2013-05-28 09:10:36 -04:00
|
|
|
/*
|
2014-02-14 11:01:17 -05:00
|
|
|
* Copyright (C) 2013-2014 Dominik Schürmann <dominik@dominikschuermann.de>
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2013-05-28 09:10:36 -04:00
|
|
|
*/
|
|
|
|
|
|
2013-09-15 07:52:05 -04:00
|
|
|
package org.sufficientlysecure.keychain.service.remote;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
import android.app.PendingIntent;
|
|
|
|
|
import android.content.Intent;
|
|
|
|
|
import android.database.Cursor;
|
|
|
|
|
import android.net.Uri;
|
|
|
|
|
import android.os.Bundle;
|
|
|
|
|
import android.os.IBinder;
|
|
|
|
|
import android.os.ParcelFileDescriptor;
|
2013-05-29 09:58:50 -04:00
|
|
|
|
2013-09-10 17:19:34 -04:00
|
|
|
import org.openintents.openpgp.IOpenPgpService;
|
|
|
|
|
import org.openintents.openpgp.OpenPgpError;
|
|
|
|
|
import org.openintents.openpgp.OpenPgpSignatureResult;
|
2014-02-13 20:33:21 -05:00
|
|
|
import org.openintents.openpgp.util.OpenPgpConstants;
|
2013-10-05 12:35:16 -04:00
|
|
|
import org.spongycastle.util.Arrays;
|
2013-05-28 09:10:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.Constants;
|
|
|
|
|
import org.sufficientlysecure.keychain.Id;
|
2014-02-20 20:40:44 -05:00
|
|
|
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
|
|
|
|
|
import org.sufficientlysecure.keychain.pgp.PgpSignEncrypt;
|
2013-09-06 07:48:27 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.KeychainContract;
|
2013-05-28 09:10:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.service.KeychainIntentService;
|
|
|
|
|
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
|
2013-09-08 10:08:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.util.InputData;
|
|
|
|
|
import org.sufficientlysecure.keychain.util.Log;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
import java.io.InputStream;
|
|
|
|
|
import java.io.OutputStream;
|
|
|
|
|
import java.util.ArrayList;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2013-09-15 09:20:15 -04:00
|
|
|
public class OpenPgpService extends RemoteService {
|
2013-09-09 13:38:13 -04:00
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
private static final int PRIVATE_REQUEST_CODE_PASSPHRASE = 551;
|
|
|
|
|
private static final int PRIVATE_REQUEST_CODE_USER_IDS = 552;
|
|
|
|
|
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2013-09-06 12:54:55 -04:00
|
|
|
/**
|
|
|
|
|
* Search database for key ids based on emails.
|
2014-02-13 20:33:21 -05:00
|
|
|
*
|
2013-09-06 12:54:55 -04:00
|
|
|
* @param encryptionUserIds
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
2014-02-14 20:08:27 -05:00
|
|
|
private Bundle getKeyIdsFromEmails(Bundle params, String[] encryptionUserIds) {
|
2013-09-06 12:54:55 -04:00
|
|
|
// find key ids to given emails in database
|
|
|
|
|
ArrayList<Long> keyIds = new ArrayList<Long>();
|
2013-09-09 13:38:13 -04:00
|
|
|
|
|
|
|
|
boolean missingUserIdsCheck = false;
|
|
|
|
|
boolean dublicateUserIdsCheck = false;
|
|
|
|
|
ArrayList<String> missingUserIds = new ArrayList<String>();
|
|
|
|
|
ArrayList<String> dublicateUserIds = new ArrayList<String>();
|
|
|
|
|
|
2013-09-06 12:54:55 -04:00
|
|
|
for (String email : encryptionUserIds) {
|
|
|
|
|
Uri uri = KeychainContract.KeyRings.buildPublicKeyRingsByEmailsUri(email);
