cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/mgeier63/open-keychain into mgeier63-master

Browse Source
This commit is contained in:
Dominik Schürmann
2015-08-28 17:08:10 +02:00
parent 765ec094c9 298e42d3aa
commit 2569984601
4 changed files with 207 additions and 271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
OpenKeychain/src/main/AndroidManifest.xml
View File

@@ -760,8 +760,9 @@
android:configChanges="orientation|screenSize|keyboardHidden|keyboard"
android:exported="false" />
<!-- OpenPGP Remote API, this service has explicitly no permission requirements
because we are using our own package based allow/disallow system -->
<!-- DEPRECATED service,
using this service may lead to truncated data being returned to the caller
-->
<service
android:name=".remote.OpenPgpService"
android:enabled="true"
@@ -773,6 +774,19 @@
</intent-filter>
</service>
<!-- OpenPGP Remote API, this service has explicitly no permission requirements
because we are using our own package based allow/disallow system -->
<service
android:name=".remote.OpenPgpService2"
android:enabled="true"
android:exported="true"
android:process=":remote_api_2"
tools:ignore="ExportedService">
<intent-filter>
<action android:name="org.openintents.openpgp.IOpenPgpService2" />
</intent-filter>
</service>
<!-- Contact Sync services -->
<service
android:name=".service.DummyAccountService"

129
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@@ -25,6 +25,7 @@ import android.net.Uri;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.os.Parcelable;
import android.support.annotation.Nullable;
import android.text.TextUtils;
import org.openintents.openpgp.IOpenPgpService;
@@ -842,67 +843,8 @@ public class OpenPgpService extends RemoteService {
private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() {
@Override
public Intent execute(Intent data, ParcelFileDescriptor input, ParcelFileDescriptor output) {
try {
Intent errorResult = checkRequirements(data);
if (errorResult != null) {
return errorResult;
}
String action = data.getAction();
switch (action) {
case OpenPgpApi.ACTION_CLEARTEXT_SIGN: {
return signImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_SIGN: {
// DEPRECATED: same as ACTION_CLEARTEXT_SIGN
Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!");
return signImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_DETACHED_SIGN: {
return signImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_ENCRYPT: {
return encryptAndSignImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_SIGN_AND_ENCRYPT: {
return encryptAndSignImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_DECRYPT_VERIFY: {
return decryptAndVerifyImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_DECRYPT_METADATA: {
return decryptAndVerifyImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_GET_SIGN_KEY_ID: {
return getSignKeyIdImpl(data);
}
case OpenPgpApi.ACTION_GET_KEY_IDS: {
return getKeyIdsImpl(data);
}
case OpenPgpApi.ACTION_GET_KEY: {
return getKeyImpl(data);
}
default: {
return null;
}
}
} finally {
// always close input and output file descriptors even in error cases
if (input != null) {
try {
input.close();
} catch (IOException e) {
Log.e(Constants.TAG, "IOException when closing input ParcelFileDescriptor", e);
}
}
if (output != null) {
try {
output.close();
} catch (IOException e) {
Log.e(Constants.TAG, "IOException when closing output ParcelFileDescriptor", e);
}
}
}
Log.w(Constants.TAG, "You are using a deprecated service which may lead to truncated data on return, please use IOpenPgpService2!");
return executeInternal(data, input, output);
}
};
@@ -912,4 +854,69 @@ public class OpenPgpService extends RemoteService {
return mBinder;
}
protected Intent executeInternal(Intent data, ParcelFileDescriptor input, ParcelFileDescriptor output) {
try {
Intent errorResult = checkRequirements(data);
if (errorResult != null) {
return errorResult;
}
String action = data.getAction();
switch (action) {
case OpenPgpApi.ACTION_CLEARTEXT_SIGN: {
return signImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_SIGN: {
// DEPRECATED: same as ACTION_CLEARTEXT_SIGN
Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!");
return signImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_DETACHED_SIGN: {
return signImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_ENCRYPT: {
return encryptAndSignImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_SIGN_AND_ENCRYPT: {
return encryptAndSignImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_DECRYPT_VERIFY: {
return decryptAndVerifyImpl(data, input, output, false);
}
case OpenPgpApi.ACTION_DECRYPT_METADATA: {
return decryptAndVerifyImpl(data, input, output, true);
}
case OpenPgpApi.ACTION_GET_SIGN_KEY_ID: {
return getSignKeyIdImpl(data);
}
case OpenPgpApi.ACTION_GET_KEY_IDS: {
return getKeyIdsImpl(data);
}
case OpenPgpApi.ACTION_GET_KEY: {
return getKeyImpl(data);
}
default: {
return null;
}
}
} finally {
// always close input and output file descriptors even in error cases
if (input != null) {
try {
input.close();
} catch (IOException e) {
Log.e(Constants.TAG, "IOException when closing input ParcelFileDescriptor", e);
}
}
if (output != null) {
try {
output.close();
} catch (IOException e) {
Log.e(Constants.TAG, "IOException when closing output ParcelFileDescriptor", e);
}
}
}
}
}

