cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove queries from PgpKeyHelper, introduce encrypt to signer mode (not tested)

Browse Source
This commit is contained in:
Dominik Schürmann
2014-04-11 17:14:37 +02:00
parent a9281b129c
commit bbd97cf800
8 changed files with 66 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
View File

@@ -594,7 +594,7 @@ public class PgpDecryptVerify {
// any luck? otherwise, try next. // any luck? otherwise, try next.
if (data.get(KeyRings.MASTER_KEY_ID) == null) { if (data.get(KeyRings.MASTER_KEY_ID) == null) {
signature = null; signature = null;
// do NOT reset signatureKeyId, that one is shown when no known one is found! // do NOT reset signatureMasterKeyId, that one is shown when no known one is found!
continue; continue;
} }

35
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java
View File

@@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2012-2013 Dominik Schürmann <dominik@dominikschuermann.de> * Copyright (C) 2012-2014 Dominik Schürmann <dominik@dominikschuermann.de>
* Copyright (C) 2010-2014 Thialfihar <thi@thialfihar.org> * Copyright (C) 2010-2014 Thialfihar <thi@thialfihar.org>
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
@@ -34,7 +34,6 @@ import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
import org.spongycastle.util.encoders.Hex; import org.spongycastle.util.encoders.Hex;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R; import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.util.IterableIterator; import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log; import org.sufficientlysecure.keychain.util.Log;
@@ -200,15 +199,7 @@ public class PgpKeyHelper {
return getExpiryDate(key.getPublicKey()); return getExpiryDate(key.getPublicKey());
} }
public static PGPPublicKey getEncryptPublicKey(Context context, long masterKeyId) { public static PGPPublicKey getEncryptPublicKey(PGPPublicKeyRing keyRing) {
PGPPublicKeyRing keyRing = null;
try {
keyRing = ProviderHelper.getPGPPublicKeyRing(context, masterKeyId);
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
// TODO: throw exception here!
return null;
}
Vector<PGPPublicKey> encryptKeys = getUsableEncryptKeys(keyRing); Vector<PGPPublicKey> encryptKeys = getUsableEncryptKeys(keyRing);
if (encryptKeys.size() == 0) { if (encryptKeys.size() == 0) {
Log.e(Constants.TAG, "encryptKeys is null!"); Log.e(Constants.TAG, "encryptKeys is null!");
@@ -217,15 +208,7 @@ public class PgpKeyHelper {
return encryptKeys.get(0); return encryptKeys.get(0);
} }
public static PGPSecretKey getCertificationKey(Context context, long masterKeyId) { public static PGPSecretKey getCertificationKey(PGPSecretKeyRing keyRing) {
PGPSecretKeyRing keyRing = null;
try {
keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId);
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
// TODO: throw exception here!
return null;
}
Vector<PGPSecretKey> signingKeys = getUsableCertificationKeys(keyRing); Vector<PGPSecretKey> signingKeys = getUsableCertificationKeys(keyRing);
if (signingKeys.size() == 0) { if (signingKeys.size() == 0) {
return null; return null;
@@ -233,15 +216,7 @@ public class PgpKeyHelper {
return signingKeys.get(0); return signingKeys.get(0);
} }
public static PGPSecretKey getSigningKey(Context context, long masterKeyId) { public static PGPSecretKey getSigningKey(PGPSecretKeyRing keyRing) {
PGPSecretKeyRing keyRing = null;
try {
keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId);
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
// TODO: throw exception here!
return null;
}
Vector<PGPSecretKey> signingKeys = getUsableSigningKeys(keyRing); Vector<PGPSecretKey> signingKeys = getUsableSigningKeys(keyRing);
if (signingKeys.size() == 0) { if (signingKeys.size() == 0) {
return null; return null;
@@ -482,7 +457,7 @@ public class PgpKeyHelper {
break; break;
} }
} }
if(keySize > 0) if (keySize > 0)
return algorithmStr + ", " + keySize + " bit"; return algorithmStr + ", " + keySize + " bit";
else else
return algorithmStr; return algorithmStr;

