKeyRing getCachedPublicKeyRing(long id) {
+        return new CachedPublicKeyRing(this, KeyRings.buildUnifiedKeyRingUri(id));
+    }
+
+    public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(long id) throws NotFoundException {
+        return getCanonicalizedPublicKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
+    }
+
+    public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(Uri queryUri) throws NotFoundException {
+        Cursor cursor = mContentResolver.query(queryUri,
+                new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED }, null, null, null);
+        try {
+            if (cursor != null && cursor.moveToFirst()) {
+                long masterKeyId = cursor.getLong(0);
+                int verified = cursor.getInt(1);
+
+                byte[] publicKeyData = loadPublicKeyRingData(masterKeyId);
+                return new CanonicalizedPublicKeyRing(publicKeyData, verified);
+            } else {
+                throw new NotFoundException("Key not found!");
+            }
+        } finally {
+            if (cursor != null) {
+                cursor.close();
+            }
+        }
+    }
+
+    public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(long id) throws NotFoundException {
+        return getCanonicalizedSecretKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
+    }
+
+    public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(Uri queryUri) throws NotFoundException {
+        Cursor cursor = mContentResolver.query(queryUri,
+                new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED, KeyRings.HAS_ANY_SECRET }, null, null, null);
+        try {
+            if (cursor != null && cursor.moveToFirst()) {
+                long masterKeyId = cursor.getLong(0);
+                int verified = cursor.getInt(1);
+                int hasAnySecret = cursor.getInt(2);
+                if (hasAnySecret == 0) {
+                    throw new NotFoundException("No secret key available or unknown public key!");
+                }
+
+                byte[] secretKeyData = loadSecretKeyRingData(masterKeyId);
+                return new CanonicalizedSecretKeyRing(secretKeyData, verified);
+            } else {
+                throw new NotFoundException("Key not found!");
+            }
+        } finally {
+            if (cursor != null) {
+                cursor.close();
+            }
+        }
+    }
+
+    public ArrayList<String> getConfirmedUserIds(long masterKeyId) throws NotFoundException {
+        Cursor cursor = mContentResolver.query(UserPackets.buildUserIdsUri(masterKeyId),
+                new String[]{UserPackets.USER_ID}, UserPackets.VERIFIED + " = " + Certs.VERIFIED_SECRET, null, null
+        );
+        if (cursor == null) {
+            throw new NotFoundException("Key id for requested user ids not found");
+        }
+
+        try {
+            ArrayList<String> userIds = new ArrayList<>(cursor.getCount());
+            while (cursor.moveToNext()) {
+                String userId = cursor.getString(0);
+                userIds.add(userId);
+            }
+
+            return userIds;
+        } finally {
+            cursor.close();
+        }
+    }
+
+    private String getKeyRingAsArmoredString(byte[] data) throws IOException, PgpGeneralException {
+        UncachedKeyRing keyRing = UncachedKeyRing.decodeFromData(data);
+
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+        keyRing.encodeArmored(bos, null);
+
+        return bos.toString("UTF-8");
+    }
+
+    public String getPublicKeyRingAsArmoredString(long masterKeyId)
+            throws NotFoundException, IOException, PgpGeneralException {
+        byte[] data = loadPublicKeyRingData(masterKeyId);
+        return getKeyRingAsArmoredString(data);
+    }
+
+    public ContentResolver getContentResolver() {
+        return mContentResolver;
+    }
+
+    public final byte[] loadPublicKeyRingData(long masterKeyId) throws NotFoundException {
+        byte[] data = (byte[]) getGenericDataOrNull(KeyRingData.buildPublicKeyRingUri(masterKeyId),
+                KeyRingData.KEY_RING_DATA, FIELD_TYPE_BLOB);
+
+        if (data == null) {
+            try {
+                data = mLocalPublicKeyStorage.readPublicKey(masterKeyId);
+            } catch (IOException e) {
+                Log.e(Constants.TAG, "Error reading public key from storage!", e);
+                throw new NotFoundException();
+            }
+        }
+
+        if (data == null) {
+            throw new NotFoundException();
+        }
+
+        return data;
+    }
+
+    public final byte[] loadSecretKeyRingData(long masterKeyId) throws NotFoundException {
+        byte[] data = (byte[]) getGenericDataOrNull(KeychainContract.KeyRingData.buildSecretKeyRingUri(masterKeyId),
+                KeyRingData.KEY_RING_DATA, FIELD_TYPE_BLOB);
+
+        if (data == null) {
+            throw new NotFoundException();
+        }
+
+        return data;
+    }
+
+    public static class NotFoundException extends Exception {
+        public NotFoundException() {
+        }
+
+        public NotFoundException(String name) {
+            super(name);
+        }
+    }
+}

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeyWritableRepository.java

@@ -19,8 +19,16 @@
 package org.sufficientlysecure.keychain.provider;
 
 
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+
 import android.content.ContentProviderOperation;
-import android.content.ContentResolver;
 import android.content.ContentValues;
 import android.content.Context;
 import android.content.OperationApplicationException;
@@ -28,6 +36,7 @@ import android.database.Cursor;
 import android.net.Uri;
 import android.os.RemoteException;
 import android.support.annotation.NonNull;
+import android.support.annotation.VisibleForTesting;
 import android.support.v4.util.LongSparseArray;
 
 import org.openintents.openpgp.util.OpenPgpUtils;
@@ -53,7 +62,6 @@ import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
 import org.sufficientlysecure.keychain.pgp.WrappedSignature;
 import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
-import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
@@ -70,17 +78,6 @@ import org.sufficientlysecure.keychain.util.ProgressFixedScaler;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
 import org.sufficientlysecure.keychain.util.Utf8Util;
 
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.concurrent.TimeUnit;
-
 /**
  * This class contains high level methods for database access. Despite its
  * name, it is not only a helper but actually the main interface for all
@@ -91,152 +88,57 @@ import java.util.concurrent.TimeUnit;
  * the lifetime of the executing ProviderHelper object unless the resetLog()
  * method is called to start a new one specifically.
  */
-public class ProviderHelper {
+public class KeyWritableRepository extends KeyRepository {
+    private static final int MAX_CACHED_KEY_SIZE = 1024 * 50;
+
     private final Context mContext;
-    private final ContentResolver mContentResolver;
-    private OperationLog mLog;
-    private int mIndent;
 
-    public ProviderHelper(Context context) {
-        this(context, new OperationLog(), 0);
+    public static KeyWritableRepository createDatabaseReadWriteInteractor(Context context) {
+        LocalPublicKeyStorage localPublicKeyStorage = LocalPublicKeyStorage.getInstance(context);
+
+        return new KeyWritableRepository(context, localPublicKeyStorage);
     }
 
-    public ProviderHelper(Context context, OperationLog log) {
-        this(context, log, 0);
+    @VisibleForTesting
+    KeyWritableRepository(Context context, LocalPublicKeyStorage localPublicKeyStorage) {
+        this(context, localPublicKeyStorage, new OperationLog(), 0);
     }
 
-    public ProviderHelper(Context context, OperationLog log, int indent) {
+    private KeyWritableRepository(
+            Context context, LocalPublicKeyStorage localPublicKeyStorage, OperationLog log, int indent) {
+        super(context.getContentResolver(), localPublicKeyStorage, log, indent);
+
         mContext = context;
-        mContentResolver = context.getContentResolver();
-        mLog = log;
-        mIndent = indent;
-    }
-
-    public OperationLog getLog() {
-        return mLog;
-    }
-
-    public static class NotFoundException extends Exception {
-        public NotFoundException() {
-        }
-
-        public NotFoundException(String name) {
-            super(name);
-        }
-    }
-
-    public void log(LogType type) {
-        if (mLog != null) {
-            mLog.add(type, mIndent);
-        }
-    }
-
-    public void log(LogType type, Object... parameters) {
-        if (mLog != null) {
-            mLog.add(type, mIndent, parameters);
-        }
-    }
-
-    public void clearLog() {
-        mLog = new OperationLog();
-    }
-
-    // If we ever switch to api level 11, we can ditch this whole mess!
-    public static final int FIELD_TYPE_NULL = 1;
-    // this is called integer to stay coherent with the constants in Cursor (api level 11)
-    public static final int FIELD_TYPE_INTEGER = 2;
-    public static final int FIELD_TYPE_FLOAT = 3;
-    public static final int FIELD_TYPE_STRING = 4;
-    public static final int FIELD_TYPE_BLOB = 5;
-
-    public Object getGenericData(Uri uri, String column, int type) throws NotFoundException {
-        Object result = getGenericData(uri, new String[]{column}, new int[]{type}, null).get(column);
-        if (result == null) {
-            throw new NotFoundException();
-        }
-        return result;
-    }
-
-    public Object getGenericData(Uri uri, String column, int type, String selection)
-            throws NotFoundException {
-        return getGenericData(uri, new String[]{column}, new int[]{type}, selection).get(column);
-    }
-
-    public HashMap<String, Object> getGenericData(Uri uri, String[] proj, int[] types)
-            throws NotFoundException {
-        return getGenericData(uri, proj, types, null);
-    }
-
-    public HashMap<String, Object> getGenericData(Uri uri, String[] proj, int[] types, String selection)
-            throws NotFoundException {
-        Cursor cursor = mContentResolver.query(uri, proj, selection, null, null);
-
-        try {
-            HashMap<String, Object> result = new HashMap<>(proj.length);
-            if (cursor != null && cursor.moveToFirst()) {
-                int pos = 0;
-                for (String p : proj) {
-                    switch (types[pos]) {
-                        case FIELD_TYPE_NULL:
-                            result.put(p, cursor.isNull(pos));
-                            break;
-                        case FIELD_TYPE_INTEGER:
-                            result.put(p, cursor.getLong(pos));
-                            break;
-                        case FIELD_TYPE_FLOAT:
-                            result.put(p, cursor.getFloat(pos));
-                            break;
-                        case FIELD_TYPE_STRING:
-                            result.put(p, cursor.getString(pos));
-                            break;
-                        case FIELD_TYPE_BLOB:
-                            result.put(p, cursor.getBlob(pos));
-                            break;
-                    }
-                    pos += 1;
-                }
-            } else {
-                // If no data was found, throw an appropriate exception
-                throw new NotFoundException();
-            }
-
-            return result;
-        } finally {
-            if (cursor != null) {
-                cursor.close();
-            }
-        }
-    }
-
-    public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
-            throws NotFoundException {
-        return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
     }
 
     private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() {
-        Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[]{
+        Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
                 KeyRings.MASTER_KEY_ID,
                 // we pick from cache only information that is not easily available from keyrings
-                KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
-                // and of course, ring data
-                KeyRings.PUBKEY_DATA
+                KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED
         }, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
 
         try {
             LongSparseArray<CanonicalizedPublicKey> result = new LongSparseArray<>();
 
