cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

export: support encrypted export, first version

Browse Source
This commit is contained in:
Vincent Breitmoser
2015-09-28 00:03:11 +02:00
parent dc9e068790
commit 46e24058ba
7 changed files with 295 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ExportOperation.java
View File

@@ -19,16 +19,21 @@
package org.sufficientlysecure.keychain.operations; package org.sufficientlysecure.keychain.operations;
import java.io.BufferedOutputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream; import java.io.OutputStream;
import java.text.SimpleDateFormat;
import java.util.Collections; import java.util.Collections;
import java.util.Date;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicBoolean; import java.util.concurrent.atomic.AtomicBoolean;
import android.content.Context; import android.content.Context;
import android.database.Cursor; import android.database.Cursor;
import android.net.Uri;
import android.support.annotation.NonNull; import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.text.TextUtils; import android.text.TextUtils;
import org.spongycastle.bcpg.ArmoredOutputStream; import org.spongycastle.bcpg.ArmoredOutputStream;
@@ -37,16 +42,21 @@ import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.operations.results.ExportResult; import org.sufficientlysecure.keychain.operations.results.ExportResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType; import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog; import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing; import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptInputParcel;
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
import org.sufficientlysecure.keychain.pgp.Progressable; import org.sufficientlysecure.keychain.pgp.Progressable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException; import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings; import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables; import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
import org.sufficientlysecure.keychain.provider.ProviderHelper; import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.provider.TemporaryStorageProvider;
import org.sufficientlysecure.keychain.service.ExportKeyringParcel; import org.sufficientlysecure.keychain.service.ExportKeyringParcel;
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils; import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log; import org.sufficientlysecure.keychain.util.Log;
@@ -84,7 +94,7 @@ public class ExportOperation extends BaseOperation<ExportKeyringParcel> {
} }
@NonNull @NonNull
public ExportResult execute(ExportKeyringParcel exportInput, CryptoInputParcel cryptoInput) { public ExportResult execute(@NonNull ExportKeyringParcel exportInput, @Nullable CryptoInputParcel cryptoInput) {
OperationLog log = new OperationLog(); OperationLog log = new OperationLog();
if (exportInput.mMasterKeyIds != null) { if (exportInput.mMasterKeyIds != null) {
@@ -94,25 +104,83 @@ public class ExportOperation extends BaseOperation<ExportKeyringParcel> {
} }
try { try {
OutputStream outStream = mProviderHelper.getContentResolver().openOutputStream(exportInput.mOutputUri);
outStream = new BufferedOutputStream(outStream); boolean nonEncryptedOutput = exportInput.mSymmetricPassphrase == null;
return exportKeysToStream(log, exportInput.mMasterKeyIds, exportInput.mExportSecret, outStream);
Uri exportOutputUri = nonEncryptedOutput
? exportInput.mOutputUri
: TemporaryStorageProvider.createFile(mContext);
{ // export key data, and possibly return if we don't encrypt
OutputStream outStream = mContext.getContentResolver().openOutputStream(exportOutputUri);
boolean exportSuccess = exportKeysToStream(
log, exportInput.mMasterKeyIds, exportInput.mExportSecret, outStream);
if (!exportSuccess) {
// if there was an error, it will be in the log so we just have to return
return new ExportResult(ExportResult.RESULT_ERROR, log);
}
if (nonEncryptedOutput) {
// log.add(LogType.MSG_EXPORT_NO_ENCRYPT, 1);
log.add(LogType.MSG_EXPORT_SUCCESS, 1);
return new ExportResult(ExportResult.RESULT_OK, log);
}
}
PgpSignEncryptOperation pseOp = new PgpSignEncryptOperation(mContext, mProviderHelper, mProgressable, mCancelled);
PgpSignEncryptInputParcel inputParcel = new PgpSignEncryptInputParcel();
inputParcel.setSymmetricPassphrase(exportInput.mSymmetricPassphrase);
inputParcel.setEnableAsciiArmorOutput(true);
InputStream inStream = mContext.getContentResolver().openInputStream(exportOutputUri);
String filename;
if (exportInput.mMasterKeyIds.length == 1) {
filename = "backup_" + KeyFormattingUtils.convertKeyIdToHex(exportInput.mMasterKeyIds[0]);
filename += exportInput.mExportSecret ? ".sec.asc" : ".pub.asc";
} else {
filename = "backup_" + new SimpleDateFormat("yyyy-MM-dd", Locale.getDefault()).format(new Date());
filename += exportInput.mExportSecret ? ".asc" : ".pub.asc";
}
InputData inputData = new InputData(inStream, 0L, filename);
OutputStream outStream = mContext.getContentResolver().openOutputStream(exportInput.mOutputUri);
PgpSignEncryptResult encryptResult = pseOp.execute(inputParcel, new CryptoInputParcel(), inputData, outStream);
if (!encryptResult.success()) {
log.addByMerge(encryptResult, 1);
// log.add(LogType.MSG_EXPORT_ERROR_ENCRYPT, 1);
return new ExportResult(ExportResult.RESULT_ERROR, log);
}
log.add(encryptResult, 1);
log.add(LogType.MSG_EXPORT_SUCCESS, 1);
return new ExportResult(ExportResult.RESULT_OK, log);
} catch (FileNotFoundException e) { } catch (FileNotFoundException e) {
log.add(LogType.MSG_EXPORT_ERROR_URI_OPEN, 1); log.add(LogType.MSG_EXPORT_ERROR_URI_OPEN, 1);
return new ExportResult(ExportResult.RESULT_ERROR, log); return new ExportResult(ExportResult.RESULT_ERROR, log);
} }
} }
ExportResult exportKeysToStream(OperationLog log, long[] masterKeyIds, boolean exportSecret, OutputStream outStream) { boolean exportKeysToStream(OperationLog log, long[] masterKeyIds, boolean exportSecret, OutputStream outStream) {
int okSecret = 0, okPublic = 0, progress = 0; // noinspection unused TODO use these in a log entry
int okSecret = 0, okPublic = 0;
int progress = 0;
Cursor cursor = queryForKeys(masterKeyIds); Cursor cursor = queryForKeys(masterKeyIds);
if (cursor == null || !cursor.moveToFirst()) { if (cursor == null || !cursor.moveToFirst()) {
log.add(LogType.MSG_EXPORT_ERROR_DB, 1); log.add(LogType.MSG_EXPORT_ERROR_DB, 1);
return new ExportResult(ExportResult.RESULT_ERROR, log, okPublic, okSecret); return false; // new ExportResult(ExportResult.RESULT_ERROR, log);
} }
try { try {
@@ -148,7 +216,7 @@ public class ExportOperation extends BaseOperation<ExportKeyringParcel> {
} catch (IOException e) { } catch (IOException e) {
log.add(LogType.MSG_EXPORT_ERROR_IO, 1); log.add(LogType.MSG_EXPORT_ERROR_IO, 1);
return new ExportResult(ExportResult.RESULT_ERROR, log, okPublic, okSecret); return false; // new ExportResult(ExportResult.RESULT_ERROR, log);
} finally { } finally {
// Make sure the stream is closed // Make sure the stream is closed
if (outStream != null) try { if (outStream != null) try {
@@ -159,8 +227,7 @@ public class ExportOperation extends BaseOperation<ExportKeyringParcel> {
cursor.close(); cursor.close();
} }
log.add(LogType.MSG_EXPORT_SUCCESS, 1); return true;
return new ExportResult(ExportResult.RESULT_OK, log, okPublic, okSecret);
} }