69
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
View File

@@ -29,6 +29,7 @@ import org.spongycastle.openpgp.PGPLiteralData;
import org.spongycastle.openpgp.PGPLiteralDataGenerator; import org.spongycastle.openpgp.PGPLiteralDataGenerator;
import org.spongycastle.openpgp.PGPPrivateKey; import org.spongycastle.openpgp.PGPPrivateKey;
import org.spongycastle.openpgp.PGPPublicKey; import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPPublicKeyRing;
import org.spongycastle.openpgp.PGPSecretKey; import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing; import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.spongycastle.openpgp.PGPSignature; import org.spongycastle.openpgp.PGPSignature;
@@ -58,6 +59,7 @@ import java.io.OutputStream;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException; import java.security.NoSuchProviderException;
import java.security.SignatureException; import java.security.SignatureException;
import java.util.Arrays;
import java.util.Date; import java.util.Date;
/** /**
@@ -71,13 +73,14 @@ public class PgpSignEncrypt {
private ProgressDialogUpdater mProgress; private ProgressDialogUpdater mProgress;
private boolean mEnableAsciiArmorOutput; private boolean mEnableAsciiArmorOutput;
private int mCompressionId; private int mCompressionId;
private long[] mEncryptionKeyIds; private long[] mEncryptionMasterKeyIds;
private String mSymmetricPassphrase; private String mSymmetricPassphrase;
private int mSymmetricEncryptionAlgorithm; private int mSymmetricEncryptionAlgorithm;
private long mSignatureKeyId; private long mSignatureMasterKeyId;
private int mSignatureHashAlgorithm; private int mSignatureHashAlgorithm;
private boolean mSignatureForceV3; private boolean mSignatureForceV3;
private String mSignaturePassphrase; private String mSignaturePassphrase;
private boolean mEncryptToSigner;
private PgpSignEncrypt(Builder builder) { private PgpSignEncrypt(Builder builder) {
// private Constructor can only be called from Builder // private Constructor can only be called from Builder
@@ -88,13 +91,14 @@ public class PgpSignEncrypt {
this.mProgress = builder.mProgress; this.mProgress = builder.mProgress;
this.mEnableAsciiArmorOutput = builder.mEnableAsciiArmorOutput; this.mEnableAsciiArmorOutput = builder.mEnableAsciiArmorOutput;
this.mCompressionId = builder.mCompressionId; this.mCompressionId = builder.mCompressionId;
this.mEncryptionKeyIds = builder.mEncryptionKeyIds; this.mEncryptionMasterKeyIds = builder.mEncryptionMasterKeyIds;
this.mSymmetricPassphrase = builder.mSymmetricPassphrase; this.mSymmetricPassphrase = builder.mSymmetricPassphrase;
this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm; this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm;
this.mSignatureKeyId = builder.mSignatureKeyId; this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId;
this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm; this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm;
this.mSignatureForceV3 = builder.mSignatureForceV3; this.mSignatureForceV3 = builder.mSignatureForceV3;
this.mSignaturePassphrase = builder.mSignaturePassphrase; this.mSignaturePassphrase = builder.mSignaturePassphrase;
this.mEncryptToSigner = builder.mEncryptToSigner;
} }
public static class Builder { public static class Builder {
@@ -107,13 +111,14 @@ public class PgpSignEncrypt {
private ProgressDialogUpdater mProgress = null; private ProgressDialogUpdater mProgress = null;
private boolean mEnableAsciiArmorOutput = false; private boolean mEnableAsciiArmorOutput = false;
private int mCompressionId = Id.choice.compression.none; private int mCompressionId = Id.choice.compression.none;
private long[] mEncryptionKeyIds = null; private long[] mEncryptionMasterKeyIds = null;
private String mSymmetricPassphrase = null; private String mSymmetricPassphrase = null;
private int mSymmetricEncryptionAlgorithm = 0; private int mSymmetricEncryptionAlgorithm = 0;
private long mSignatureKeyId = Id.key.none; private long mSignatureMasterKeyId = Id.key.none;
private int mSignatureHashAlgorithm = 0; private int mSignatureHashAlgorithm = 0;
private boolean mSignatureForceV3 = false; private boolean mSignatureForceV3 = false;
private String mSignaturePassphrase = null; private String mSignaturePassphrase = null;
private boolean mEncryptToSigner = false;
public Builder(Context context, InputData data, OutputStream outStream) { public Builder(Context context, InputData data, OutputStream outStream) {
this.mContext = context; this.mContext = context;
@@ -136,8 +141,8 @@ public class PgpSignEncrypt {
return this; return this;
} }
public Builder encryptionKeyIds(long[] encryptionKeyIds) { public Builder encryptionMasterKeyIds(long[] encryptionMasterKeyIds) {
this.mEncryptionKeyIds = encryptionKeyIds; this.mEncryptionMasterKeyIds = encryptionMasterKeyIds;
return this; return this;
} }
@@ -151,8 +156,8 @@ public class PgpSignEncrypt {
return this; return this;
} }
public Builder signatureKeyId(long signatureKeyId) { public Builder signatureMasterKeyId(long signatureMasterKeyId) {
this.mSignatureKeyId = signatureKeyId; this.mSignatureMasterKeyId = signatureMasterKeyId;