-            if (cursor != null && cursor.moveToFirst()) do {
-                long masterKeyId = cursor.getLong(0);
-                int verified = cursor.getInt(2);
-                byte[] blob = cursor.getBlob(3);
-                if (blob != null) {
-                    result.put(masterKeyId,
-                            new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
+            if (cursor == null) {
+                return result;
+            }
+
+            while (cursor.moveToNext()) {
+                try {
+                    long masterKeyId = cursor.getLong(0);
+                    int verified = cursor.getInt(2);
+                    byte[] blob = loadPublicKeyRingData(masterKeyId);
+                    if (blob != null) {
+                        result.put(masterKeyId, new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
+                    }
+                } catch (NotFoundException e) {
+                    throw new IllegalStateException("Error reading secret key data, this should not happen!", e);
                 }
-            } while (cursor.moveToNext());
+            }
 
             return result;
-
         } finally {
             if (cursor != null) {
                 cursor.close();
@@ -245,90 +147,8 @@ public class ProviderHelper {
 
     }
 
-    public long getMasterKeyId(long subKeyId) throws NotFoundException {
-        return (Long) getGenericData(KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId),
-                KeyRings.MASTER_KEY_ID, FIELD_TYPE_INTEGER);
-    }
-
-    public CachedPublicKeyRing getCachedPublicKeyRing(Uri queryUri) throws PgpKeyNotFoundException {
-        long masterKeyId = new CachedPublicKeyRing(this, queryUri).extractOrGetMasterKeyId();
-        return getCachedPublicKeyRing(masterKeyId);
-    }
-
-    public CachedPublicKeyRing getCachedPublicKeyRing(long id) {
-        return new CachedPublicKeyRing(this, KeyRings.buildUnifiedKeyRingUri(id));
-    }
-
-    public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(long id) throws NotFoundException {
-        return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), false);
-    }
-
-    public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(Uri queryUri) throws NotFoundException {
-        return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(queryUri, false);
-    }
-
-    public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(long id) throws NotFoundException {
-        return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), true);
-    }
-
-    public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(Uri queryUri) throws NotFoundException {
-        return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(queryUri, true);
-    }
-
-    public ArrayList<String> getConfirmedUserIds(long masterKeyId) throws NotFoundException {
-        Cursor cursor = mContentResolver.query(UserPackets.buildUserIdsUri(masterKeyId),
-                new String[]{UserPackets.USER_ID}, UserPackets.VERIFIED + " = " + Certs.VERIFIED_SECRET, null, null
-        );
-        if (cursor == null) {
-            throw new NotFoundException("Key id for requested user ids not found");
-        }
-
-        try {
-            ArrayList<String> userIds = new ArrayList<>(cursor.getCount());
-            while (cursor.moveToNext()) {
-                String userId = cursor.getString(0);
-                userIds.add(userId);
-            }
-
-            return userIds;
-        } finally {
-            cursor.close();
-        }
-    }
-
-    private KeyRing getCanonicalizedKeyRing(Uri queryUri, boolean secret) throws NotFoundException {
-        Cursor cursor = mContentResolver.query(queryUri,
-                new String[]{
-                        // we pick from cache only information that is not easily available from keyrings
-                        KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
-                        // and of course, ring data
-                        secret ? KeyRings.PRIVKEY_DATA : KeyRings.PUBKEY_DATA
-                }, null, null, null
-        );
-        try {
-            if (cursor != null && cursor.moveToFirst()) {
-
-                boolean hasAnySecret = cursor.getInt(0) > 0;
-                int verified = cursor.getInt(1);
-                byte[] blob = cursor.getBlob(2);
-                if (secret & !hasAnySecret) {
-                    throw new NotFoundException("Secret key not available!");
-                }
-                return secret
-                        ? new CanonicalizedSecretKeyRing(blob, true, verified)
-                        : new CanonicalizedPublicKeyRing(blob, verified);
-            } else {
-                throw new NotFoundException("Key not found!");
-            }
-        } finally {
-            if (cursor != null) {
-                cursor.close();
-            }
-        }
-    }
-
     // bits, in order: CESA. make SURE these are correct, we will get bad log entries otherwise!!
-    static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[]{
+    private static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[]{
             LogType.MSG_IP_MASTER_FLAGS_XXXX, LogType.MSG_IP_MASTER_FLAGS_CXXX,
             LogType.MSG_IP_MASTER_FLAGS_XEXX, LogType.MSG_IP_MASTER_FLAGS_CEXX,
             LogType.MSG_IP_MASTER_FLAGS_XXSX, LogType.MSG_IP_MASTER_FLAGS_CXSX,
@@ -340,7 +160,7 @@ public class ProviderHelper {
     };
 
     // same as above, but for subkeys
-    static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[]{
+    private static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[]{
             LogType.MSG_IP_SUBKEY_FLAGS_XXXX, LogType.MSG_IP_SUBKEY_FLAGS_CXXX,
             LogType.MSG_IP_SUBKEY_FLAGS_XEXX, LogType.MSG_IP_SUBKEY_FLAGS_CEXX,
             LogType.MSG_IP_SUBKEY_FLAGS_XXSX, LogType.MSG_IP_SUBKEY_FLAGS_CXSX,
@@ -378,18 +198,11 @@ public class ProviderHelper {
             operations = new ArrayList<>();
 
             log(LogType.MSG_IP_INSERT_KEYRING);
-            { // insert keyring
-                ContentValues values = new ContentValues();
-                values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
-                try {
-                    values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
-                } catch (IOException e) {
-                    log(LogType.MSG_IP_ENCODE_FAIL);
-                    return SaveKeyringResult.RESULT_ERROR;
-                }
-
-                Uri uri = KeyRingData.buildPublicKeyRingUri(masterKeyId);
-                operations.add(ContentProviderOperation.newInsert(uri).withValues(values).build());
+            try {
+                writePublicKeyRing(keyRing, masterKeyId, operations);
+            } catch (IOException e) {
+                log(LogType.MSG_IP_ENCODE_FAIL);
+                return SaveKeyringResult.RESULT_ERROR;
             }
 
             log(LogType.MSG_IP_INSERT_SUBKEYS);
@@ -739,7 +552,7 @@ public class ProviderHelper {
         lastUpdatedCursor.close();
 
         try {
-            // delete old version of this keyRing, which also deletes all keys and userIds on cascade
+            // delete old version of this keyRing (from database only!), which also deletes all keys and userIds on cascade
             int deleted = mContentResolver.delete(
                     KeyRingData.buildPublicKeyRingUri(masterKeyId), null, null);
             if (deleted > 0) {
@@ -769,6 +582,46 @@ public class ProviderHelper {
 
     }
 
+    private void writePublicKeyRing(CanonicalizedPublicKeyRing keyRing, long masterKeyId,
+            ArrayList<ContentProviderOperation> operations) throws IOException {
+        byte[] encodedKey = keyRing.getEncoded();
+        mLocalPublicKeyStorage.writePublicKey(masterKeyId, encodedKey);
+
+        ContentValues values = new ContentValues();
+        values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
+        if (encodedKey.length < MAX_CACHED_KEY_SIZE) {
+            values.put(KeyRingData.KEY_RING_DATA, encodedKey);
+        } else {
+            values.put(KeyRingData.KEY_RING_DATA, (byte[]) null);
+        }
+
+        Uri uri = KeyRingData.buildPublicKeyRingUri(masterKeyId);
+        operations.add(ContentProviderOperation.newInsert(uri).withValues(values).build());
+    }
+
+    private Uri writeSecretKeyRing(CanonicalizedSecretKeyRing keyRing, long masterKeyId) throws IOException {
+        byte[] encodedKey = keyRing.getEncoded();
+
+        ContentValues values = new ContentValues();
+        values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
+        values.put(KeyRingData.KEY_RING_DATA, encodedKey);
+
+        // insert new version of this keyRing
+        Uri uri = KeyRingData.buildSecretKeyRingUri(masterKeyId);
+        return mContentResolver.insert(uri, values);
+    }
+
+    public boolean deleteKeyRing(long masterKeyId) {
+        try {
+            mLocalPublicKeyStorage.deletePublicKey(masterKeyId);
+        } catch (IOException e) {
+            android.util.Log.e(Constants.TAG, "Could not delete file!", e);
+            return false;
+        }
+        int deletedRows = mContentResolver.delete(KeyRingData.buildPublicKeyRingUri(masterKeyId), null, null);
+        return deletedRows > 0;
+    }
+
     private static class UserPacketItem implements Comparable<UserPacketItem> {
         Integer type;
         String userId;
@@ -824,12 +677,8 @@ public class ProviderHelper {
 
             // save secret keyring
             try {
-                ContentValues values = new ContentValues();
-                values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
-                values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
-                // insert new version of this keyRing
-                Uri uri = KeyRingData.buildSecretKeyRingUri(masterKeyId);
-                if (mContentResolver.insert(uri, values) == null) {
+                Uri insertedUri = writeSecretKeyRing(keyRing, masterKeyId);
+                if (insertedUri == null) {
                     log(LogType.MSG_IS_DB_EXCEPTION);
                     return SaveKeyringResult.RESULT_ERROR;
                 }
@@ -1335,7 +1184,7 @@ public class ProviderHelper {
     private ConsolidateResult consolidateDatabaseStep2(
             OperationLog log, int indent, Progressable progress, boolean recovery) {
 
-        synchronized (ProviderHelper.class) {
+        synchronized (KeyWritableRepository.class) {
             if (mConsolidateCritical) {
                 log.add(LogType.MSG_CON_ERROR_CONCURRENT, indent);
                 return new ConsolidateResult(ConsolidateResult.RESULT_ERROR, log);
@@ -1525,25 +1374,6 @@ public class ProviderHelper {
         return ContentProviderOperation.newInsert(uri).withValues(values).build();
     }
 
-    private String getKeyRingAsArmoredString(byte[] data) throws IOException, PgpGeneralException {
-        UncachedKeyRing keyRing = UncachedKeyRing.decodeFromData(data);
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        keyRing.encodeArmored(bos, null);
-        String armoredKey = bos.toString("UTF-8");
-
-        Log.d(Constants.TAG, "armoredKey:" + armoredKey);
-
-        return armoredKey;
-    }
-
-    public String getKeyRingAsArmoredString(Uri uri)
-            throws NotFoundException, IOException, PgpGeneralException {
-        byte[] data = (byte[]) getGenericData(
-                uri, KeyRingData.KEY_RING_DATA, ProviderHelper.FIELD_TYPE_BLOB);
-        return getKeyRingAsArmoredString(data);
-    }
-
     public Uri renewKeyLastUpdatedTime(long masterKeyId, long time, TimeUnit timeUnit) {
         ContentValues values = new ContentValues();
         values.put(UpdatedKeys.MASTER_KEY_ID, masterKeyId);
@@ -1552,7 +1382,4 @@ public class ProviderHelper {
         return mContentResolver.insert(UpdatedKeys.CONTENT_URI, values);
     }
 
-    public ContentResolver getContentResolver() {
-        return mContentResolver;
-    }
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java

@@ -138,8 +138,6 @@ public class KeychainContract {
         public static final String HAS_CERTIFY = "has_certify";
         public static final String HAS_AUTHENTICATE = "has_authenticate";
         public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id";
-        public static final String PUBKEY_DATA = "pubkey_data";
-        public static final String PRIVKEY_DATA = "privkey_data";
 
         public static final Uri CONTENT_URI = BASE_CONTENT_URI_INTERNAL.buildUpon()
                 .appendPath(BASE_KEY_RINGS).build();

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java

@@ -18,6 +18,12 @@
 
 package org.sufficientlysecure.keychain.provider;
 
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+
 import android.content.Context;
 import android.content.Intent;
 import android.database.sqlite.SQLiteDatabase;
@@ -36,11 +42,6 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.UserPacketsColu
 import org.sufficientlysecure.keychain.ui.ConsolidateDialogActivity;
 import org.sufficientlysecure.keychain.util.Log;
 
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-
 /**
  * SQLite Datatypes (from http://www.sqlite.org/datatype3.html)
  * - NULL. The value is a NULL value.