21
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/ExportResult.java
View File

@@ -24,39 +24,18 @@ import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
public class ExportResult extends InputPendingResult { public class ExportResult extends InputPendingResult {
final int mOkPublic, mOkSecret;
public ExportResult(int result, OperationLog log) { public ExportResult(int result, OperationLog log) {
this(result, log, 0, 0);
}
public ExportResult(int result, OperationLog log, int okPublic, int okSecret) {
super(result, log); super(result, log);
mOkPublic = okPublic;
mOkSecret = okSecret;
}
public ExportResult(OperationLog log, RequiredInputParcel requiredInputParcel,
CryptoInputParcel cryptoInputParcel) {
super(log, requiredInputParcel, cryptoInputParcel);
// we won't use these values
mOkPublic = -1;
mOkSecret = -1;
} }
/** Construct from a parcel - trivial because we have no extra data. */ /** Construct from a parcel - trivial because we have no extra data. */
public ExportResult(Parcel source) { public ExportResult(Parcel source) {
super(source); super(source);
mOkPublic = source.readInt();
mOkSecret = source.readInt();
} }
@Override @Override
public void writeToParcel(Parcel dest, int flags) { public void writeToParcel(Parcel dest, int flags) {
super.writeToParcel(dest, flags); super.writeToParcel(dest, flags);
dest.writeInt(mOkPublic);
dest.writeInt(mOkSecret);
} }
public static Creator<ExportResult> CREATOR = new Creator<ExportResult>() { public static Creator<ExportResult> CREATOR = new Creator<ExportResult>() {

21
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/ExportKeyringParcel.java
View File

@@ -24,35 +24,31 @@ import android.os.Parcel;
import android.os.Parcelable; import android.os.Parcelable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.util.Passphrase;
public class ExportKeyringParcel implements Parcelable { public class ExportKeyringParcel implements Parcelable {
public String mKeyserver;
public Uri mCanonicalizedPublicKeyringUri; public Uri mCanonicalizedPublicKeyringUri;
public UncachedKeyRing mUncachedKeyRing; public Passphrase mSymmetricPassphrase;
public boolean mExportSecret; public boolean mExportSecret;
public long mMasterKeyIds[]; public long mMasterKeyIds[];
public Uri mOutputUri; public Uri mOutputUri;
public ExportKeyringParcel(String keyserver, UncachedKeyRing uncachedKeyRing) { public ExportKeyringParcel(Passphrase symmetricPassphrase,
mKeyserver = keyserver; long[] masterKeyIds, boolean exportSecret, Uri outputUri) {
mUncachedKeyRing = uncachedKeyRing; mSymmetricPassphrase = symmetricPassphrase;
}
@SuppressWarnings("unused") // TODO: is it used?
public ExportKeyringParcel(long[] masterKeyIds, boolean exportSecret, Uri outputUri) {
mMasterKeyIds = masterKeyIds; mMasterKeyIds = masterKeyIds;
mExportSecret = exportSecret; mExportSecret = exportSecret;
mOutputUri = outputUri; mOutputUri = outputUri;
} }
protected ExportKeyringParcel(Parcel in) { protected ExportKeyringParcel(Parcel in) {
mKeyserver = in.readString();
mCanonicalizedPublicKeyringUri = (Uri) in.readValue(Uri.class.getClassLoader()); mCanonicalizedPublicKeyringUri = (Uri) in.readValue(Uri.class.getClassLoader());
mUncachedKeyRing = (UncachedKeyRing) in.readValue(UncachedKeyRing.class.getClassLoader());
mExportSecret = in.readByte() != 0x00; mExportSecret = in.readByte() != 0x00;
mOutputUri = (Uri) in.readValue(Uri.class.getClassLoader()); mOutputUri = (Uri) in.readValue(Uri.class.getClassLoader());
mMasterKeyIds = in.createLongArray(); mMasterKeyIds = in.createLongArray();
mSymmetricPassphrase = in.readParcelable(getClass().getClassLoader());
} }
@Override @Override
@@ -62,12 +58,11 @@ public class ExportKeyringParcel implements Parcelable {
@Override @Override
public void writeToParcel(Parcel dest, int flags) { public void writeToParcel(Parcel dest, int flags) {
dest.writeString(mKeyserver);
dest.writeValue(mCanonicalizedPublicKeyringUri); dest.writeValue(mCanonicalizedPublicKeyringUri);
dest.writeValue(mUncachedKeyRing);
dest.writeByte((byte) (mExportSecret ? 0x01 : 0x00)); dest.writeByte((byte) (mExportSecret ? 0x01 : 0x00));
dest.writeValue(mOutputUri); dest.writeValue(mOutputUri);
dest.writeLongArray(mMasterKeyIds); dest.writeLongArray(mMasterKeyIds);
dest.writeParcelable(mSymmetricPassphrase, 0);
} }
public static final Parcelable.Creator<ExportKeyringParcel> CREATOR = new Parcelable.Creator<ExportKeyringParcel>() { public static final Parcelable.Creator<ExportKeyringParcel> CREATOR = new Parcelable.Creator<ExportKeyringParcel>() {