120
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService2.java Normal file
View File

@@ -0,0 +1,120 @@
/*
* Copyright (C) 2013-2015 Dominik Schürmann <dominik@dominikschuermann.de>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.sufficientlysecure.keychain.remote;
import android.app.PendingIntent;
import android.content.Context;
import android.content.Intent;
import android.database.Cursor;
import android.net.Uri;
import android.os.Binder;
import android.os.IBinder;
import android.os.ParcelFileDescriptor;
import android.os.Parcelable;
import android.text.TextUtils;
import org.openintents.openpgp.IOpenPgpService2;
import org.openintents.openpgp.OpenPgpDecryptionResult;
import org.openintents.openpgp.OpenPgpError;
import org.openintents.openpgp.OpenPgpMetadata;
import org.openintents.openpgp.OpenPgpSignatureResult;
import org.openintents.openpgp.util.OpenPgpApi;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
import org.sufficientlysecure.keychain.pgp.PgpSecurityConstants;
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptInputParcel;
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAccounts;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity;
import org.sufficientlysecure.keychain.remote.ui.SelectAllowedKeysActivity;
import org.sufficientlysecure.keychain.remote.ui.SelectSignKeyIdActivity;
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
import org.sufficientlysecure.keychain.ui.ImportKeysActivity;
import org.sufficientlysecure.keychain.ui.NfcOperationActivity;
import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity;
import org.sufficientlysecure.keychain.ui.ViewKeyActivity;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.Passphrase;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
public class OpenPgpService2 extends OpenPgpService {
private Map<Long, ParcelFileDescriptor> mOutputPipeMap = new HashMap<Long, ParcelFileDescriptor>();
private long createKey(int id) {
int callingPid = Binder.getCallingPid();
return ((long) callingPid << 32) | ((long) id & 0xFFFFFFFL);
}
private final IOpenPgpService2.Stub mBinder = new IOpenPgpService2.Stub() {
@Override
public ParcelFileDescriptor createOutputPipe(int outputPipeId) {
try {
ParcelFileDescriptor[] pipe = ParcelFileDescriptor.createPipe();
mOutputPipeMap.put(createKey(outputPipeId), pipe[1]);
return pipe[0];
} catch (IOException e) {
e.printStackTrace();
return null;
}
}
@Override
public Intent execute(Intent data, ParcelFileDescriptor input,int outputPipeId) {
long key = createKey(outputPipeId);
ParcelFileDescriptor output = mOutputPipeMap.get(key);
mOutputPipeMap.remove(key);
return executeInternal(data, input, output);
}
};
@Override
public IBinder onBind(Intent intent) {
return mBinder;
}
}