|
|
|
|
|
Cursor cur = getContentResolver().query(uri, null, null, null, null);
|
|
|
|
|
if (cur.moveToFirst()) {
|
|
|
|
|
long id = cur.getLong(cur.getColumnIndex(KeychainContract.KeyRings.MASTER_KEY_ID));
|
|
|
|
|
keyIds.add(id);
|
|
|
|
|
} else {
|
2013-09-09 13:38:13 -04:00
|
|
|
missingUserIdsCheck = true;
|
|
|
|
|
missingUserIds.add(email);
|
2013-09-06 12:54:55 -04:00
|
|
|
Log.d(Constants.TAG, "user id missing");
|
|
|
|
|
}
|
|
|
|
|
if (cur.moveToNext()) {
|
2013-09-09 13:38:13 -04:00
|
|
|
dublicateUserIdsCheck = true;
|
|
|
|
|
dublicateUserIds.add(email);
|
2013-09-06 12:54:55 -04:00
|
|
|
Log.d(Constants.TAG, "more than one user id with the same email");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-08 16:52:38 -04:00
|
|
|
// convert to long[]
|
2013-09-08 11:04:33 -04:00
|
|
|
long[] keyIdsArray = new long[keyIds.size()];
|
|
|
|
|
for (int i = 0; i < keyIdsArray.length; i++) {
|
|
|
|
|
keyIdsArray[i] = keyIds.get(i);
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-16 07:00:47 -04:00
|
|
|
// allow the user to verify pub key selection
|
2014-02-14 11:01:17 -05:00
|
|
|
if (missingUserIdsCheck || dublicateUserIdsCheck) {
|
|
|
|
|
// build PendingIntent for passphrase input
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), RemoteServiceActivity.class);
|
|
|
|
|
intent.setAction(RemoteServiceActivity.ACTION_SELECT_PUB_KEYS);
|
|
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_SELECTED_MASTER_KEY_IDS, keyIdsArray);
|
|
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_MISSING_USER_IDS, missingUserIds);
|
|
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_DUBLICATE_USER_IDS, dublicateUserIds);
|
2014-02-14 20:08:27 -05:00
|
|
|
intent.putExtra(OpenPgpConstants.PI_RESULT_PARAMS, params);
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), PRIVATE_REQUEST_CODE_USER_IDS, intent, 0);
|
2013-09-09 13:38:13 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
// return PendingIntent to be executed by client
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_INTENT, pi);
|
2013-09-08 11:04:33 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2013-09-16 07:00:47 -04:00
|
|
|
}
|
|
|
|
|
|
2013-09-09 13:46:18 -04:00
|
|
|
if (keyIdsArray.length == 0) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
2013-09-06 12:54:55 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_SUCCESS);
|
|
|
|
|
result.putLongArray(OpenPgpConstants.PARAMS_KEY_IDS, keyIdsArray);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-02-14 20:08:27 -05:00
|
|
|
private Bundle getPassphraseBundleIntent(Bundle params, long keyId) {
|
2014-02-14 11:01:17 -05:00
|
|
|
// build PendingIntent for passphrase input
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), RemoteServiceActivity.class);
|
|
|
|
|
intent.setAction(RemoteServiceActivity.ACTION_CACHE_PASSPHRASE);
|
|
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_SECRET_KEY_ID, keyId);
|
2014-02-14 20:08:27 -05:00
|
|
|
// pass params through to activity that it can be returned again later to repeat pgp operation
|
|
|
|
|
intent.putExtra(OpenPgpConstants.PI_RESULT_PARAMS, params);
|
2014-02-14 19:06:03 -05:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), PRIVATE_REQUEST_CODE_PASSPHRASE, intent, 0);
