Merge branch 'master' of github.com:open-keychain/open-keychain

2015-10-21 21:58:30 +02:00
parent 1b98c07237 10fed404ae
commit 4e60f1bc75
2 changed files with 19 additions and 6 deletions
--- a/OpenKeychain/build.gradle
+++ b/OpenKeychain/build.gradle
@@ -160,6 +160,19 @@ android {
            // Reference them in .xml files.
            resValue "string", "account_type", "org.sufficientlysecure.keychain.account"
            resValue "string", "provider_content_authority", "org.sufficientlysecure.keychain.provider"
+
+            // Github API ID and secret are read from gradle.properties (not in git!)
+            // must use double escaping in gradle.properties! For example:
+            // githubClientId="\\"7a011b66275f244d3f21\\""
+            // githubClientSecret="\\"eaced8a6655719d8c6848396de97b3f5d7a89fec\\""
+            if (project.hasProperty('githubClientId') &&
+                project.hasProperty('githubClientSecret')) {
+
+                println "Found github oauth properties"
+
+                buildConfigField "String", "GITHUB_CLIENT_ID", githubClientId
+                buildConfigField "String", "GITHUB_CLIENT_SECRET", githubClientSecret
+            }
        }

        debug {
@@ -169,14 +182,14 @@ android {
            buildConfigField "String", "ACCOUNT_TYPE", "\"org.sufficientlysecure.keychain.debug.account\""
            buildConfigField "String", "PROVIDER_CONTENT_AUTHORITY", "\"org.sufficientlysecure.keychain.debug.provider\""

-            // Github api for debug build only
-            buildConfigField "String", "GITHUB_CLIENT_ID", "\"7a011b66275f244d3f21\""
-            buildConfigField "String", "GITHUB_CLIENT_SECRET", "\"eaced8a6655719d8c6848396de97b3f5d7a89fec\""
-
            // Reference them in .xml files.
            resValue "string", "account_type", "org.sufficientlysecure.keychain.debug.account"
            resValue "string", "provider_content_authority", "org.sufficientlysecure.keychain.debug.provider"

+            // Github API for debug build only
+            buildConfigField "String", "GITHUB_CLIENT_ID", "\"7a011b66275f244d3f21\""
+            buildConfigField "String", "GITHUB_CLIENT_SECRET", "\"eaced8a6655719d8c6848396de97b3f5d7a89fec\""
+
            // Enable code coverage (Jacoco)
            testCoverageEnabled true
        }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
@@ -79,8 +79,8 @@ public class PgpSecurityConstants {
     */
    private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
            // MD5: broken
-            // SHA1: broken
-            // RIPEMD160: same security properties as SHA1
+            HashAlgorithmTags.SHA1, // TODO: disable when SHA256 is widely deployed
+            HashAlgorithmTags.RIPEMD160, // same security properties as SHA1, TODO: disable when SHA256 is widely deployed
            // DOUBLE_SHA: not used widely
            // MD2: not used widely
            // TIGER_192: not used widely