work on insecurity warning strings

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteSecurityProblemDialogActivity.java

@@ -39,7 +39,6 @@ import android.widget.Button;
 import android.widget.ImageView;
 import android.widget.LinearLayout;
 import android.widget.TextView;
-import android.widget.ViewAnimator;
 
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.remote.ui.SecurityProblemPresenter.RemoteSecurityProblemView;
@@ -156,8 +155,10 @@ public class RemoteSecurityProblemDialogActivity extends FragmentActivity {
             final LinearLayout insecureWarningLayout = (LinearLayout) view.findViewById(R.id.insecure_warning_layout);
             final ImageView iconClientApp = (ImageView) view.findViewById(R.id.icon_client_app);
             final TextView explanationText = (TextView) insecureWarningLayout.findViewById(R.id.dialog_insecure_text);
-            final TextView recommendText = (TextView) insecureWarningLayout.findViewById(R.id.dialog_insecure_recommend_text);
-            final TextView overrideText = (TextView) insecureWarningLayout.findViewById(R.id.dialog_insecure_override_text);
+            final TextView recommendText =
+                    (TextView) insecureWarningLayout.findViewById(R.id.dialog_insecure_recommend_text);
+            final TextView overrideText =
+                    (TextView) insecureWarningLayout.findViewById(R.id.dialog_insecure_override_text);
             final ToolableViewAnimator secondaryLayoutAnimator =
                     (ToolableViewAnimator) insecureWarningLayout.findViewById(R.id.dialog_insecure_secondary_layout);
             final ToolableViewAnimator buttonBarAnimator =
@@ -200,13 +201,6 @@ public class RemoteSecurityProblemDialogActivity extends FragmentActivity {
                 }
                 */
 
-                private void showGeneric(@StringRes int explanationStringRes) {
-                    explanationText.setText(explanationStringRes);
-                    secondaryLayoutAnimator.setDisplayedChild(SECONDARY_CHILD_NONE, layoutInitialized);
-                    buttonBarAnimator.setDisplayedChild(BUTTON_BAR_REGULAR, layoutInitialized);
-                    layoutInitialized = true;
-                }
-
                 private void showGeneric(String explanationString) {
                     explanationText.setText(explanationString);
                     secondaryLayoutAnimator.setDisplayedChild(SECONDARY_CHILD_NONE, layoutInitialized);
@@ -239,12 +233,14 @@ public class RemoteSecurityProblemDialogActivity extends FragmentActivity {
 
                 @Override
                 public void showLayoutInsecureSymmetric(int symmetricAlgorithm) {
-                    showGeneric(R.string.insecure_symmetric_algo);
+                    showGeneric(getString(R.string.insecure_symmetric_algo,
+                            KeyFormattingUtils.getSymmetricCipherName(symmetricAlgorithm)));
                 }
 
                 @Override
                 public void showLayoutInsecureHashAlgorithm(int hashAlgorithm) {
-                    showGeneric(R.string.insecure_hash_algo);
+                    showGeneric(getString(R.string.insecure_hash_algo,
+                            KeyFormattingUtils.getHashAlgoName(hashAlgorithm)));
                 }
 
                 @Override
@@ -252,9 +248,8 @@ public class RemoteSecurityProblemDialogActivity extends FragmentActivity {
                     String algorithmName = KeyFormattingUtils.getAlgorithmInfo(algorithmId, null, null);
 
                     showGenericWithRecommendation(
-                            getString(R.string.insecure_encrypt_bitstrength, algorithmName,
-                                    Integer.toString(bitStrength), "2010"),
-                            R.string.insecure_sign_bitstrength_suggestion);
+                            getString(R.string.insecure_encrypt_bitstrength, algorithmName),
+                            R.string.insecure_encrypt_bitstrength_suggestion);
                 }
 
                 @Override
@@ -262,31 +257,40 @@ public class RemoteSecurityProblemDialogActivity extends FragmentActivity {
                     String algorithmName = KeyFormattingUtils.getAlgorithmInfo(algorithmId, null, null);
 
                     showGenericWithRecommendation(
-                            getString(R.string.insecure_sign_bitstrength, algorithmName,
-                                    Integer.toString(bitStrength), "2010"),
+                            getString(R.string.insecure_sign_bitstrength, algorithmName),
                             R.string.insecure_sign_bitstrength_suggestion);
                 }
 