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
// return PendingIntent to be executed by client
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_INTENT, pi);
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2014-02-13 20:33:21 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-15 07:00:47 -05:00
|
|
|
private Bundle signImpl(Bundle params, ParcelFileDescriptor input, ParcelFileDescriptor output,
|
|
|
|
|
AppSettings appSettings) {
|
2014-02-14 19:06:03 -05:00
|
|
|
try {
|
2014-02-19 04:47:13 -05:00
|
|
|
boolean asciiArmor = params.getBoolean(OpenPgpConstants.PARAMS_REQUEST_ASCII_ARMOR, true);
|
|
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
// get passphrase from cache, if key has "no" passphrase, this returns an empty String
|
2014-02-14 20:44:03 -05:00
|
|
|
String passphrase;
|
|
|
|
|
if (params.containsKey(OpenPgpConstants.PARAMS_PASSPHRASE)) {
|
|
|
|
|
passphrase = params.getString(OpenPgpConstants.PARAMS_PASSPHRASE);
|
|
|
|
|
} else {
|
|
|
|
|
passphrase = PassphraseCacheService.getCachedPassphrase(getContext(), appSettings.getKeyId());
|
|
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
if (passphrase == null) {
|
|
|
|
|
// get PendingIntent for passphrase input, add it to given params and return to client
|
2014-02-14 20:08:27 -05:00
|
|
|
Bundle passphraseBundle = getPassphraseBundleIntent(params, appSettings.getKeyId());
|
|
|
|
|
return passphraseBundle;
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
|
|
|
|
OutputStream os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
|
|
|
|
try {
|
|
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
|
|
|
|
|
2014-02-18 18:18:52 -05:00
|
|
|
// sign-only
|
2014-02-20 20:40:44 -05:00
|
|
|
PgpSignEncrypt.Builder builder = new PgpSignEncrypt.Builder(getContext(), inputData, os);
|
2014-02-19 04:47:13 -05:00
|
|
|
builder.enableAsciiArmorOutput(asciiArmor)
|
2014-02-18 18:18:52 -05:00
|
|
|
.signatureHashAlgorithm(appSettings.getHashAlgorithm())
|
|
|
|
|
.signatureForceV3(false)
|
|
|
|
|
.signatureKeyId(appSettings.getKeyId())
|
|
|
|
|
.signaturePassphrase(passphrase);
|
2014-02-20 20:40:44 -05:00
|
|
|
builder.build().execute();
|
2014-02-14 19:06:03 -05:00
|
|
|
} finally {
|
|
|
|
|
is.close();
|
|
|
|
|
os.close();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS,
|
|
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
private Bundle encryptAndSignImpl(Bundle params, ParcelFileDescriptor input,
|
|
|
|
|
ParcelFileDescriptor output, AppSettings appSettings,
|
|
|
|
|
boolean sign) {
|
2013-06-17 13:51:41 -04:00
|
|
|
try {
|
2014-02-19 04:47:13 -05:00
|
|
|
boolean asciiArmor = params.getBoolean(OpenPgpConstants.PARAMS_REQUEST_ASCII_ARMOR, true);
|
2013-10-05 12:35:16 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
long[] keyIds;
|
|
|
|
|
if (params.containsKey(OpenPgpConstants.PARAMS_KEY_IDS)) {
|
|
|
|
|
keyIds = params.getLongArray(OpenPgpConstants.PARAMS_KEY_IDS);
|
2014-02-18 07:19:41 -05:00
|
|
|
} else if (params.containsKey(OpenPgpConstants.PARAMS_USER_IDS)) {
|
2014-02-14 11:01:17 -05:00
|
|
|
// get key ids based on given user ids
|
|
|
|
|
String[] userIds = params.getStringArray(OpenPgpConstants.PARAMS_USER_IDS);
|
2014-02-14 20:08:27 -05:00
|
|
|
// give params through to activity...
