cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

don't show allowed key list if no key exists, and some minor PgpDecryptVerify changes

Browse Source
This commit is contained in:
Vincent Breitmoser
2015-05-28 02:27:44 +02:00
parent 1fb7477a5a
commit 5c8af1c5a5
13 changed files with 75 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
View File

@@ -27,12 +27,19 @@ import org.sufficientlysecure.keychain.util.Passphrase;
public class DecryptVerifyResult extends InputPendingResult {
public static final int RESULT_NO_DATA = RESULT_ERROR + 16;
public static final int RESULT_KEY_DISALLOWED = RESULT_ERROR + 32;
OpenPgpSignatureResult mSignatureResult;
OpenPgpMetadata mDecryptMetadata;
// This holds the charset which was specified in the ascii armor, if specified
// https://tools.ietf.org/html/rfc4880#page56
String mCharset;
public boolean isKeysDisallowed () {
return (mResult & RESULT_KEY_DISALLOWED) == RESULT_KEY_DISALLOWED;
}
public OpenPgpSignatureResult getSignatureResult() {
return mSignatureResult;
}
@@ -57,10 +64,6 @@ public class DecryptVerifyResult extends InputPendingResult {
mCharset = charset;
}
public boolean isPending() {
return (mResult & RESULT_PENDING) == RESULT_PENDING;
}
public DecryptVerifyResult(int result, OperationLog log) {
super(result, log);
}

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
View File

@@ -590,7 +590,7 @@ public abstract class OperationResult implements Parcelable {
MSG_DC_ERROR_EXTRACT_KEY (LogLevel.ERROR, R.string.msg_dc_error_extract_key),
MSG_DC_ERROR_INTEGRITY_CHECK (LogLevel.ERROR, R.string.msg_dc_error_integrity_check),
MSG_DC_ERROR_INTEGRITY_MISSING (LogLevel.ERROR, R.string.msg_dc_error_integrity_missing),
MSG_DC_ERROR_INVALID_SIGLIST(LogLevel.ERROR, R.string.msg_dc_error_invalid_siglist),
MSG_DC_ERROR_INVALID_DATA (LogLevel.ERROR, R.string.msg_dc_error_invalid_data),
MSG_DC_ERROR_IO (LogLevel.ERROR, R.string.msg_dc_error_io),
MSG_DC_ERROR_NO_DATA (LogLevel.ERROR, R.string.msg_dc_error_no_data),
MSG_DC_ERROR_NO_KEY (LogLevel.ERROR, R.string.msg_dc_error_no_key),

37
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
View File

@@ -384,7 +384,7 @@ public class PgpDecryptVerify extends BaseOperation {
}
if (enc == null) {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, indent);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@@ -419,6 +419,7 @@ public class PgpDecryptVerify extends BaseOperation {
}
Passphrase passphrase = null;
boolean skippedDisallowedKey = false;
// go through all objects and find one we can decrypt
while (it.hasNext()) {
@@ -451,13 +452,6 @@ public class PgpDecryptVerify extends BaseOperation {
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
// get subkey which has been used for this encryption packet
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
if (secretEncryptionKey == null) {
// should actually never happen, so no need to be more specific.
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
// allow only specific keys for decryption?
if (mAllowedKeyIds != null) {
@@ -469,11 +463,20 @@ public class PgpDecryptVerify extends BaseOperation {
if (!mAllowedKeyIds.contains(masterKeyId)) {
// this key is in our db, but NOT allowed!
// continue with the next packet in the while loop
skippedDisallowedKey = true;
log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent + 1);
continue;
}
}
// get subkey which has been used for this encryption packet
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
if (secretEncryptionKey == null) {
// should actually never happen, so no need to be more specific.
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
/* secret key exists in database and is allowed! */
asymmetricPacketFound = true;
@@ -604,10 +607,18 @@ public class PgpDecryptVerify extends BaseOperation {
}
encryptedData = encryptedDataAsymmetric;
} else {
// If we didn't find any useful data, error out
// there wasn't even any useful data
if (!anyPacketFound) {
log.add(LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_NO_DATA, log);
}
// there was data but key wasn't allowed
if (skippedDisallowedKey) {
log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_KEY_DISALLOWED, log);
}
// no packet has been found where we have the corresponding secret key in our db
log.add(
anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@@ -910,7 +921,7 @@ public class PgpDecryptVerify extends BaseOperation {
PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
if (sigList == null) {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@@ -993,7 +1004,7 @@ public class PgpDecryptVerify extends BaseOperation {
} else if (o instanceof PGPSignatureList) {
sigList = (PGPSignatureList) o;
} else {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}

19
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@@ -34,7 +34,6 @@ import org.openintents.openpgp.util.OpenPgpApi;
import org.spongycastle.bcpg.CompressionAlgorithmTags;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.PgpConstants;
@@ -601,9 +600,8 @@ public class OpenPgpService extends RemoteService {
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
return result;
} else {
LogEntryParcel errorMsg = pgpResult.getLog().getLast();
if (errorMsg.mType == OperationResult.LogType.MSG_DC_ERROR_NO_KEY) {
//
if (pgpResult.isKeysDisallowed()) {
// allow user to select allowed keys
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_INTENT, getSelectAllowedKeysIntent(data));
@@ -611,14 +609,17 @@ public class OpenPgpService extends RemoteService {
return result;
}
throw new Exception(getString(errorMsg.mType.getMsgId()));
String errorMsg = getString(pgpResult.getLog().getLast().mType.getMsgId());
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, errorMsg));
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
return result;
}
} catch (Exception e) {
Log.d(Constants.TAG, "decryptAndVerifyImpl", e);
} catch (IOException e) {
Log.e(Constants.TAG, "decryptAndVerifyImpl", e);
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_ERROR,
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
return result;
} finally {