8
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/BackupCodeEntryFragment.java
View File

@@ -98,6 +98,9 @@ public class BackupCodeEntryFragment extends Fragment implements OnBackStackChan
void switchState(BackupCodeState state) { void switchState(BackupCodeState state) {
switch (state) { switch (state) {
case STATE_UNINITIALIZED:
throw new AssertionError("can't switch to uninitialized state, this is a bug!");
case STATE_DISPLAY: case STATE_DISPLAY:
mTitleAnimator.setDisplayedChild(0); mTitleAnimator.setDisplayedChild(0);
mStatusAnimator.setDisplayedChild(0); mStatusAnimator.setDisplayedChild(0);
@@ -281,7 +284,8 @@ public class BackupCodeEntryFragment extends Fragment implements OnBackStackChan
} }
private void animateFlashText(final TextView[] textViews, int color1, int color2, boolean staySecondColor) { private static void animateFlashText(
final TextView[] textViews, int color1, int color2, boolean staySecondColor) {
ValueAnimator anim = ValueAnimator.ofObject(new ArgbEvaluator(), color1, color2); ValueAnimator anim = ValueAnimator.ofObject(new ArgbEvaluator(), color1, color2);
anim.addUpdateListener(new AnimatorUpdateListener() { anim.addUpdateListener(new AnimatorUpdateListener() {
@@ -299,7 +303,7 @@ public class BackupCodeEntryFragment extends Fragment implements OnBackStackChan
} }
private void setupEditTextFocusNext(final EditText[] backupCodes) { private static void setupEditTextFocusNext(final EditText[] backupCodes) {
for (int i = 0; i < backupCodes.length -1; i++) { for (int i = 0; i < backupCodes.length -1; i++) {
final int next = i+1; final int next = i+1;

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ExportHelper.java
View File

@@ -96,7 +96,7 @@ public class ExportHelper
@Override @Override
public ExportKeyringParcel createOperationInput() { public ExportKeyringParcel createOperationInput() {
return new ExportKeyringParcel(mMasterKeyIds, mExportSecret, Uri.fromFile(mExportFile)); return new ExportKeyringParcel(null, mMasterKeyIds, mExportSecret, Uri.fromFile(mExportFile));
} }
@Override @Override

