Merge branch 'master' of github.com:open-keychain/open-keychain

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CertifyFingerprintActivity.java

@@ -30,6 +30,8 @@ public class CertifyFingerprintActivity extends BaseActivity {
 
     protected Uri mDataUri;
 
+    public static final String EXTRA_ENABLE_WORD_CONFIRM = "enable_word_confirm";
+
     @Override
     public void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
@@ -40,6 +42,7 @@ public class CertifyFingerprintActivity extends BaseActivity {
             finish();
             return;
         }
+        boolean enableWordConfirm = getIntent().getBooleanExtra(EXTRA_ENABLE_WORD_CONFIRM, false);
 
         setFullScreenDialogClose(new View.OnClickListener() {
             @Override
@@ -50,7 +53,7 @@ public class CertifyFingerprintActivity extends BaseActivity {
 
         Log.i(Constants.TAG, "mDataUri: " + mDataUri.toString());
 
-        startFragment(savedInstanceState, mDataUri);
+        startFragment(savedInstanceState, mDataUri, enableWordConfirm);
     }
 
     @Override
@@ -58,7 +61,7 @@ public class CertifyFingerprintActivity extends BaseActivity {
         setContentView(R.layout.certify_fingerprint_activity);
     }
 
-    private void startFragment(Bundle savedInstanceState, Uri dataUri) {
+    private void startFragment(Bundle savedInstanceState, Uri dataUri, boolean enableWordConfirm) {
         // However, if we're being restored from a previous state,
         // then we don't need to do anything and should return or else
         // we could end up with overlapping fragments.
@@ -67,7 +70,7 @@ public class CertifyFingerprintActivity extends BaseActivity {
         }
 
         // Create an instance of the fragment
-        CertifyFingerprintFragment frag = CertifyFingerprintFragment.newInstance(dataUri);
+        CertifyFingerprintFragment frag = CertifyFingerprintFragment.newInstance(dataUri, enableWordConfirm);
 
         // Add the fragment to the 'fragment_container' FrameLayout
         // NOTE: We use commitAllowingStateLoss() to prevent weird crashes!

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CertifyFingerprintFragment.java

@@ -19,6 +19,7 @@ package org.sufficientlysecure.keychain.ui;
 
 import android.content.Intent;
 import android.database.Cursor;
+import android.graphics.Typeface;
 import android.net.Uri;
 import android.os.Bundle;
 import android.support.v4.app.LoaderManager;
@@ -34,6 +35,7 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.ui.util.ExperimentalWordConfirm;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 
@@ -44,20 +46,24 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
     static final int REQUEST_CERTIFY = 1;
 
     public static final String ARG_DATA_URI = "uri";
+    public static final String ARG_ENABLE_WORD_CONFIRM = "enable_word_confirm";
 
     private TextView mFingerprint;
+    private TextView mIntro;
 
     private static final int LOADER_ID_UNIFIED = 0;
 
     private Uri mDataUri;
+    private boolean mEnableWordConfirm;
 
     /**
      * Creates new instance of this fragment
      */
-    public static CertifyFingerprintFragment newInstance(Uri dataUri) {
+    public static CertifyFingerprintFragment newInstance(Uri dataUri, boolean enableWordConfirm) {
         CertifyFingerprintFragment frag = new CertifyFingerprintFragment();
         Bundle args = new Bundle();
         args.putParcelable(ARG_DATA_URI, dataUri);
+        args.putBoolean(ARG_ENABLE_WORD_CONFIRM, enableWordConfirm);
 
         frag.setArguments(args);
 
@@ -73,6 +79,7 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
         View actionYes = view.findViewById(R.id.certify_fingerprint_button_yes);
 
         mFingerprint = (TextView) view.findViewById(R.id.certify_fingerprint_fingerprint);
+        mIntro = (TextView) view.findViewById(R.id.certify_fingerprint_intro);
 
         actionNo.setOnClickListener(new View.OnClickListener() {
             @Override
@@ -100,6 +107,11 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
             getActivity().finish();
             return;
         }
+        mEnableWordConfirm = getArguments().getBoolean(ARG_ENABLE_WORD_CONFIRM);
+
+        if (mEnableWordConfirm) {
+            mIntro.setText(R.string.certify_fingerprint_text_words);
+        }
 
         loadData(dataUri);
     }
@@ -146,10 +158,13 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
         switch (loader.getId()) {
             case LOADER_ID_UNIFIED: {
                 if (data.moveToFirst()) {
-
                     byte[] fingerprintBlob = data.getBlob(INDEX_UNIFIED_FINGERPRINT);
-                    String fingerprint = KeyFormattingUtils.convertFingerprintToHex(fingerprintBlob);
+
-                    mFingerprint.setText(KeyFormattingUtils.colorizeFingerprint(fingerprint));
+                    if (mEnableWordConfirm) {
+                        displayWordConfirm(fingerprintBlob);
+                    } else {
+                        displayHexConfirm(fingerprintBlob);
+                    }
 
                     break;
                 }
@@ -159,6 +174,19 @@ public class CertifyFingerprintFragment extends LoaderFragment implements
         setContentShown(true);
     }
 