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java

@@ -323,16 +323,12 @@ public class KeychainProvider extends ContentProvider {
                                     + " = " + Tables.USER_PACKETS + "." + UserPackets.EMAIL + " COLLATE NOCASE"
                                 + ")) AS " + KeyRings.HAS_DUPLICATE_USER_ID);
                 projectionMap.put(KeyRings.VERIFIED, Tables.CERTS + "." + Certs.VERIFIED);
-                projectionMap.put(KeyRings.PUBKEY_DATA,
-                        Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.KEY_RING_DATA
-                                + " AS " + KeyRings.PUBKEY_DATA);
-                projectionMap.put(KeyRings.PRIVKEY_DATA,
-                        Tables.KEY_RINGS_SECRET + "." + KeyRingData.KEY_RING_DATA
-                                + " AS " + KeyRings.PRIVKEY_DATA);
                 projectionMap.put(KeyRings.HAS_SECRET, Tables.KEYS + "." + KeyRings.HAS_SECRET);
                 projectionMap.put(KeyRings.HAS_ANY_SECRET,
-                        "(" + Tables.KEY_RINGS_SECRET + "." + KeyRings.MASTER_KEY_ID + " IS NOT NULL)" +
-                                " AS " + KeyRings.HAS_ANY_SECRET);
+                        "(EXISTS (SELECT * FROM " + Tables.KEY_RINGS_SECRET + " WHERE "
+                                + Tables.KEYS + "." + Keys.MASTER_KEY_ID + " = "
+                                + Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
+                                + ")) AS " + KeyRings.HAS_ANY_SECRET);
                 projectionMap.put(KeyRings.HAS_ENCRYPT,
                         "kE." + Keys.KEY_ID + " AS " + KeyRings.HAS_ENCRYPT);
                 projectionMap.put(KeyRings.HAS_SIGN,
@@ -367,18 +363,6 @@ public class KeychainProvider extends ContentProvider {
                                 + " = " + Certs.VERIFIED_SECRET
                         + ")"
                         // fairly expensive joins following, only do when requested
-                        + (plist.contains(KeyRings.PUBKEY_DATA) ?
-                            " INNER JOIN " + Tables.KEY_RINGS_PUBLIC + " ON ("
-                                    + Tables.KEYS + "." + Keys.MASTER_KEY_ID
-                                + " = "
-                                    + Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.MASTER_KEY_ID
-                                + ")" : "")
-                        + (plist.contains(KeyRings.PRIVKEY_DATA) || plist.contains(KeyRings.HAS_ANY_SECRET) ?
-                            " LEFT JOIN " + Tables.KEY_RINGS_SECRET + " ON ("
-                                    + Tables.KEYS + "." + Keys.MASTER_KEY_ID
-                                + " = "
-                                    + Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
-                                + ")" : "")
                         + (plist.contains(KeyRings.HAS_ENCRYPT) ?
                             " LEFT JOIN " + Tables.KEYS + " AS kE ON ("
                                 +"kE." + Keys.MASTER_KEY_ID

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/LocalPublicKeyStorage.java

@@ -0,0 +1,88 @@
+package org.sufficientlysecure.keychain.provider;
+
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+
+import android.content.Context;
+
+import okhttp3.internal.Util;
+
+
+class LocalPublicKeyStorage {
+    private static final String FORMAT_STR_PUBLIC_KEY = "0x%016x.pub";
+    private static final String PUBLIC_KEYS_DIR_NAME = "public_keys";
+
+
+    private final File localPublicKeysDir;
+
+
+    public static LocalPublicKeyStorage getInstance(Context context) {
+        File localPublicKeysDir = new File(context.getFilesDir(), PUBLIC_KEYS_DIR_NAME);
+        return new LocalPublicKeyStorage(localPublicKeysDir);
+    }
+
+    private LocalPublicKeyStorage(File localPublicKeysDir) {
+        this.localPublicKeysDir = localPublicKeysDir;
+    }
+
+    private File getPublicKeyFile(long masterKeyId) throws IOException {
+        if (!localPublicKeysDir.exists()) {
+            localPublicKeysDir.mkdir();
+        }
+        if (!localPublicKeysDir.isDirectory()) {
+            throw new IOException("Failed creating public key directory!");
+        }
+
+        String keyFilename = String.format(FORMAT_STR_PUBLIC_KEY, masterKeyId);
+        return new File(localPublicKeysDir, keyFilename);
+    }
+
+    void writePublicKey(long masterKeyId, byte[] encoded) throws IOException {
+        File publicKeyFile = getPublicKeyFile(masterKeyId);
+
+        FileOutputStream fileOutputStream = new FileOutputStream(publicKeyFile);
+        try {
+            fileOutputStream.write(encoded);
+        } finally {
+            Util.closeQuietly(fileOutputStream);
+        }
+    }
+
+    byte[] readPublicKey(long masterKeyId) throws IOException {
+        File publicKeyFile = getPublicKeyFile(masterKeyId);
+
+        try {
+            FileInputStream fileInputStream = new FileInputStream(publicKeyFile);
+            return readIntoByteArray(fileInputStream);
+        } catch (FileNotFoundException e) {
+            return null;
+        }
+    }
+
+    private static byte[] readIntoByteArray(FileInputStream fileInputStream) throws IOException {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+        byte[] buf = new byte[128];
+        int bytesRead;
+        while ((bytesRead = fileInputStream.read(buf)) != -1) {
+            baos.write(buf, 0, bytesRead);
+        }
+
+        return baos.toByteArray();
+    }
+
+    void deletePublicKey(long masterKeyId) throws IOException {
+        File publicKeyFile = getPublicKeyFile(masterKeyId);
+        if (publicKeyFile.exists()) {
+            boolean deleteSuccess = publicKeyFile.delete();
+            if (!deleteSuccess) {
+                throw new IOException("File exists, but could not be deleted!");
+            }
+        }
+    }
+}

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java

@@ -63,10 +63,10 @@ import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.ApiDataAccessObject;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAccounts;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.remote.OpenPgpServiceKeyIdExtractor.KeyIdResult;
 import org.sufficientlysecure.keychain.service.BackupKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -88,7 +88,7 @@ public class OpenPgpService extends Service {
             Collections.unmodifiableList(Arrays.asList(3, 4, 5, 6, 7, 8, 9, 10, 11));
 
     private ApiPermissionHelper mApiPermissionHelper;
-    private ProviderHelper mProviderHelper;
+    private KeyRepository mKeyRepository;
     private ApiDataAccessObject mApiDao;
     private OpenPgpServiceKeyIdExtractor mKeyIdExtractor;
     private ApiPendingIntentFactory mApiPendingIntentFactory;
@@ -97,7 +97,7 @@ public class OpenPgpService extends Service {
     public void onCreate() {
         super.onCreate();
         mApiPermissionHelper = new ApiPermissionHelper(this, new ApiDataAccessObject(this));
-        mProviderHelper = new ProviderHelper(this);
+        mKeyRepository = KeyRepository.createDatabaseInteractor(this);
         mApiDao = new ApiDataAccessObject(this);
 
         mApiPendingIntentFactory = new ApiPendingIntentFactory(getBaseContext());
@@ -135,7 +135,7 @@ public class OpenPgpService extends Service {
 
                 // get first usable subkey capable of signing
                 try {
-                    long signSubKeyId = mProviderHelper.getCachedPublicKeyRing(
+                    long signSubKeyId = mKeyRepository.getCachedPublicKeyRing(
                             pgpData.getSignatureMasterKeyId()).getSecretSignId();
                     pgpData.setSignatureSubKeyId(signSubKeyId);
                 } catch (PgpKeyNotFoundException e) {
@@ -167,7 +167,7 @@ public class OpenPgpService extends Service {
             }
 
             // execute PGP operation!
-            PgpSignEncryptOperation pse = new PgpSignEncryptOperation(this, new ProviderHelper(this), null);
+            PgpSignEncryptOperation pse = new PgpSignEncryptOperation(this, mKeyRepository, null);
             PgpSignEncryptResult pgpResult = pse.execute(pseInput, inputParcel, inputData, outputStream);
 
             if (pgpResult.isPending()) {
@@ -254,7 +254,7 @@ public class OpenPgpService extends Service {
 
                     // get first usable subkey capable of signing
                     try {
-                        long signSubKeyId = mProviderHelper.getCachedPublicKeyRing(
+                        long signSubKeyId = mKeyRepository.getCachedPublicKeyRing(
                                 pgpData.getSignatureMasterKeyId()).getSecretSignId();
                         pgpData.setSignatureSubKeyId(signSubKeyId);
                     } catch (PgpKeyNotFoundException e) {
@@ -294,7 +294,7 @@ public class OpenPgpService extends Service {
                         new Passphrase(data.getCharArrayExtra(OpenPgpApi.EXTRA_PASSPHRASE));
             }
 
-            PgpSignEncryptOperation op = new PgpSignEncryptOperation(this, mProviderHelper, null);
+            PgpSignEncryptOperation op = new PgpSignEncryptOperation(this, mKeyRepository, null);
 
             // execute PGP operation!
             PgpSignEncryptResult pgpResult = op.execute(pseInput, inputParcel, inputData, outputStream);
@@ -356,7 +356,7 @@ public class OpenPgpService extends Service {
             byte[] detachedSignature = data.getByteArrayExtra(OpenPgpApi.EXTRA_DETACHED_SIGNATURE);
             String senderAddress = data.getStringExtra(OpenPgpApi.EXTRA_SENDER_ADDRESS);
 
