Merge branch 'master' of github.com:open-keychain/open-keychain

OpenKeychain/src/main/AndroidManifest.xml

@@ -71,7 +71,7 @@
         android:name=".KeychainApplication"
         android:allowBackup="false"
         android:hardwareAccelerated="true"
-        android:icon="@drawable/ic_launcher"
+        android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
         android:theme="@style/Theme.Keychain.Light">
         <activity

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java

@@ -23,6 +23,7 @@ import org.spongycastle.bcpg.HashAlgorithmTags;
 import org.spongycastle.bcpg.PublicKeyAlgorithmTags;
 import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
 
+import java.util.Arrays;
 import java.util.HashSet;
 
 /**
@@ -42,24 +43,23 @@ public class PgpSecurityConstants {
      * Whitelist of accepted symmetric encryption algorithms
      * all other algorithms are rejected with OpenPgpDecryptionResult.RESULT_INSECURE
      */
-    private static HashSet<Integer> sSymmetricAlgorithmsWhitelist = new HashSet<>();
-    static {
-        // General remarks: We try to keep the whitelist short to reduce attack surface
-        // TODO: block IDEA?: Bad key schedule (weak keys), implementation difficulties (easy to make errors)
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.IDEA);
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.TRIPLE_DES); // a MUST in RFC
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.CAST5); // default in many gpg, pgp versions, 128 bit key
-        // BLOWFISH: Twofish is the successor
-        // SAFER: not used widely
-        // DES: < 128 bit security
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_128);
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_192);
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_256);
-        sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.TWOFISH); // 128 bit
-        // CAMELLIA_128: not used widely
-        // CAMELLIA_192: not used widely
-        // CAMELLIA_256: not used widely
-    }
+    private static HashSet<Integer> sSymmetricAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
+            // General remarks: We try to keep the whitelist short to reduce attack surface
+            // TODO: block IDEA?: Bad key schedule (weak keys), implementation difficulties (easy to make errors)
+            SymmetricKeyAlgorithmTags.IDEA,
+            SymmetricKeyAlgorithmTags.TRIPLE_DES, // a MUST in RFC
+            SymmetricKeyAlgorithmTags.CAST5, // default in many gpg, pgp versions, 128 bit key
+            // BLOWFISH: Twofish is the successor
+            // SAFER: not used widely
+            // DES: < 128 bit security
+            SymmetricKeyAlgorithmTags.AES_128,
+            SymmetricKeyAlgorithmTags.AES_192,
+            SymmetricKeyAlgorithmTags.AES_256,
+            SymmetricKeyAlgorithmTags.TWOFISH // 128 bit
+            // CAMELLIA_128: not used widely
+            // CAMELLIA_192: not used widely
+            // CAMELLIA_256: not used widely
+    ));
 
     public static boolean isSecureSymmetricAlgorithm(int id) {
         return sSymmetricAlgorithmsWhitelist.contains(id);
@@ -77,20 +77,19 @@ public class PgpSecurityConstants {
      * ((collision resistance of 112-bits))
      * Implementations SHOULD NOT sign SHA-256 hashes. They MUST NOT default to signing SHA-256 hashes.
      */
-    private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>();
-    static {
-        // MD5: broken
-        // SHA1: broken
-        // RIPEMD160: same security properties as SHA1
-        // DOUBLE_SHA: not used widely
-        // MD2: not used widely
-        // TIGER_192: not used widely
-        // HAVAL_5_160: not used widely
-        sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA256); // compatibility for old Mailvelope versions
-        sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA384);
-        sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA512);
-        // SHA224: Not used widely, Yahoo argues against it
-    }
+    private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
+            // MD5: broken
+            // SHA1: broken
+            // RIPEMD160: same security properties as SHA1
+            // DOUBLE_SHA: not used widely
+            // MD2: not used widely
+            // TIGER_192: not used widely
+            // HAVAL_5_160: not used widely
+            HashAlgorithmTags.SHA256, // compatibility for old Mailvelope versions
+            HashAlgorithmTags.SHA384,
+            HashAlgorithmTags.SHA512
+            // SHA224: Not used widely, Yahoo argues against it
+    ));
 
     public static boolean isSecureHashAlgorithm(int id) {
         return sHashAlgorithmsWhitelist.contains(id);
@@ -106,12 +105,11 @@ public class PgpSecurityConstants {
      * bitlength less than 1023 bits.
      * Implementations MUST NOT accept any RSA keys with bitlength less than 2047 bits after January 1, 2016.
      */
-    private static HashSet<String> sCurveWhitelist = new HashSet<>();
-    static {
-        sCurveWhitelist.add(NISTNamedCurves.getOID("P-256").getId());
-        sCurveWhitelist.add(NISTNamedCurves.getOID("P-384").getId());
-        sCurveWhitelist.add(NISTNamedCurves.getOID("P-521").getId());
-    }
+    private static HashSet<String> sCurveWhitelist = new HashSet<>(Arrays.asList(
+            NISTNamedCurves.getOID("P-256").getId(),
+            NISTNamedCurves.getOID("P-384").getId(),
+            NISTNamedCurves.getOID("P-521").getId()
+    ));
 
     public static boolean isSecureKey(CanonicalizedPublicKey key) {
         switch (key.getAlgorithm()) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/AppsListFragment.java