209
OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/ExportTest.java
View File

@@ -17,6 +17,20 @@
package org.sufficientlysecure.keychain.operations; package org.sufficientlysecure.keychain.operations;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.PipedInputStream;
import java.io.PipedOutputStream;
import java.io.PrintStream;
import java.security.Security;
import java.util.Iterator;
import android.app.Application;
import android.content.ContentResolver;
import android.content.ContentValues;
import android.net.Uri;
import org.junit.Assert; import org.junit.Assert;
import org.junit.Before; import org.junit.Before;
import org.junit.BeforeClass; import org.junit.BeforeClass;
@@ -29,26 +43,39 @@ import org.robolectric.shadows.ShadowLog;
import org.spongycastle.bcpg.sig.KeyFlags; import org.spongycastle.bcpg.sig.KeyFlags;
import org.spongycastle.jce.provider.BouncyCastleProvider; import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.sufficientlysecure.keychain.WorkaroundBuildConfig; import org.sufficientlysecure.keychain.WorkaroundBuildConfig;
import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult; import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
import org.sufficientlysecure.keychain.operations.results.ExportResult; import org.sufficientlysecure.keychain.operations.results.ExportResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog; import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
import org.sufficientlysecure.keychain.pgp.PgpKeyOperation; import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing.IteratorWithIOThrow; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing.IteratorWithIOThrow;
import org.sufficientlysecure.keychain.pgp.WrappedSignature; import org.sufficientlysecure.keychain.pgp.WrappedSignature;
import org.sufficientlysecure.keychain.provider.ProviderHelper; import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.provider.TemporaryStorageProvider;
import org.sufficientlysecure.keychain.service.ExportKeyringParcel;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel; import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.ChangeUnlockParcel; import org.sufficientlysecure.keychain.service.SaveKeyringParcel.ChangeUnlockParcel;
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.Passphrase; import org.sufficientlysecure.keychain.util.Passphrase;
import org.sufficientlysecure.keychain.util.ProgressScaler; import org.sufficientlysecure.keychain.util.ProgressScaler;
import org.sufficientlysecure.keychain.util.TestingUtils; import org.sufficientlysecure.keychain.util.TestingUtils;
import java.io.ByteArrayInputStream; import static org.junit.Assert.assertEquals;
import java.io.ByteArrayOutputStream; import static org.junit.Assert.assertFalse;
import java.io.PrintStream; import static org.junit.Assert.assertTrue;
import java.security.Security; import static org.mockito.Matchers.any;
import java.util.Iterator; import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
@RunWith(RobolectricGradleTestRunner.class) @RunWith(RobolectricGradleTestRunner.class)
@Config(constants = WorkaroundBuildConfig.class, sdk = 21, manifest = "src/main/AndroidManifest.xml") @Config(constants = WorkaroundBuildConfig.class, sdk = 21, manifest = "src/main/AndroidManifest.xml")
@@ -82,7 +109,7 @@ public class ExportTest {
parcel.mNewUnlock = new ChangeUnlockParcel(mKeyPhrase1); parcel.mNewUnlock = new ChangeUnlockParcel(mKeyPhrase1);
PgpEditKeyResult result = op.createSecretKeyRing(parcel); PgpEditKeyResult result = op.createSecretKeyRing(parcel);
Assert.assertTrue("initial test key creation must succeed", result.success()); assertTrue("initial test key creation must succeed", result.success());
Assert.assertNotNull("initial test key creation must succeed", result.getRing()); Assert.assertNotNull("initial test key creation must succeed", result.getRing());
