cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

focus all read access for key ring data into DatabaseInteractor methods

Browse Source
This commit is contained in:
Vincent Breitmoser
2017-02-20 21:57:38 +01:00
parent 623964701b
commit 2bc05a2cd5
11 changed files with 91 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java
View File

@@ -44,7 +44,6 @@ import org.sufficientlysecure.keychain.operations.results.ExportResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptData;
@@ -53,10 +52,8 @@ import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
import org.sufficientlysecure.keychain.pgp.Progressable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
import org.sufficientlysecure.keychain.provider.DatabaseInteractor;
import org.sufficientlysecure.keychain.provider.DatabaseInteractor.NotFoundException;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;

3
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKeyRing.java
View File

@@ -25,7 +25,6 @@ import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
@@ -42,7 +41,7 @@ public class CanonicalizedSecretKeyRing extends CanonicalizedKeyRing {
mRing = ring;
}
public CanonicalizedSecretKeyRing(byte[] blob, boolean isRevoked, int verified)
public CanonicalizedSecretKeyRing(byte[] blob, int verified)
{
super(verified);
JcaPGPObjectFactory factory = new JcaPGPObjectFactory(blob);

3
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java
View File

@@ -240,8 +240,7 @@ public class CachedPublicKeyRing extends KeyRing {
public byte[] getEncoded() throws PgpKeyNotFoundException {
try {
return (byte[]) mDatabaseInteractor.getGenericData(mUri, KeyRingData.KEY_RING_DATA,
DatabaseInteractor.FIELD_TYPE_BLOB);
return mDatabaseInteractor.getPublicKeyRingData(getMasterKeyId());
} catch(DatabaseReadWriteInteractor.NotFoundException e) {
throw new PgpKeyNotFoundException(e);
}

88
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/DatabaseInteractor.java
View File

@@ -10,12 +10,10 @@ import android.content.ContentResolver;
import android.database.Cursor;
import android.net.Uri;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
@@ -23,7 +21,6 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
import org.sufficientlysecure.keychain.util.Log;
public class DatabaseInteractor {
@@ -148,19 +145,55 @@ public class DatabaseInteractor {
}
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(long id) throws NotFoundException {
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), false);
return getCanonicalizedPublicKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
}
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(Uri queryUri) throws NotFoundException {
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(queryUri, false);
Cursor cursor = mContentResolver.query(queryUri,
new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED }, null, null, null);
try {
if (cursor != null && cursor.moveToFirst()) {
long masterKeyId = cursor.getLong(0);
int verified = cursor.getInt(1);
byte[] publicKeyData = getPublicKeyRingData(masterKeyId);
return new CanonicalizedPublicKeyRing(publicKeyData, verified);
} else {
throw new NotFoundException("Key not found!");
}
} finally {
if (cursor != null) {
cursor.close();
}
}
}
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(long id) throws NotFoundException {
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), true);
return getCanonicalizedSecretKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
}
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(Uri queryUri) throws NotFoundException {
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(queryUri, true);
Cursor cursor = mContentResolver.query(queryUri,
new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED, KeyRings.HAS_ANY_SECRET }, null, null, null);
try {
if (cursor != null && cursor.moveToFirst()) {
long masterKeyId = cursor.getLong(0);
int verified = cursor.getInt(1);
int hasAnySecret = cursor.getInt(2);
if (hasAnySecret == 0) {
throw new NotFoundException("No secret key available or unknown public key!");
}
byte[] secretKeyData = getSecretKeyRingData(masterKeyId);
return new CanonicalizedSecretKeyRing(secretKeyData, verified);
} else {
throw new NotFoundException("Key not found!");
}
} finally {
if (cursor != null) {
cursor.close();
}
}
}
public ArrayList<String> getConfirmedUserIds(long masterKeyId) throws NotFoundException {
@@ -184,53 +217,18 @@ public class DatabaseInteractor {
}
}
private KeyRing getCanonicalizedKeyRing(Uri queryUri, boolean secret) throws NotFoundException {
Cursor cursor = mContentResolver.query(queryUri,
new String[]{
// we pick from cache only information that is not easily available from keyrings
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
// and of course, ring data
secret ? KeyRings.PRIVKEY_DATA : KeyRings.PUBKEY_DATA
}, null, null, null
);
try {
if (cursor != null && cursor.moveToFirst()) {
boolean hasAnySecret = cursor.getInt(0) > 0;
int verified = cursor.getInt(1);
byte[] blob = cursor.getBlob(2);
if (secret & !hasAnySecret) {
throw new NotFoundException("Secret key not available!");
}
return secret
? new CanonicalizedSecretKeyRing(blob, true, verified)
: new CanonicalizedPublicKeyRing(blob, verified);
} else {
throw new NotFoundException("Key not found!");
}
} finally {
if (cursor != null) {
cursor.close();
}
}
}
private String getKeyRingAsArmoredString(byte[] data) throws IOException, PgpGeneralException {
UncachedKeyRing keyRing = UncachedKeyRing.decodeFromData(data);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
keyRing.encodeArmored(bos, null);
String armoredKey = bos.toString("UTF-8");
Log.d(Constants.TAG, "armoredKey:" + armoredKey);
return armoredKey;
return bos.toString("UTF-8");
}
public String getKeyRingAsArmoredString(Uri uri)
public String getPublicKeyRingAsArmoredString(long masterKeyId)
throws NotFoundException, IOException, PgpGeneralException {
byte[] data = (byte[]) getGenericData(
uri, KeyRingData.KEY_RING_DATA, FIELD_TYPE_BLOB);
byte[] data = getPublicKeyRingData(masterKeyId);
return getKeyRingAsArmoredString(data);
}