return this; return this;
} }
@@ -171,6 +176,11 @@ public class PgpSignEncrypt {
return this; return this;
} }
public Builder encryptToSigner(boolean encryptToSigner) {
this.mEncryptToSigner = encryptToSigner;
return this;
}
public PgpSignEncrypt build() { public PgpSignEncrypt build() {
return new PgpSignEncrypt(this); return new PgpSignEncrypt(this);
} }
@@ -202,8 +212,8 @@ public class PgpSignEncrypt {
throws IOException, PgpGeneralException, PGPException, NoSuchProviderException, throws IOException, PgpGeneralException, PGPException, NoSuchProviderException,
NoSuchAlgorithmException, SignatureException { NoSuchAlgorithmException, SignatureException {
boolean enableSignature = mSignatureKeyId != Id.key.none; boolean enableSignature = mSignatureMasterKeyId != Id.key.none;
boolean enableEncryption = ((mEncryptionKeyIds != null && mEncryptionKeyIds.length > 0) boolean enableEncryption = ((mEncryptionMasterKeyIds != null && mEncryptionMasterKeyIds.length > 0)
|| mSymmetricPassphrase != null); || mSymmetricPassphrase != null);
boolean enableCompression = (enableEncryption && mCompressionId != Id.choice.compression.none); boolean enableCompression = (enableEncryption && mCompressionId != Id.choice.compression.none);
@@ -212,6 +222,12 @@ public class PgpSignEncrypt {
+ "\nenableCompression:" + enableCompression + "\nenableCompression:" + enableCompression
+ "\nenableAsciiArmorOutput:" + mEnableAsciiArmorOutput); + "\nenableAsciiArmorOutput:" + mEnableAsciiArmorOutput);
// add signature key id to encryption ids (self-encrypt)
if (enableEncryption && enableSignature && mEncryptToSigner) {
mEncryptionMasterKeyIds = Arrays.copyOf(mEncryptionMasterKeyIds, mEncryptionMasterKeyIds.length + 1);
mEncryptionMasterKeyIds[mEncryptionMasterKeyIds.length - 1] = mSignatureMasterKeyId;
}
int signatureType; int signatureType;
if (mEnableAsciiArmorOutput && enableSignature && !enableEncryption && !enableCompression) { if (mEnableAsciiArmorOutput && enableSignature && !enableEncryption && !enableCompression) {
// for sign-only ascii text // for sign-only ascii text
@@ -236,11 +252,11 @@ public class PgpSignEncrypt {
PGPPrivateKey signaturePrivateKey = null; PGPPrivateKey signaturePrivateKey = null;
if (enableSignature) { if (enableSignature) {
try { try {
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId); signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId);
} catch (ProviderHelper.NotFoundException e) { } catch (ProviderHelper.NotFoundException e) {
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
} }
signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId); signingKey = PgpKeyHelper.getSigningKey(signingKeyRing);
if (signingKey == null) { if (signingKey == null) {
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
} }
@@ -275,19 +291,24 @@ public class PgpSignEncrypt {
if (mSymmetricPassphrase != null) { if (mSymmetricPassphrase != null) {
// Symmetric encryption // Symmetric encryption
Log.d(Constants.TAG, "encryptionKeyIds length is 0 -> symmetric encryption"); Log.d(Constants.TAG, "encryptionMasterKeyIds length is 0 -> symmetric encryption");
JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator = JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator =
new JcePBEKeyEncryptionMethodGenerator(mSymmetricPassphrase.toCharArray()); new JcePBEKeyEncryptionMethodGenerator(mSymmetricPassphrase.toCharArray());
cPk.addMethod(symmetricEncryptionGenerator); cPk.addMethod(symmetricEncryptionGenerator);
} else { } else {
// Asymmetric encryption // Asymmetric encryption
for (long id : mEncryptionKeyIds) { for (long id : mEncryptionMasterKeyIds) {
PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(mContext, id); try {
if (key != null) { PGPPublicKeyRing keyRing = ProviderHelper.getPGPPublicKeyRing(mContext, id);
JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator = PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(keyRing);
new JcePublicKeyKeyEncryptionMethodGenerator(key); if (key != null) {
cPk.addMethod(pubKeyEncryptionGenerator); JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator =
new JcePublicKeyKeyEncryptionMethodGenerator(key);
cPk.addMethod(pubKeyEncryptionGenerator);
}
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
} }
} }
} }
@@ -464,17 +485,17 @@ public class PgpSignEncrypt {
out = mOutStream; out = mOutStream;
} }
if (mSignatureKeyId == 0) { if (mSignatureMasterKeyId == 0) {
throw new PgpGeneralException(mContext.getString(R.string.error_no_signature_key)); throw new PgpGeneralException(mContext.getString(R.string.error_no_signature_key));
} }
PGPSecretKeyRing signingKeyRing; PGPSecretKeyRing signingKeyRing;
try { try {
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId); signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId);
} catch (ProviderHelper.NotFoundException e) { } catch (ProviderHelper.NotFoundException e) {
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
} }
PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId); PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(signingKeyRing);
if (signingKey == null) { if (signingKey == null) {
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
} }