+    private void displayHexConfirm(byte[] fingerprintBlob) {
+        String fingerprint = KeyFormattingUtils.convertFingerprintToHex(fingerprintBlob);
+        mFingerprint.setText(KeyFormattingUtils.colorizeFingerprint(fingerprint));
+    }
+
+    private void displayWordConfirm(byte[] fingerprintBlob) {
+        String fingerprint = ExperimentalWordConfirm.getWords(getActivity(), fingerprintBlob);
+
+        mFingerprint.setTextSize(24);
+        mFingerprint.setTypeface(Typeface.DEFAULT, Typeface.BOLD);
+        mFingerprint.setText(fingerprint);
+    }
+
     /**
      * This is called when the last Cursor provided to onLoadFinished() above is about to be closed.
      * We need to make sure we are no longer using it.

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java

@@ -350,7 +350,11 @@ public class ViewKeyActivity extends BaseNfcActivity implements
                 return true;
             }
             case R.id.menu_key_view_certify_fingerprint: {
-                certifyFingeprint(mDataUri);
+                certifyFingeprint(mDataUri, false);
+                return true;
+            }
+            case R.id.menu_key_view_certify_fingerprint_word: {
+                certifyFingeprint(mDataUri, true);
                 return true;
             }
         }
@@ -365,6 +369,9 @@ public class ViewKeyActivity extends BaseNfcActivity implements
         exportKey.setVisible(mIsSecret);
         MenuItem certifyFingerprint = menu.findItem(R.id.menu_key_view_certify_fingerprint);
         certifyFingerprint.setVisible(!mIsSecret && !mIsVerified && !mIsExpired && !mIsRevoked);
+        MenuItem certifyFingerprintWord = menu.findItem(R.id.menu_key_view_certify_fingerprint_word);
+        certifyFingerprintWord.setVisible(!mIsSecret && !mIsVerified && !mIsExpired && !mIsRevoked
+                && Preferences.getPreferences(this).getExperimentalEnableWordConfirm());
 
         return true;
     }
@@ -376,9 +383,10 @@ public class ViewKeyActivity extends BaseNfcActivity implements
         startActivityForResult(scanQrCode, REQUEST_QR_FINGERPRINT);
     }
 
-    private void certifyFingeprint(Uri dataUri) {
+    private void certifyFingeprint(Uri dataUri, boolean enableWordConfirm) {
         Intent intent = new Intent(this, CertifyFingerprintActivity.class);
         intent.setData(dataUri);
+        intent.putExtra(CertifyFingerprintActivity.EXTRA_ENABLE_WORD_CONFIRM, enableWordConfirm);
 
         startActivityForResult(intent, REQUEST_CERTIFY);
     }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/ExperimentalWordConfirm.java

