focus all read access for key ring data into DatabaseInteractor methods
This commit is contained in:
Vincent Breitmoser
@@ -240,8 +240,7 @@ public class CachedPublicKeyRing extends KeyRing {
|
||||
|
||||
public byte[] getEncoded() throws PgpKeyNotFoundException {
|
||||
try {
|
||||
return (byte[]) mDatabaseInteractor.getGenericData(mUri, KeyRingData.KEY_RING_DATA,
|
||||
DatabaseInteractor.FIELD_TYPE_BLOB);
|
||||
return mDatabaseInteractor.getPublicKeyRingData(getMasterKeyId());
|
||||
} catch(DatabaseReadWriteInteractor.NotFoundException e) {
|
||||
throw new PgpKeyNotFoundException(e);
|
||||
}
|
||||
|
||||
@@ -10,12 +10,10 @@ import android.content.ContentResolver;
|
||||
import android.database.Cursor;
|
||||
import android.net.Uri;
|
||||
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
|
||||
@@ -23,7 +21,6 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.UserPackets;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
||||
|
||||
public class DatabaseInteractor {
|
||||
@@ -148,19 +145,55 @@ public class DatabaseInteractor {
|
||||
}
|
||||
|
||||
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(long id) throws NotFoundException {
|
||||
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), false);
|
||||
return getCanonicalizedPublicKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
|
||||
}
|
||||
|
||||
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(Uri queryUri) throws NotFoundException {
|
||||
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(queryUri, false);
|
||||
Cursor cursor = mContentResolver.query(queryUri,
|
||||
new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED }, null, null, null);
|
||||
try {
|
||||
if (cursor != null && cursor.moveToFirst()) {
|
||||
long masterKeyId = cursor.getLong(0);
|
||||
int verified = cursor.getInt(1);
|
||||
|
||||
byte[] publicKeyData = getPublicKeyRingData(masterKeyId);
|
||||
return new CanonicalizedPublicKeyRing(publicKeyData, verified);
|
||||
} else {
|
||||
throw new NotFoundException("Key not found!");
|
||||
}
|
||||
} finally {
|
||||
if (cursor != null) {
|
||||
cursor.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(long id) throws NotFoundException {
|
||||
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), true);
|
||||
return getCanonicalizedSecretKeyRing(KeyRings.buildUnifiedKeyRingUri(id));
|
||||
}
|
||||
|
||||
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(Uri queryUri) throws NotFoundException {
|
||||
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(queryUri, true);
|
||||
Cursor cursor = mContentResolver.query(queryUri,
|
||||
new String[] { KeyRings.MASTER_KEY_ID, KeyRings.VERIFIED, KeyRings.HAS_ANY_SECRET }, null, null, null);
|
||||
try {
|
||||
if (cursor != null && cursor.moveToFirst()) {
|
||||
long masterKeyId = cursor.getLong(0);
|
||||
int verified = cursor.getInt(1);
|
||||
int hasAnySecret = cursor.getInt(2);
|
||||
if (hasAnySecret == 0) {
|
||||
throw new NotFoundException("No secret key available or unknown public key!");
|
||||
}
|
||||
|
||||
byte[] secretKeyData = getSecretKeyRingData(masterKeyId);
|
||||
return new CanonicalizedSecretKeyRing(secretKeyData, verified);
|
||||
} else {
|
||||
throw new NotFoundException("Key not found!");
|
||||
}
|
||||
} finally {
|
||||
if (cursor != null) {
|
||||
cursor.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public ArrayList<String> getConfirmedUserIds(long masterKeyId) throws NotFoundException {
|
||||
@@ -184,53 +217,18 @@ public class DatabaseInteractor {
|
||||
}
|
||||
}
|
||||
|
||||
private KeyRing getCanonicalizedKeyRing(Uri queryUri, boolean secret) throws NotFoundException {
|
||||
Cursor cursor = mContentResolver.query(queryUri,
|
||||
new String[]{
|
||||
// we pick from cache only information that is not easily available from keyrings
|
||||
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
|
||||
// and of course, ring data
|
||||
secret ? KeyRings.PRIVKEY_DATA : KeyRings.PUBKEY_DATA
|
||||
}, null, null, null
|
||||
);
|
||||
try {
|
||||
if (cursor != null && cursor.moveToFirst()) {
|
||||
|
||||
boolean hasAnySecret = cursor.getInt(0) > 0;
|
||||
int verified = cursor.getInt(1);
|
||||
byte[] blob = cursor.getBlob(2);
|
||||
if (secret & !hasAnySecret) {
|
||||
