new savekeyring operation (mostly stub)
This commit is contained in:
Vincent Breitmoser
@@ -26,16 +26,13 @@ import android.os.Message;
|
||||
import android.os.Messenger;
|
||||
import android.os.RemoteException;
|
||||
|
||||
import org.spongycastle.bcpg.sig.KeyFlags;
|
||||
import org.spongycastle.openpgp.PGPKeyRing;
|
||||
import org.spongycastle.openpgp.PGPObjectFactory;
|
||||
import org.spongycastle.openpgp.PGPUtil;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.helper.FileHelper;
|
||||
import org.sufficientlysecure.keychain.helper.OtherHelper;
|
||||
import org.sufficientlysecure.keychain.helper.Preferences;
|
||||
import org.sufficientlysecure.keychain.keyimport.HkpKeyserver;
|
||||
import org.sufficientlysecure.keychain.pgp.UncachedSecretKey;
|
||||
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.WrappedSecretKey;
|
||||
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
|
||||
@@ -594,21 +591,21 @@ public class KeychainIntentService extends IntentService
|
||||
buf = keyOperations.createKey(Constants.choice.algorithm.rsa,
|
||||
4096, passphrase, true);
|
||||
os.write(buf);
|
||||
keyUsageList.add(KeyFlags.CERTIFY_OTHER);
|
||||
keyUsageList.add(UncachedSecretKey.CERTIFY_OTHER);
|
||||
keysCreated++;
|
||||
setProgress(keysCreated, keysTotal);
|
||||
|
||||
buf = keyOperations.createKey(Constants.choice.algorithm.rsa,
|
||||
4096, passphrase, false);
|
||||
os.write(buf);
|
||||
keyUsageList.add(KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE);
|
||||
keyUsageList.add(UncachedSecretKey.ENCRYPT_COMMS | UncachedSecretKey.ENCRYPT_STORAGE);
|
||||
keysCreated++;
|
||||
setProgress(keysCreated, keysTotal);
|
||||
|
||||
buf = keyOperations.createKey(Constants.choice.algorithm.rsa,
|
||||
4096, passphrase, false);
|
||||
os.write(buf);
|
||||
keyUsageList.add(KeyFlags.SIGN_DATA);
|
||||
keyUsageList.add(UncachedSecretKey.SIGN_DATA);
|
||||
keysCreated++;
|
||||
setProgress(keysCreated, keysTotal);
|
||||
|
||||
@@ -749,23 +746,15 @@ public class KeychainIntentService extends IntentService
|
||||
byte[] downloadedKeyBytes = server.get(keybaseId).getBytes();
|
||||
|
||||
// create PGPKeyRing object based on downloaded armored key
|
||||
PGPKeyRing downloadedKey = null;
|
||||
UncachedKeyRing downloadedKey = null;
|
||||
BufferedInputStream bufferedInput =
|
||||
new BufferedInputStream(new ByteArrayInputStream(downloadedKeyBytes));
|
||||
if (bufferedInput.available() > 0) {
|
||||
InputStream in = PGPUtil.getDecoderStream(bufferedInput);
|
||||
PGPObjectFactory objectFactory = new PGPObjectFactory(in);
|
||||
|
||||
// get first object in block
|
||||
Object obj;
|
||||
if ((obj = objectFactory.nextObject()) != null) {
|
||||
|
||||
if (obj instanceof PGPKeyRing) {
|
||||
downloadedKey = (PGPKeyRing) obj;
|
||||
} else {
|
||||
throw new PgpGeneralException("Object not recognized as PGPKeyRing!");
|
||||
}
|
||||
List<UncachedKeyRing> rings = UncachedKeyRing.fromStream(bufferedInput);
|
||||
if(rings.isEmpty()) {
|
||||
throw new PgpGeneralException("No keys in result!");
|
||||
}
|
||||
downloadedKey = rings.get(0);
|
||||
}
|
||||
|
||||
// save key bytes in entry object for doing the
|
||||
|
||||
@@ -34,12 +34,6 @@ import android.os.Messenger;
|
||||
import android.os.RemoteException;
|
||||
import android.support.v4.util.LongSparseArray;
|
||||
|
||||
import org.spongycastle.openpgp.PGPException;
|
||||
import org.spongycastle.openpgp.PGPPrivateKey;
|
||||
import org.spongycastle.openpgp.PGPSecretKey;
|
||||
import org.spongycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
|
||||
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.helper.Preferences;
|
||||
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
|
||||
@@ -48,7 +42,6 @@ import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Iterator;