mStaticRing1 = result.getRing(); mStaticRing1 = result.getRing();
@@ -100,7 +127,7 @@ public class ExportTest {
parcel.mNewUnlock = new ChangeUnlockParcel(null, new Passphrase("1234")); parcel.mNewUnlock = new ChangeUnlockParcel(null, new Passphrase("1234"));
PgpEditKeyResult result = op.createSecretKeyRing(parcel); PgpEditKeyResult result = op.createSecretKeyRing(parcel);
Assert.assertTrue("initial test key creation must succeed", result.success()); assertTrue("initial test key creation must succeed", result.success());
Assert.assertNotNull("initial test key creation must succeed", result.getRing()); Assert.assertNotNull("initial test key creation must succeed", result.getRing());
mStaticRing2 = result.getRing(); mStaticRing2 = result.getRing();
@@ -123,17 +150,17 @@ public class ExportTest {
} }
@Test @Test
public void testExportAll() throws Exception { public void testExportAllLocalStripped() throws Exception {
ExportOperation op = new ExportOperation(RuntimeEnvironment.application, ExportOperation op = new ExportOperation(RuntimeEnvironment.application,
new ProviderHelper(RuntimeEnvironment.application), null); new ProviderHelper(RuntimeEnvironment.application), null);
// make sure there is a local cert (so the later checks that there are none are meaningful) // make sure there is a local cert (so the later checks that there are none are meaningful)
Assert.assertTrue("second keyring has local certification", checkForLocal(mStaticRing2)); assertTrue("second keyring has local certification", checkForLocal(mStaticRing2));
ByteArrayOutputStream out = new ByteArrayOutputStream(); ByteArrayOutputStream out = new ByteArrayOutputStream();
ExportResult result = op.exportKeysToStream(new OperationLog(), null, false, out); boolean result = op.exportKeysToStream(new OperationLog(), null, false, out);
Assert.assertTrue("export must be a success", result.success()); assertTrue("export must be a success", result);
long masterKeyId1, masterKeyId2; long masterKeyId1, masterKeyId2;
if (mStaticRing1.getMasterKeyId() < mStaticRing2.getMasterKeyId()) { if (mStaticRing1.getMasterKeyId() < mStaticRing2.getMasterKeyId()) {
@@ -148,70 +175,190 @@ public class ExportTest {
UncachedKeyRing.fromStream(new ByteArrayInputStream(out.toByteArray())); UncachedKeyRing.fromStream(new ByteArrayInputStream(out.toByteArray()));
{ {
Assert.assertTrue("export must have two keys (1/2)", unc.hasNext()); assertTrue("export must have two keys (1/2)", unc.hasNext());
UncachedKeyRing ring = unc.next(); UncachedKeyRing ring = unc.next();
Assert.assertEquals("first exported key has correct masterkeyid", Assert.assertEquals("first exported key has correct masterkeyid",
masterKeyId1, ring.getMasterKeyId()); masterKeyId1, ring.getMasterKeyId());
Assert.assertFalse("first exported key must not be secret", ring.isSecret()); assertFalse("first exported key must not be secret", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
} }
{ {
Assert.assertTrue("export must have two keys (2/2)", unc.hasNext()); assertTrue("export must have two keys (2/2)", unc.hasNext());
UncachedKeyRing ring = unc.next(); UncachedKeyRing ring = unc.next();
Assert.assertEquals("second exported key has correct masterkeyid", Assert.assertEquals("second exported key has correct masterkeyid",
masterKeyId2, ring.getMasterKeyId()); masterKeyId2, ring.getMasterKeyId());
Assert.assertFalse("second exported key must not be secret", ring.isSecret()); assertFalse("second exported key must not be secret", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
} }
out = new ByteArrayOutputStream(); out = new ByteArrayOutputStream();
result = op.exportKeysToStream(new OperationLog(), null, true, out); result = op.exportKeysToStream(new OperationLog(), null, true, out);