|
|
|
|
|
Bundle result = getKeyIdsFromEmails(params, userIds);
|
2013-10-05 12:35:16 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
if (result.getInt(OpenPgpConstants.RESULT_CODE, 0) == OpenPgpConstants.RESULT_CODE_SUCCESS) {
|
|
|
|
|
keyIds = result.getLongArray(OpenPgpConstants.PARAMS_KEY_IDS);
|
|
|
|
|
} else {
|
2014-02-14 19:06:03 -05:00
|
|
|
// if not success -> result contains a PendingIntent for user interaction
|
2014-02-14 20:08:27 -05:00
|
|
|
return result;
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2014-02-18 07:19:41 -05:00
|
|
|
} else {
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS,
|
|
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, "Missing parameter user_ids or key_ids!"));
|
|
|
|
|
return result;
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// add own key for encryption
|
|
|
|
|
keyIds = Arrays.copyOf(keyIds, keyIds.length + 1);
|
|
|
|
|
keyIds[keyIds.length - 1] = appSettings.getKeyId();
|
|
|
|
|
|
2013-06-17 13:51:41 -04:00
|
|
|
// build InputData and write into OutputStream
|
2014-02-14 11:01:17 -05:00
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
|
|
|
|
OutputStream os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
|
|
|
|
try {
|
|
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
2013-06-17 13:51:41 -04:00
|
|
|
|
2014-02-20 20:40:44 -05:00
|
|
|
PgpSignEncrypt.Builder builder = new PgpSignEncrypt.Builder(getContext(), inputData, os);
|
2014-02-18 18:18:52 -05:00
|
|
|
builder.enableAsciiArmorOutput(asciiArmor)
|
|
|
|
|
.compressionId(appSettings.getCompression())
|
|
|
|
|
.symmetricEncryptionAlgorithm(appSettings.getEncryptionAlgorithm())
|
|
|
|
|
.encryptionKeyIds(keyIds);
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
if (sign) {
|
2014-02-14 20:44:03 -05:00
|
|
|
String passphrase;
|
|
|
|
|
if (params.containsKey(OpenPgpConstants.PARAMS_PASSPHRASE)) {
|
|
|
|
|
passphrase = params.getString(OpenPgpConstants.PARAMS_PASSPHRASE);
|
|
|
|
|
} else {
|
|
|
|
|
passphrase = PassphraseCacheService.getCachedPassphrase(getContext(),
|
|
|
|
|
appSettings.getKeyId());
|
|
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
if (passphrase == null) {
|
2014-02-14 19:06:03 -05:00
|
|
|
// get PendingIntent for passphrase input, add it to given params and return to client
|
2014-02-14 20:08:27 -05:00
|
|
|
Bundle passphraseBundle = getPassphraseBundleIntent(params, appSettings.getKeyId());
|
|
|
|
|
return passphraseBundle;
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2013-06-17 13:51:41 -04:00
|
|
|
|
2014-02-18 16:47:26 -05:00
|
|
|
// sign and encrypt
|
2014-02-19 04:47:13 -05:00
|
|
|
builder.signatureHashAlgorithm(appSettings.getHashAlgorithm())
|
|
|
|
|
.signatureForceV3(false)
|
|
|
|
|
.signatureKeyId(appSettings.getKeyId())
|
2014-02-18 18:18:52 -05:00
|
|
|
.signaturePassphrase(passphrase);
|
2014-02-14 11:01:17 -05:00
|
|
|
} else {
|
2014-02-18 16:47:26 -05:00
|
|
|
// encrypt only
|
2014-02-18 18:18:52 -05:00
|
|
|
builder.signatureKeyId(Id.key.none);
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2014-02-18 18:18:52 -05:00
|
|
|
// execute PGP operation!
|
2014-02-20 20:40:44 -05:00
|
|
|
builder.build().execute();
|
2014-02-14 11:01:17 -05:00
|
|
|
} finally {
|
|
|
|
|
is.close();
|
|
|
|
|
os.close();
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
2013-06-17 13:51:41 -04:00
|
|
|
} catch (Exception e) {
|
2014-02-14 11:01:17 -05:00
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS,
|
|
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
|
|
|
|
return result;
|
2013-06-17 13:51:41 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
private Bundle decryptAndVerifyImpl(Bundle params, ParcelFileDescriptor input,
|
|
|
|
|
ParcelFileDescriptor output, AppSettings appSettings) {
|
2013-05-28 09:10:36 -04:00
|
|
|
try {
|
2014-02-14 11:01:17 -05:00
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
|
|
|
|
OutputStream os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
2014-02-23 19:24:46 -05:00
|
|
|
|
|
|
|
|
Bundle result = new Bundle();
|
2014-02-14 11:01:17 -05:00
|
|
|
try {
|
2013-09-09 16:38:09 -04:00
|
|
|
|
2014-02-23 19:32:00 -05:00
|
|
|
// TODO:
|
2014-02-14 11:01:17 -05:00
|
|
|
// fix the mess: http://stackoverflow.com/questions/148130/how-do-i-peek-at-the-first-two-bytes-in-an-inputstream
|
|
|
|
|
// should we allow to decrypt everything under every key id or only the one set?