-            PgpDecryptVerifyOperation op = new PgpDecryptVerifyOperation(this, mProviderHelper, progressable);
+            PgpDecryptVerifyOperation op = new PgpDecryptVerifyOperation(this, mKeyRepository, progressable);
 
             long inputLength = data.getLongExtra(OpenPgpApi.EXTRA_DATA_LENGTH, InputData.UNKNOWN_FILESIZE);
             InputData inputData = new InputData(inputStream, inputLength);
@@ -526,7 +526,7 @@ public class OpenPgpService extends Service {
             try {
                 // try to find key, throws NotFoundException if not in db!
                 CanonicalizedPublicKeyRing keyRing =
-                        mProviderHelper.getCanonicalizedPublicKeyRing(
+                        mKeyRepository.getCanonicalizedPublicKeyRing(
                                 KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(masterKeyId));
 
                 Intent result = new Intent();
@@ -555,7 +555,7 @@ public class OpenPgpService extends Service {
                         mApiPendingIntentFactory.createShowKeyPendingIntent(data, masterKeyId));
 
                 return result;
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyRepository.NotFoundException e) {
                 // If keys are not in db we return an additional PendingIntent
                 // to retrieve the missing key
                 Intent result = new Intent();
@@ -630,7 +630,7 @@ public class OpenPgpService extends Service {
             // the backup code is cached in CryptoInputParcelCacheService, now we can proceed
 
             BackupKeyringParcel input = new BackupKeyringParcel(masterKeyIds, backupSecret, true, enableAsciiArmorOutput, null);
-            BackupOperation op = new BackupOperation(this, mProviderHelper, null);
+            BackupOperation op = new BackupOperation(this, mKeyRepository, null);
             ExportResult pgpResult = op.execute(input, inputParcel, outputStream);
 
             if (pgpResult.success()) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RequestKeyPermissionPresenter.java

@@ -15,9 +15,9 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.ApiDataAccessObject;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.remote.ApiPermissionHelper;
 import org.sufficientlysecure.keychain.remote.ApiPermissionHelper.WrongPackageCertificateException;
 import org.sufficientlysecure.keychain.util.Log;
@@ -33,26 +33,27 @@ class RequestKeyPermissionPresenter {
 
     private String packageName;
     private long masterKeyId;
-    private ProviderHelper providerHelper;
+    private KeyRepository keyRepository;
 
 
     static RequestKeyPermissionPresenter createRequestKeyPermissionPresenter(Context context) {
         PackageManager packageManager = context.getPackageManager();
         ApiDataAccessObject apiDataAccessObject = new ApiDataAccessObject(context);
         ApiPermissionHelper apiPermissionHelper = new ApiPermissionHelper(context, apiDataAccessObject);
-        ProviderHelper providerHelper = new ProviderHelper(context);
+        KeyRepository keyRepository =
+                KeyRepository.createDatabaseInteractor(context);
 
         return new RequestKeyPermissionPresenter(context, apiDataAccessObject, apiPermissionHelper, packageManager,
-                providerHelper);
+                keyRepository);
     }
 
     private RequestKeyPermissionPresenter(Context context, ApiDataAccessObject apiDataAccessObject,
-            ApiPermissionHelper apiPermissionHelper, PackageManager packageManager, ProviderHelper providerHelper) {
+            ApiPermissionHelper apiPermissionHelper, PackageManager packageManager, KeyRepository keyRepository) {
         this.context = context;
         this.apiDataAccessObject = apiDataAccessObject;
         this.apiPermissionHelper = apiPermissionHelper;
         this.packageManager = packageManager;
-        this.providerHelper = providerHelper;
+        this.keyRepository = keyRepository;
     }
 
     void setView(RequestKeyPermissionMvpView view) {
@@ -101,7 +102,7 @@ class RequestKeyPermissionPresenter {
         CachedPublicKeyRing publicFallbackRing = null;
         for (long candidateSubKeyId : subKeyIds) {
             try {
-                CachedPublicKeyRing cachedPublicKeyRing = providerHelper.getCachedPublicKeyRing(
+                CachedPublicKeyRing cachedPublicKeyRing = keyRepository.getCachedPublicKeyRing(
                         KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(candidateSubKeyId)
                 );
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainService.java

@@ -48,7 +48,7 @@ import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
 import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
 import org.sufficientlysecure.keychain.pgp.Progressable;
 import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.service.ServiceProgressHandler.MessageStatus;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.util.Log;
@@ -111,36 +111,38 @@ public class KeychainService extends Service implements Progressable {
 
                 // just for brevity
                 KeychainService outerThis = KeychainService.this;
+                KeyWritableRepository databaseInteractor =
+                        KeyWritableRepository.createDatabaseReadWriteInteractor(outerThis);
                 if (inputParcel instanceof SignEncryptParcel) {
-                    op = new SignEncryptOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new SignEncryptOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof PgpDecryptVerifyInputParcel) {
-                    op = new PgpDecryptVerifyOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new PgpDecryptVerifyOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof SaveKeyringParcel) {
-                    op = new EditKeyOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new EditKeyOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof  ChangeUnlockParcel) {
-                    op = new ChangeUnlockOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new ChangeUnlockOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof RevokeKeyringParcel) {
-                    op = new RevokeOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new RevokeOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof CertifyActionsParcel) {
-                    op = new CertifyOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new CertifyOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof DeleteKeyringParcel) {
-                    op = new DeleteOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new DeleteOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof PromoteKeyringParcel) {
-                    op = new PromoteKeyOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new PromoteKeyOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof ImportKeyringParcel) {
-                    op = new ImportOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new ImportOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof BackupKeyringParcel) {
-                    op = new BackupOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new BackupOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof UploadKeyringParcel) {
-                    op = new UploadOperation(outerThis, new ProviderHelper(outerThis), outerThis, mActionCanceled);
+                    op = new UploadOperation(outerThis, databaseInteractor, outerThis, mActionCanceled);
                 } else if (inputParcel instanceof ConsolidateInputParcel) {
-                    op = new ConsolidateOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new ConsolidateOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof KeybaseVerificationParcel) {
-                    op = new KeybaseVerificationOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new KeybaseVerificationOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof InputDataParcel) {
-                    op = new InputDataOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new InputDataOperation(outerThis, databaseInteractor, outerThis);
                 } else if (inputParcel instanceof BenchmarkInputParcel) {
-                    op = new BenchmarkOperation(outerThis, new ProviderHelper(outerThis), outerThis);
+                    op = new BenchmarkOperation(outerThis, databaseInteractor, outerThis);
                 } else {
                     throw new AssertionError("Unrecognized input parcel in KeychainService!");
                 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java

@@ -1,5 +1,12 @@
 package org.sufficientlysecure.keychain.service;
 
+
+import java.util.ArrayList;
+import java.util.GregorianCalendar;
+import java.util.Random;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+
 import android.accounts.Account;
 import android.app.AlarmManager;
 import android.app.Notification;
@@ -32,25 +39,19 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.KeychainApplication;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
+import org.sufficientlysecure.keychain.network.NetworkReceiver;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 import org.sufficientlysecure.keychain.operations.ImportOperation;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
+import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.network.NetworkReceiver;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.OrbotRequiredDialogActivity;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
-
-import java.util.ArrayList;
-import java.util.GregorianCalendar;
-import java.util.Random;
-import java.util.concurrent.TimeUnit;
-import java.util.concurrent.atomic.AtomicBoolean;
 
 public class KeyserverSyncAdapterService extends Service {
 
@@ -320,7 +321,8 @@ public class KeyserverSyncAdapterService extends Service {
     private ImportKeyResult directUpdate(Context context, ArrayList<ParcelableKeyRing> keyList,
                                          CryptoInputParcel cryptoInputParcel) {
         Log.d(Constants.TAG, "Starting normal update");
-        ImportOperation importOp = new ImportOperation(context, new ProviderHelper(context), null);
+        ImportOperation importOp = new ImportOperation(context,
+                KeyWritableRepository.createDatabaseReadWriteInteractor(context), null);
         return importOp.execute(
                 new ImportKeyringParcel(keyList,
                         Preferences.getPreferences(context).getPreferredKeyserver()),
@@ -380,7 +382,7 @@ public class KeyserverSyncAdapterService extends Service {
                         new OperationResult.OperationLog());
             }
             ImportKeyResult result =
-                    new ImportOperation(context, new ProviderHelper(context), null, mCancelled)
+                    new ImportOperation(context, KeyWritableRepository.createDatabaseReadWriteInteractor(context), null, mCancelled)
                             .execute(
                                     new ImportKeyringParcel(
                                             keyWrapper,

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java

@@ -41,7 +41,7 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.Preferences;
@@ -224,7 +224,7 @@ public class PassphraseCacheService extends Service {
     /**
      * Internal implementation to get cached passphrase.
      */
-    private Passphrase getCachedPassphraseImpl(long masterKeyId, long subKeyId) throws ProviderHelper.NotFoundException {
+    private Passphrase getCachedPassphraseImpl(long masterKeyId, long subKeyId) throws KeyRepository.NotFoundException {
         // on "none" key, just do nothing
         if (masterKeyId == Constants.key.none) {
             return null;
@@ -245,16 +245,16 @@ public class PassphraseCacheService extends Service {
                 + masterKeyId + ", subKeyId " + subKeyId);
 
         // get the type of key (from the database)
-        CachedPublicKeyRing keyRing = new ProviderHelper(this).getCachedPublicKeyRing(masterKeyId);
+        CachedPublicKeyRing keyRing = KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(masterKeyId);
         SecretKeyType keyType = keyRing.getSecretKeyType(subKeyId);
 
         switch (keyType) {
             case PASSPHRASE_EMPTY:
                 return new Passphrase("");
             case UNAVAILABLE:
-                throw new ProviderHelper.NotFoundException("secret key for this subkey is not available");
+                throw new KeyRepository.NotFoundException("secret key for this subkey is not available");
             case GNU_DUMMY:
-                throw new ProviderHelper.NotFoundException("secret key for stripped subkey is not available");
+                throw new KeyRepository.NotFoundException("secret key for stripped subkey is not available");
         }
 
         // get cached passphrase
@@ -398,7 +398,7 @@ public class PassphraseCacheService extends Service {
                         bundle.putParcelable(EXTRA_PASSPHRASE, passphrase);
                         msg.setData(bundle);
                     }
-                } catch (ProviderHelper.NotFoundException e) {
+                } catch (KeyRepository.NotFoundException e) {
                     Log.e(Constants.TAG, "PassphraseCacheService: Passphrase for unknown key was requested!");
                     msg.what = MSG_PASSPHRASE_CACHE_GET_KEY_NOT_FOUND;
                 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CertifyFingerprintFragment.java