Assert.assertTrue("export must be a success", result.success()); assertTrue("export must be a success", result);
unc = UncachedKeyRing.fromStream(new ByteArrayInputStream(out.toByteArray())); unc = UncachedKeyRing.fromStream(new ByteArrayInputStream(out.toByteArray()));
{ {
Assert.assertTrue("export must have four keys (1/4)", unc.hasNext()); assertTrue("export must have four keys (1/4)", unc.hasNext());
UncachedKeyRing ring = unc.next(); UncachedKeyRing ring = unc.next();
Assert.assertEquals("1/4 exported key has correct masterkeyid", Assert.assertEquals("1/4 exported key has correct masterkeyid",
masterKeyId1, ring.getMasterKeyId()); masterKeyId1, ring.getMasterKeyId());
Assert.assertFalse("1/4 exported key must not be public", ring.isSecret()); assertFalse("1/4 exported key must not be public", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
Assert.assertTrue("export must have four keys (2/4)", unc.hasNext()); assertTrue("export must have four keys (2/4)", unc.hasNext());
ring = unc.next(); ring = unc.next();
Assert.assertEquals("2/4 exported key has correct masterkeyid", Assert.assertEquals("2/4 exported key has correct masterkeyid",
masterKeyId1, ring.getMasterKeyId()); masterKeyId1, ring.getMasterKeyId());
Assert.assertTrue("2/4 exported key must be public", ring.isSecret()); assertTrue("2/4 exported key must be public", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
} }
{ {
Assert.assertTrue("export must have four keys (3/4)", unc.hasNext()); assertTrue("export must have four keys (3/4)", unc.hasNext());
UncachedKeyRing ring = unc.next(); UncachedKeyRing ring = unc.next();
Assert.assertEquals("3/4 exported key has correct masterkeyid", Assert.assertEquals("3/4 exported key has correct masterkeyid",
masterKeyId2, ring.getMasterKeyId()); masterKeyId2, ring.getMasterKeyId());
Assert.assertFalse("3/4 exported key must not be public", ring.isSecret()); assertFalse("3/4 exported key must not be public", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
Assert.assertTrue("export must have four keys (4/4)", unc.hasNext()); assertTrue("export must have four keys (4/4)", unc.hasNext());
ring = unc.next(); ring = unc.next();
Assert.assertEquals("4/4 exported key has correct masterkeyid", Assert.assertEquals("4/4 exported key has correct masterkeyid",
masterKeyId2, ring.getMasterKeyId()); masterKeyId2, ring.getMasterKeyId());
Assert.assertTrue("4/4 exported key must be public", ring.isSecret()); assertTrue("4/4 exported key must be public", ring.isSecret());
Assert.assertFalse("there must be no local signatures in an exported keyring", assertFalse("there must be no local signatures in an exported keyring",
checkForLocal(ring)); checkForLocal(ring));
} }
} }
@Test
public void testExportUnencrypted() throws Exception {
ContentResolver mockResolver = mock(ContentResolver.class);
Uri fakeOutputUri = Uri.parse("content://fake/out/1");
ByteArrayOutputStream outStream1 = new ByteArrayOutputStream();
when(mockResolver.openOutputStream(fakeOutputUri)).thenReturn(outStream1);
Application spyApplication = spy(RuntimeEnvironment.application);
when(spyApplication.getContentResolver()).thenReturn(mockResolver);
ExportOperation op = new ExportOperation(spyApplication,
new ProviderHelper(RuntimeEnvironment.application), null);
ExportKeyringParcel parcel = new ExportKeyringParcel(null,
new long[] { mStaticRing1.getMasterKeyId() }, false, fakeOutputUri);
ExportResult result = op.execute(parcel, null);
verify(mockResolver).openOutputStream(fakeOutputUri);
assertTrue("export must succeed", result.success());
TestingUtils.assertArrayEqualsPrefix("exported data must start with ascii armor header",
"-----BEGIN PGP PUBLIC KEY BLOCK-----\n".getBytes(), outStream1.toByteArray());
TestingUtils.assertArrayEqualsSuffix("exported data must end with ascii armor header",