8
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@@ -169,7 +169,7 @@ public class OpenPgpService extends RemoteService {
builder.enableAsciiArmorOutput(asciiArmor) builder.enableAsciiArmorOutput(asciiArmor)
.signatureHashAlgorithm(accSettings.getHashAlgorithm()) .signatureHashAlgorithm(accSettings.getHashAlgorithm())
.signatureForceV3(false) .signatureForceV3(false)
.signatureKeyId(accSettings.getKeyId()) .signatureMasterKeyId(accSettings.getKeyId())
.signaturePassphrase(passphrase); .signaturePassphrase(passphrase);
builder.build().execute(); builder.build().execute();
} finally { } finally {
@@ -235,7 +235,7 @@ public class OpenPgpService extends RemoteService {
builder.enableAsciiArmorOutput(asciiArmor) builder.enableAsciiArmorOutput(asciiArmor)
.compressionId(accSettings.getCompression()) .compressionId(accSettings.getCompression())
.symmetricEncryptionAlgorithm(accSettings.getEncryptionAlgorithm()) .symmetricEncryptionAlgorithm(accSettings.getEncryptionAlgorithm())
.encryptionKeyIds(keyIds); .encryptionMasterKeyIds(keyIds);
if (sign) { if (sign) {
String passphrase; String passphrase;
@@ -254,11 +254,11 @@ public class OpenPgpService extends RemoteService {
// sign and encrypt // sign and encrypt
builder.signatureHashAlgorithm(accSettings.getHashAlgorithm()) builder.signatureHashAlgorithm(accSettings.getHashAlgorithm())
.signatureForceV3(false) .signatureForceV3(false)
.signatureKeyId(accSettings.getKeyId()) .signatureMasterKeyId(accSettings.getKeyId())
.signaturePassphrase(passphrase); .signaturePassphrase(passphrase);
} else { } else {
// encrypt only // encrypt only
builder.signatureKeyId(Id.key.none); builder.signatureMasterKeyId(Id.key.none);
} }
// execute PGP operation! // execute PGP operation!
builder.build().execute(); builder.build().execute();