@@ -17,6 +17,9 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.io.IOException;
+
 import android.content.Intent;
 import android.database.Cursor;
 import android.graphics.Typeface;
@@ -32,16 +35,14 @@ import android.widget.TextView;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
-import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.experimental.SentenceConfirm;
+import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.ui.base.LoaderFragment;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 
-import java.io.IOException;
-
 
 public class CertifyFingerprintFragment extends LoaderFragment implements
         LoaderManager.LoaderCallbacks<Cursor> {
@@ -213,7 +214,7 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
     private void certify(Uri dataUri) {
         long keyId = 0;
         try {
-            keyId = new ProviderHelper(getActivity())
+            keyId = KeyRepository.createDatabaseInteractor(getContext())
                     .getCachedPublicKeyRing(dataUri)
                     .extractOrGetMasterKeyId();
         } catch (PgpKeyNotFoundException e) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CertifyKeyFragment.java

@@ -18,49 +18,38 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.util.ArrayList;
+import java.util.Date;
+
 import android.app.Activity;
 import android.content.Intent;
-import android.database.Cursor;
-import android.database.MatrixCursor;
 import android.graphics.PorterDuff;
-import android.net.Uri;
 import android.os.Bundle;
-import android.os.Parcel;
-import android.support.v4.app.LoaderManager;
-import android.support.v4.content.CursorLoader;
-import android.support.v4.content.Loader;
 import android.view.LayoutInflater;
 import android.view.View;
 import android.view.View.OnClickListener;
 import android.view.ViewGroup;
 import android.widget.CheckBox;
 import android.widget.ImageView;
-import android.widget.ListView;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.operations.results.CertifyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
-import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
-import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
-import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.service.CertifyActionsParcel;
 import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
-import org.sufficientlysecure.keychain.ui.adapter.MultiUserIdsAdapter;
 import org.sufficientlysecure.keychain.ui.base.CachingCryptoOperationFragment;
-import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
+import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.widget.CertifyKeySpinner;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Preferences;
 
-import java.util.ArrayList;
-import java.util.Date;
-
 public class CertifyKeyFragment
         extends CachingCryptoOperationFragment<CertifyActionsParcel, CertifyResult> {
 
@@ -80,7 +69,8 @@ public class CertifyKeyFragment
                     .getLongExtra(CertifyKeyActivity.EXTRA_CERTIFY_KEY_ID, Constants.key.none);
             if (certifyKeyId != Constants.key.none) {
                 try {
-                    CachedPublicKeyRing key = (new ProviderHelper(getActivity()))
+                    CachedPublicKeyRing key = (KeyRepository
+                            .createDatabaseInteractor(getContext()))
                             .getCachedPublicKeyRing(certifyKeyId);
                     if (key.canCertify()) {
                         mCertifyKeySpinner.setPreSelectedKeyId(certifyKeyId);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyActivity.java

@@ -17,6 +17,10 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.io.IOException;
+import java.util.ArrayList;
+
 import android.content.Intent;
 import android.nfc.NfcAdapter;
 import android.os.Bundle;
@@ -29,17 +33,14 @@ import android.support.v4.app.TaskStackBuilder;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
 import org.sufficientlysecure.keychain.ui.base.BaseSecurityTokenActivity;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.Preferences;
 
-import java.io.IOException;
-import java.util.ArrayList;
-
 public class CreateKeyActivity extends BaseSecurityTokenActivity {
 
     public static final String EXTRA_NAME = "name";
@@ -180,7 +181,7 @@ public class CreateKeyActivity extends BaseSecurityTokenActivity {
         if (containsKeys(mScannedFingerprints)) {
             try {
                 long masterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mScannedFingerprints);
-                CachedPublicKeyRing ring = new ProviderHelper(this).getCachedPublicKeyRing(masterKeyId);
+                CachedPublicKeyRing ring = KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(masterKeyId);
                 ring.getMasterKeyId();
 
                 Intent intent = new Intent(this, ViewKeyActivity.class);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyFinalFragment.java

@@ -41,14 +41,12 @@ import org.sufficientlysecure.keychain.operations.results.EditKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.UploadResult;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
-import org.sufficientlysecure.keychain.pgp.PgpSecurityConstants;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
-import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
 import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
@@ -413,7 +411,7 @@ public class CreateKeyFinalFragment extends Fragment {
         CreateKeyActivity activity = (CreateKeyActivity) getActivity();
 
         final SaveKeyringParcel changeKeyringParcel;
-        CachedPublicKeyRing key = (new ProviderHelper(activity))
+        CachedPublicKeyRing key = (KeyRepository.createDatabaseInteractor(getContext()))
                 .getCachedPublicKeyRing(saveKeyResult.mMasterKeyId);
         try {
             changeKeyringParcel = new SaveKeyringParcel(key.getMasterKeyId(), key.getFingerprint());

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptFragment.java

@@ -17,6 +17,9 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.util.ArrayList;
+
 import android.app.Activity;
 import android.content.Intent;
 import android.database.Cursor;
@@ -40,25 +43,23 @@ import org.openintents.openpgp.OpenPgpSignatureResult;
 import org.openintents.openpgp.util.OpenPgpUtils;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils.State;
 import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.util.Notify.Style;
-import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.util.Preferences;
 
-import java.util.ArrayList;
-
 public abstract class DecryptFragment extends Fragment implements LoaderManager.LoaderCallbacks<Cursor> {
 
     public static final int LOADER_ID_UNIFIED = 0;
@@ -192,7 +193,7 @@ public abstract class DecryptFragment extends Fragment implements LoaderManager.
         try {
 
             Intent viewKeyIntent = new Intent(getActivity(), ViewKeyActivity.class);
-            long masterKeyId = new ProviderHelper(getActivity()).getCachedPublicKeyRing(
+            long masterKeyId = KeyRepository.createDatabaseInteractor(getContext()).getCachedPublicKeyRing(
                     KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(keyId)
             ).getMasterKeyId();
             viewKeyIntent.setData(KeyRings.buildGenericKeyRingUri(masterKeyId));

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DeleteKeyDialogActivity.java

@@ -35,16 +35,14 @@ import android.widget.AdapterView;
 import android.widget.Spinner;
 import android.widget.TextView;
 
-import org.openintents.openpgp.util.OpenPgpUtils;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.operations.results.DeleteResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.RevokeResult;
-import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.service.DeleteKeyringParcel;
 import org.sufficientlysecure.keychain.service.RevokeKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -91,13 +89,13 @@ public class DeleteKeyDialogActivity extends FragmentActivity {
         if (mMasterKeyIds.length == 1 && mHasSecret) {
             // if mMasterKeyIds.length == 0 we let the DeleteOperation respond
             try {
-                HashMap<String, Object> data = new ProviderHelper(this).getUnifiedData(
+                HashMap<String, Object> data = KeyRepository.createDatabaseInteractor(this).getUnifiedData(
                         mMasterKeyIds[0], new String[]{
                                 KeychainContract.KeyRings.NAME,
                                 KeychainContract.KeyRings.IS_REVOKED
                         }, new int[]{
-                                ProviderHelper.FIELD_TYPE_STRING,
-                                ProviderHelper.FIELD_TYPE_INTEGER
+                                KeyRepository.FIELD_TYPE_STRING,
+                                KeyRepository.FIELD_TYPE_INTEGER
                         }
                 );
 
@@ -114,7 +112,7 @@ public class DeleteKeyDialogActivity extends FragmentActivity {
                 } else {
                     showRevokeDeleteDialog(name);
                 }
-            } catch (ProviderHelper.NotFoundException e) {
+            } catch (KeyRepository.NotFoundException e) {
                 Log.e(Constants.TAG,
                         "Secret key to delete not found at DeleteKeyDialogActivity for "
                                 + mMasterKeyIds[0], e);
@@ -271,13 +269,14 @@ public class DeleteKeyDialogActivity extends FragmentActivity {
                 long masterKeyId = masterKeyIds[0];
 
                 try {
-                    HashMap<String, Object> data = new ProviderHelper(activity).getUnifiedData(
+                    HashMap<String, Object> data = KeyRepository.createDatabaseInteractor(getContext())
+                            .getUnifiedData(
                             masterKeyId, new String[]{
                                     KeychainContract.KeyRings.NAME,
                                     KeychainContract.KeyRings.HAS_ANY_SECRET
                             }, new int[]{
-                                    ProviderHelper.FIELD_TYPE_STRING,
-                                    ProviderHelper.FIELD_TYPE_INTEGER
+                                    KeyRepository.FIELD_TYPE_STRING,
+                                    KeyRepository.FIELD_TYPE_INTEGER
                             }
                     );
                     String name;
@@ -295,7 +294,7 @@ public class DeleteKeyDialogActivity extends FragmentActivity {
                     } else {
                         mMainMessage.setText(getString(R.string.public_key_deletetion_confirmation, name));
                     }
-                } catch (ProviderHelper.NotFoundException e) {
+                } catch (KeyRepository.NotFoundException e) {
                     dismiss();
                     return null;
                 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditIdentitiesFragment.java

@@ -41,6 +41,7 @@ import android.widget.ListView;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.compatibility.DialogFragmentWorkaround;
+import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.operations.results.EditKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
@@ -49,10 +50,10 @@ import org.sufficientlysecure.keychain.operations.results.UploadResult;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
 import org.sufficientlysecure.keychain.service.UploadKeyringParcel;
 import org.sufficientlysecure.keychain.ui.adapter.UserIdsAdapter;
@@ -62,7 +63,6 @@ import org.sufficientlysecure.keychain.ui.dialog.AddUserIdDialogFragment;
 import org.sufficientlysecure.keychain.ui.dialog.EditUserIdDialogFragment;
 import org.sufficientlysecure.keychain.ui.dialog.SetPassphraseDialogFragment;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.util.Preferences;
 
 public class EditIdentitiesFragment extends Fragment
@@ -170,7 +170,7 @@ public class EditIdentitiesFragment extends Fragment
         try {
             Uri secretUri = KeychainContract.KeyRings.buildUnifiedKeyRingUri(mDataUri);
             CachedPublicKeyRing keyRing =
-                    new ProviderHelper(getActivity()).getCachedPublicKeyRing(secretUri);
+                    KeyRepository.createDatabaseInteractor(getContext()).getCachedPublicKeyRing(secretUri);
             long masterKeyId = keyRing.getMasterKeyId();
 
             // check if this is a master secret key we can work with

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java

@@ -48,10 +48,10 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
 import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange;
@@ -203,7 +203,7 @@ public class EditKeyFragment extends QueueingCryptoOperationFragment<SaveKeyring
         try {
             Uri secretUri = KeychainContract.KeyRings.buildUnifiedKeyRingUri(mDataUri);
             CachedPublicKeyRing keyRing =
-                    new ProviderHelper(getActivity()).getCachedPublicKeyRing(secretUri);
+                    KeyRepository.createDatabaseInteractor(getContext()).getCachedPublicKeyRing(secretUri);
             long masterKeyId = keyRing.getMasterKeyId();
 