"-----END PGP PUBLIC KEY BLOCK-----\n".getBytes(), outStream1.toByteArray());
{
IteratorWithIOThrow<UncachedKeyRing> unc
= UncachedKeyRing.fromStream(new ByteArrayInputStream(outStream1.toByteArray()));
assertTrue("export must have one key", unc.hasNext());
UncachedKeyRing ring = unc.next();
Assert.assertEquals("exported key has correct masterkeyid",
mStaticRing1.getMasterKeyId(), ring.getMasterKeyId());
assertFalse("export must have exactly one key", unc.hasNext());
}
}
@Test
public void testExportEncrypted() throws Exception {
Application spyApplication;
ContentResolver mockResolver = mock(ContentResolver.class);
Uri fakePipedUri, fakeOutputUri;
ByteArrayOutputStream outStream; {
fakePipedUri = Uri.parse("content://fake/pipe/1");
PipedInputStream pipedInStream = new PipedInputStream(8192);
PipedOutputStream pipedOutStream = new PipedOutputStream(pipedInStream);
when(mockResolver.openOutputStream(fakePipedUri)).thenReturn(pipedOutStream);
when(mockResolver.openInputStream(fakePipedUri)).thenReturn(pipedInStream);
when(mockResolver.insert(eq(TemporaryStorageProvider.CONTENT_URI), any(ContentValues.class)))
.thenReturn(fakePipedUri);
fakeOutputUri = Uri.parse("content://fake/out/1");
outStream = new ByteArrayOutputStream();
when(mockResolver.openOutputStream(fakeOutputUri)).thenReturn(outStream);
spyApplication = spy(RuntimeEnvironment.application);
when(spyApplication.getContentResolver()).thenReturn(mockResolver);
}
Passphrase passphrase = new Passphrase("abcde");
{ // export encrypted
ExportOperation op = new ExportOperation(spyApplication,
new ProviderHelper(RuntimeEnvironment.application), null);
ExportKeyringParcel parcel = new ExportKeyringParcel(passphrase,
new long[] { mStaticRing1.getMasterKeyId() }, false, fakeOutputUri);
ExportResult result = op.execute(parcel, null);
verify(mockResolver).openOutputStream(fakePipedUri);
verify(mockResolver).openInputStream(fakePipedUri);
verify(mockResolver).openOutputStream(fakeOutputUri);
assertTrue("export must succeed", result.success());
TestingUtils.assertArrayEqualsPrefix("exported data must start with ascii armor header",
"-----BEGIN PGP MESSAGE-----\n".getBytes(), outStream.toByteArray());
}
{
PgpDecryptVerifyOperation op = new PgpDecryptVerifyOperation(RuntimeEnvironment.application,
new ProviderHelper(RuntimeEnvironment.application), null);
PgpDecryptVerifyInputParcel input = new PgpDecryptVerifyInputParcel(outStream.toByteArray());
input.setAllowSymmetricDecryption(true);
{
DecryptVerifyResult result = op.execute(input, new CryptoInputParcel());
assertTrue("decryption must return pending without passphrase", result.isPending());
Assert.assertTrue("should contain pending passphrase log entry",
result.getLog().containsType(LogType.MSG_DC_PENDING_PASSPHRASE));
}
{
DecryptVerifyResult result = op.execute(input, new CryptoInputParcel(new Passphrase("bad")));
assertFalse("decryption must fail with bad passphrase", result.success());
Assert.assertTrue("should contain bad passphrase log entry",
result.getLog().containsType(LogType.MSG_DC_ERROR_SYM_PASSPHRASE));
}
DecryptVerifyResult result = op.execute(input, new CryptoInputParcel(passphrase));
assertTrue("decryption must succeed with passphrase", result.success());
assertEquals("backup filename should be backup_keyid.pub.asc",
"backup_" + KeyFormattingUtils.convertKeyIdToHex(mStaticRing1.getMasterKeyId()) + ".pub.asc",
result.getDecryptionMetadata().getFilename());
}
}
/** This function checks whether or not there are any local signatures in a keyring. */ /** This function checks whether or not there are any local signatures in a keyring. */
private boolean checkForLocal(UncachedKeyRing ring) { private boolean checkForLocal(UncachedKeyRing ring) {
Iterator<WrappedSignature> sigs = ring.getPublicKey().getSignatures(); Iterator<WrappedSignature> sigs = ring.getPublicKey().getSignatures();

