cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix incorrect querying of autocrypt peer master key id

Browse Source
This commit is contained in:
Vincent Breitmoser
2024-02-26 17:36:59 +01:00
parent b209835285
commit c3e330b304
3 changed files with 9 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/daos/AutocryptPeerDao.java
View File

@@ -30,7 +30,6 @@ import org.sufficientlysecure.keychain.AutocryptKeyStatus;
import org.sufficientlysecure.keychain.AutocryptPeersQueries; import org.sufficientlysecure.keychain.AutocryptPeersQueries;
import org.sufficientlysecure.keychain.Autocrypt_peers; import org.sufficientlysecure.keychain.Autocrypt_peers;
import org.sufficientlysecure.keychain.KeychainDatabase; import org.sufficientlysecure.keychain.KeychainDatabase;
import org.sufficientlysecure.keychain.SelectMasterKeyIdByIdentifier;
import org.sufficientlysecure.keychain.model.GossipOrigin; import org.sufficientlysecure.keychain.model.GossipOrigin;
@@ -50,16 +49,6 @@ public class AutocryptPeerDao extends AbstractDao {
super(database, databaseNotifyManager); super(database, databaseNotifyManager);
} }
public Long getMasterKeyIdForAutocryptPeer(String autocryptId) {
SelectMasterKeyIdByIdentifier masterKeyId =
autocryptPeersQueries.selectMasterKeyIdByIdentifier(autocryptId)
.executeAsOneOrNull();
if (masterKeyId != null) {
return masterKeyId.getMaster_key_id();
}
return null;
}
@Nullable @Nullable
public Autocrypt_peers getAutocryptPeer(String packageName, String autocryptId) { public Autocrypt_peers getAutocryptPeer(String packageName, String autocryptId) {
return autocryptPeersQueries.selectByIdentifiers(packageName, return autocryptPeersQueries.selectByIdentifiers(packageName,
@@ -114,10 +103,10 @@ public class AutocryptPeerDao extends AbstractDao {
} }
public void deleteByIdentifier(String packageName, String autocryptId) { public void deleteByIdentifier(String packageName, String autocryptId) {
Long masterKeyId = getMasterKeyIdForAutocryptPeer(autocryptId); Autocrypt_peers peer = getAutocryptPeer(packageName, autocryptId);
autocryptPeersQueries.deleteByIdentifier(packageName, autocryptId); autocryptPeersQueries.deleteByIdentifier(packageName, autocryptId);
if (masterKeyId != null) { if (peer != null && peer.getMaster_key_id() != null) {
getDatabaseNotifyManager().notifyAutocryptDelete(autocryptId, masterKeyId); getDatabaseNotifyManager().notifyAutocryptDelete(autocryptId, peer.getMaster_key_id());
} }
} }

9
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@@ -51,6 +51,7 @@ import org.openintents.openpgp.OpenPgpMetadata;
import org.openintents.openpgp.OpenPgpSignatureResult; import org.openintents.openpgp.OpenPgpSignatureResult;
import org.openintents.openpgp.OpenPgpSignatureResult.AutocryptPeerResult; import org.openintents.openpgp.OpenPgpSignatureResult.AutocryptPeerResult;
import org.openintents.openpgp.util.OpenPgpApi; import org.openintents.openpgp.util.OpenPgpApi;
import org.sufficientlysecure.keychain.Autocrypt_peers;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.daos.ApiAppDao; import org.sufficientlysecure.keychain.daos.ApiAppDao;
import org.sufficientlysecure.keychain.daos.AutocryptPeerDao; import org.sufficientlysecure.keychain.daos.AutocryptPeerDao;
@@ -585,10 +586,12 @@ public class OpenPgpService extends Service {
AutocryptPeerDao autocryptPeerentityDao = AutocryptPeerDao autocryptPeerentityDao =
AutocryptPeerDao.getInstance(getBaseContext()); AutocryptPeerDao.getInstance(getBaseContext());
Long autocryptPeerMasterKeyId = autocryptPeerentityDao.getMasterKeyIdForAutocryptPeer(autocryptPeerId); String packageName = mApiPermissionHelper.getCurrentCallingPackage();
Autocrypt_peers
autocryptPeer = autocryptPeerentityDao.getAutocryptPeer(packageName, autocryptPeerId);
long masterKeyId = signatureResult.getKeyId(); long masterKeyId = signatureResult.getKeyId();
if (autocryptPeerMasterKeyId == null) { if (autocryptPeer == null) {
Date now = new Date(); Date now = new Date();
Date effectiveTime = signatureResult.getSignatureTimestamp(); Date effectiveTime = signatureResult.getSignatureTimestamp();
if (effectiveTime.after(now)) { if (effectiveTime.after(now)) {
@@ -598,7 +601,7 @@ public class OpenPgpService extends Service {
AutocryptInteractor.getInstance(this, mApiPermissionHelper.getCurrentCallingPackage()); AutocryptInteractor.getInstance(this, mApiPermissionHelper.getCurrentCallingPackage());
autocryptInteractor.updateKeyGossipFromSignature(autocryptPeerId, effectiveTime, masterKeyId); autocryptInteractor.updateKeyGossipFromSignature(autocryptPeerId, effectiveTime, masterKeyId);
return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.NEW); return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.NEW);
} else if (masterKeyId == autocryptPeerMasterKeyId) { } else if (autocryptPeer.getMaster_key_id() != null && masterKeyId == autocryptPeer.getMaster_key_id()) {
return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.OK); return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.OK);
} else { } else {
return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.MISMATCH); return signatureResult.withAutocryptPeerResult(AutocryptPeerResult.MISMATCH);

5
OpenKeychain/src/main/sqldelight/org/sufficientlysecure/keychain/AutocryptPeers.sq
View File

@@ -25,11 +25,6 @@ SELECT *
FROM autocrypt_peers FROM autocrypt_peers
WHERE master_key_id = ?; WHERE master_key_id = ?;
selectMasterKeyIdByIdentifier:
SELECT master_key_id
FROM autocrypt_peers
WHERE identifier = ?;
deleteByIdentifier: deleteByIdentifier:
DELETE FROM autocrypt_peers DELETE FROM autocrypt_peers
WHERE package_name = ? AND identifier = ?; WHERE package_name = ? AND identifier = ?;