@@ -243,7 +243,7 @@ public class AppsListFragment extends ListFragment implements
                                 null,
                                 isInstalled(packageName),
                                 1, // registered!
-                                R.drawable.ic_launcher // icon is retrieved later
+                                R.mipmap.ic_launcher // icon is retrieved later
                         });
                         break;
                     }
@@ -265,7 +265,7 @@ public class AppsListFragment extends ListFragment implements
                                 name,
                                 isInstalled(packageName),
                                 1, // registered!
-                                R.drawable.ic_launcher // icon is retrieved later
+                                R.mipmap.ic_launcher // icon is retrieved later
                         });
                         break;
                     }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java

@@ -427,7 +427,7 @@ public class KeyserverSyncAdapterService extends Service {
     private Notification getOrbotNoification(Context context) {
         NotificationCompat.Builder builder = new NotificationCompat.Builder(context);
         builder.setSmallIcon(R.drawable.ic_stat_notify_24dp)
-                .setLargeIcon(getBitmap(R.drawable.ic_launcher, context))
+                .setLargeIcon(getBitmap(R.mipmap.ic_launcher, context))
                 .setContentTitle(context.getString(R.string.keyserver_sync_orbot_notif_title))
                 .setContentText(context.getString(R.string.keyserver_sync_orbot_notif_msg))
                 .setAutoCancel(true);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java

@@ -509,7 +509,7 @@ public class PassphraseCacheService extends Service {
     private Notification getNotification() {
         NotificationCompat.Builder builder = new NotificationCompat.Builder(this);
         builder.setSmallIcon(R.drawable.ic_stat_notify_24dp)
-                .setLargeIcon(getBitmap(R.drawable.ic_launcher, getBaseContext()))
+                .setLargeIcon(getBitmap(R.mipmap.ic_launcher, getBaseContext()))
                 .setContentTitle(getResources().getQuantityString(R.plurals.passp_cache_notif_n_keys,
                         mPassphraseCache.size(), mPassphraseCache.size()))
                 .setContentText(getString(R.string.passp_cache_notif_click_to_clear));
@@ -601,4 +601,4 @@ public class PassphraseCacheService extends Service {
             this.passphrase = passphrase;
         }
     }
-}
+}

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptListFragment.java

@@ -448,7 +448,7 @@ public class DecryptListFragment
                             new Intent(intent)
                                     .setClass(activity, DisplayTextActivity.class)
                                     .putExtra(DisplayTextActivity.EXTRA_METADATA, result),
-                            BuildConfig.APPLICATION_ID, R.string.view_internal, R.drawable.ic_launcher);
+                            BuildConfig.APPLICATION_ID, R.string.view_internal, R.mipmap.ic_launcher);
 
                     Intent chooserIntent = Intent.createChooser(intent, getString(R.string.intent_show));
                     chooserIntent.putExtra(Intent.EXTRA_INITIAL_INTENTS,

OpenKeychain/src/main/res/layout/api_app_settings_activity.xml

@@ -46,7 +46,7 @@
                 android:id="@+id/api_app_settings_app_icon"
                 android:layout_width="48dp"
                 android:layout_height="48dp"
-                android:src="@drawable/ic_launcher" />
+                android:src="@mipmap/ic_launcher" />
 
             <TextView
                 android:id="@+id/api_app_settings_app_name"

OpenKeychain/src/main/res/layout/api_app_settings_fragment.xml

@@ -17,7 +17,7 @@
             android:layout_height="48dp"
             android:layout_alignParentTop="true"
             android:layout_marginRight="6dp"
-            android:src="@drawable/ic_launcher" />
+            android:src="@mipmap/ic_launcher" />
 
         <TextView
             android:id="@+id/api_app_settings_app_name"
@@ -65,4 +65,4 @@
 
     </org.sufficientlysecure.keychain.ui.widget.FoldableLinearLayout>
 
-</LinearLayout>
+</LinearLayout>

OpenKeychain/src/main/res/layout/api_apps_adapter_list_item.xml

@@ -11,7 +11,7 @@
         android:layout_height="48dp"
         android:layout_marginLeft="8dp"
         android:layout_centerVertical="true"
-        android:src="@drawable/ic_launcher" />
+        android:src="@mipmap/ic_launcher" />
 
     <ImageView
         android:id="@+id/api_apps_adapter_install_icon"
@@ -34,4 +34,4 @@
         android:layout_toLeftOf="@+id/api_apps_adapter_install_icon"
         android:layout_toRightOf="@+id/api_apps_adapter_item_icon" />
 
-</RelativeLayout>
+</RelativeLayout>

OpenKeychain/src/main/res/layout/help_about_fragment.xml

@@ -32,7 +32,7 @@
                     android:layout_height="wrap_content"
                     android:layout_gravity="top"
                     android:layout_marginRight="10dp"
-                    android:src="@drawable/ic_launcher" />
+                    android:src="@mipmap/ic_launcher" />
             </LinearLayout>
 
             <LinearLayout

OpenKeychain/src/main/res/layout/view_key_activity.xml

@@ -54,7 +54,7 @@
                         android:fitsSystemWindows="true"
                         android:focusable="false"
                         android:scaleType="centerCrop"
-                        android:src="@drawable/ic_launcher" />
+                        android:src="@mipmap/ic_launcher" />
 
                     <!-- text protection scrim -->
                     <View
@@ -222,4 +222,4 @@
         app:layout_anchorGravity="bottom|right|end"
         tools:visibility="visible" />
 
-</android.support.design.widget.CoordinatorLayout>
+</android.support.design.widget.CoordinatorLayout>

OpenKeychain/src/main/res/xml/account_desc.xml

@@ -2,5 +2,5 @@
 <account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
     android:accountPreferences="@xml/account_preferences"
     android:accountType="@string/account_type"
-    android:icon="@drawable/ic_launcher"
+    android:icon="@mipmap/ic_launcher"
     android:label="@string/app_name" />