|
||||
|
||||
/**
|
||||
* This service runs in its own process, but is available to all other processes as the main
|
||||
@@ -191,7 +184,8 @@ public class PassphraseCacheService extends Service {
|
||||
// get cached passphrase
|
||||
String cachedPassphrase = mPassphraseCache.get(keyId);
|
||||
if (cachedPassphrase == null) {
|
||||
// this is an error
|
||||
Log.d(TAG, "Passphrase not (yet) cached, returning null");
|
||||
// not really an error, just means the passphrase is not cached but not empty either
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -206,44 +200,6 @@ public class PassphraseCacheService extends Service {
|
||||
}
|
||||
}
|
||||
|
||||
@Deprecated
|
||||
public static boolean hasPassphrase(PGPSecretKeyRing secretKeyRing) {
|
||||
PGPSecretKey secretKey = null;
|
||||
boolean foundValidKey = false;
|
||||
for (Iterator keys = secretKeyRing.getSecretKeys(); keys.hasNext(); ) {
|
||||
secretKey = (PGPSecretKey) keys.next();
|
||||
if (!secretKey.isPrivateKeyEmpty()) {
|
||||
foundValidKey = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(!foundValidKey) {
|
||||
return false;
|
||||
}
|
||||
|
||||
try {
|
||||
PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
|
||||
.setProvider("SC").build("".toCharArray());
|
||||
PGPPrivateKey testKey = secretKey.extractPrivateKey(keyDecryptor);
|
||||
return testKey == null;
|
||||
} catch(PGPException e) {
|
||||
// this means the crc check failed -> passphrase required
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks if key has a passphrase.
|
||||
*
|
||||
* @param secretKeyId
|
||||
* @return true if it has a passphrase
|
||||
*/
|
||||
@Deprecated
|
||||
public static boolean hasPassphrase(Context context, long secretKeyId)
|
||||
throws ProviderHelper.NotFoundException {
|
||||
return new ProviderHelper(context).getWrappedSecretKeyRing(secretKeyId).hasPassphrase();
|
||||
}
|
||||
|
||||
/**
|
||||
* Register BroadcastReceiver that is unregistered when service is destroyed. This
|
||||
* BroadcastReceiver hears on intents with ACTION_PASSPHRASE_CACHE_SERVICE to then timeout
|
||||
|
||||
@@ -13,7 +13,8 @@ import java.util.HashMap;
|
||||
*
|
||||
* All changes are done in a differential manner. Besides the two key
|
||||
* identification attributes, all attributes may be null, which indicates no
|
||||
* change to the keyring.
|
||||
* change to the keyring. This is also the reason why boxed values are used
|
||||
* instead of primitives in the subclasses.
|
||||
*
|
||||
* Application of operations in the backend should be fail-fast, which means an
|
||||
* error in any included operation (for example revocation of a non-existent
|
||||
@@ -45,10 +46,12 @@ public class SaveKeyringParcel implements Parcelable {
|
||||
// performance gain for using Parcelable here would probably be negligible,
|
||||
// use Serializable instead.
|
||||
public static class SubkeyAdd implements Serializable {
|
||||
public final int mAlgorithm;
|
||||
public final int mKeysize;
|
||||
public final int mFlags;
|
||||
public final Long mExpiry;
|
||||
public SubkeyAdd(int keysize, int flags, long expiry) {
|
||||
public SubkeyAdd(int algorithm, int keysize, int flags, Long expiry) {
|
||||
mAlgorithm = algorithm;
|
||||
mKeysize = keysize;
|
||||
mFlags = flags;
|
||||
mExpiry = expiry;
|
||||
@@ -59,7 +62,7 @@ public class SaveKeyringParcel implements Parcelable {
|
||||
public final long mKeyId;
|
||||
public final Integer mFlags;
|
||||
public final Long mExpiry;
|
||||
public SubkeyChange(long keyId, int flags, long expiry) {
|
||||
public SubkeyChange(long keyId, Integer flags, Long expiry) {
|
||||
mKeyId = keyId;
|
||||
mFlags = flags;
|
||||
mExpiry = expiry;
|
||||
|
||||
Reference in New Issue
Block a user