                 @Override
                 public void showLayoutEncryptNotWhitelistedCurve(String curveOid) {
-                    showGeneric(getString(R.string.insecure_encrypt_not_whitelisted_curve,
-                            KeyFormattingUtils.getCurveInfo(getContext(), curveOid)));
+                    showGenericWithRecommendation(
+                            getString(R.string.insecure_encrypt_not_whitelisted_curve, curveOid),
+                            R.string.insecure_report_suggestion
+                    );
                 }
 
                 @Override
                 public void showLayoutSignNotWhitelistedCurve(String curveOid) {
-                    showGeneric(getString(R.string.insecure_sign_not_whitelisted_curve,
-                            KeyFormattingUtils.getCurveInfo(getContext(), curveOid)));
+                    showGenericWithRecommendation(
+                            getString(R.string.insecure_sign_not_whitelisted_curve, curveOid),
+                            R.string.insecure_report_suggestion
+                    );
                 }
 
                 @Override
                 public void showLayoutEncryptUnidentifiedKeyProblem() {
-                    showGeneric(R.string.insecure_encrypt_unidentified);
+                    showGenericWithRecommendation(
+                            R.string.insecure_encrypt_unidentified,
+                            R.string.insecure_report_suggestion
+                    );
                 }
 
                 @Override
                 public void showLayoutSignUnidentifiedKeyProblem() {
-                    showGeneric(R.string.insecure_sign_unidentified);
+                    showGenericWithRecommendation(
+                            R.string.insecure_sign_unidentified,
+                            R.string.insecure_report_suggestion
+                    );
                 }
 
                 @Override

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java

@@ -43,8 +43,12 @@ import android.widget.ViewAnimator;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+import org.bouncycastle.bcpg.HashAlgorithmTags;
 import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
+import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
 import org.bouncycastle.crypto.ec.CustomNamedCurves;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.operator.jcajce.PGPUtil;
 import org.bouncycastle.util.encoders.Hex;
 import org.openintents.openpgp.OpenPgpDecryptionResult;
 import org.openintents.openpgp.OpenPgpSignatureResult;
@@ -227,6 +231,47 @@ public class KeyFormattingUtils {
         }
     }
 
+    public static String getHashAlgoName(int hashAlgo) {
+        try {
+            return PGPUtil.getDigestName(hashAlgo);
+        } catch (PGPException e) {
+            return "#" + hashAlgo;
+        }
+    }
+
+    public static String getSymmetricCipherName(int algorithm) {
+        switch (algorithm) {
+            case SymmetricKeyAlgorithmTags.TRIPLE_DES:
+                return "Triple-DES";
+            case SymmetricKeyAlgorithmTags.IDEA:
+                return "IDEA";
+            case SymmetricKeyAlgorithmTags.CAST5:
+                return "CAST5";
+            case SymmetricKeyAlgorithmTags.BLOWFISH:
+                return "Blowfish";
+            case SymmetricKeyAlgorithmTags.SAFER:
+                return "SAFER";
+            case SymmetricKeyAlgorithmTags.DES:
+                return "DES";
+            case SymmetricKeyAlgorithmTags.AES_128:
+                return "AES-128";
+            case SymmetricKeyAlgorithmTags.AES_192:
+                return "AES-192";
+            case SymmetricKeyAlgorithmTags.AES_256:
+                return "AES-256";
+            case SymmetricKeyAlgorithmTags.CAMELLIA_128:
+                return "Camellia-128";
+            case SymmetricKeyAlgorithmTags.CAMELLIA_192:
+                return "Camellia-192";
+            case SymmetricKeyAlgorithmTags.CAMELLIA_256:
+                return "Camellia-256";
+            case SymmetricKeyAlgorithmTags.TWOFISH:
+                return "Twofish";
+            default:
+                return "#" + algorithm;
+        }
+    }
+
     /**
      * Converts fingerprint to hex
      * <p/>

