From ba9d714c1bf063bb33dd4721699cab060364238d Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 13 Apr 2018 19:17:00 +0200 Subject: [PATCH 01/12] Add Numeric9x4PassphraseUtils --- .../util/Numeric9x4PassphraseUtil.java | 59 +++++++++++++++++++ .../util/Numeric9x4PassphraseUtilTest.java | 40 +++++++++++++ 2 files changed, 99 insertions(+) create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtil.java create mode 100644 OpenKeychain/src/test/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtilTest.java diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtil.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtil.java new file mode 100644 index 000000000..89d9f004e --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtil.java @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2017 Schürmann & Breitmoser GbR + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package org.sufficientlysecure.keychain.util; + + +import java.nio.CharBuffer; +import java.security.SecureRandom; +import java.util.Random; +import java.util.regex.Pattern; + +import android.support.annotation.VisibleForTesting; + +// see https://autocrypt.org/level1.html#setup-code +public class Numeric9x4PassphraseUtil { + public static Passphrase generateNumeric9x4Passphrase() { + return generateNumeric9x4Passphrase(new SecureRandom()); + } + + @VisibleForTesting + static Passphrase generateNumeric9x4Passphrase(Random r) { + StringBuilder code = new StringBuilder(36); + for (int i = 0; i < 36; i++) { + boolean isBeginningOfBlock = i > 0 && (i % 4) == 0; + if (isBeginningOfBlock) { + code.append('-'); + } + + String digit = Integer.toString(r.nextInt(10)); + code.append(digit); + } + + return new Passphrase(code.toString()); + } + + private static final Pattern AUTOCRYPT_TRANSFER_CODE = Pattern.compile("(\\d{4}-){8}\\d{4}"); + + public static boolean isNumeric9x4Passphrase(Passphrase transferCodeChars) { + return isNumeric9x4Passphrase(CharBuffer.wrap(transferCodeChars.getCharArray())); + } + + public static boolean isNumeric9x4Passphrase(CharSequence code) { + return AUTOCRYPT_TRANSFER_CODE.matcher(code).matches(); + } +} diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtilTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtilTest.java new file mode 100644 index 000000000..49c6edcfd --- /dev/null +++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/util/Numeric9x4PassphraseUtilTest.java @@ -0,0 +1,40 @@ +package org.sufficientlysecure.keychain.util; + + +import java.util.Random; + +import org.junit.Test; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + + +public class Numeric9x4PassphraseUtilTest { + private static final int RANDOM_SEED = 12345; + private static final String TRANSFER_CODE_3x3x4 = "1018-5452-1972-0624-7325-1126-8153-1997-1535"; + + @Test + public void generateNumeric9x4Passphrase() { + Random r = new Random(RANDOM_SEED); + + Passphrase passphrase = Numeric9x4PassphraseUtil.generateNumeric9x4Passphrase(r); + + assertEquals(TRANSFER_CODE_3x3x4, passphrase.toStringUnsafe()); + } + + @Test + public void isNumeric9x4Passphrase() { + boolean isValidCodeLayout = Numeric9x4PassphraseUtil.isNumeric9x4Passphrase(TRANSFER_CODE_3x3x4); + + assertTrue(isValidCodeLayout); + } + + + @Test + public void isNumeric9x4Passphrase_withBadSuffix() { + boolean isValidCodeLayout = Numeric9x4PassphraseUtil.isNumeric9x4Passphrase(TRANSFER_CODE_3x3x4 + "x"); + + assertFalse(isValidCodeLayout); + } +} \ No newline at end of file From cb56a44f77b5fcc610567b35d4ddcbeb922292dd Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 13 Apr 2018 17:39:38 +0200 Subject: [PATCH 02/12] Support Passphrase-Format and -Begin headers in PgpSignEncryptOperation --- .../keychain/pgp/PgpSignEncryptData.java | 8 ++++++++ .../keychain/pgp/PgpSignEncryptOperation.java | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java index 95ce97529..afdb8963c 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java @@ -61,6 +61,11 @@ public abstract class PgpSignEncryptData implements Parcelable { public abstract boolean isAddBackupHeader(); public abstract boolean isHiddenRecipients(); + @Nullable + public abstract String getPassphraseFormat(); + @Nullable + public abstract String getPassphraseBegin(); + public static Builder builder() { return new AutoValue_PgpSignEncryptData.Builder() .setSignatureMasterKeyId(Constants.key.none) @@ -102,6 +107,9 @@ public abstract class PgpSignEncryptData implements Parcelable { setAllowedSigningKeyIds(Collections.unmodifiableList(new ArrayList<>(allowedSigningKeyIds))); return this; } + + public abstract Builder setPassphraseFormat(String passphraseFormat); + public abstract Builder setPassphraseBegin(String passphraseBegin); } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java index 96c614dd6..e9ac655f6 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java @@ -206,6 +206,14 @@ public class PgpSignEncryptOperation extends BaseOperation Date: Fri, 13 Apr 2018 19:07:59 +0200 Subject: [PATCH 03/12] Support numeric9x4 passphrase-format during decryption --- .../operations/results/OperationResult.java | 2 + .../pgp/PgpDecryptVerifyOperation.java | 38 +++-- .../service/input/RequiredInputParcel.java | 7 +- .../keychain/ui/PassphraseDialogActivity.java | 41 ++++++ .../ui/base/CryptoOperationHelper.java | 3 +- .../layout/passphrase_dialog_numeric_9x4.xml | 53 +++++++ .../main/res/layout/transfer_code_input.xml | 135 ++++++++++++++++++ OpenKeychain/src/main/res/values/strings.xml | 3 + OpenKeychain/src/main/res/values/styles.xml | 18 +++ 9 files changed, 288 insertions(+), 12 deletions(-) create mode 100644 OpenKeychain/src/main/res/layout/passphrase_dialog_numeric_9x4.xml create mode 100644 OpenKeychain/src/main/res/layout/transfer_code_input.xml diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java index 6982a10e4..966ae84d4 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java @@ -627,6 +627,8 @@ public abstract class OperationResult implements Parcelable { MSG_DC_ASYM (LogLevel.DEBUG, R.string.msg_dc_asym), MSG_DC_CHARSET (LogLevel.DEBUG, R.string.msg_dc_charset), MSG_DC_BACKUP_VERSION (LogLevel.DEBUG, R.string.msg_dc_backup_version), + MSG_DC_PASSPHRASE_FORMAT (LogLevel.DEBUG, R.string.msg_dc_passphrase_format), + MSG_DC_PASSPHRASE_BEGIN (LogLevel.DEBUG, R.string.msg_dc_passphrase_begin), MSG_DC_CLEAR_DATA (LogLevel.DEBUG, R.string.msg_dc_clear_data), MSG_DC_CLEAR_DECOMPRESS (LogLevel.DEBUG, R.string.msg_dc_clear_decompress), MSG_DC_CLEAR_META_FILE (LogLevel.DEBUG, R.string.msg_dc_clear_meta_file), diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java index ec97b2213..0fab963c6 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java @@ -93,6 +93,7 @@ import static java.lang.String.format; public class PgpDecryptVerifyOperation extends BaseOperation { public static final int PROGRESS_STRIDE_MILLISECONDS = 200; + public static final String PASSPHRASE_FORMAT_NUMERIC9X4 = "numeric9x4"; public PgpDecryptVerifyOperation(Context context, KeyRepository keyRepository, Progressable progressable) { super(context, keyRepository, progressable); @@ -230,6 +231,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/OpenKeychain/src/main/res/layout/transfer_code_input.xml b/OpenKeychain/src/main/res/layout/transfer_code_input.xml new file mode 100644 index 000000000..a8b6037f8 --- /dev/null +++ b/OpenKeychain/src/main/res/layout/transfer_code_input.xml @@ -0,0 +1,135 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index 1f2946c36..f8f73fa9f 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -333,6 +333,7 @@ "Enter password" "Switch to alphabetic keyboard" "Switch to numeric keyboard" + "Enter transfer code" "Enter PIN for '%s'" "Enter PIN to access Security Token for '%s'" "Hold Security Token against the NFC marker at the back of your device." @@ -1176,6 +1177,8 @@ "Found block of asymmetrically encrypted data for key %s" "Found charset header: '%s'" "Found backupVersion header: '%s'" + "Found Passphrase-Format header: '%s'" + "Found Passphrase-Begin header: '%s'" "Processing literal data" "Unpacking compressed data" "Filename: %s" diff --git a/OpenKeychain/src/main/res/values/styles.xml b/OpenKeychain/src/main/res/values/styles.xml index 39b8cd8d7..71098667d 100644 --- a/OpenKeychain/src/main/res/values/styles.xml +++ b/OpenKeychain/src/main/res/values/styles.xml @@ -65,4 +65,22 @@ 14dp + + + + From 4760a21c403ec1190321a58e5474b37df5f9bdd7 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 13 Apr 2018 19:34:16 +0200 Subject: [PATCH 04/12] Add passphrase-format and passphrase-begin headers in BackupOperation, if appropriate --- .../keychain/operations/BackupOperation.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java index a31f7e4e1..8e40ee114 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/BackupOperation.java @@ -58,8 +58,10 @@ import org.sufficientlysecure.keychain.provider.TemporaryFileProvider; import org.sufficientlysecure.keychain.service.BackupKeyringParcel; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils; +import org.sufficientlysecure.keychain.util.Numeric9x4PassphraseUtil; import org.sufficientlysecure.keychain.util.CountingOutputStream; import org.sufficientlysecure.keychain.util.InputData; +import org.sufficientlysecure.keychain.util.Passphrase; import timber.log.Timber; @@ -169,9 +171,15 @@ public class BackupOperation extends BaseOperation { PgpSignEncryptOperation signEncryptOperation = new PgpSignEncryptOperation(mContext, mKeyRepository, mProgressable, mCancelled); PgpSignEncryptData.Builder builder = PgpSignEncryptData.builder(); - builder.setSymmetricPassphrase(cryptoInput.getPassphrase()); + Passphrase passphrase = cryptoInput.getPassphrase(); + builder.setSymmetricPassphrase(passphrase); builder.setEnableAsciiArmorOutput(backupInput.getEnableAsciiArmorOutput()); - builder.setAddBackupHeader(true); + boolean isNumeric9x4Passphrase = passphrase != null && Numeric9x4PassphraseUtil.isNumeric9x4Passphrase(passphrase); + if (isNumeric9x4Passphrase) { + builder.setPassphraseFormat("numeric9x4"); + char[] passphraseChars = passphrase.getCharArray(); + builder.setPassphraseBegin("" + passphraseChars[0] + passphraseChars[1]); + } PgpSignEncryptData pgpSignEncryptData = builder.build(); InputStream inStream = mContext.getContentResolver().openInputStream(plainUri); From ffc28f408e73fd78f951260e3b7c894c9c0528e6 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 13 Apr 2018 19:34:34 +0200 Subject: [PATCH 05/12] Drop support for BackupVersion header in PgpSignEncryptOperation --- .../sufficientlysecure/keychain/pgp/PgpSignEncryptData.java | 3 --- .../keychain/pgp/PgpSignEncryptOperation.java | 4 ---- 2 files changed, 7 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java index afdb8963c..294992655 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptData.java @@ -58,7 +58,6 @@ public abstract class PgpSignEncryptData implements Parcelable { public abstract boolean isEnableAsciiArmorOutput(); public abstract boolean isCleartextSignature(); public abstract boolean isDetachedSignature(); - public abstract boolean isAddBackupHeader(); public abstract boolean isHiddenRecipients(); @Nullable @@ -73,7 +72,6 @@ public abstract class PgpSignEncryptData implements Parcelable { .setEnableAsciiArmorOutput(false) .setCleartextSignature(false) .setDetachedSignature(false) - .setAddBackupHeader(false) .setHiddenRecipients(false) .setCompressionAlgorithm(OpenKeychainCompressionAlgorithmTags.USE_DEFAULT) .setSignatureHashAlgorithm(OpenKeychainHashAlgorithmTags.USE_DEFAULT) @@ -96,7 +94,6 @@ public abstract class PgpSignEncryptData implements Parcelable { public abstract Builder setSignatureHashAlgorithm(int signatureHashAlgorithm); public abstract Builder setSymmetricEncryptionAlgorithm(int symmetricEncryptionAlgorithm); - public abstract Builder setAddBackupHeader(boolean isAddBackupHeader); public abstract Builder setEnableAsciiArmorOutput(boolean enableAsciiArmorOutput); public abstract Builder setCleartextSignature(boolean isCleartextSignature); public abstract Builder setDetachedSignature(boolean isDetachedSignature); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java index e9ac655f6..bf24bebfb 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java @@ -202,10 +202,6 @@ public class PgpSignEncryptOperation extends BaseOperation Date: Fri, 13 Apr 2018 18:14:14 +0200 Subject: [PATCH 06/12] Use numeric9x4 format in backup fragment --- .../keychain/ui/BackupCodeFragment.java | 109 ++--- .../layout-w400dp/backup_code_fragment.xml | 459 ------------------ .../layout-w600dp/backup_code_fragment.xml | 459 ------------------ .../main/res/layout/backup_code_fragment.xml | 325 +------------ .../main/res/layout/transfer_code_display.xml | 138 ++++++ 5 files changed, 182 insertions(+), 1308 deletions(-) delete mode 100644 OpenKeychain/src/main/res/layout-w400dp/backup_code_fragment.xml delete mode 100644 OpenKeychain/src/main/res/layout-w600dp/backup_code_fragment.xml create mode 100644 OpenKeychain/src/main/res/layout/transfer_code_display.xml diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/BackupCodeFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/BackupCodeFragment.java index d15f04328..1a15adafc 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/BackupCodeFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/BackupCodeFragment.java @@ -20,11 +20,9 @@ package org.sufficientlysecure.keychain.ui; import java.io.File; import java.io.IOException; -import java.security.SecureRandom; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Locale; -import java.util.Random; import android.animation.ArgbEvaluator; import android.animation.ValueAnimator; @@ -52,7 +50,6 @@ import android.view.View; import android.view.View.OnClickListener; import android.view.ViewGroup; import android.view.animation.AccelerateInterpolator; -import android.widget.EditText; import android.widget.TextView; import org.sufficientlysecure.keychain.Constants; @@ -66,6 +63,7 @@ import org.sufficientlysecure.keychain.ui.util.Notify; import org.sufficientlysecure.keychain.ui.util.Notify.ActionListener; import org.sufficientlysecure.keychain.ui.util.Notify.Style; import org.sufficientlysecure.keychain.ui.widget.ToolableViewAnimator; +import org.sufficientlysecure.keychain.util.Numeric9x4PassphraseUtil; import org.sufficientlysecure.keychain.util.FileHelper; import org.sufficientlysecure.keychain.util.Passphrase; @@ -83,20 +81,13 @@ public class BackupCodeFragment extends CryptoOperationFragment - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -