move LogLevel info into LogType enum
This commit is contained in:
Vincent Breitmoser
@@ -49,7 +49,6 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.service.results.DecryptVerifyResult;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.util.InputData;
|
||||
@@ -210,11 +209,11 @@ public class PgpDecryptVerify {
|
||||
return decryptVerify(in, 0);
|
||||
} catch (PGPException e) {
|
||||
OperationLog log = new OperationLog();
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_PGP_EXCEPTION, 1);
|
||||
log.add(LogType.MSG_DC_ERROR_PGP_EXCEPTION, 1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
} catch (IOException e) {
|
||||
OperationLog log = new OperationLog();
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_IO, 1);
|
||||
log.add(LogType.MSG_DC_ERROR_IO, 1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
}
|
||||
@@ -226,7 +225,7 @@ public class PgpDecryptVerify {
|
||||
|
||||
OperationLog log = new OperationLog();
|
||||
|
||||
log.add(LogLevel.START, LogType.MSG_DC, indent);
|
||||
log.add(LogType.MSG_DC, indent);
|
||||
indent += 1;
|
||||
|
||||
PGPObjectFactory pgpF = new PGPObjectFactory(in, new JcaKeyFingerprintCalculator());
|
||||
@@ -243,7 +242,7 @@ public class PgpDecryptVerify {
|
||||
}
|
||||
|
||||
if (enc == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
|
||||
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
@@ -270,7 +269,7 @@ public class PgpDecryptVerify {
|
||||
PGPPublicKeyEncryptedData encData = (PGPPublicKeyEncryptedData) obj;
|
||||
long subKeyId = encData.getKeyID();
|
||||
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_ASYM, indent,
|
||||
log.add(LogType.MSG_DC_ASYM, indent,
|
||||
PgpKeyHelper.convertKeyIdToHex(subKeyId));
|
||||
|
||||
CanonicalizedSecretKeyRing secretKeyRing;
|
||||
@@ -281,19 +280,19 @@ public class PgpDecryptVerify {
|
||||
);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
// continue with the next packet in the while loop
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
continue;
|
||||
}
|
||||
if (secretKeyRing == null) {
|
||||
// continue with the next packet in the while loop
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
continue;
|
||||
}
|
||||
// get subkey which has been used for this encryption packet
|
||||
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
|
||||
if (secretEncryptionKey == null) {
|
||||
// should actually never happen, so no need to be more specific.
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent +1);
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -307,7 +306,7 @@ public class PgpDecryptVerify {
|
||||
if (!mAllowedKeyIds.contains(masterKeyId)) {
|
||||
// this key is in our db, but NOT allowed!
|
||||
// continue with the next packet in the while loop
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent +1);
|
||||
log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent +1);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
@@ -322,15 +321,15 @@ public class PgpDecryptVerify {
|
||||
try {
|
||||
// returns "" if key has no passphrase
|
||||
mPassphrase = mPassphraseCache.getCachedPassphrase(subKeyId);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_PASS_CACHED, indent +1);
|
||||
log.add(LogType.MSG_DC_PASS_CACHED, indent +1);
|
||||
} catch (NoSecretKeyException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_NO_KEY, indent +1);
|
||||
log.add(LogType.MSG_DC_ERROR_NO_KEY, indent +1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
// if passphrase was not cached, return here indicating that a passphrase is missing!
|
||||
if (mPassphrase == null) {
|
||||
log.add(LogLevel.INFO, LogType.MSG_DC_PENDING_PASSPHRASE, indent +1);
|
||||
log.add(LogType.MSG_DC_PENDING_PASSPHRASE, indent +1);
|
||||
DecryptVerifyResult result =
|
||||
new DecryptVerifyResult(DecryptVerifyResult.RESULT_PENDING_ASYM_PASSPHRASE, log);
|
||||
result.setKeyIdPassphraseNeeded(subKeyId);
|
||||
@@ -344,10 +343,10 @@ public class PgpDecryptVerify {
|
||||
} else if (obj instanceof PGPPBEEncryptedData) {
|
||||
anyPacketFound = true;
|
||||
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_SYM, indent);
|
||||
log.add(LogType.MSG_DC_SYM, indent);
|
||||
|
||||
if (! mAllowSymmetricDecryption) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_DC_SYM_SKIP, indent +1);
|
||||
log.add(LogType.MSG_DC_SYM_SKIP, indent +1);
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -362,7 +361,7 @@ public class PgpDecryptVerify {
|
||||
// if no passphrase is given, return here
|
||||
// indicating that a passphrase is missing!
|
||||
if (mPassphrase == null) {
|
||||
log.add(LogLevel.INFO, LogType.MSG_DC_PENDING_PASSPHRASE, indent +1);
|
||||
log.add(LogType.MSG_DC_PENDING_PASSPHRASE, indent +1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_PENDING_SYM_PASSPHRASE, log);
|
||||
}
|
||||
|
||||
@@ -377,16 +376,16 @@ public class PgpDecryptVerify {
|
||||
if (obj instanceof PGPPublicKeyEncryptedData) {
|
||||
PGPPublicKeyEncryptedData encData = (PGPPublicKeyEncryptedData) obj;
|
||||
long subKeyId = encData.getKeyID();
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_TRAIL_ASYM, indent,
|
||||
log.add(LogType.MSG_DC_TRAIL_ASYM, indent,
|
||||
PgpKeyHelper.convertKeyIdToHex(subKeyId));
|
||||
} else if (obj instanceof PGPPBEEncryptedData) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_DC_TRAIL_SYM, indent);
|
||||
log.add(LogType.MSG_DC_TRAIL_SYM, indent);
|
||||
} else {
|
||||
log.add(LogLevel.WARN, LogType.MSG_DC_TRAIL_UNKNOWN, indent);
|
||||
log.add(LogType.MSG_DC_TRAIL_UNKNOWN, indent);
|
||||
}
|
||||
}
|
||||
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_PREP_STREAMS, indent);
|
||||
log.add(LogType.MSG_DC_PREP_STREAMS, indent);
|
||||
|
||||
// we made sure above one of these two would be true
|
||||
if (symmetricPacketFound) {
|
||||
@@ -407,13 +406,13 @@ public class PgpDecryptVerify {
|
||||
updateProgress(R.string.progress_extracting_key, currentProgress, 100);
|
||||
|
||||
try {
|
||||
log.add(LogLevel.INFO, LogType.MSG_DC_UNLOCKING, indent +1);
|
||||
log.add(LogType.MSG_DC_UNLOCKING, indent +1);
|
||||
if (!secretEncryptionKey.unlock(mPassphrase)) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_BAD_PASSPHRASE, indent +1);
|
||||
log.add(LogType.MSG_DC_ERROR_BAD_PASSPHRASE, indent +1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_EXTRACT_KEY, indent +1);
|
||||
log.add(LogType.MSG_DC_ERROR_EXTRACT_KEY, indent +1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
@@ -425,7 +424,7 @@ public class PgpDecryptVerify {
|
||||
= secretEncryptionKey.getDecryptorFactory(mDecryptedSessionKey);
|
||||
clear = encryptedDataAsymmetric.getDataStream(decryptorFactory);
|
||||
} catch (NfcSyncPublicKeyDataDecryptorFactoryBuilder.NfcInteractionNeeded e) {
|
||||
log.add(LogLevel.INFO, LogType.MSG_DC_PENDING_NFC, indent +1);
|
||||
log.add(LogType.MSG_DC_PENDING_NFC, indent +1);
|
||||
DecryptVerifyResult result =
|
||||
new DecryptVerifyResult(DecryptVerifyResult.RESULT_PENDING_NFC, log);
|
||||
result.setNfcEncryptedSessionKey(e.encryptedSessionKey);
|
||||
@@ -436,7 +435,7 @@ public class PgpDecryptVerify {
|
||||
} else {
|
||||
// If we didn't find any useful data, error out
|
||||
// no packet has been found where we have the corresponding secret key in our db
|
||||
log.add(LogLevel.ERROR,
|
||||
log.add(
|
||||
anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent +1);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
@@ -448,11 +447,11 @@ public class PgpDecryptVerify {
|
||||
CanonicalizedPublicKeyRing signingRing = null;
|
||||
CanonicalizedPublicKey signingKey = null;
|
||||
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR, indent);
|
||||
log.add(LogType.MSG_DC_CLEAR, indent);
|
||||
indent += 1;
|
||||
|
||||
if (dataChunk instanceof PGPCompressedData) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_DECOMPRESS, indent +1);
|
||||
log.add(LogType.MSG_DC_CLEAR_DECOMPRESS, indent +1);
|
||||
currentProgress += 2;
|
||||
updateProgress(R.string.progress_decompressing_data, currentProgress, 100);
|
||||
|
||||
@@ -465,7 +464,7 @@ public class PgpDecryptVerify {
|
||||
|
||||
PGPOnePassSignature signature = null;
|
||||
if (dataChunk instanceof PGPOnePassSignatureList) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_SIGNATURE, indent +1);
|
||||
log.add(LogType.MSG_DC_CLEAR_SIGNATURE, indent +1);
|
||||
currentProgress += 2;
|
||||
updateProgress(R.string.progress_processing_signature, currentProgress, 100);
|
||||
|
||||
@@ -516,7 +515,7 @@ public class PgpDecryptVerify {
|
||||
OpenPgpMetadata metadata;
|
||||
|
||||
if (dataChunk instanceof PGPLiteralData) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_DATA, indent +1);
|
||||
log.add(LogType.MSG_DC_CLEAR_DATA, indent +1);
|
||||
indent += 2;
|
||||
currentProgress += 4;
|
||||
updateProgress(R.string.progress_decrypting, currentProgress, 100);
|
||||
@@ -559,20 +558,20 @@ public class PgpDecryptVerify {
|
||||
originalSize);
|
||||
|
||||
if ( ! originalFilename.equals("")) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_META_FILE, indent + 1, originalFilename);
|
||||
log.add(LogType.MSG_DC_CLEAR_META_FILE, indent + 1, originalFilename);
|
||||
}
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_META_MIME, indent +1,
|
||||
log.add(LogType.MSG_DC_CLEAR_META_MIME, indent +1,
|
||||
mimeType);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_META_TIME, indent +1,
|
||||
log.add(LogType.MSG_DC_CLEAR_META_TIME, indent +1,
|
||||
new Date(literalData.getModificationTime().getTime()).toString());
|
||||
if (originalSize != 0) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_META_SIZE, indent + 1,
|
||||
log.add(LogType.MSG_DC_CLEAR_META_SIZE, indent + 1,
|
||||
Long.toString(originalSize));
|
||||
}
|
||||
|
||||
// return here if we want to decrypt the metadata only
|
||||
if (mDecryptMetadataOnly) {
|
||||
log.add(LogLevel.OK, LogType.MSG_DC_OK_META_ONLY, indent);
|
||||
log.add(LogType.MSG_DC_OK_META_ONLY, indent);
|
||||
DecryptVerifyResult result =
|
||||
new DecryptVerifyResult(DecryptVerifyResult.RESULT_OK, log);
|
||||
result.setDecryptMetadata(metadata);
|
||||
@@ -619,7 +618,7 @@ public class PgpDecryptVerify {
|
||||
|
||||
if (signature != null) {
|
||||
updateProgress(R.string.progress_verifying_signature, 90, 100);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_SIGNATURE_CHECK, indent);
|
||||
log.add(LogType.MSG_DC_CLEAR_SIGNATURE_CHECK, indent);
|
||||
|
||||
PGPSignatureList signatureList = (PGPSignatureList) plainFact.nextObject();
|
||||
PGPSignature messageSignature = signatureList.get(signatureIndex);
|
||||
@@ -631,9 +630,9 @@ public class PgpDecryptVerify {
|
||||
// Verify signature and check binding signatures
|
||||
boolean validSignature = signature.verify(messageSignature);
|
||||
if (validSignature) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_DC_CLEAR_SIGNATURE_OK, indent +1);
|
||||
log.add(LogType.MSG_DC_CLEAR_SIGNATURE_OK, indent +1);
|
||||
} else {
|
||||
log.add(LogLevel.WARN, LogType.MSG_DC_CLEAR_SIGNATURE_BAD, indent +1);
|
||||
log.add(LogType.MSG_DC_CLEAR_SIGNATURE_BAD, indent +1);
|
||||
}
|
||||
signatureResultBuilder.setValidSignature(validSignature);
|
||||
}
|
||||
@@ -648,9 +647,9 @@ public class PgpDecryptVerify {
|
||||
updateProgress(R.string.progress_verifying_integrity, 95, 100);
|
||||
|
||||
if (encryptedData.verify()) {
|
||||
log.add(LogLevel.INFO, LogType.MSG_DC_INTEGRITY_CHECK_OK, indent);
|
||||
log.add(LogType.MSG_DC_INTEGRITY_CHECK_OK, indent);
|
||||
} else {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent);
|
||||
log.add(LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
} else {
|
||||
@@ -661,14 +660,14 @@ public class PgpDecryptVerify {
|
||||
// Handle missing integrity protection like failed integrity protection!
|
||||
// The MDC packet can be stripped by an attacker!
|
||||
if (!signatureResultBuilder.isValidSignature()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent);
|
||||
log.add(LogType.MSG_DC_ERROR_INTEGRITY_CHECK, indent);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
}
|
||||
|
||||
updateProgress(R.string.progress_done, 100, 100);
|
||||
|
||||
log.add(LogLevel.OK, LogType.MSG_DC_OK, indent);
|
||||
log.add(LogType.MSG_DC_OK, indent);
|
||||
|
||||
// Return a positive result, with metadata and verification info
|
||||
DecryptVerifyResult result =
|
||||
@@ -724,7 +723,7 @@ public class PgpDecryptVerify {
|
||||
|
||||
PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
|
||||
if (sigList == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
|
||||
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
|
||||
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
|
||||
@@ -33,7 +33,6 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.service.KeychainIntentService;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.service.results.ImportKeyResult;
|
||||
@@ -209,7 +208,7 @@ public class PgpImportExport {
|
||||
}
|
||||
}
|
||||
if (mCancelled != null && mCancelled.get()) {
|
||||
log.add(LogLevel.CANCELLED, LogType.MSG_OPERATION_CANCELLED, 0);
|
||||
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
|
||||
resultType |= ImportKeyResult.RESULT_CANCELLED;
|
||||
}
|
||||
|
||||
|
||||
@@ -47,7 +47,6 @@ import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.service.results.EditKeyResult;
|
||||
@@ -192,16 +191,16 @@ public class PgpKeyOperation {
|
||||
// Some safety checks
|
||||
if (add.mAlgorithm == Algorithm.ECDH || add.mAlgorithm == Algorithm.ECDSA) {
|
||||
if (add.mCurve == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
if (add.mKeySize == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
||||
return null;
|
||||
}
|
||||
if (add.mKeySize < 512) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_KEYSIZE_512, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_KEYSIZE_512, indent);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@@ -212,7 +211,7 @@ public class PgpKeyOperation {
|
||||
switch (add.mAlgorithm) {
|
||||
case DSA: {
|
||||
if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_FLAGS_DSA, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_DSA, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_dsa, 30);
|
||||
@@ -224,7 +223,7 @@ public class PgpKeyOperation {
|
||||
|
||||
case ELGAMAL: {
|
||||
if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_FLAGS_ELGAMAL, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ELGAMAL, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_elgamal, 30);
|
||||
@@ -250,7 +249,7 @@ public class PgpKeyOperation {
|
||||
|
||||
case ECDSA: {
|
||||
if ((add.mFlags & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_ecdsa, 30);
|
||||
@@ -265,7 +264,7 @@ public class PgpKeyOperation {
|
||||
case ECDH: {
|
||||
// make sure there are no sign or certify flags set
|
||||
if ((add.mFlags & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_FLAGS_ECDH, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDH, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_ecdh, 30);
|
||||
@@ -278,7 +277,7 @@ public class PgpKeyOperation {
|
||||
}
|
||||
|
||||
default: {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@@ -289,13 +288,13 @@ public class PgpKeyOperation {
|
||||
} catch(NoSuchProviderException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch(NoSuchAlgorithmException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_UNKNOWN_ALGO, indent);
|
||||
return null;
|
||||
} catch(InvalidAlgorithmParameterException e) {
|
||||
throw new RuntimeException(e);
|
||||
} catch(PGPException e) {
|
||||
Log.e(Constants.TAG, "internal pgp error", e);
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@@ -307,28 +306,28 @@ public class PgpKeyOperation {
|
||||
|
||||
try {
|
||||
|
||||
log.add(LogLevel.START, LogType.MSG_CR, indent);
|
||||
log.add(LogType.MSG_CR, indent);
|
||||
progress(R.string.progress_building_key, 0);
|
||||
indent += 1;
|
||||
|
||||
if (saveParcel.mAddSubKeys.isEmpty()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_MASTER, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NO_MASTER, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
if (saveParcel.mAddUserIds.isEmpty()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_USER_ID, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NO_USER_ID, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
SubkeyAdd add = saveParcel.mAddSubKeys.remove(0);
|
||||
if ((add.mFlags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NO_CERTIFY, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NO_CERTIFY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
if (add.mExpiry == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_NULL_EXPIRY, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_NULL_EXPIRY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -363,7 +362,7 @@ public class PgpKeyOperation {
|
||||
return internal(sKR, masterSecretKey, add.mFlags, add.mExpiry, saveParcel, "", log);
|
||||
|
||||
} catch (PGPException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
||||
log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
|
||||
Log.e(Constants.TAG, "pgp error encoding key", e);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
} catch (IOException e) {
|
||||
@@ -405,14 +404,14 @@ public class PgpKeyOperation {
|
||||
* 6. If requested, change passphrase
|
||||
*/
|
||||
|
||||
log.add(LogLevel.START, LogType.MSG_MF, indent,
|
||||
log.add(LogType.MSG_MF, indent,
|
||||
PgpKeyHelper.convertKeyIdToHex(wsKR.getMasterKeyId()));
|
||||
indent += 1;
|
||||
progress(R.string.progress_building_key, 0);
|
||||
|
||||
// Make sure this is called with a proper SaveKeyringParcel
|
||||
if (saveParcel.mMasterKeyId == null || saveParcel.mMasterKeyId != wsKR.getMasterKeyId()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_KEYID, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_KEYID, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -423,7 +422,7 @@ public class PgpKeyOperation {
|
||||
// Make sure the fingerprint matches
|
||||
if (saveParcel.mFingerprint == null || !Arrays.equals(saveParcel.mFingerprint,
|
||||
masterSecretKey.getPublicKey().getFingerprint())) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_FINGERPRINT, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_FINGERPRINT, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -451,7 +450,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// 1. Unlock private key
|
||||
progress(R.string.progress_modify_unlock, 10);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_UNLOCK, indent);
|
||||
log.add(LogType.MSG_MF_UNLOCK, indent);
|
||||
PGPPrivateKey masterPrivateKey;
|
||||
{
|
||||
try {
|
||||
@@ -459,7 +458,7 @@ public class PgpKeyOperation {
|
||||
Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
|
||||
masterPrivateKey = masterSecretKey.extractPrivateKey(keyDecryptor);
|
||||
} catch (PGPException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_UNLOCK_ERROR, indent + 1);
|
||||
log.add(LogType.MSG_MF_UNLOCK_ERROR, indent + 1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
}
|
||||
@@ -468,7 +467,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// Check if we were cancelled
|
||||
if (checkCancelled()) {
|
||||
log.add(LogLevel.CANCELLED, LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
log.add(LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_CANCELLED, log, null);
|
||||
}
|
||||
|
||||
@@ -482,10 +481,10 @@ public class PgpKeyOperation {
|
||||
|
||||
progress(R.string.progress_modify_adduid, (i - 1) * (100 / saveParcel.mAddUserIds.size()));
|
||||
String userId = saveParcel.mAddUserIds.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_UID_ADD, indent, userId);
|
||||
log.add(LogType.MSG_MF_UID_ADD, indent, userId);
|
||||
|
||||
if (userId.equals("")) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_UID_ERROR_EMPTY, indent + 1);
|
||||
log.add(LogType.MSG_MF_UID_ERROR_EMPTY, indent + 1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -497,7 +496,7 @@ public class PgpKeyOperation {
|
||||
for (PGPSignature cert : new IterableIterator<PGPSignature>(it)) {
|
||||
if (cert.getKeyID() != masterPublicKey.getKeyID()) {
|
||||
// foreign certificate?! error error error
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
if (cert.getSignatureType() == PGPSignature.CERTIFICATION_REVOCATION
|
||||
@@ -527,7 +526,7 @@ public class PgpKeyOperation {
|
||||
|
||||
progress(R.string.progress_modify_revokeuid, (i - 1) * (100 / saveParcel.mRevokeUserIds.size()));
|
||||
String userId = saveParcel.mRevokeUserIds.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_UID_REVOKE, indent, userId);
|
||||
log.add(LogType.MSG_MF_UID_REVOKE, indent, userId);
|
||||
|
||||
// Make sure the user id exists (yes these are 10 LoC in Java!)
|
||||
boolean exists = false;
|
||||
@@ -539,7 +538,7 @@ public class PgpKeyOperation {
|
||||
}
|
||||
}
|
||||
if (!exists) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NOEXIST_REVOKE, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_NOEXIST_REVOKE, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -557,7 +556,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// keep track if we actually changed one
|
||||
boolean ok = false;
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_UID_PRIMARY, indent);
|
||||
log.add(LogType.MSG_MF_UID_PRIMARY, indent);
|
||||
indent += 1;
|
||||
|
||||
// we work on the modifiedPublicKey here, to respect new or newly revoked uids
|
||||
@@ -570,7 +569,7 @@ public class PgpKeyOperation {
|
||||
modifiedPublicKey.getSignaturesForID(userId))) {
|
||||
if (cert.getKeyID() != masterPublicKey.getKeyID()) {
|
||||
// foreign certificate?! error error error
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
// we know from canonicalization that if there is any revocation here, it
|
||||
@@ -591,7 +590,7 @@ public class PgpKeyOperation {
|
||||
|
||||
if (currentCert == null) {
|
||||
// no certificate found?! error error error
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -599,7 +598,7 @@ public class PgpKeyOperation {
|
||||
if (isRevoked) {
|
||||
// revoked user ids cannot be primary!