30
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/DatabaseReadWriteInteractor.java
View File

@@ -105,29 +105,33 @@ public class DatabaseReadWriteInteractor extends DatabaseInteractor {
}
private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() {
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[]{
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
KeyRings.MASTER_KEY_ID,
// we pick from cache only information that is not easily available from keyrings
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
// and of course, ring data
KeyRings.PUBKEY_DATA
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED
}, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
try {
LongSparseArray<CanonicalizedPublicKey> result = new LongSparseArray<>();
if (cursor != null && cursor.moveToFirst()) do {
long masterKeyId = cursor.getLong(0);
int verified = cursor.getInt(2);
byte[] blob = cursor.getBlob(3);
if (blob != null) {
result.put(masterKeyId,
new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
if (cursor == null) {
return result;
}
while (cursor.moveToNext()) {
try {
long masterKeyId = cursor.getLong(0);
int verified = cursor.getInt(2);
byte[] blob = getPublicKeyRingData(masterKeyId);
if (blob != null) {
result.put(masterKeyId, new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
}
} catch (NotFoundException e) {
throw new IllegalStateException("Error reading secret key data, this should not happen!", e);
}
} while (cursor.moveToNext());
}
return result;
} finally {
if (cursor != null) {
cursor.close();

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java
View File

@@ -138,8 +138,6 @@ public class KeychainContract {
public static final String HAS_CERTIFY = "has_certify";
public static final String HAS_AUTHENTICATE = "has_authenticate";
public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id";
public static final String PUBKEY_DATA = "pubkey_data";
public static final String PRIVKEY_DATA = "privkey_data";
public static final Uri CONTENT_URI = BASE_CONTENT_URI_INTERNAL.buildUpon()
.appendPath(BASE_KEY_RINGS).build();

11
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java
View File

@@ -18,6 +18,12 @@
package org.sufficientlysecure.keychain.provider;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import android.content.Context;
import android.content.Intent;
import android.database.sqlite.SQLiteDatabase;
@@ -36,11 +42,6 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.UserPacketsColu
import org.sufficientlysecure.keychain.ui.ConsolidateDialogActivity;
import org.sufficientlysecure.keychain.util.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
/**
* SQLite Datatypes (from http://www.sqlite.org/datatype3.html)
* - NULL. The value is a NULL value.