             // check if this is a master secret key we can work with

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptModeAsymmetricFragment.java

@@ -17,36 +17,39 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
 import android.os.Bundle;
 import android.view.LayoutInflater;
 import android.view.View;
 import android.view.ViewGroup;
 import android.widget.ViewAnimator;
 
-import com.tokenautocomplete.TokenCompleteTextView;
 import com.tokenautocomplete.TokenCompleteTextView.TokenListener;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.ui.adapter.KeyAdapter.KeyItem;
+import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
+import org.sufficientlysecure.keychain.ui.util.Notify;
+import org.sufficientlysecure.keychain.ui.util.Notify.Style;
 import org.sufficientlysecure.keychain.ui.widget.EncryptKeyCompletionView;
 import org.sufficientlysecure.keychain.ui.widget.KeySpinner;
 import org.sufficientlysecure.keychain.ui.widget.KeySpinner.OnKeyChangedListener;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
 
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
 public class EncryptModeAsymmetricFragment extends EncryptModeFragment {
 
-    ProviderHelper mProviderHelper;
+    KeyRepository mKeyRepository;
 
     private KeySpinner mSignKeySpinner;
     private EncryptKeyCompletionView mEncryptKeyView;
@@ -115,7 +118,7 @@ public class EncryptModeAsymmetricFragment extends EncryptModeFragment {
     @Override
     public void onActivityCreated(Bundle savedInstanceState) {
         super.onActivityCreated(savedInstanceState);
-        mProviderHelper = new ProviderHelper(getActivity());
+        mKeyRepository = KeyRepository.createDatabaseInteractor(getContext());
 
         // preselect keys given, from state or arguments
         if (savedInstanceState == null) {
@@ -135,13 +138,16 @@ public class EncryptModeAsymmetricFragment extends EncryptModeFragment {
     private void preselectKeys(Long signatureKeyId, long[] encryptionKeyIds) {
         if (signatureKeyId != null) {
             try {
-                CachedPublicKeyRing keyring = mProviderHelper.getCachedPublicKeyRing(
+                CachedPublicKeyRing keyring = mKeyRepository.getCachedPublicKeyRing(
                         KeyRings.buildUnifiedKeyRingUri(signatureKeyId));
                 if (keyring.hasAnySecret()) {
                     mSignKeySpinner.setPreSelectedKeyId(signatureKeyId);
                 }
             } catch (PgpKeyNotFoundException e) {
-                Log.e(Constants.TAG, "key not found!", e);
+                Log.e(Constants.TAG, "key not found for signing!", e);
+                Notify.create(getActivity(), getString(R.string.error_preselect_sign_key,
+                        KeyFormattingUtils.beautifyKeyId(signatureKeyId)),
+                        Style.ERROR).show();
             }
         }
 
@@ -149,10 +155,13 @@ public class EncryptModeAsymmetricFragment extends EncryptModeFragment {
             for (long preselectedId : encryptionKeyIds) {
                 try {
                     CanonicalizedPublicKeyRing ring =
-                            mProviderHelper.getCanonicalizedPublicKeyRing(preselectedId);
+                            mKeyRepository.getCanonicalizedPublicKeyRing(preselectedId);
                     mEncryptKeyView.addObject(new KeyItem(ring));
                 } catch (NotFoundException e) {
-                    Log.e(Constants.TAG, "key not found!", e);
+                    Log.e(Constants.TAG, "key not found for encryption!", e);
+                    Notify.create(getActivity(), getString(R.string.error_preselect_encrypt_key,
+                            KeyFormattingUtils.beautifyKeyId(preselectedId)),
+                            Style.ERROR).show();
                 }
             }
             // This is to work-around a rendering bug in TokenCompleteTextView

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListFragment.java

@@ -59,7 +59,7 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.KeychainDatabase;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.service.BenchmarkInputParcel;
 import org.sufficientlysecure.keychain.service.ConsolidateInputParcel;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
@@ -486,8 +486,9 @@ public class KeyListFragment extends RecyclerFragment<KeySectionedListAdapter>
             return;
         }
 
-        ProviderHelper providerHelper = new ProviderHelper(activity);
-        Cursor cursor = providerHelper.getContentResolver().query(
+        KeyRepository keyRepository =
+                KeyRepository.createDatabaseInteractor(getContext());
+        Cursor cursor = keyRepository.getContentResolver().query(
                 KeyRings.buildUnifiedKeyRingsUri(), new String[]{
                         KeyRings.FINGERPRINT
                 }, null, null, null

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PassphraseDialogActivity.java

@@ -31,7 +31,6 @@ import android.support.v4.app.FragmentActivity;
 import android.support.v7.app.AlertDialog;
 import android.text.Editable;
 import android.text.InputType;
-import android.text.Layout;
 import android.text.TextWatcher;
 import android.text.method.PasswordTransformationMethod;
 import android.view.ContextThemeWrapper;
@@ -59,8 +58,8 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -113,7 +112,7 @@ public class PassphraseDialogActivity extends FragmentActivity {
         // handle empty passphrases by directly returning an empty crypto input parcel
         try {
             CachedPublicKeyRing pubRing =
-                    new ProviderHelper(this).getCachedPublicKeyRing(requiredInput.getMasterKeyId());
+                    KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(requiredInput.getMasterKeyId());
             // use empty passphrase for empty passphrase
             if (pubRing.getSecretKeyType(requiredInput.getSubKeyId()) == SecretKeyType.PASSPHRASE_EMPTY) {
                 // also return passphrase back to activity
@@ -232,7 +231,8 @@ public class PassphraseDialogActivity extends FragmentActivity {
                 try {
                     long subKeyId = mRequiredInput.getSubKeyId();
 
-                    ProviderHelper helper = new ProviderHelper(activity);
+                    KeyRepository helper =
+                            KeyRepository.createDatabaseInteractor(getContext());
                     CachedPublicKeyRing cachedPublicKeyRing = helper.getCachedPublicKeyRing(
                             KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId));
                     // yes the inner try/catch block is necessary, otherwise the final variable
@@ -267,7 +267,7 @@ public class PassphraseDialogActivity extends FragmentActivity {
                             throw new AssertionError("Unhandled SecretKeyType (should not happen)");
                     }
 
-                } catch (PgpKeyNotFoundException | ProviderHelper.NotFoundException e) {
+                } catch (PgpKeyNotFoundException | KeyRepository.NotFoundException e) {
                     alert.setTitle(R.string.title_key_not_found);
                     alert.setMessage(getString(R.string.key_not_found, mRequiredInput.getSubKeyId()));
                     alert.setPositiveButton(android.R.string.ok, new DialogInterface.OnClickListener() {
@@ -458,7 +458,7 @@ public class PassphraseDialogActivity extends FragmentActivity {
 
                                 Long subKeyId = mRequiredInput.getSubKeyId();
                                 CanonicalizedSecretKeyRing secretKeyRing =
-                                        new ProviderHelper(getActivity()).getCanonicalizedSecretKeyRing(
+                                        KeyRepository.createDatabaseInteractor(getContext()).getCanonicalizedSecretKeyRing(
                                                 KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId));
                                 CanonicalizedSecretKey secretKeyToUnlock =
                                         secretKeyRing.getSecretKey(subKeyId);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/QrCodeViewActivity.java

@@ -28,8 +28,8 @@ import android.widget.ImageView;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
-import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.ui.util.Notify;
@@ -74,11 +74,9 @@ public class QrCodeViewActivity extends BaseActivity {
             }
         });
 
-        ProviderHelper providerHelper = new ProviderHelper(this);
+        KeyRepository keyRepository = KeyRepository.createDatabaseInteractor(this);
         try {
-            byte[] blob = (byte[]) providerHelper.getGenericData(
-                    KeychainContract.KeyRings.buildUnifiedKeyRingUri(dataUri),
-                    KeychainContract.KeyRings.FINGERPRINT, ProviderHelper.FIELD_TYPE_BLOB);
+            byte[] blob = keyRepository.getCachedPublicKeyRing(dataUri).getFingerprint();
             if (blob == null) {
                 Log.e(Constants.TAG, "key not found!");
                 Notify.create(this, R.string.error_key_not_found, Style.ERROR).show();
@@ -102,7 +100,7 @@ public class QrCodeViewActivity extends BaseActivity {
                             mQrCode.setImageBitmap(scaled);
                         }
                     });
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (PgpKeyNotFoundException e) {
             Log.e(Constants.TAG, "key not found!", e);
             Notify.create(this, R.string.error_key_not_found, Style.ERROR).show();
             ActivityCompat.finishAfterTransition(QrCodeViewActivity.this);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SafeSlingerActivity.java

@@ -17,6 +17,10 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.io.IOException;
+import java.util.ArrayList;
+
 import android.annotation.TargetApi;
 import android.content.Intent;
 import android.graphics.PorterDuff;
@@ -27,14 +31,18 @@ import android.view.View;
 import android.widget.ImageView;
 import android.widget.NumberPicker;
 
+import edu.cmu.cylab.starslinger.exchange.ExchangeActivity;
+import edu.cmu.cylab.starslinger.exchange.ExchangeConfig;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
 import org.sufficientlysecure.keychain.operations.ImportOperation;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
+import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
 import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
@@ -42,13 +50,6 @@ import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
 import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableFileCache;
-import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
-
-import java.io.IOException;
-import java.util.ArrayList;
-
-import edu.cmu.cylab.starslinger.exchange.ExchangeActivity;
-import edu.cmu.cylab.starslinger.exchange.ExchangeConfig;
 
 @TargetApi(Build.VERSION_CODES.HONEYCOMB)
 public class SafeSlingerActivity extends BaseActivity
@@ -105,8 +106,7 @@ public class SafeSlingerActivity extends BaseActivity
         // retrieve public key blob and start SafeSlinger
         Uri uri = KeychainContract.KeyRingData.buildPublicKeyRingUri(masterKeyId);
         try {
-            byte[] keyBlob = (byte[]) new ProviderHelper(this).getGenericData(
-                    uri, KeychainContract.KeyRingData.KEY_RING_DATA, ProviderHelper.FIELD_TYPE_BLOB);
+            byte[] keyBlob = KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(uri).getEncoded();
 
             Intent slingerIntent = new Intent(this, ExchangeActivity.class);
 
@@ -114,7 +114,7 @@ public class SafeSlingerActivity extends BaseActivity
             slingerIntent.putExtra(ExchangeConfig.extra.USER_DATA, keyBlob);
             slingerIntent.putExtra(ExchangeConfig.extra.HOST_NAME, Constants.SAFESLINGER_SERVER);
             startActivityForResult(slingerIntent, REQUEST_CODE_SAFE_SLINGER);
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (PgpKeyNotFoundException e) {
             Log.e(Constants.TAG, "personal key not found", e);
         }
     }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SecurityTokenOperationActivity.java