|
||||
if (userId.equals(saveParcel.mChangePrimaryUserId)) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_REVOKED_PRIMARY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_REVOKED_PRIMARY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
continue;
|
||||
@@ -614,7 +613,7 @@ public class PgpKeyOperation {
|
||||
continue;
|
||||
}
|
||||
// otherwise, generate new non-primary certification
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_REPLACE_OLD, indent);
|
||||
log.add(LogType.MSG_MF_PRIMARY_REPLACE_OLD, indent);
|
||||
modifiedPublicKey = PGPPublicKey.removeCertification(
|
||||
modifiedPublicKey, userId, currentCert);
|
||||
PGPSignature newCert = generateUserIdSignature(
|
||||
@@ -630,7 +629,7 @@ public class PgpKeyOperation {
|
||||
// if it should be
|
||||
if (userId.equals(saveParcel.mChangePrimaryUserId)) {
|
||||
// add shiny new primary user id certificate
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_NEW, indent);
|
||||
log.add(LogType.MSG_MF_PRIMARY_NEW, indent);
|
||||
modifiedPublicKey = PGPPublicKey.removeCertification(
|
||||
modifiedPublicKey, userId, currentCert);
|
||||
PGPSignature newCert = generateUserIdSignature(
|
||||
@@ -648,7 +647,7 @@ public class PgpKeyOperation {
|
||||
indent -= 1;
|
||||
|
||||
if (!ok) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NOEXIST_PRIMARY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_NOEXIST_PRIMARY, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
}
|
||||
@@ -664,7 +663,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// Check if we were cancelled - again
|
||||
if (checkCancelled()) {
|
||||
log.add(LogLevel.CANCELLED, LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
log.add(LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_CANCELLED, log, null);
|
||||
}
|
||||
|
||||
@@ -674,12 +673,12 @@ public class PgpKeyOperation {
|
||||
|
||||
progress(R.string.progress_modify_subkeychange, (i-1) * (100 / saveParcel.mChangeSubKeys.size()));
|
||||
SaveKeyringParcel.SubkeyChange change = saveParcel.mChangeSubKeys.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_CHANGE,
|
||||
log.add(LogType.MSG_MF_SUBKEY_CHANGE,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(change.mKeyId));
|
||||
|
||||
PGPSecretKey sKey = sKR.getSecretKey(change.mKeyId);
|
||||
if (sKey == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
indent + 1, PgpKeyHelper.convertKeyIdToHex(change.mKeyId));
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
@@ -687,7 +686,7 @@ public class PgpKeyOperation {
|
||||
// expiry must not be in the past
|
||||
if (change.mExpiry != null && change.mExpiry != 0 &&
|
||||
new Date(change.mExpiry*1000).before(new Date())) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PAST_EXPIRY,
|
||||
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY,
|
||||
indent + 1, PgpKeyHelper.convertKeyIdToHex(change.mKeyId));
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
@@ -698,7 +697,7 @@ public class PgpKeyOperation {
|
||||
long expiry = change.mExpiry == null ? masterKeyExpiry : change.mExpiry;
|
||||
|
||||
if ((flags & KeyFlags.CERTIFY_OTHER) != KeyFlags.CERTIFY_OTHER) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NO_CERTIFY, indent + 1);
|
||||
log.add(LogType.MSG_MF_ERROR_NO_CERTIFY, indent + 1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -755,12 +754,12 @@ public class PgpKeyOperation {
|
||||
|
||||
progress(R.string.progress_modify_subkeyrevoke, (i-1) * (100 / saveParcel.mRevokeSubKeys.size()));
|
||||
long revocation = saveParcel.mRevokeSubKeys.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_REVOKE,
|
||||
log.add(LogType.MSG_MF_SUBKEY_REVOKE,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(revocation));
|
||||
|
||||
PGPSecretKey sKey = sKR.getSecretKey(revocation);
|
||||
if (sKey == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
indent+1, PgpKeyHelper.convertKeyIdToHex(revocation));
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
@@ -780,12 +779,12 @@ public class PgpKeyOperation {
|
||||
|
||||
progress(R.string.progress_modify_subkeystrip, (i-1) * (100 / saveParcel.mStripSubKeys.size()));
|
||||
long strip = saveParcel.mStripSubKeys.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_STRIP,
|
||||
log.add(LogType.MSG_MF_SUBKEY_STRIP,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(strip));
|
||||
|
||||
PGPSecretKey sKey = sKR.getSecretKey(strip);
|
||||
if (sKey == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
log.add(LogType.MSG_MF_ERROR_SUBKEY_MISSING,
|
||||
indent+1, PgpKeyHelper.convertKeyIdToHex(strip));
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
@@ -804,22 +803,22 @@ public class PgpKeyOperation {
|
||||
|
||||
// Check if we were cancelled - again. This operation is expensive so we do it each loop.
|
||||
if (checkCancelled()) {
|
||||
log.add(LogLevel.CANCELLED, LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
log.add(LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_CANCELLED, log, null);
|
||||
}
|
||||
|
||||
progress(R.string.progress_modify_subkeyadd, (i-1) * (100 / saveParcel.mAddSubKeys.size()));
|
||||
SaveKeyringParcel.SubkeyAdd add = saveParcel.mAddSubKeys.get(i);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_NEW, indent,
|
||||
log.add(LogType.MSG_MF_SUBKEY_NEW, indent,
|
||||
PgpKeyHelper.getAlgorithmInfo(add.mAlgorithm, add.mKeySize, add.mCurve) );
|
||||
|
||||
if (add.mExpiry == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NULL_EXPIRY, indent +1);
|
||||
log.add(LogType.MSG_MF_ERROR_NULL_EXPIRY, indent +1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
if (add.mExpiry > 0L && new Date(add.mExpiry*1000).before(new Date())) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PAST_EXPIRY, indent +1);
|
||||
log.add(LogType.MSG_MF_ERROR_PAST_EXPIRY, indent +1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -831,7 +830,7 @@ public class PgpKeyOperation {
|
||||
PGPKeyPair keyPair = createKey(add, log, indent);
|
||||
subProgressPop();
|
||||
if (keyPair == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PGP, indent +1);
|
||||
log.add(LogType.MSG_MF_ERROR_PGP, indent +1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
@@ -856,7 +855,7 @@ public class PgpKeyOperation {
|
||||
sKey = new PGPSecretKey(keyPair.getPrivateKey(), pKey, sha1Calc, false, keyEncryptor);
|
||||
}
|
||||
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_SUBKEY_NEW_ID,
|
||||
log.add(LogType.MSG_MF_SUBKEY_NEW_ID,
|
||||
indent+1, PgpKeyHelper.convertKeyIdToHex(sKey.getKeyID()));
|
||||
|
||||
sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
|
||||
@@ -866,14 +865,14 @@ public class PgpKeyOperation {
|
||||
|
||||
// Check if we were cancelled - again. This operation is expensive so we do it each loop.