24
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java
View File

@@ -323,16 +323,12 @@ public class KeychainProvider extends ContentProvider {
+ " = " + Tables.USER_PACKETS + "." + UserPackets.EMAIL + " COLLATE NOCASE"
+ ")) AS " + KeyRings.HAS_DUPLICATE_USER_ID);
projectionMap.put(KeyRings.VERIFIED, Tables.CERTS + "." + Certs.VERIFIED);
projectionMap.put(KeyRings.PUBKEY_DATA,
Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.KEY_RING_DATA
+ " AS " + KeyRings.PUBKEY_DATA);
projectionMap.put(KeyRings.PRIVKEY_DATA,
Tables.KEY_RINGS_SECRET + "." + KeyRingData.KEY_RING_DATA
+ " AS " + KeyRings.PRIVKEY_DATA);
projectionMap.put(KeyRings.HAS_SECRET, Tables.KEYS + "." + KeyRings.HAS_SECRET);
projectionMap.put(KeyRings.HAS_ANY_SECRET,
"(" + Tables.KEY_RINGS_SECRET + "." + KeyRings.MASTER_KEY_ID + " IS NOT NULL)" +
" AS " + KeyRings.HAS_ANY_SECRET);
"(EXISTS (SELECT * FROM " + Tables.KEY_RINGS_SECRET + " WHERE "
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID + " = "
+ Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
+ ")) AS " + KeyRings.HAS_ANY_SECRET);
projectionMap.put(KeyRings.HAS_ENCRYPT,
"kE." + Keys.KEY_ID + " AS " + KeyRings.HAS_ENCRYPT);
projectionMap.put(KeyRings.HAS_SIGN,
@@ -367,18 +363,6 @@ public class KeychainProvider extends ContentProvider {
+ " = " + Certs.VERIFIED_SECRET
+ ")"
// fairly expensive joins following, only do when requested
+ (plist.contains(KeyRings.PUBKEY_DATA) ?
" INNER JOIN " + Tables.KEY_RINGS_PUBLIC + " ON ("
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID
+ " = "
+ Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.MASTER_KEY_ID
+ ")" : "")
+ (plist.contains(KeyRings.PRIVKEY_DATA) || plist.contains(KeyRings.HAS_ANY_SECRET) ?
" LEFT JOIN " + Tables.KEY_RINGS_SECRET + " ON ("
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID
+ " = "
+ Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
+ ")" : "")
+ (plist.contains(KeyRings.HAS_ENCRYPT) ?
" LEFT JOIN " + Tables.KEYS + " AS kE ON ("
+"kE." + Keys.MASTER_KEY_ID

10
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java
View File

@@ -17,6 +17,7 @@
package org.sufficientlysecure.keychain.ui;
import java.io.BufferedWriter;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -57,9 +58,8 @@ import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.DatabaseInteractor;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.TemporaryFileProvider;
import org.sufficientlysecure.keychain.ui.base.LoaderFragment;
import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
@@ -221,8 +221,8 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
DatabaseInteractor databaseInteractor = new DatabaseInteractor(activity.getContentResolver());
try {
String content = databaseInteractor.getKeyRingAsArmoredString(
KeychainContract.KeyRingData.buildPublicKeyRingUri(mDataUri));
long masterKeyId = databaseInteractor.getCachedPublicKeyRing(mDataUri).extractOrGetMasterKeyId();
String content = databaseInteractor.getPublicKeyRingAsArmoredString(masterKeyId);
if (toClipboard) {
ClipboardManager clipMan = (ClipboardManager) activity.getSystemService(Context.CLIPBOARD_SERVICE);
@@ -275,7 +275,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements
} catch (PgpGeneralException | IOException e) {
Log.e(Constants.TAG, "error processing key!", e);
Notify.create(activity, R.string.error_key_processing, Notify.Style.ERROR).show();
} catch (DatabaseInteractor.NotFoundException e) {
} catch (PgpKeyNotFoundException | DatabaseInteractor.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
Notify.create(activity, R.string.error_key_not_found, Notify.Style.ERROR).show();
}