211
README.md
View File

@@ -1,212 +1,7 @@
# OpenKeychain (for Android)
OpenKeychain is an OpenPGP implementation for Android.
For a more detailed description and installation instructions go to http://www.openkeychain.org .
This is a fork of [OpenPGP API](http://github.com/open-keychain/open-keychain)
### Branches
* The development of OpenKeychain happens in the "master" branch.
* For every release a new branch, e.g., "3.2-fixes" is created to backport fixes from "master"
It has been patched to address [this bug](https://github.com/open-keychain/open-keychain/issues/1504)
### Travis CI Build Status of master branch
[![Build Status](https://travis-ci.org/open-keychain/open-keychain.svg?branch=master)](https://travis-ci.org/open-keychain/open-keychain)
## How to help the project?
### Translate the application
Translations are managed at Transifex, please contribute there at https://www.transifex.com/projects/p/open-keychain/
### Contribute Code
1. Lookout for interesting issues on Github. We have tagged issues were we explicitly like to see contributions: https://github.com/open-keychain/open-keychain/labels/help-wanted
2. Read this README, especially the notes about coding style
3. Fork OpenKeychain and contribute code (the best part :sunglasses: )
4. Open a pull request on Github. We will help with occuring problems and merge your changes back into the main project.
5. PROFIT
### For bigger changes
1. Join the development mailinglist at http://groups.google.com/d/forum/openpgp-keychain-dev
2. Propose bigger changes and discuss the consequences
I am happy about every code contribution and appreciate your effort to help us developing OpenKeychain!
## Development
Development mailinglist at http://groups.google.com/d/forum/openpgp-keychain-dev
### Build with Gradle
1. Clone the project from GitHub
2. Get all external submodules with ``git submodule update --init --recursive``
3. Have Android SDK "tools", "platform-tools", and "build-tools" directories in your PATH (http://developer.android.com/sdk/index.html)
4. Open the Android SDK Manager (shell command: ``android``).
Expand the Tools directory and select "Android SDK Build-tools (Version 21.1.2)".
Expand the Extras directory and install "Android Support Repository"
Select everything for the newest SDK Platform, API 22, and also API 21
5. Export ANDROID_HOME pointing to your Android SDK
6. Execute ``./gradlew build``
7. You can install the app with ``adb install -r OpenKeychain/build/outputs/apk/OpenKeychain-debug-unaligned.apk``
### Run Tests
1. Use OpenJDK instead of Oracle JDK
2. Execute ``./gradlew clean testDebug --continue``
### Run Jacoco Test Coverage
1. Use OpenJDK instead of Oracle JDK
2. Execute ``./gradlew clean testDebug jacocoTestReport``
3. Report is here: OpenKeychain/build/reports/jacoco/jacocoTestReport/html/index.html
### Development with Android Studio
We are using the newest [Android Studio](http://developer.android.com/sdk/installing/studio.html) for development. Development with Eclipse is currently not possible because we are using the new [project structure](http://developer.android.com/sdk/installing/studio-tips.html).
1. Clone the project from Github
2. Get all external submodules with ``git submodule update --init --recursive``
3. From Android Studio: File -> Import Project -> Select the cloned top folder
## Libraries
### Bouncy Castle
#### Spongy Castle
Spongy Castle is the stock Bouncy Castle libraries with a couple of small changes to make it work on Android. OpenKeychain uses a forked version with some small changes. These changes will been sent to Bouncy Castle, and Spongy Castle will be used again when they have filtered down.
see
* Fork: https://github.com/openpgp-keychain/spongycastle
* Spongy Castle: http://rtyley.github.com/spongycastle/
#### Bouncy Castle resources
* Repository: https://github.com/bcgit/bc-java
* Issue tracker: http://www.bouncycastle.org/jira/browse/BJA
#### Documentation
* Documentation project at http://www.cryptoworkshop.com/guide/
* Tests in https://github.com/bcgit/bc-java/tree/master/pg/src/test/java/org/bouncycastle/openpgp/test
* Examples in https://github.com/bcgit/bc-java/tree/master/pg/src/main/java/org/bouncycastle/openpgp/examples
* Mailinglist Archive at http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html
* Commit changelog of pg subpackage: https://github.com/bcgit/bc-java/commits/master/pg
## Build System
We try to make our builds as [reproducible/deterministic](https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise) as possible.
#### Update Gradle version
* Always use a fixed Android Gradle plugin version not a dynamic one, e.g. ``0.7.3`` instead of ``0.7.+`` (allows offline builds without lookups for new versions, also some minor Android plugin versions had serious issues, i.e. [0.7.2 and 0.8.1](http://tools.android.com/tech-docs/new-build-system))