throw new NotFoundException("Secret key not available!");
|
||||
}
|
||||
return secret
|
||||
? new CanonicalizedSecretKeyRing(blob, true, verified)
|
||||
: new CanonicalizedPublicKeyRing(blob, verified);
|
||||
} else {
|
||||
throw new NotFoundException("Key not found!");
|
||||
}
|
||||
} finally {
|
||||
if (cursor != null) {
|
||||
cursor.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private String getKeyRingAsArmoredString(byte[] data) throws IOException, PgpGeneralException {
|
||||
UncachedKeyRing keyRing = UncachedKeyRing.decodeFromData(data);
|
||||
|
||||
ByteArrayOutputStream bos = new ByteArrayOutputStream();
|
||||
keyRing.encodeArmored(bos, null);
|
||||
String armoredKey = bos.toString("UTF-8");
|
||||
|
||||
Log.d(Constants.TAG, "armoredKey:" + armoredKey);
|
||||
|
||||
return armoredKey;
|
||||
return bos.toString("UTF-8");
|
||||
}
|
||||
|
||||
public String getKeyRingAsArmoredString(Uri uri)
|
||||
public String getPublicKeyRingAsArmoredString(long masterKeyId)
|
||||
throws NotFoundException, IOException, PgpGeneralException {
|
||||
byte[] data = (byte[]) getGenericData(
|
||||
uri, KeyRingData.KEY_RING_DATA, FIELD_TYPE_BLOB);
|
||||
byte[] data = getPublicKeyRingData(masterKeyId);
|
||||
return getKeyRingAsArmoredString(data);
|
||||
}
|
||||
|
||||
|
||||
@@ -105,29 +105,33 @@ public class DatabaseReadWriteInteractor extends DatabaseInteractor {
|
||||
}
|
||||
|
||||
private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() {
|
||||
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[]{
|
||||
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
|
||||
KeyRings.MASTER_KEY_ID,
|
||||
// we pick from cache only information that is not easily available from keyrings
|
||||
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
|
||||
// and of course, ring data
|
||||
KeyRings.PUBKEY_DATA
|
||||
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED
|
||||
}, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
|
||||
|
||||
try {
|
||||
LongSparseArray<CanonicalizedPublicKey> result = new LongSparseArray<>();
|
||||
|
||||
if (cursor != null && cursor.moveToFirst()) do {
|
||||
long masterKeyId = cursor.getLong(0);
|
||||
int verified = cursor.getInt(2);
|
||||
byte[] blob = cursor.getBlob(3);
|
||||
if (blob != null) {
|
||||
result.put(masterKeyId,
|
||||
new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
|
||||
if (cursor == null) {
|
||||
return result;
|
||||
}
|
||||
|
||||
while (cursor.moveToNext()) {
|
||||
try {
|
||||
long masterKeyId = cursor.getLong(0);
|
||||
int verified = cursor.getInt(2);
|
||||
byte[] blob = getPublicKeyRingData(masterKeyId);
|
||||
if (blob != null) {
|
||||
result.put(masterKeyId, new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
|
||||
}
|
||||
} catch (NotFoundException e) {
|
||||
throw new IllegalStateException("Error reading secret key data, this should not happen!", e);
|
||||
}
|
||||
} while (cursor.moveToNext());
|
||||
}
|
||||
|
||||
return result;
|
||||
|
||||
} finally {
|
||||
if (cursor != null) {
|
||||
cursor.close();
|
||||
|
||||
@@ -138,8 +138,6 @@ public class KeychainContract {
|
||||
public static final String HAS_CERTIFY = "has_certify";
|
||||
public static final String HAS_AUTHENTICATE = "has_authenticate";
|
||||
public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id";
|
||||
public static final String PUBKEY_DATA = "pubkey_data";
|
||||
public static final String PRIVKEY_DATA = "privkey_data";
|
||||
|
||||
public static final Uri CONTENT_URI = BASE_CONTENT_URI_INTERNAL.buildUpon()
|
||||
.appendPath(BASE_KEY_RINGS).build();
|
||||
|
||||
@@ -18,6 +18,12 @@
|
||||
|
||||
package org.sufficientlysecure.keychain.provider;
|
||||
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
|
||||
import android.content.Context;
|
||||
import android.content.Intent;
|
||||
import android.database.sqlite.SQLiteDatabase;
|
||||
@@ -36,11 +42,6 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.UserPacketsColu
|
||||
import org.sufficientlysecure.keychain.ui.ConsolidateDialogActivity;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.FileInputStream;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* SQLite Datatypes (from http://www.sqlite.org/datatype3.html)
|
||||
* - NULL. The value is a NULL value.