|
||||
if (checkCancelled()) {
|
||||
log.add(LogLevel.CANCELLED, LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
log.add(LogType.MSG_OPERATION_CANCELLED, indent);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_CANCELLED, log, null);
|
||||
}
|
||||
|
||||
// 6. If requested, change passphrase
|
||||
if (saveParcel.mNewPassphrase != null) {
|
||||
progress(R.string.progress_modify_passphrase, 90);
|
||||
log.add(LogLevel.INFO, LogType.MSG_MF_PASSPHRASE, indent);
|
||||
log.add(LogType.MSG_MF_PASSPHRASE, indent);
|
||||
indent += 1;
|
||||
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder().build()
|
||||
@@ -888,7 +887,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// noinspection unchecked
|
||||
for (PGPSecretKey sKey : new IterableIterator<PGPSecretKey>(sKR.getSecretKeys())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_PASSPHRASE_KEY, indent,
|
||||
log.add(LogType.MSG_MF_PASSPHRASE_KEY, indent,
|
||||
PgpKeyHelper.convertKeyIdToHex(sKey.getKeyID()));
|
||||
|
||||
boolean ok = false;
|
||||
@@ -901,14 +900,14 @@ public class PgpKeyOperation {
|
||||
|
||||
// if this is the master key, error!
|
||||
if (sKey.getKeyID() == masterPublicKey.getKeyID()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PASSPHRASE_MASTER, indent+1);
|
||||
log.add(LogType.MSG_MF_ERROR_PASSPHRASE_MASTER, indent+1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
// being in here means decrypt failed, likely due to a bad passphrase try
|
||||
// again with an empty passphrase, maybe we can salvage this
|
||||
try {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_PASSPHRASE_EMPTY_RETRY, indent+1);
|
||||
log.add(LogType.MSG_MF_PASSPHRASE_EMPTY_RETRY, indent+1);
|
||||
PBESecretKeyDecryptor emptyDecryptor =
|
||||
new JcePBESecretKeyDecryptorBuilder().setProvider(
|
||||
Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
|
||||
@@ -921,7 +920,7 @@ public class PgpKeyOperation {
|
||||
|
||||
if (!ok) {
|
||||
// for a subkey, it's merely a warning
|
||||
log.add(LogLevel.WARN, LogType.MSG_MF_PASSPHRASE_FAIL, indent+1,
|
||||
log.add(LogType.MSG_MF_PASSPHRASE_FAIL, indent+1,
|
||||
PgpKeyHelper.convertKeyIdToHex(sKey.getKeyID()));
|
||||
continue;
|
||||
}
|
||||
@@ -935,20 +934,20 @@ public class PgpKeyOperation {
|
||||
|
||||
} catch (IOException e) {
|
||||
Log.e(Constants.TAG, "encountered IOException while modifying key", e);
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_ENCODE, indent+1);
|
||||
log.add(LogType.MSG_MF_ERROR_ENCODE, indent+1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
} catch (PGPException e) {
|
||||
Log.e(Constants.TAG, "encountered pgp error while modifying key", e);
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PGP, indent+1);
|
||||
log.add(LogType.MSG_MF_ERROR_PGP, indent+1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
} catch (SignatureException e) {
|
||||
Log.e(Constants.TAG, "encountered SignatureException while modifying key", e);
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_SIG, indent+1);
|
||||
log.add(LogType.MSG_MF_ERROR_SIG, indent+1);
|
||||
return new EditKeyResult(EditKeyResult.RESULT_ERROR, log, null);
|
||||
}
|
||||
|
||||
progress(R.string.progress_done, 100);
|
||||
log.add(LogLevel.OK, LogType.MSG_MF_SUCCESS, indent);
|
||||
log.add(LogType.MSG_MF_SUCCESS, indent);
|
||||
return new EditKeyResult(OperationResult.RESULT_OK, log, new UncachedKeyRing(sKR));
|
||||
|
||||
}
|
||||
@@ -961,7 +960,7 @@ public class PgpKeyOperation {
|
||||
|
||||
// keep track if we actually changed one
|
||||
boolean ok = false;
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MF_MASTER, indent);
|
||||
log.add(LogType.MSG_MF_MASTER, indent);
|
||||
indent += 1;
|
||||
|
||||
PGPPublicKey modifiedPublicKey = masterPublicKey;
|
||||
@@ -976,7 +975,7 @@ public class PgpKeyOperation {
|
||||
modifiedPublicKey.getSignaturesForID(userId))) {
|
||||
if (cert.getKeyID() != masterPublicKey.getKeyID()) {
|
||||
// foreign certificate?! error error error
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
return null;
|
||||
}
|
||||
// we know from canonicalization that if there is any revocation here, it
|
||||
@@ -997,7 +996,7 @@ public class PgpKeyOperation {
|
||||
|
||||
if (currentCert == null) {
|
||||
// no certificate found?! error error error
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_INTEGRITY, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -1021,7 +1020,7 @@ public class PgpKeyOperation {
|
||||
|
||||
if (!ok) {
|
||||
// might happen, theoretically, if there is a key with no uid..
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_MASTER_NONE, indent);
|
||||
log.add(LogType.MSG_MF_ERROR_MASTER_NONE, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@@ -36,7 +36,6 @@ import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.service.results.SignEncryptResult;
|
||||
@@ -258,7 +257,7 @@ public class PgpSignEncrypt {
|
||||
int indent = 0;
|
||||
OperationLog log = new OperationLog();
|
||||
|
||||
log.add(LogLevel.START, LogType.MSG_SE, indent);
|
||||
log.add(LogType.MSG_SE, indent);
|
||||
indent += 1;
|
||||
|
||||
boolean enableSignature = mSignatureMasterKeyId != Constants.key.none;
|
||||
@@ -295,7 +294,7 @@ public class PgpSignEncrypt {
|
||||
|
||||
// If we weren't handed a passphrase, throw early
|
||||
if (mSignaturePassphrase == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_NO_PASSPHRASE, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_NO_PASSPHRASE, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
@@ -308,13 +307,13 @@ public class PgpSignEncrypt {
|
||||
signingKey = signingKeyRing.getSecretKey(signKeyId);
|
||||
// make sure it's a signing key alright!
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_SIGN_KEY, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_SIGN_KEY, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
// Make sure we are allowed to sign here!