* Update every build.gradle file with the new gradle version and/or gradle plugin version
* build.gradle
* OpenKeychain/build.gradle
* run ./gradlew wrapper twice to update gradle and download the new gradle jar file
* commit the corresponding [Gradle wrapper](http://www.gradle.org/docs/current/userguide/gradle_wrapper.html) to the repository (allows easy building for new contributors without the need to install the required Gradle version using a package manager)
#### Update SDK and Build Tools
* Open build.gradle and change:
```
ext {
compileSdkVersion = 21
buildToolsVersion = '21.1.2'
}
```
* Change SDK and Build Tools in git submodules "openkeychain-api-lib" and "openpgp-api-lib" manually. They should also build on their own without the ext variables.
#### Add new library
* You can add the library as a Maven dependency or as a git submodule (if patches are required) in the "extern" folder.
* If added as a Maven dependency, pin the library using [Gradle Witness](https://github.com/WhisperSystems/gradle-witness) (Do ``./gradlew -q calculateChecksums`` for Trust on First Use)
* If added as a git submodule, change the ``compileSdkVersion`` and ``buildToolsVersion`` in build.gradle to use the variables from the root project:
```
android {
compileSdkVersion rootProject.ext.compileSdkVersion
buildToolsVersion rootProject.ext.buildToolsVersion
}
```
* You can check for wrong ``compileSdkVersion`` by ``find -name build.gradle | xargs grep compileSdkVersion``
#### Slow Gradle?
* https://www.timroes.de/2013/09/12/speed-up-gradle/
* Disable Lint checking if it is enabled in build.gradle
#### Error:Configuration with name 'default' not found.
Gradle project dependencies are missing. Do a ``git submodule init && git submodule update``
#### Build on Mac OS X fails?
Try exporting JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF8"
## Translations
Translations are hosted on Transifex, which is configured by ".tx/config".
1. To pull newest translations install transifex client (e.g. ``apt-get install transifex-client``)
2. Config Transifex client with "~/.transifexrc"
3. Go into root folder of git repo
4. execute ``tx pull -af --skip``
see http://help.transifex.net/features/client/index.html#user-client
## Coding Style
### Code
* Indentation: 4 spaces, no tabs.
* Maximum line width for code and comments: 100.
* Opening braces don't go on their own line.
* Field names: Non-public, non-static fields start with m.
* Acronyms are words: Treat acronyms as words in names, yielding !XmlHttpRequest, getUrl(), etc.
* Fully Qualify Imports: Do *not* use wildcard-imports such as ``import foo.*;``
* Android Studio warnings should be fixed, or suppressed if they are incorrect.
The full coding style can be found at http://source.android.com/source/code-style.html
### Automated syntax check with CheckStyle
#### Linux
1. Paste the `tools/checkstyle.xml` file to `~/.AndroidStudioPreview/config/codestyles/`
2. Go to Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first.
#### Mac OSX
1. Paste the `tools/checkstyle.xml` file to `~/Library/Preferences/AndroidStudioPreview/codestyles`
2. Go to Preferences > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first.
#### Windows
1. Paste the `tools/checkstyle.xml` file to `C:\Users\<UserName>\.AndroidStudioPreview\config\codestyles`
2. Go to File > Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio.
## Licenses
OpenKechain is licensed under GPLv3+.
The full license text can be found in the [LICENSE file](https://github.com/open-keychain/open-keychain/blob/HEAD/LICENSE).
Some parts and some libraries are Apache License v2, MIT X11 License (see below).
> This program is free software: you can redistribute it and/or modify
> it under the terms of the GNU General Public License as published by
> the Free Software Foundation, either version 3 of the License, or
> (at your option) any later version.
>
> This program is distributed in the hope that it will be useful,
> but WITHOUT ANY WARRANTY; without even the implied warranty of
> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> GNU General Public License for more details.
>
> You should have received a copy of the GNU General Public License
> along with this program. If not, see <http://www.gnu.org/licenses/>.
### Libraries
See [In-app about screen](https://github.com/open-keychain/open-keychain/blob/HEAD/OpenKeychain/src/main/res/raw/help_about.md)
### Images
* Actionbar icons
http://developer.android.com/design/downloads/index.html#action-bar-icon-pack
* QR Code Actionbar icon
https://github.com/openintents/openintents/blob/master/extensions/qrcode_ext/icons/ic_menu_qr_code/ic_menu_qr_code_holo_light/ic_menu_qr_code.svg
* Key status icons by the ModernPGP working group
https://github.com/ModernPGP
See also [this pull request](https://github.com/open-keychain/openpgp-api/pull/3)