From 9c749658a0a4cb6db65a13cceecfac3ce1d8239c Mon Sep 17 00:00:00 2001 From: Christian Hagau Date: Sun, 21 Jan 2018 00:00:00 +0000 Subject: [PATCH 1/5] Make predicate names in KeychainProvider consistent --- .../keychain/provider/CachedPublicKeyRing.java | 6 +++--- .../keychain/provider/KeychainContract.java | 6 +++--- .../keychain/provider/KeychainProvider.java | 18 +++++++++--------- .../keychain/remote/ui/dialog/KeyLoader.java | 2 +- ...RemoteSelectAuthenticationKeyPresenter.java | 2 +- .../keychain/ui/widget/CertifyKeySpinner.java | 4 ++-- .../keychain/ui/widget/SignKeySpinner.java | 4 ++-- 7 files changed, 21 insertions(+), 21 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java index 4e3bc23c0..78345a12f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java @@ -158,7 +158,7 @@ public class CachedPublicKeyRing extends KeyRing { public boolean canCertify() throws PgpKeyNotFoundException { try { Object data = mKeyRepository.getGenericData(mUri, - KeychainContract.KeyRings.HAS_CERTIFY, + KeychainContract.KeyRings.HAS_CERTIFY_SECRET, KeyRepository.FIELD_TYPE_NULL); return !((Boolean) data); } catch(KeyWritableRepository.NotFoundException e) { @@ -192,7 +192,7 @@ public class CachedPublicKeyRing extends KeyRing { public long getSecretSignId() throws PgpKeyNotFoundException { try { Object data = mKeyRepository.getGenericData(mUri, - KeyRings.HAS_SIGN, + KeyRings.HAS_SIGN_SECRET, KeyRepository.FIELD_TYPE_INTEGER); return (Long) data; } catch(KeyWritableRepository.NotFoundException e) { @@ -209,7 +209,7 @@ public class CachedPublicKeyRing extends KeyRing { public long getSecretAuthenticationId() throws PgpKeyNotFoundException { try { Object data = mKeyRepository.getGenericData(mUri, - KeyRings.HAS_AUTHENTICATE, + KeyRings.HAS_AUTHENTICATE_SECRET, KeyRepository.FIELD_TYPE_INTEGER); return (Long) data; } catch(KeyWritableRepository.NotFoundException e) { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java index d5f07f8ff..caa491a86 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java @@ -152,9 +152,9 @@ public class KeychainContract { public static final String IS_EXPIRED = "is_expired"; public static final String HAS_ANY_SECRET = "has_any_secret"; public static final String HAS_ENCRYPT = "has_encrypt"; - public static final String HAS_SIGN = "has_sign"; - public static final String HAS_CERTIFY = "has_certify"; - public static final String HAS_AUTHENTICATE = "has_authenticate"; + public static final String HAS_SIGN_SECRET = "has_sign_secret"; + public static final String HAS_CERTIFY_SECRET = "has_certify_secret"; + public static final String HAS_AUTHENTICATE_SECRET = "has_authenticate_secret"; public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id"; public static final String API_KNOWN_TO_PACKAGE_NAMES = "known_to_apps"; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java index 93a7fb8ef..605bdcbe9 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java @@ -351,12 +351,12 @@ public class KeychainProvider extends ContentProvider { + ")) AS " + KeyRings.HAS_ANY_SECRET); projectionMap.put(KeyRings.HAS_ENCRYPT, "kE." + Keys.KEY_ID + " AS " + KeyRings.HAS_ENCRYPT); - projectionMap.put(KeyRings.HAS_SIGN, - "kS." + Keys.KEY_ID + " AS " + KeyRings.HAS_SIGN); - projectionMap.put(KeyRings.HAS_AUTHENTICATE, - "kA." + Keys.KEY_ID + " AS " + KeyRings.HAS_AUTHENTICATE); - projectionMap.put(KeyRings.HAS_CERTIFY, - "kC." + Keys.KEY_ID + " AS " + KeyRings.HAS_CERTIFY); + projectionMap.put(KeyRings.HAS_SIGN_SECRET, + "kS." + Keys.KEY_ID + " AS " + KeyRings.HAS_SIGN_SECRET); + projectionMap.put(KeyRings.HAS_AUTHENTICATE_SECRET, + "kA." + Keys.KEY_ID + " AS " + KeyRings.HAS_AUTHENTICATE_SECRET); + projectionMap.put(KeyRings.HAS_CERTIFY_SECRET, + "kC." + Keys.KEY_ID + " AS " + KeyRings.HAS_CERTIFY_SECRET); projectionMap.put(KeyRings.IS_EXPIRED, "(" + Tables.KEYS + "." + Keys.EXPIRY + " IS NOT NULL AND " + Tables.KEYS + "." + Keys.EXPIRY + " < " + new Date().getTime() / 1000 + ") AS " + KeyRings.IS_EXPIRED); @@ -398,7 +398,7 @@ public class KeychainProvider extends ContentProvider { + " AND ( kE." + Keys.EXPIRY + " IS NULL OR kE." + Keys.EXPIRY + " >= " + new Date().getTime() / 1000 + " )" + ")" : "") - + (plist.contains(KeyRings.HAS_SIGN) ? + + (plist.contains(KeyRings.HAS_SIGN_SECRET) ? " LEFT JOIN " + Tables.KEYS + " AS kS ON (" +"kS." + Keys.MASTER_KEY_ID + " = " + Tables.KEYS + "." + Keys.MASTER_KEY_ID @@ -409,7 +409,7 @@ public class KeychainProvider extends ContentProvider { + " AND ( kS." + Keys.EXPIRY + " IS NULL OR kS." + Keys.EXPIRY + " >= " + new Date().getTime() / 1000 + " )" + ")" : "") - + (plist.contains(KeyRings.HAS_AUTHENTICATE) ? + + (plist.contains(KeyRings.HAS_AUTHENTICATE_SECRET) ? " LEFT JOIN " + Tables.KEYS + " AS kA ON (" +"kA." + Keys.MASTER_KEY_ID + " = " + Tables.KEYS + "." + Keys.MASTER_KEY_ID @@ -420,7 +420,7 @@ public class KeychainProvider extends ContentProvider { + " AND ( kA." + Keys.EXPIRY + " IS NULL OR kA." + Keys.EXPIRY + " >= " + new Date().getTime() / 1000 + " )" + ")" : "") - + (plist.contains(KeyRings.HAS_CERTIFY) ? + + (plist.contains(KeyRings.HAS_CERTIFY_SECRET) ? " LEFT JOIN " + Tables.KEYS + " AS kC ON (" +"kC." + Keys.MASTER_KEY_ID + " = " + Tables.KEYS + "." + Keys.MASTER_KEY_ID diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/KeyLoader.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/KeyLoader.java index 895c68093..ac30275a7 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/KeyLoader.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/KeyLoader.java @@ -42,7 +42,7 @@ public class KeyLoader extends AsyncTaskLoader> { KeyRings.MASTER_KEY_ID, KeyRings.CREATION, KeyRings.HAS_ENCRYPT, - KeyRings.HAS_AUTHENTICATE, + KeyRings.HAS_AUTHENTICATE_SECRET, KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED, KeyRings.NAME, diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java index 2b202fb25..cd78d53d8 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java @@ -82,7 +82,7 @@ class RemoteSelectAuthenticationKeyPresenter implements LoaderCallbacks> onCreateLoader(int id, Bundle args) { - String selection = KeyRings.HAS_ANY_SECRET + " != 0 AND " + KeyRings.HAS_AUTHENTICATE + " != 0"; + String selection = KeyRings.HAS_ANY_SECRET + " != 0 AND " + KeyRings.HAS_AUTHENTICATE_SECRET + " != 0"; KeySelector keySelector = KeySelector.create( KeyRings.buildUnifiedKeyRingsUri(), selection); return new KeyLoader(context, context.getContentResolver(), keySelector); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/CertifyKeySpinner.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/CertifyKeySpinner.java index 8f4fa9298..3284448a0 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/CertifyKeySpinner.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/CertifyKeySpinner.java @@ -60,7 +60,7 @@ public class CertifyKeySpinner extends KeySpinner { Uri baseUri = KeychainContract.KeyRings.buildUnifiedKeyRingsUri(); String[] projection = KeyAdapter.getProjectionWith(new String[] { - KeychainContract.KeyRings.HAS_CERTIFY, + KeychainContract.KeyRings.HAS_CERTIFY_SECRET, }); String where = KeychainContract.KeyRings.HAS_ANY_SECRET + " = 1 AND " @@ -79,7 +79,7 @@ public class CertifyKeySpinner extends KeySpinner { super.onLoadFinished(loader, data); if (loader.getId() == LOADER_ID) { - mIndexHasCertify = data.getColumnIndex(KeychainContract.KeyRings.HAS_CERTIFY); + mIndexHasCertify = data.getColumnIndex(KeychainContract.KeyRings.HAS_CERTIFY_SECRET); // If: // - no key has been pre-selected (e.g. by SageSlinger) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/SignKeySpinner.