@@ -21,6 +21,11 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+
 import android.content.Intent;
 import android.os.AsyncTask;
 import android.os.Bundle;
@@ -30,13 +35,14 @@ import android.widget.Button;
 import android.widget.TextView;
 import android.widget.ViewAnimator;
 
+import nordpol.android.NfcGuideView;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.securitytoken.KeyType;
 import org.sufficientlysecure.keychain.service.PassphraseCacheService;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
@@ -48,12 +54,6 @@ import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.OrientationUtils;
 import org.sufficientlysecure.keychain.util.Passphrase;
 
-import java.io.IOException;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-
-import nordpol.android.NfcGuideView;
-
 /**
  * This class provides a communication interface to OpenPGP applications on ISO SmartCard compliant
  * NFC devices.
@@ -193,12 +193,13 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
                     throw new IOException(getString(R.string.error_wrong_security_token));
                 }
 
-                ProviderHelper providerHelper = new ProviderHelper(this);
+                KeyRepository keyRepository =
+                        KeyRepository.createDatabaseInteractor(this);
                 CanonicalizedPublicKeyRing publicKeyRing;
                 try {
-                    publicKeyRing = providerHelper.getCanonicalizedPublicKeyRing(
+                    publicKeyRing = keyRepository.getCanonicalizedPublicKeyRing(
                             KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(mRequiredInput.getMasterKeyId()));
-                } catch (ProviderHelper.NotFoundException e) {
+                } catch (KeyRepository.NotFoundException e) {
                     throw new IOException("Couldn't find subkey for key to token operation.");
                 }
 
@@ -232,13 +233,14 @@ public class SecurityTokenOperationActivity extends BaseSecurityTokenActivity {
                 mSecurityTokenHelper.setPin(new Passphrase("123456"));
                 mSecurityTokenHelper.setAdminPin(new Passphrase("12345678"));
 
-                ProviderHelper providerHelper = new ProviderHelper(this);
+                KeyRepository keyRepository =
+                        KeyRepository.createDatabaseInteractor(this);
                 CanonicalizedSecretKeyRing secretKeyRing;
                 try {
-                    secretKeyRing = providerHelper.getCanonicalizedSecretKeyRing(
+                    secretKeyRing = keyRepository.getCanonicalizedSecretKeyRing(
                             KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(mRequiredInput.getMasterKeyId())
                     );
-                } catch (ProviderHelper.NotFoundException e) {
+                } catch (KeyRepository.NotFoundException e) {
                     throw new IOException("Couldn't find subkey for key to token operation.");
                 }
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java

@@ -40,7 +40,7 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
@@ -184,8 +184,9 @@ public class ViewCertActivity extends BaseActivity
                 Intent viewIntent = new Intent(ViewCertActivity.this, ViewKeyActivity.class);
 
                 try {
-                    ProviderHelper providerHelper = new ProviderHelper(ViewCertActivity.this);
-                    long signerMasterKeyId = providerHelper.getCachedPublicKeyRing(
+                    KeyRepository keyRepository =
+                            KeyRepository.createDatabaseInteractor(ViewCertActivity.this);
+                    long signerMasterKeyId = keyRepository.getCachedPublicKeyRing(
                             KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(mCertifierKeyId)).getMasterKeyId();
                     viewIntent.setData(KeyRings.buildGenericKeyRingUri(signerMasterKeyId));
                     startActivity(viewIntent);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java

@@ -19,6 +19,11 @@
 package org.sufficientlysecure.keychain.ui;
 
 
+import java.io.IOException;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.util.ArrayList;
+
 import android.animation.ArgbEvaluator;
 import android.animation.ObjectAnimator;
 import android.annotation.SuppressLint;
@@ -72,10 +77,10 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.service.ChangeUnlockParcel;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
@@ -97,11 +102,6 @@ import org.sufficientlysecure.keychain.util.NfcHelper;
 import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.Preferences;
 
-import java.io.IOException;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.util.ArrayList;
-
 
 public class ViewKeyActivity extends BaseSecurityTokenActivity implements
         LoaderManager.LoaderCallbacks<Cursor>,
@@ -125,7 +125,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
     public static final String EXTRA_DISPLAY_RESULT = "display_result";
     public static final String EXTRA_LINKED_TRANSITION = "linked_transition";
 
-    ProviderHelper mProviderHelper;
+    KeyRepository mKeyRepository;
 
     protected Uri mDataUri;
 
@@ -185,7 +185,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
 
-        mProviderHelper = new ProviderHelper(this);
+        mKeyRepository = KeyRepository.createDatabaseInteractor(this);
         mImportOpHelper = new CryptoOperationHelper<>(1, this, this, null);
 
         setTitle(null);
@@ -318,7 +318,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
         // or start new ones.
         getSupportLoaderManager().initLoader(LOADER_ID_UNIFIED, null, this);
 
-        mNfcHelper = new NfcHelper(this, mProviderHelper);
+        mNfcHelper = new NfcHelper(this, mKeyRepository);
         mNfcHelper.initNfc(mDataUri);
 
         if (savedInstanceState == null && getIntent().hasExtra(EXTRA_DISPLAY_RESULT)) {
@@ -399,8 +399,8 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
             }
             case R.id.menu_key_view_refresh: {
                 try {
-                    updateFromKeyserver(mDataUri, mProviderHelper);
-                } catch (ProviderHelper.NotFoundException e) {
+                    updateFromKeyserver(mDataUri, mKeyRepository);
+                } catch (PgpKeyNotFoundException e) {
                     Notify.create(this, R.string.error_key_not_found, Notify.Style.ERROR).show();
                 }
                 return true;
@@ -550,7 +550,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
     private boolean keyHasPassphrase() {
         try {
             SecretKeyType secretKeyType =
-                    mProviderHelper.getCachedPublicKeyRing(mMasterKeyId).getSecretKeyType(mMasterKeyId);
+                    mKeyRepository.getCachedPublicKeyRing(mMasterKeyId).getSecretKeyType(mMasterKeyId);
             switch (secretKeyType) {
                 // all of these make no sense to ask
                 case PASSPHRASE_EMPTY:
@@ -666,7 +666,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
         try {
 
             // if the security token matches a subkey in any key
-            CachedPublicKeyRing ring = mProviderHelper.getCachedPublicKeyRing(
+            CachedPublicKeyRing ring = mKeyRepository.getCachedPublicKeyRing(
                     KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(tokenId));
             byte[] candidateFp = ring.getFingerprint();
 
@@ -741,7 +741,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
             return;
         }
         try {
-            long keyId = new ProviderHelper(this)
+            long keyId = KeyRepository.createDatabaseInteractor(this)
                     .getCachedPublicKeyRing(dataUri)
                     .extractOrGetMasterKeyId();
             long[] encryptionKeyIds = new long[]{keyId};
@@ -765,7 +765,7 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
     private void startSafeSlinger(Uri dataUri) {
         long keyId = 0;
         try {
-            keyId = new ProviderHelper(this)
+            keyId = KeyRepository.createDatabaseInteractor(this)
                     .getCachedPublicKeyRing(dataUri)
                     .extractOrGetMasterKeyId();
         } catch (PgpKeyNotFoundException e) {
@@ -1118,17 +1118,15 @@ public class ViewKeyActivity extends BaseSecurityTokenActivity implements
     // CryptoOperationHelper.Callback functions
 
 
-    private void updateFromKeyserver(Uri dataUri, ProviderHelper providerHelper)
-            throws ProviderHelper.NotFoundException {
+    private void updateFromKeyserver(Uri dataUri, KeyRepository keyRepository)
+            throws PgpKeyNotFoundException {
 
         mIsRefreshing = true;
         mRefreshItem.setEnabled(false);
         mRefreshItem.setActionView(mRefresh);
         mRefresh.startAnimation(mRotate);
 
-        byte[] blob = (byte[]) providerHelper.getGenericData(
-                KeychainContract.KeyRings.buildUnifiedKeyRingUri(dataUri),
-                KeychainContract.Keys.FINGERPRINT, ProviderHelper.FIELD_TYPE_BLOB);
+        byte[] blob = keyRepository.getCachedPublicKeyRing(dataUri).getFingerprint();
         String fingerprint = KeyFormattingUtils.convertFingerprintToHex(blob);
 
         ParcelableKeyRing keyEntry = new ParcelableKeyRing(fingerprint, null, null, null);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvActivity.java

@@ -40,14 +40,11 @@ import android.view.animation.OvershootInterpolator;
 import android.widget.Toast;
 
 import com.astuetz.PagerSlidingTabStrip;
-
-import org.openintents.openpgp.util.OpenPgpUtils;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
-import org.sufficientlysecure.keychain.pgp.KeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.ui.adapter.PagerTabStripAdapter;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
@@ -57,7 +54,7 @@ import org.sufficientlysecure.keychain.util.Log;
 public class ViewKeyAdvActivity extends BaseActivity implements
         LoaderCallbacks<Cursor>, OnPageChangeListener {
 
-    ProviderHelper mProviderHelper;
+    KeyRepository mKeyRepository;
 
     protected Uri mDataUri;
 
@@ -90,7 +87,7 @@ public class ViewKeyAdvActivity extends BaseActivity implements
             }
         });
 
-        mProviderHelper = new ProviderHelper(this);
+        mKeyRepository = KeyRepository.createDatabaseInteractor(this);
 
         mViewPager = (ViewPager) findViewById(R.id.pager);
         mSlidingTabLayout = (PagerSlidingTabStrip) findViewById(R.id.sliding_tab_layout);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java

@@ -17,6 +17,7 @@
 
 package org.sufficientlysecure.keychain.ui;
 
+
 import java.io.BufferedWriter;
 import java.io.FileNotFoundException;
 import java.io.IOException;
@@ -26,6 +27,7 @@ import android.app.Activity;
 import android.app.ActivityOptions;
 import android.content.ClipData;
 import android.content.ClipboardManager;
+import android.content.ContentResolver;
 import android.content.Context;
 import android.content.Intent;
 import android.database.Cursor;
@@ -56,9 +58,8 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
-import org.sufficientlysecure.keychain.provider.KeychainContract;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
 import org.sufficientlysecure.keychain.ui.base.LoaderFragment;
 import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
@@ -93,8 +94,9 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
         View root = super.onCreateView(inflater, superContainer, savedInstanceState);
         View view = inflater.inflate(R.layout.view_key_adv_share_fragment, getContainer());
 