|
||||
if (!signingKey.canSign()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_KEY_SIGN, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_KEY_SIGN, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
@@ -322,11 +321,11 @@ public class PgpSignEncrypt {
|
||||
|
||||
try {
|
||||
if (!signingKey.unlock(mSignaturePassphrase)) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_BAD_PASSPHRASE, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_BAD_PASSPHRASE, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_UNLOCK, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_UNLOCK, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
@@ -352,13 +351,13 @@ public class PgpSignEncrypt {
|
||||
|
||||
if (mSymmetricPassphrase != null) {
|
||||
// Symmetric encryption
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_SE_SYMMETRIC, indent);
|
||||
log.add(LogType.MSG_SE_SYMMETRIC, indent);
|
||||
|
||||
JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator =
|
||||
new JcePBEKeyEncryptionMethodGenerator(mSymmetricPassphrase.toCharArray());
|
||||
cPk.addMethod(symmetricEncryptionGenerator);
|
||||
} else {
|
||||
log.add(LogLevel.INFO, LogType.MSG_SE_ASYMMETRIC, indent);
|
||||
log.add(LogType.MSG_SE_ASYMMETRIC, indent);
|
||||
|
||||
// Asymmetric encryption
|
||||
for (long id : mEncryptionMasterKeyIds) {
|
||||
@@ -367,13 +366,13 @@ public class PgpSignEncrypt {
|
||||
KeyRings.buildUnifiedKeyRingUri(id));
|
||||
CanonicalizedPublicKey key = keyRing.getEncryptionSubKey();
|
||||
cPk.addMethod(key.getPubKeyEncryptionGenerator());
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_SE_KEY_OK, indent + 1,
|
||||
log.add(LogType.MSG_SE_KEY_OK, indent + 1,
|
||||
PgpKeyHelper.convertKeyIdToHex(id));
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_SE_KEY_WARN, indent +1,
|
||||
log.add(LogType.MSG_SE_KEY_WARN, indent +1,
|
||||
PgpKeyHelper.convertKeyIdToHex(id));
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_SE_KEY_UNKNOWN, indent +1,
|
||||
log.add(LogType.MSG_SE_KEY_UNKNOWN, indent +1,
|
||||
PgpKeyHelper.convertKeyIdToHex(id));
|
||||
}
|
||||
}
|
||||
@@ -390,7 +389,7 @@ public class PgpSignEncrypt {
|
||||
signatureGenerator = signingKey.getSignatureGenerator(
|
||||
mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_NFC, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_NFC, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
}
|
||||
@@ -407,7 +406,7 @@ public class PgpSignEncrypt {
|
||||
if (enableEncryption) {
|
||||
/* actual encryption */
|
||||
updateProgress(R.string.progress_encrypting, 8, 100);
|
||||
log.add(LogLevel.DEBUG, enableSignature
|
||||
log.add(enableSignature
|
||||
? LogType.MSG_SE_SIGCRYPTING
|
||||
: LogType.MSG_SE_ENCRYPTING,
|
||||
indent);
|
||||
@@ -416,7 +415,7 @@ public class PgpSignEncrypt {
|
||||
encryptionOut = cPk.open(out, new byte[1 << 16]);
|
||||
|
||||
if (enableCompression) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_SE_COMPRESSING, indent);
|
||||
log.add(LogType.MSG_SE_COMPRESSING, indent);
|
||||
compressGen = new PGPCompressedDataGenerator(mCompressionId);
|
||||
bcpgOut = new BCPGOutputStream(compressGen.open(encryptionOut));
|
||||
} else {
|
||||
@@ -463,7 +462,7 @@ public class PgpSignEncrypt {
|
||||
/* cleartext signature: sign-only of ascii text */
|
||||
|
||||
updateProgress(R.string.progress_signing, 8, 100);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_SE_SIGNING, indent);
|
||||
log.add(LogType.MSG_SE_SIGNING, indent);
|
||||
|
||||
// write -----BEGIN PGP SIGNED MESSAGE-----
|
||||
armorOut.beginClearText(mSignatureHashAlgorithm);
|
||||
@@ -498,7 +497,7 @@ public class PgpSignEncrypt {
|
||||
/* sign-only binary (files/data stream) */
|
||||
|
||||
updateProgress(R.string.progress_signing, 8, 100);
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_SE_ENCRYPTING, indent);
|
||||
log.add(LogType.MSG_SE_ENCRYPTING, indent);
|
||||
|
||||
InputStream in = mData.getInputStream();
|
||||
|
||||
@@ -533,7 +532,7 @@ public class PgpSignEncrypt {
|
||||
literalGen.close();
|
||||
} else {
|
||||
pOut = null;
|
||||
log.add(LogLevel.WARN, LogType.MSG_SE_CLEARSIGN_ONLY, indent);
|
||||
log.add(LogType.MSG_SE_CLEARSIGN_ONLY, indent);
|
||||
}
|
||||
|
||||
if (enableSignature) {
|
||||
@@ -542,7 +541,7 @@ public class PgpSignEncrypt {
|
||||
signatureGenerator.generate().encode(pOut);
|
||||
} catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
|
||||
// this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
|
||||
log.add(LogLevel.OK, LogType.MSG_SE_PENDING_NFC, indent);
|
||||
log.add(LogType.MSG_SE_PENDING_NFC, indent);
|
||||
SignEncryptResult result =
|
||||
new SignEncryptResult(SignEncryptResult.RESULT_PENDING_NFC, log);
|
||||
result.setNfcData(e.hashToSign, e.hashAlgo, e.creationTimestamp);
|
||||
@@ -568,19 +567,19 @@ public class PgpSignEncrypt {
|
||||
mOutStream.close();
|
||||
|
||||
} catch (SignatureException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_SIG, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_SIG, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
} catch (PGPException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_PGP, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_PGP, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
} catch (IOException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_SE_ERROR_IO, indent);
|
||||
log.add(LogType.MSG_SE_ERROR_IO, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log);
|
||||
}
|
||||
|
||||
updateProgress(R.string.progress_done, 100, 100);
|
||||
|
||||
log.add(LogLevel.OK, LogType.MSG_SE_OK, indent);
|
||||
log.add(LogType.MSG_SE_OK, indent);
|
||||
return new SignEncryptResult(SignEncryptResult.RESULT_OK, log);
|
||||
|
||||
}
|
||||
|
||||
@@ -36,7 +36,6 @@ import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
|
||||
import org.spongycastle.util.Strings;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
|
||||
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.util.IterableIterator;
|
||||
@@ -260,13 +259,13 @@ public class UncachedKeyRing {
|
||||
@SuppressWarnings("ConstantConditions")
|
||||
public CanonicalizedKeyRing canonicalize(OperationLog log, int indent) {
|
||||
|
||||
log.add(LogLevel.START, isSecret() ? LogType.MSG_KC_SECRET : LogType.MSG_KC_PUBLIC,
|
||||
log.add(isSecret() ? LogType.MSG_KC_SECRET : LogType.MSG_KC_PUBLIC,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(getMasterKeyId()));
|
||||
indent += 1;
|
||||
|
||||
// do not accept v3 keys
|
||||
if (getVersion() <= 3) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_KC_ERROR_V3, indent);
|
||||
log.add(LogType.MSG_KC_ERROR_V3, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -279,13 +278,13 @@ public class UncachedKeyRing {
|
||||
final long masterKeyId = masterKey.getKeyID();
|
||||
|
||||
if (Arrays.binarySearch(KNOWN_ALGORITHMS, masterKey.getAlgorithm()) < 0) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_KC_ERROR_MASTER_ALGO, indent,
|
||||
log.add(LogType.MSG_KC_ERROR_MASTER_ALGO, indent,
|
||||
Integer.toString(masterKey.getAlgorithm()));
|
||||
return null;
|
||||
}
|
||||
|
||||
{
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_MASTER,
|
||||
log.add(LogType.MSG_KC_MASTER,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(masterKey.getKeyID()));
|
||||
indent += 1;
|
||||
|
||||
@@ -300,7 +299,7 @@ public class UncachedKeyRing {
|
||||
|| type == PGPSignature.CASUAL_CERTIFICATION
|
||||
|| type == PGPSignature.POSITIVE_CERTIFICATION
|
||||
|| type == PGPSignature.CERTIFICATION_REVOCATION) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -309,7 +308,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (type != PGPSignature.KEY_REVOCATION) {
|
||||
// Unknown type, just remove
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE, indent, "0x" + Integer.toString(type, 16));
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD_TYPE, indent, "0x" + Integer.toString(type, 16));
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -317,7 +316,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (cert.getCreationTime().after(now)) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD_TIME, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -325,7 +324,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (cert.isLocal()) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD_LOCAL, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -334,13 +333,13 @@ public class UncachedKeyRing {
|
||||
try {
|
||||
cert.init(masterKey);
|
||||
if (!cert.verifySignature(masterKey)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_ERR, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_BAD_ERR, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -351,12 +350,12 @@ public class UncachedKeyRing {
|
||||
revocation = zert;
|
||||
// more revocations? at least one is superfluous, then.
|
||||
} else if (revocation.getCreationTime().before(zert.getCreationTime())) {
|
||||
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_DUP, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, revocation);
|
||||
redundantCerts += 1;
|
||||
revocation = zert;
|
||||
} else {
|
||||
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, indent);
|
||||
log.add(LogType.MSG_KC_REVOKE_DUP, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||
redundantCerts += 1;
|
||||
}
|
||||
@@ -368,7 +367,7 @@ public class UncachedKeyRing {
|
||||
|
||||
// check for duplicate user ids
|
||||
if (processedUserIds.contains(rawUserId)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_DUP,
|
||||
log.add(LogType.MSG_KC_UID_DUP,
|
||||
indent, userId);
|
||||
// strip out the first found user id with this name
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId);
|
||||
@@ -392,7 +391,7 @@ public class UncachedKeyRing {
|
||||
&& type != PGPSignature.CASUAL_CERTIFICATION
|
||||
&& type != PGPSignature.POSITIVE_CERTIFICATION
|
||||
&& type != PGPSignature.CERTIFICATION_REVOCATION) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_TYPE,
|
||||
log.add(LogType.MSG_KC_UID_BAD_TYPE,
|
||||
indent, "0x" + Integer.toString(zert.getSignatureType(), 16));
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
@@ -401,7 +400,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (cert.getCreationTime().after(now)) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_TIME, indent);
|
||||
log.add(LogType.MSG_KC_UID_BAD_TIME, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -409,7 +408,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (cert.isLocal()) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_LOCAL, indent);
|
||||
log.add(LogType.MSG_KC_UID_BAD_LOCAL, indent);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
@@ -419,7 +418,7 @@ public class UncachedKeyRing {
|
||||
if (certId != masterKeyId) {
|
||||
// never mind any further for public keys, but remove them from secret ones
|
||||
if (isSecret()) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_FOREIGN,
|
||||
log.add(LogType.MSG_KC_UID_FOREIGN,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(certId));
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
@@ -431,7 +430,7 @@ public class UncachedKeyRing {
|
||||
try {
|
||||
cert.init(masterKey);
|
||||
if (!cert.verifySignature(masterKey, rawUserId)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD,
|
||||
log.add(LogType.MSG_KC_UID_BAD,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
@@ -439,10 +438,10 @@ public class UncachedKeyRing {
|
||||
}
|
||||
// warn user if the signature was made with bad encoding
|
||||
if (!cert.verifySignature(masterKey, userId)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_WARN_ENCODING, indent);
|
||||
log.add(LogType.MSG_KC_UID_WARN_ENCODING, indent);
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_ERR,
|
||||
log.add(LogType.MSG_KC_UID_BAD_ERR,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
badCerts += 1;
|
||||
@@ -457,13 +456,13 @@ public class UncachedKeyRing {
|
||||
if (selfCert == null) {
|
||||
selfCert = zert;
|
||||
} else if (selfCert.getCreationTime().before(cert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_CERT_DUP,
|
||||
log.add(LogType.MSG_KC_UID_CERT_DUP,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, selfCert);
|
||||
redundantCerts += 1;
|
||||
selfCert = zert;
|
||||
} else {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_CERT_DUP,
|
||||
log.add(LogType.MSG_KC_UID_CERT_DUP,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
redundantCerts += 1;
|
||||
@@ -471,7 +470,7 @@ public class UncachedKeyRing {
|
||||
// If there is a revocation certificate, and it's older than this, drop it
|
||||
if (revocation != null
|
||||
&& revocation.getCreationTime().before(selfCert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_OLD,
|
||||
log.add(LogType.MSG_KC_UID_REVOKE_OLD,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, revocation);
|
||||
revocation = null;
|
||||
@@ -482,7 +481,7 @@ public class UncachedKeyRing {
|
||||
case PGPSignature.CERTIFICATION_REVOCATION:
|
||||
// If this is older than the (latest) self cert, drop it
|
||||
if (selfCert != null && selfCert.getCreationTime().after(zert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_OLD,
|
||||
log.add(LogType.MSG_KC_UID_REVOKE_OLD,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
redundantCerts += 1;
|
||||
@@ -493,13 +492,13 @@ public class UncachedKeyRing {
|
||||
revocation = zert;
|
||||
// more revocations? at least one is superfluous, then.
|
||||
} else if (revocation.getCreationTime().before(cert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_DUP,
|
||||
log.add(LogType.MSG_KC_UID_REVOKE_DUP,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, revocation);
|
||||
redundantCerts += 1;
|
||||
revocation = zert;
|
||||
} else {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_UID_REVOKE_DUP,
|
||||
log.add(LogType.MSG_KC_UID_REVOKE_DUP,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId, zert);
|
||||
redundantCerts += 1;
|
||||
@@ -511,7 +510,7 @@ public class UncachedKeyRing {
|
||||
|
||||
// If no valid certificate (if only a revocation) remains, drop it
|
||||
if (selfCert == null && revocation == null) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_KC_UID_REMOVE,
|
||||
log.add(LogType.MSG_KC_UID_REMOVE,
|
||||
indent, userId);
|
||||
modified = PGPPublicKey.removeCertification(modified, rawUserId);
|
||||
}
|
||||
@@ -519,7 +518,7 @@ public class UncachedKeyRing {
|
||||
|
||||
// If NO user ids remain, error out!
|
||||
if (modified == null || !modified.getUserIDs().hasNext()) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_KC_ERROR_NO_UID, indent);
|
||||
log.add(LogType.MSG_KC_ERROR_NO_UID, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -535,14 +534,14 @@ public class UncachedKeyRing {
|
||||
if (key.isMasterKey()) {
|
||||
continue;
|
||||
}
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB,
|
||||
log.add(LogType.MSG_KC_SUB,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(key.getKeyID()));
|
||||
indent += 1;
|
||||
|
||||
if (Arrays.binarySearch(KNOWN_ALGORITHMS, key.getAlgorithm()) < 0) {
|
||||
ring = removeSubKey(ring, key);
|
||||
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_UNKNOWN_ALGO, indent,
|
||||
log.add(LogType.MSG_KC_SUB_UNKNOWN_ALGO, indent,
|
||||
Integer.toString(key.getAlgorithm()));
|
||||
indent -= 1;
|
||||
continue;
|
||||
@@ -561,27 +560,27 @@ public class UncachedKeyRing {
|
||||
|
||||
// filter out bad key types...
|
||||
if (cert.getKeyId() != masterKey.getKeyID()) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_KEYID, indent);
|
||||
log.add(LogType.MSG_KC_SUB_BAD_KEYID, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (type != PGPSignature.SUBKEY_BINDING && type != PGPSignature.SUBKEY_REVOCATION) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TYPE, indent, "0x" + Integer.toString(type, 16));
|
||||
log.add(LogType.MSG_KC_SUB_BAD_TYPE, indent, "0x" + Integer.toString(type, 16));
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (cert.getCreationTime().after(now)) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TIME, indent);
|
||||
log.add(LogType.MSG_KC_SUB_BAD_TIME, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (cert.isLocal()) {
|
||||
// Creation date in the future? No way!