@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package org.sufficientlysecure.keychain.ui.util;
+
+import android.content.Context;
+
+import org.spongycastle.util.Arrays;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.util.Log;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.ArrayList;
+import java.util.BitSet;
+
+public class ExperimentalWordConfirm {
+
+    public static String getWords(Context context, byte[] fingerprintBlob) {
+        ArrayList<String> words = new ArrayList<>();
+
+        BufferedReader reader = null;
+        try {
+            reader = new BufferedReader(new InputStreamReader(
+                    context.getAssets().open("word_confirm_list.txt"),
+                    "UTF-8"
+            ));
+
+            String line = reader.readLine();
+            while (line != null) {
+                words.add(line);
+
+                line = reader.readLine();
+            }
+        } catch (IOException e) {
+            throw new RuntimeException("IOException", e);
+        } finally {
+            if (reader != null) {
+                try {
+                    reader.close();
+                } catch (IOException ignored) {
+                }
+            }
+        }
+
+        String fingerprint = "";
+
+        // NOTE: 160 bit SHA-1 truncated to 156 bit
+        byte[] fingerprintBlobTruncated = Arrays.copyOfRange(fingerprintBlob, 0, 156 / 8);
+
+        // TODO: implement key stretching to minimize fp length?
+
+        // BitSet bits = BitSet.valueOf(fingerprintBlob);  // min API 19 and little endian!
+        BitSet bits = bitSetToByteArray(fingerprintBlobTruncated);
+        Log.d(Constants.TAG, "bits: " + bits.toString());
+
+        final int CHUNK_SIZE = 13;
+        final int LAST_CHUNK_INDEX = fingerprintBlobTruncated.length * 8 / CHUNK_SIZE; // 12
+        Log.d(Constants.TAG, "LAST_CHUNK_INDEX: " + LAST_CHUNK_INDEX);
+
+        int from = 0;
+        int to = CHUNK_SIZE;
+        for (int i = 0; i < (LAST_CHUNK_INDEX + 1); i++) {
+            Log.d(Constants.TAG, "from: " + from + " to: " + to);
+
+            BitSet setIndex = bits.get(from, to);
+            int wordIndex = (int) bitSetToLong(setIndex);
+            // int wordIndex = (int) setIndex.toLongArray()[0]; // min API 19
+
+            fingerprint += words.get(wordIndex);
+
+            if (i != LAST_CHUNK_INDEX) {
+                // line break every 3 words
+                if (to % (CHUNK_SIZE * 3) == 0) {
+                    fingerprint += "\n";
+                } else {
+                    fingerprint += " ";
+                }
+            }
+
+            from = to;
+            to += CHUNK_SIZE;
+        }
+
+        return fingerprint;
+    }
+
+    /**
+     * Returns a BitSet containing the values in bytes.
+     * BIG ENDIAN!
+     */
+    private static BitSet bitSetToByteArray(byte[] bytes) {
+        int arrayLength = bytes.length * 8;
+        BitSet bits = new BitSet();
+
+        for (int i = 0; i < arrayLength; i++) {
+            if ((bytes[bytes.length - i / 8 - 1] & (1 << (i % 8))) > 0) {
+                bits.set(i);
+            }
+        }
+        return bits;
+    }
+
+    private static long bitSetToLong(BitSet bits) {
+        long value = 0L;
+        for (int i = 0; i < bits.length(); ++i) {
+            value += bits.get(i) ? (1L << i) : 0L;
+        }
+        return value;
+    }
+}

OpenKeychain/src/main/res/layout/certify_fingerprint_fragment.xml

@@ -16,6 +16,7 @@
             android:padding="16dp">
 
             <TextView
+                android:id="@+id/certify_fingerprint_intro"
                 android:layout_width="match_parent"
                 android:layout_height="wrap_content"
                 android:layout_marginBottom="8dp"

OpenKeychain/src/main/res/menu/key_view.xml

@@ -37,4 +37,10 @@
         android:visible="false"
         android:title="@string/menu_certify_fingerprint" />
 
+    <item
+        android:id="@+id/menu_key_view_certify_fingerprint_word"
+        app:showAsAction="never"
+        android:visible="false"
+        android:title="@string/menu_certify_fingerprint_word" />
+
 </menu>

OpenKeychain/src/main/res/values/strings.xml

@@ -115,6 +115,7 @@
     <string name="menu_update_all_keys">"Update all keys"</string>
     <string name="menu_advanced">"Extended information"</string>
     <string name="menu_certify_fingerprint">"Confirm via fingerprint comparison"</string>
+    <string name="menu_certify_fingerprint_word">"Confirm via word comparison"</string>
     <string name="menu_export_log">"Export Log"</string>
 
     <string name="menu_keyserver_add">"Add"</string>
@@ -1404,7 +1405,8 @@
     <string name="section_uids_to_certify">"Identities for "</string>
     <string name="certify_text">"The keys you are importing contain “identities”: names and email addresses. Select exactly those for confirmation which match what you expected."</string>
     <string name="certify_fingerprint_text">"Compare the displayed fingerprint, character by character, with the one displayed on your partners device."</string>
-    <string name="certify_fingerprint_text2">"Do the displayed fingerprints match?"</string>
+    <string name="certify_fingerprint_text_words">"Compare the displayed fingerprint, word by word, with the one displayed on your partners device."</string>
+    <string name="certify_fingerprint_text2">"Do the fingerprints match?"</string>
     <string name="label_revocation">"Revocation Reason"</string>
     <string name="label_cert_type">"Type"</string>
     <string name="error_key_not_found">"Key not found!"</string>