14
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
View File

@@ -319,9 +319,9 @@ public class KeychainIntentService extends IntentService
.symmetricEncryptionAlgorithm( .symmetricEncryptionAlgorithm(
Preferences.getPreferences(this).getDefaultEncryptionAlgorithm()) Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
.signatureForceV3(Preferences.getPreferences(this).getForceV3Signatures()) .signatureForceV3(Preferences.getPreferences(this).getForceV3Signatures())
.encryptionKeyIds(encryptionKeyIds) .encryptionMasterKeyIds(encryptionKeyIds)
.symmetricPassphrase(symmetricPassphrase) .symmetricPassphrase(symmetricPassphrase)
.signatureKeyId(signatureKeyId) .signatureMasterKeyId(signatureKeyId)
.signatureHashAlgorithm( .signatureHashAlgorithm(
Preferences.getPreferences(this).getDefaultHashAlgorithm()) Preferences.getPreferences(this).getDefaultHashAlgorithm())
.signaturePassphrase( .signaturePassphrase(
@@ -811,8 +811,14 @@ public class KeychainIntentService extends IntentService
PgpKeyOperation keyOperation = new PgpKeyOperation(new ProgressScaler(this, 0, 100, 100)); PgpKeyOperation keyOperation = new PgpKeyOperation(new ProgressScaler(this, 0, 100, 100));
PGPPublicKeyRing publicRing = ProviderHelper.getPGPPublicKeyRing(this, pubKeyId); PGPPublicKeyRing publicRing = ProviderHelper.getPGPPublicKeyRing(this, pubKeyId);
PGPPublicKey publicKey = publicRing.getPublicKey(pubKeyId); PGPPublicKey publicKey = publicRing.getPublicKey(pubKeyId);
PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(this, PGPSecretKeyRing secretKeyRing = null;
masterKeyId); try {
secretKeyRing = ProviderHelper.getPGPSecretKeyRing(this, masterKeyId);
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);
// TODO: throw exception here!
}
PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(secretKeyRing);
publicKey = keyOperation.certifyKey(certificationKey, publicKey, publicKey = keyOperation.certifyKey(certificationKey, publicKey,
userIds, signaturePassphrase); userIds, signaturePassphrase);
publicRing = PGPPublicKeyRing.insertPublicKey(publicRing, publicKey); publicRing = PGPPublicKeyRing.insertPublicKey(publicRing, publicKey);

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java
View File

@@ -138,7 +138,7 @@ public class EncryptAsymmetricFragment extends Fragment {
} }
/** /**
* If an Intent gives a signatureKeyId and/or encryptionKeyIds, preselect those! * If an Intent gives a signatureMasterKeyId and/or encryptionMasterKeyIds, preselect those!
* *
* @param preselectedSignatureKeyId * @param preselectedSignatureKeyId
* @param preselectedEncryptionKeyIds * @param preselectedEncryptionKeyIds

1
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SelectSecretKeyLayoutFragment.java
View File

@@ -84,7 +84,6 @@ public class SelectSecretKeyLayoutFragment extends Fragment implements LoaderMan
} }
public void setSelectedKeyData(String userName, String email, String masterKeyHex) { public void setSelectedKeyData(String userName, String email, String masterKeyHex) {
mNoKeySelected.setVisibility(View.GONE); mNoKeySelected.setVisibility(View.GONE);
mKeyUserId.setText(userName); mKeyUserId.setText(userName);

1
OpenKeychain/src/main/res/layout/select_secret_key_layout_fragment.xml
View File

@@ -71,7 +71,6 @@
android:text="@string/api_settings_no_key" android:text="@string/api_settings_no_key"
android:layout_marginTop="15dp" /> android:layout_marginTop="15dp" />
</LinearLayout> </LinearLayout>
</LinearLayout> </LinearLayout>