24
OpenKeychain/src/test/java/org/sufficientlysecure/keychain/util/TestingUtils.java
View File

@@ -19,6 +19,9 @@ package org.sufficientlysecure.keychain.util;
import java.util.Random; import java.util.Random;
import junit.framework.Assert;
public class TestingUtils { public class TestingUtils {
public static Passphrase genPassphrase() { public static Passphrase genPassphrase() {
return genPassphrase(false); return genPassphrase(false);
@@ -35,4 +38,25 @@ public class TestingUtils {
System.out.println("Generated passphrase: '" + passbuilder.toString() + "'"); System.out.println("Generated passphrase: '" + passbuilder.toString() + "'");
return new Passphrase(passbuilder.toString()); return new Passphrase(passbuilder.toString());
} }
public static void assertArrayEqualsPrefix(String msg, byte[] expected, byte[] actual) {
Assert.assertTrue("exepected must be shorter or equal to actual array length",
expected.length <= actual.length);
for (int i = 0; i < expected.length; i++) {
Assert.assertEquals(msg, expected[i], actual[i]);
}
}
public static void assertArrayEqualsSuffix(String msg, byte[] expected, byte[] actual) {
Assert.assertTrue("exepected must be shorter or equal to actual array length",
expected.length <= actual.length);
for (int i = 0; i < expected.length; i++) {
Assert.assertEquals(msg, expected[i], actual[actual.length -expected.length +i]);
}
}
} }