-        ProviderHelper providerHelper = new ProviderHelper(ViewKeyAdvShareFragment.this.getActivity());
-        mNfcHelper = new NfcHelper(getActivity(), providerHelper);
+        ContentResolver contentResolver = ViewKeyAdvShareFragment.this.getActivity().getContentResolver();
+        KeyRepository keyRepository = KeyRepository.createDatabaseInteractor(getContext());
+        mNfcHelper = new NfcHelper(getActivity(), keyRepository);
 
         mFingerprintView = (TextView) view.findViewById(R.id.view_key_fingerprint);
         mQrCode = (ImageView) view.findViewById(R.id.view_key_qr_code);
@@ -200,7 +202,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
     private void startSafeSlinger(Uri dataUri) {
         long keyId = 0;
         try {
-            keyId = new ProviderHelper(getActivity())
+            keyId = KeyRepository.createDatabaseInteractor(getContext())
                     .getCachedPublicKeyRing(dataUri)
                     .extractOrGetMasterKeyId();
         } catch (PgpKeyNotFoundException e) {
@@ -216,11 +218,12 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
         if (activity == null || mFingerprint == null) {
             return;
         }
-        ProviderHelper providerHelper = new ProviderHelper(activity);
+        KeyRepository keyRepository =
+                KeyRepository.createDatabaseInteractor(getContext());
 
         try {
-            String content = providerHelper.getKeyRingAsArmoredString(
-                    KeychainContract.KeyRingData.buildPublicKeyRingUri(mDataUri));
+            long masterKeyId = keyRepository.getCachedPublicKeyRing(mDataUri).extractOrGetMasterKeyId();
+            String content = keyRepository.getPublicKeyRingAsArmoredString(masterKeyId);
 
             if (toClipboard) {
                 ClipboardManager clipMan = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
@@ -273,7 +276,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
         } catch (PgpGeneralException | IOException e) {
             Log.e(Constants.TAG, "error processing key!", e);
             Notify.create(activity, R.string.error_key_processing, Notify.Style.ERROR).show();
-        } catch (ProviderHelper.NotFoundException e) {
+        } catch (PgpKeyNotFoundException | KeyRepository.NotFoundException e) {
             Log.e(Constants.TAG, "key not found!", e);
             Notify.create(activity, R.string.error_key_not_found, Notify.Style.ERROR).show();
         }
@@ -457,7 +460,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
     private void uploadToKeyserver() {
         long keyId;
         try {
-            keyId = new ProviderHelper(getActivity())
+            keyId = KeyRepository.createDatabaseInteractor(getContext())
                     .getCachedPublicKeyRing(mDataUri)
                     .extractOrGetMasterKeyId();
         } catch (PgpKeyNotFoundException e) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/ImportKeysAdapter.java

@@ -17,6 +17,12 @@
 
 package org.sufficientlysecure.keychain.ui.adapter;
 
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+
 import android.content.Intent;
 import android.databinding.DataBindingUtil;
 import android.support.v4.app.FragmentActivity;
@@ -40,8 +46,8 @@ import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.ui.ViewKeyActivity;
 import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
@@ -50,11 +56,6 @@ import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableFileCache;
 
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
 public class ImportKeysAdapter extends RecyclerView.Adapter<ImportKeysAdapter.ViewHolder>
         implements ImportKeysResultListener {
 
@@ -65,7 +66,7 @@ public class ImportKeysAdapter extends RecyclerView.Adapter<ImportKeysAdapter.Vi
     private List<ImportKeysListEntry> mData;
     private KeyState[] mKeyStates;
 
-    private ProviderHelper mProviderHelper;
+    private KeyRepository mKeyRepository;
 
     public ImportKeysAdapter(FragmentActivity activity, ImportKeysListener listener,
                              boolean nonInteractive) {
@@ -74,7 +75,7 @@ public class ImportKeysAdapter extends RecyclerView.Adapter<ImportKeysAdapter.Vi
         mListener = listener;
         mNonInteractive = nonInteractive;
 
-        mProviderHelper = new ProviderHelper(activity);
+        mKeyRepository = KeyRepository.createDatabaseInteractor(activity);
     }
 
     public void setData(List<ImportKeysListEntry> data) {
@@ -89,13 +90,13 @@ public class ImportKeysAdapter extends RecyclerView.Adapter<ImportKeysAdapter.Vi
             try {
                 KeyRing keyRing;
                 if (entry.isSecretKey()) {
-                    keyRing = mProviderHelper.getCanonicalizedSecretKeyRing(keyId);
+                    keyRing = mKeyRepository.getCanonicalizedSecretKeyRing(keyId);
                 } else {
-                    keyRing = mProviderHelper.getCachedPublicKeyRing(keyId);
+                    keyRing = mKeyRepository.getCachedPublicKeyRing(keyId);
                 }
                 keyState.mAlreadyPresent = true;
                 keyState.mVerified = keyRing.getVerified() > 0;
-            } catch (ProviderHelper.NotFoundException | PgpKeyNotFoundException ignored) {
+            } catch (KeyRepository.NotFoundException | PgpKeyNotFoundException ignored) {
             }
 
             mKeyStates[i] = keyState;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenActivity.java

@@ -21,6 +21,9 @@
 
 package org.sufficientlysecure.keychain.ui.base;
 
+
+import java.io.IOException;
+
 import android.app.Activity;
 import android.content.Context;
 import android.content.Intent;
@@ -33,21 +36,24 @@ import android.nfc.TagLostException;
 import android.os.AsyncTask;
 import android.os.Bundle;
 
+import nordpol.android.OnDiscoveredTagListener;
+import nordpol.android.TagDispatcher;
+import nordpol.android.TagDispatcherBuilder;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.service.PassphraseCacheService;
-import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
-import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.securitytoken.CardException;
 import org.sufficientlysecure.keychain.securitytoken.NfcTransport;
 import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
 import org.sufficientlysecure.keychain.securitytoken.Transport;
 import org.sufficientlysecure.keychain.securitytoken.UsbConnectionDispatcher;
 import org.sufficientlysecure.keychain.securitytoken.usb.UsbTransport;
+import org.sufficientlysecure.keychain.service.PassphraseCacheService;
+import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
+import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.ui.CreateKeyActivity;
 import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity;
 import org.sufficientlysecure.keychain.ui.ViewKeyActivity;
@@ -59,12 +65,6 @@ import org.sufficientlysecure.keychain.ui.util.Notify.Style;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
 
-import java.io.IOException;
-
-import nordpol.android.OnDiscoveredTagListener;
-import nordpol.android.TagDispatcher;
-import nordpol.android.TagDispatcherBuilder;
-
 public abstract class BaseSecurityTokenActivity extends BaseActivity
         implements OnDiscoveredTagListener, UsbConnectionDispatcher.OnDiscoveredUsbDeviceListener {
     public static final int REQUEST_CODE_PIN = 1;
@@ -105,7 +105,7 @@ public abstract class BaseSecurityTokenActivity extends BaseActivity
         final long subKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mSecurityTokenFingerprints);
 
         try {
-            CachedPublicKeyRing ring = new ProviderHelper(this).getCachedPublicKeyRing(
+            CachedPublicKeyRing ring = KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(
                     KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(subKeyId));
             long masterKeyId = ring.getMasterKeyId();
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/linked/LinkedIdWizard.java

@@ -34,9 +34,9 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.ui.base.BaseActivity;
 import org.sufficientlysecure.keychain.util.Log;
 
@@ -58,7 +58,7 @@ public class LinkedIdWizard extends BaseActivity {
         try {
             Uri uri = getIntent().getData();
             uri = KeychainContract.KeyRings.buildUnifiedKeyRingUri(uri);
-            CachedPublicKeyRing ring = new ProviderHelper(this).getCachedPublicKeyRing(uri);
+            CachedPublicKeyRing ring = KeyRepository.createDatabaseInteractor(this).getCachedPublicKeyRing(uri);
             if (!ring.hasAnySecret()) {
                 Log.e(Constants.TAG, "Linked Identities can only be added to secret keys!");
                 finish();

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/NfcHelper.java

@@ -18,6 +18,9 @@
 
 package org.sufficientlysecure.keychain.util;
 
+
+import java.lang.ref.WeakReference;
+
 import android.annotation.TargetApi;
 import android.app.Activity;
 import android.content.Intent;
@@ -35,12 +38,10 @@ import android.provider.Settings;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
-import org.sufficientlysecure.keychain.provider.KeychainContract;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
+import org.sufficientlysecure.keychain.provider.KeyRepository;
+import org.sufficientlysecure.keychain.provider.KeyRepository.NotFoundException;
 import org.sufficientlysecure.keychain.ui.util.Notify;
-import org.sufficientlysecure.keychain.util.Log;
-
-import java.lang.ref.WeakReference;
 
 /**
  * This class contains NFC functionality that can be shared across Fragments or Activities.
@@ -49,7 +50,7 @@ import java.lang.ref.WeakReference;
 public class NfcHelper {
 
     private Activity mActivity;
-    private ProviderHelper mProviderHelper;
+    private KeyRepository mKeyRepository;
 
     /**
      * NFC: This handler receives a message from onNdefPushComplete
@@ -65,9 +66,9 @@ public class NfcHelper {
     /**
      * Initializes the NfcHelper.
      */
-    public NfcHelper(final Activity activity, final ProviderHelper providerHelper) {
+    public NfcHelper(final Activity activity, final KeyRepository keyRepository) {
         mActivity = activity;
-        mProviderHelper = providerHelper;
+        mKeyRepository = keyRepository;
 
         mNfcHandler = new NfcHandler(mActivity);
     }
@@ -127,13 +128,10 @@ public class NfcHelper {
                         new AsyncTask<Void, Void, Void>() {
                             protected Void doInBackground(Void... unused) {
                                 try {
-                                    Uri blobUri =
-                                            KeychainContract.KeyRingData.buildPublicKeyRingUri(dataUri);
-                                    mNfcKeyringBytes = (byte[]) mProviderHelper.getGenericData(
-                                            blobUri,
-                                            KeychainContract.KeyRingData.KEY_RING_DATA,
-                                            ProviderHelper.FIELD_TYPE_BLOB);
-                                } catch (ProviderHelper.NotFoundException e) {
+                                    long masterKeyId = mKeyRepository.getCachedPublicKeyRing(dataUri)
+                                            .extractOrGetMasterKeyId();
+                                    mNfcKeyringBytes = mKeyRepository.loadPublicKeyRingData(masterKeyId);
+                                } catch (NotFoundException | PgpKeyNotFoundException e) {
                                     Log.e(Constants.TAG, "key not found!", e);
                                 }
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ParcelableFileCache.java

@@ -52,6 +52,10 @@ public class ParcelableFileCache<E extends Parcelable> {
         mFilename = filename;
     }
 
+    public static boolean cacheFileExists(Context context, String filename) {
+        return new File(context.getCacheDir(), filename).exists();
+    }
+
     public void writeCache(int numEntries, Iterator<E> it) throws IOException {
         DataOutputStream oos = getOutputStream();