OpenKeychain/src/main/res/values/strings.xml

@@ -1855,21 +1855,22 @@
 
     <string name="dialog_insecure_title">Security Warning</string>
     <string name="dialog_insecure_recommend_title">Recommended Action</string>
-    <string name="insecure_encrypt_bitstrength">"The key you used to receive this message is using an outdated algorithm!\n\nThe algorithm in use is %1$s with %2$s bitstrength, which has been considered insecure since %3$s."</string>
-    <string name="insecure_encrypt_bitstrength_suggestion">The key in use is insecure, and cannot be updated. To communicate securely, the sender must create a new key!</string>
-    <string name="insecure_sign_bitstrength">"The key this message was sent from is using an outdated algorithm!\n\nThe algorithm in use is %1$s with %2$s bitstrength, which has been considered insecure since %3$s."</string>
+    <string name="insecure_encrypt_bitstrength">"The key you used to receive (decrypt) this message is outdated!\n\nThe algorithm (%s) is configured with a strength of 1024 bits or less, which has been considered insecure for general use since 2006."</string>
+    <string name="insecure_encrypt_bitstrength_suggestion">The key in use is insecure, and cannot be updated. To communicate securely, you must create a new key!</string>
+    <string name="insecure_sign_bitstrength">"The key that sent (signed) this message is outdated!\n\nThe algorithm (%s) is configured with a strength of 1024 bits or less, which has been considered insecure for general use since 2006."</string>
     <string name="insecure_sign_bitstrength_suggestion">The key in use is insecure, and cannot be updated. To communicate securely, the sender must create a new key!</string>
-    <string name="insecure_encrypt_not_whitelisted_curve">"The key used to receive this message is using an algorithm that is not considered secure!\n\nThe algorithm in use is %1$s, which has not received sufficient cryptanalysis to consider secure."</string>
-    <string name="insecure_sign_not_whitelisted_curve">"The key this message was sent from is using an outdated algorithm!\n\nThe algorithm in use is %1$s, which has not received sufficient cryptanalysis to consider secure."</string>
+    <string name="insecure_encrypt_not_whitelisted_curve">"The key that received (decrypted) this message is using the elliptic curve with OID %1$s, which is not whitelisted!"</string>
+    <string name="insecure_sign_not_whitelisted_curve">"The key this message was sent (signed) from is using the elliptic curve with OID %1$s, which is not whitelisted!"</string>
     <string name="insecure_encrypt_unidentified">"There is an unidentified security problem with the key used to receive (decrypyt) this message!"</string>
     <string name="insecure_sign_unidentified">"There is an unidentified security problem with the key used to send (sign) this message!"</string>
+    <string name="insecure_report_suggestion">"This might be a problem in OpenKeychain, please report on our issue tracker!"</string>
 
     <string name="insecure_mdc">"This message was not signed, and did also not contain a Modification Detection Code (MDC). It may have been modified by an attacker!"</string>
-    <string name="insecure_mdc_suggestion">"For secure end-to-end communication, messages should be signed by the sender."</string>
+    <string name="insecure_mdc_suggestion">"A missing MDC is a problem in the sending software, or an attack. For secure end-to-end communication, messages should also be signed by the sender!"</string>
 
-    <string name="insecure_symmetric_algo">"This message was encrypted with an insecure algorithm."</string>
-    <string name="insecure_hash_algo">"This message was signed using an insecure algorithm."</string>
-    <string name="dialog_insecure_override">If you don\'t want to be warned about this security problem in the future, you can suppress this warning. To do so, press the Suppress button %d more times.</string>
+    <string name="insecure_symmetric_algo">"This message was encrypted using the symmetric %s algorithm. This is considered insecure, or at least exotic!"</string>
+    <string name="insecure_hash_algo">"This message was signed using the %s hashing algorithm. This is considered insecure, or at least exotic!"</string>
+    <string name="dialog_insecure_override">If you don\'t want to be warned about this specific security problem in the future, you can suppress this warning.</string>
     <string name="dialog_insecure_override_title">Suppress this warning</string>
     <string name="dialog_insecure_override_ok_title">Warning suppressed</string>
     <string name="dialog_insecure_override_ok">The security warning (for this key/message) will not be shown again in the future.</string>