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_LOCAL, indent);
|
||||
log.add(LogType.MSG_KC_SUB_BAD_LOCAL, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
@@ -592,12 +591,12 @@ public class UncachedKeyRing {
|
||||
try {
|
||||
cert.init(masterKey);
|
||||
if (!cert.verifySignature(masterKey, key)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD, indent);
|
||||
log.add(LogType.MSG_KC_SUB_BAD, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_ERR, indent);
|
||||
log.add(LogType.MSG_KC_SUB_BAD_ERR, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
@@ -620,20 +619,20 @@ public class UncachedKeyRing {
|
||||
if (subsig.verifySignature(masterKey, key)) {
|
||||
ok = true;
|
||||
} else {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD, indent);
|
||||
log.add(LogType.MSG_KC_SUB_PRIMARY_BAD, indent);
|
||||
badCerts += 1;
|
||||
continue uids;
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, indent);
|
||||
log.add(LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
// if it doesn't, get rid of this!
|
||||
if (!ok) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, indent);
|
||||
log.add(LogType.MSG_KC_SUB_PRIMARY_NONE, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
@@ -643,7 +642,7 @@ public class UncachedKeyRing {
|
||||
|
||||
// if we already have a cert, and this one is older: skip it
|
||||
if (selfCert != null && cert.getCreationTime().before(selfCert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_DUP, indent);
|
||||
log.add(LogType.MSG_KC_SUB_DUP, indent);
|
||||
redundantCerts += 1;
|
||||
continue;
|
||||
}
|
||||
@@ -651,7 +650,7 @@ public class UncachedKeyRing {
|
||||
selfCert = zert;
|
||||
// if this is newer than a possibly existing revocation, drop that one
|
||||
if (revocation != null && selfCert.getCreationTime().after(revocation.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_REVOKE_DUP, indent);
|
||||
log.add(LogType.MSG_KC_SUB_REVOKE_DUP, indent);
|
||||
redundantCerts += 1;
|
||||
revocation = null;
|
||||
}
|
||||
@@ -663,19 +662,19 @@ public class UncachedKeyRing {
|
||||
try {
|
||||
cert.init(masterKey);
|
||||
if (!cert.verifySignature(masterKey, key)) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, indent);
|
||||
log.add(LogType.MSG_KC_SUB_REVOKE_BAD, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
} catch (PgpGeneralException e) {
|
||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD_ERR, indent);
|
||||
log.add(LogType.MSG_KC_SUB_REVOKE_BAD_ERR, indent);
|
||||
badCerts += 1;
|
||||
continue;
|
||||
}
|
||||
|
||||
// if there is a certification that is newer than this revocation, don't bother
|
||||
if (selfCert != null && selfCert.getCreationTime().after(cert.getCreationTime())) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_REVOKE_DUP, indent);
|
||||
log.add(LogType.MSG_KC_SUB_REVOKE_DUP, indent);
|
||||
redundantCerts += 1;
|
||||
continue;
|
||||
}
|
||||
@@ -688,7 +687,7 @@ public class UncachedKeyRing {
|
||||
if (selfCert == null) {
|
||||
ring = removeSubKey(ring, key);
|
||||
|
||||
log.add(LogLevel.ERROR, LogType.MSG_KC_SUB_NO_CERT,
|
||||
log.add(LogType.MSG_KC_SUB_NO_CERT,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(key.getKeyID()));
|
||||
indent -= 1;
|
||||
continue;
|
||||
@@ -707,16 +706,16 @@ public class UncachedKeyRing {
|
||||
|
||||
if (badCerts > 0 && redundantCerts > 0) {
|
||||
// multi plural would make this complex, just leaving this as is...
|
||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD_AND_RED,
|
||||
log.add(LogType.MSG_KC_SUCCESS_BAD_AND_RED,
|
||||
indent, Integer.toString(badCerts), Integer.toString(redundantCerts));
|
||||
} else if (badCerts > 0) {
|
||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD,
|
||||
log.add(LogType.MSG_KC_SUCCESS_BAD,
|
||||
indent, badCerts);
|
||||
} else if (redundantCerts > 0) {
|
||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_REDUNDANT,
|
||||
log.add(LogType.MSG_KC_SUCCESS_REDUNDANT,
|
||||
indent, redundantCerts);
|
||||
} else {
|
||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS, indent);
|
||||
log.add(LogType.MSG_KC_SUCCESS, indent);
|
||||
}
|
||||
|
||||
return isSecret() ? new CanonicalizedSecretKeyRing((PGPSecretKeyRing) ring, 1)
|
||||
@@ -736,7 +735,7 @@ public class UncachedKeyRing {
|
||||
*/
|
||||
public UncachedKeyRing merge(UncachedKeyRing other, OperationLog log, int indent) {
|
||||
|
||||
log.add(LogLevel.DEBUG, isSecret() ? LogType.MSG_MG_SECRET : LogType.MSG_MG_PUBLIC,
|
||||
log.add(isSecret() ? LogType.MSG_MG_SECRET : LogType.MSG_MG_PUBLIC,
|
||||
indent, PgpKeyHelper.convertKeyIdToHex(getMasterKeyId()));
|
||||
indent += 1;
|
||||
|
||||
@@ -744,7 +743,7 @@ public class UncachedKeyRing {
|
||||
|
||||
if (getMasterKeyId() != masterKeyId
|
||||
|| !Arrays.equals(getFingerprint(), other.getFingerprint())) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MG_ERROR_HETEROGENEOUS, indent);
|
||||
log.add(LogType.MSG_MG_ERROR_HETEROGENEOUS, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -783,7 +782,7 @@ public class UncachedKeyRing {
|
||||
|
||||
final PGPPublicKey resultKey = result.getPublicKey(key.getKeyID());
|
||||
if (resultKey == null) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MG_NEW_SUBKEY, indent);
|
||||
log.add(LogType.MSG_MG_NEW_SUBKEY, indent);
|
||||
// special case: if both rings are secret, copy over the secret key
|
||||
if (isSecret() && other.isSecret()) {
|
||||
PGPSecretKey sKey = ((PGPSecretKeyRing) candidate).getSecretKey(key.getKeyID());
|
||||
@@ -854,16 +853,16 @@ public class UncachedKeyRing {
|
||||
}
|
||||
|
||||
if (newCerts > 0) {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MG_FOUND_NEW, indent,
|
||||
log.add(LogType.MSG_MG_FOUND_NEW, indent,
|
||||
Integer.toString(newCerts));
|
||||
} else {
|
||||
log.add(LogLevel.DEBUG, LogType.MSG_MG_UNCHANGED, indent);
|
||||
log.add(LogType.MSG_MG_UNCHANGED, indent);
|
||||
}
|
||||
|
||||
return new UncachedKeyRing(result);
|
||||
|
||||
} catch (IOException e) {
|
||||
log.add(LogLevel.ERROR, LogType.MSG_MG_ERROR_ENCODE, indent);
|
||||
log.add(LogType.MSG_MG_ERROR_ENCODE, indent);
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user