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/SignKeySpinner.java index 02ed8357d..55b3537be 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/SignKeySpinner.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/widget/SignKeySpinner.java @@ -49,7 +49,7 @@ public class SignKeySpinner extends KeySpinner { Uri baseUri = KeychainContract.KeyRings.buildUnifiedKeyRingsUri(); String[] projection = KeyAdapter.getProjectionWith(new String[] { - KeychainContract.KeyRings.HAS_SIGN, + KeychainContract.KeyRings.HAS_SIGN_SECRET, }); String where = KeychainContract.KeyRings.HAS_ANY_SECRET + " = 1"; @@ -66,7 +66,7 @@ public class SignKeySpinner extends KeySpinner { super.onLoadFinished(loader, data); if (loader.getId() == LOADER_ID) { - mIndexHasSign = data.getColumnIndex(KeychainContract.KeyRings.HAS_SIGN); + mIndexHasSign = data.getColumnIndex(KeychainContract.KeyRings.HAS_SIGN_SECRET); } } From 7f02363801c5e66c5376cc712a273a496ba06898 Mon Sep 17 00:00:00 2001 From: Christian Hagau Date: Fri, 19 Jan 2018 00:00:00 +0000 Subject: [PATCH 2/5] Remove unnecessary selection predicate --- .../ui/dialog/RemoteSelectAuthenticationKeyPresenter.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java index cd78d53d8..472a3a605 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/dialog/RemoteSelectAuthenticationKeyPresenter.java @@ -82,7 +82,7 @@ class RemoteSelectAuthenticationKeyPresenter implements LoaderCallbacks> onCreateLoader(int id, Bundle args) { - String selection = KeyRings.HAS_ANY_SECRET + " != 0 AND " + KeyRings.HAS_AUTHENTICATE_SECRET + " != 0"; + String selection = KeyRings.HAS_AUTHENTICATE_SECRET + " != 0"; KeySelector keySelector = KeySelector.create( KeyRings.buildUnifiedKeyRingsUri(), selection); return new KeyLoader(context, context.getContentResolver(), keySelector); From 2b326f022ce8f18cc1a79f943f22dec69ba7b113 Mon Sep 17 00:00:00 2001 From: Christian Hagau Date: Fri, 19 Jan 2018 00:00:00 +0000 Subject: [PATCH 3/5] Add getter, predicate for authentication public key id --- .../keychain/provider/CachedPublicKeyRing.java | 17 ++++++++++++++++- .../keychain/provider/KeychainContract.java | 1 + .../keychain/provider/KeychainProvider.java | 12 ++++++++++++ 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java index 78345a12f..a64bedb6b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java @@ -217,10 +217,25 @@ public class CachedPublicKeyRing extends KeyRing { } } - public boolean hasAuthentication() throws PgpKeyNotFoundException { + public boolean hasSecretAuthentication() throws PgpKeyNotFoundException { return getSecretAuthenticationId() != 0; } + public long getAuthenticationId() throws PgpKeyNotFoundException { + try { + Object data = mKeyRepository.getGenericData(mUri, + KeyRings.HAS_AUTHENTICATE, + KeyRepository.FIELD_TYPE_INTEGER); + return (Long) data; + } catch(KeyWritableRepository.NotFoundException e) { + throw new PgpKeyNotFoundException(e); + } + } + + public boolean hasAuthentication() throws PgpKeyNotFoundException { + return getAuthenticationId() != 0; + } + @Override public int getVerified() throws PgpKeyNotFoundException { try { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java index caa491a86..01ae4b5dd 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainContract.java @@ -154,6 +154,7 @@ public class KeychainContract { public static final String HAS_ENCRYPT = "has_encrypt"; public static final String HAS_SIGN_SECRET = "has_sign_secret"; public static final String HAS_CERTIFY_SECRET = "has_certify_secret"; + public static final String HAS_AUTHENTICATE = "has_authenticate"; public static final String HAS_AUTHENTICATE_SECRET = "has_authenticate_secret"; public static final String HAS_DUPLICATE_USER_ID = "has_duplicate_user_id"; public static final String API_KNOWN_TO_PACKAGE_NAMES = "known_to_apps"; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java index 605bdcbe9..b5747b1a1 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainProvider.java @@ -353,6 +353,8 @@ public class KeychainProvider extends ContentProvider { "kE." + Keys.KEY_ID + " AS " + KeyRings.HAS_ENCRYPT); projectionMap.put(KeyRings.HAS_SIGN_SECRET, "kS." + Keys.KEY_ID + " AS " + KeyRings.HAS_SIGN_SECRET); + projectionMap.put(KeyRings.HAS_AUTHENTICATE, + "kA." + Keys.KEY_ID + " AS " + KeyRings.HAS_AUTHENTICATE); projectionMap.put(KeyRings.HAS_AUTHENTICATE_SECRET, "kA." + Keys.KEY_ID + " AS " + KeyRings.HAS_AUTHENTICATE_SECRET); projectionMap.put(KeyRings.HAS_CERTIFY_SECRET, @@ -409,6 +411,16 @@ public class KeychainProvider extends ContentProvider { + " AND ( kS." + Keys.EXPIRY + " IS NULL OR kS." + Keys.EXPIRY + " >= " + new Date().getTime() / 1000 + " )" + ")" : "") + + (plist.contains(KeyRings.HAS_AUTHENTICATE) ? + " LEFT JOIN " + Tables.KEYS + " AS kA ON (" + +"kA." + Keys.MASTER_KEY_ID + + " = " + Tables.KEYS + "." + Keys.MASTER_KEY_ID + + " AND kA." + Keys.IS_REVOKED + " = 0" + + " AND kA." + Keys.IS_SECURE + " = 1" + + " AND kA." + Keys.CAN_AUTHENTICATE + " = 1" + + " AND ( kA." + Keys.EXPIRY + " IS NULL OR kA." + Keys.EXPIRY + + " >= " + new Date().getTime() / 1000 + " )" + + ")" : "") + (plist.contains(KeyRings.HAS_AUTHENTICATE_SECRET) ? " LEFT JOIN " + Tables.KEYS + " AS kA ON (" +"kA." + Keys.MASTER_KEY_ID From 65d2f37324f87a48e5dab47f9e9d98286a0db52c Mon Sep 17 00:00:00 2001 From: Christian Hagau Date: Fri, 19 Jan 2018 00:00:00 +0000 Subject: [PATCH 4/5] Allow export of SSH public keys for keyrings with authentication subkey but without the associated private key --- .../keychain/ui/ViewKeyAdvShareFragment.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java index 3d3fb97bf..6ba560914 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyAdvShareFragment.java @@ -216,7 +216,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements try { masterKeyId = keyRepository.getCachedPublicKeyRing(mDataUri).extractOrGetMasterKeyId(); CachedPublicKeyRing cachedPublicKeyRing = keyRepository.getCachedPublicKeyRing(masterKeyId); - authSubKeyId = cachedPublicKeyRing.getSecretAuthenticationId(); + authSubKeyId = cachedPublicKeyRing.getAuthenticationId(); } catch (PgpKeyNotFoundException e) { Log.e(Constants.TAG, "key not found!", e); } @@ -232,7 +232,7 @@ public class ViewKeyAdvShareFragment extends LoaderFragment implements String content; long masterKeyId = keyRepository.getCachedPublicKeyRing(mDataUri).extractOrGetMasterKeyId(); if (asSshKey) { - long authSubKeyId = keyRepository.getCachedPublicKeyRing(masterKeyId).getSecretAuthenticationId(); + long authSubKeyId = keyRepository.getCachedPublicKeyRing(masterKeyId).getAuthenticationId(); CanonicalizedPublicKey publicKey = keyRepository.getCanonicalizedPublicKeyRing(masterKeyId) .getPublicKey(authSubKeyId); SshPublicKey sshPublicKey = new SshPublicKey(publicKey); From e251c56e909c4622e6714b3ae5cc435414812072 Mon Sep 17 00:00:00 2001 From: Christian Hagau Date: Fri, 19 Jan 2018 00:00:00 +0000 Subject: [PATCH 5/5] Use appropiate getter for authentication public key --- .../keychain/remote/SshAuthenticationService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java index 0aca6e657..9bf1433b9 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/SshAuthenticationService.java @@ -363,7 +363,7 @@ public class SshAuthenticationService extends Service { throws PgpKeyNotFoundException, KeyRepository.NotFoundException { KeyRepository keyRepository = KeyRepository.create(getApplicationContext()); long authSubKeyId = keyRepository.getCachedPublicKeyRing(masterKeyId) - .getSecretAuthenticationId(); + .getAuthenticationId(); return keyRepository.getCanonicalizedPublicKeyRing(masterKeyId) .getPublicKey(authSubKeyId); }