|
||||
|
||||
@@ -323,16 +323,12 @@ public class KeychainProvider extends ContentProvider {
|
||||
+ " = " + Tables.USER_PACKETS + "." + UserPackets.EMAIL + " COLLATE NOCASE"
|
||||
+ ")) AS " + KeyRings.HAS_DUPLICATE_USER_ID);
|
||||
projectionMap.put(KeyRings.VERIFIED, Tables.CERTS + "." + Certs.VERIFIED);
|
||||
projectionMap.put(KeyRings.PUBKEY_DATA,
|
||||
Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.KEY_RING_DATA
|
||||
+ " AS " + KeyRings.PUBKEY_DATA);
|
||||
projectionMap.put(KeyRings.PRIVKEY_DATA,
|
||||
Tables.KEY_RINGS_SECRET + "." + KeyRingData.KEY_RING_DATA
|
||||
+ " AS " + KeyRings.PRIVKEY_DATA);
|
||||
projectionMap.put(KeyRings.HAS_SECRET, Tables.KEYS + "." + KeyRings.HAS_SECRET);
|
||||
projectionMap.put(KeyRings.HAS_ANY_SECRET,
|
||||
"(" + Tables.KEY_RINGS_SECRET + "." + KeyRings.MASTER_KEY_ID + " IS NOT NULL)" +
|
||||
" AS " + KeyRings.HAS_ANY_SECRET);
|
||||
"(EXISTS (SELECT * FROM " + Tables.KEY_RINGS_SECRET + " WHERE "
|
||||
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID + " = "
|
||||
+ Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
|
||||
+ ")) AS " + KeyRings.HAS_ANY_SECRET);
|
||||
projectionMap.put(KeyRings.HAS_ENCRYPT,
|
||||
"kE." + Keys.KEY_ID + " AS " + KeyRings.HAS_ENCRYPT);
|
||||
projectionMap.put(KeyRings.HAS_SIGN,
|
||||
@@ -367,18 +363,6 @@ public class KeychainProvider extends ContentProvider {
|
||||
+ " = " + Certs.VERIFIED_SECRET
|
||||
+ ")"
|
||||
// fairly expensive joins following, only do when requested
|
||||
+ (plist.contains(KeyRings.PUBKEY_DATA) ?
|
||||
" INNER JOIN " + Tables.KEY_RINGS_PUBLIC + " ON ("
|
||||
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID
|
||||
+ " = "
|
||||
+ Tables.KEY_RINGS_PUBLIC + "." + KeyRingData.MASTER_KEY_ID
|
||||
+ ")" : "")
|
||||
+ (plist.contains(KeyRings.PRIVKEY_DATA) || plist.contains(KeyRings.HAS_ANY_SECRET) ?
|
||||
" LEFT JOIN " + Tables.KEY_RINGS_SECRET + " ON ("
|
||||
+ Tables.KEYS + "." + Keys.MASTER_KEY_ID
|
||||
+ " = "
|
||||
+ Tables.KEY_RINGS_SECRET + "." + KeyRingData.MASTER_KEY_ID
|
||||
+ ")" : "")
|
||||
+ (plist.contains(KeyRings.HAS_ENCRYPT) ?
|
||||
" LEFT JOIN " + Tables.KEYS + " AS kE ON ("
|
||||
+"kE." + Keys.MASTER_KEY_ID
|
||||
|
||||
Reference in New Issue
Block a user