|
|
|
|
|
// TODO: instead of trying to get the passphrase before
|
|
|
|
|
// pause stream when passphrase is missing and then resume
|
|
|
|
|
|
2014-02-23 19:32:00 -05:00
|
|
|
// TODO: put this code into PgpDecryptVerify class
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
// TODO: This allows to decrypt messages with ALL secret keys, not only the one for the
|
|
|
|
|
// app, Fix this?
|
|
|
|
|
// String passphrase = null;
|
|
|
|
|
// if (!signedOnly) {
|
|
|
|
|
// // BEGIN Get key
|
|
|
|
|
// // TODO: this input stream is consumed after PgpMain.getDecryptionKeyId()... do it
|
|
|
|
|
// // better!
|
|
|
|
|
// InputStream inputStream2 = new ByteArrayInputStream(inputBytes);
|
|
|
|
|
//
|
|
|
|
|
// // TODO: duplicates functions from DecryptActivity!
|
|
|
|
|
// long secretKeyId;
|
|
|
|
|
// try {
|
|
|
|
|
// if (inputStream2.markSupported()) {
|
|
|
|
|
// // should probably set this to the max size of two
|
|
|
|
|
// // pgpF objects, if it even needs to be anything other
|
|
|
|
|
// // than 0.
|
|
|
|
|
// inputStream2.mark(200);
|
|
|
|
|
// }
|
|
|
|
|
// secretKeyId = PgpHelper.getDecryptionKeyId(this, inputStream2);
|
|
|
|
|
// if (secretKeyId == Id.key.none) {
|
|
|
|
|
// throw new PgpGeneralException(getString(R.string.error_no_secret_key_found));
|
|
|
|
|
// }
|
|
|
|
|
// } catch (NoAsymmetricEncryptionException e) {
|
|
|
|
|
// if (inputStream2.markSupported()) {
|
|
|
|
|
// inputStream2.reset();
|
|
|
|
|
// }
|
|
|
|
|
// secretKeyId = Id.key.symmetric;
|
2014-02-20 20:40:44 -05:00
|
|
|
// if (!PgpDecryptVerify.hasSymmetricEncryption(this, inputStream2)) {
|
2014-02-14 11:01:17 -05:00
|
|
|
// throw new PgpGeneralException(
|
|
|
|
|
// getString(R.string.error_no_known_encryption_found));
|
|
|
|
|
// }
|
|
|
|
|
// // we do not support symmetric decryption from the API!
|
|
|
|
|
// throw new Exception("Symmetric decryption is not supported!");
|
|
|
|
|
// }
|
|
|
|
|
//
|
|
|
|
|
// Log.d(Constants.TAG, "secretKeyId " + secretKeyId);
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-18 16:47:26 -05:00
|
|
|
// NOTE: currently this only gets the passphrase for the key set for this client
|
2014-02-14 20:44:03 -05:00
|
|
|
String passphrase;
|
|
|
|
|
if (params.containsKey(OpenPgpConstants.PARAMS_PASSPHRASE)) {
|
|
|
|
|
passphrase = params.getString(OpenPgpConstants.PARAMS_PASSPHRASE);
|
|
|
|
|
} else {
|
|
|
|
|
passphrase = PassphraseCacheService.getCachedPassphrase(getContext(), appSettings.getKeyId());
|
|
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
if (passphrase == null) {
|
|
|
|
|
// get PendingIntent for passphrase input, add it to given params and return to client
|
2014-02-14 20:08:27 -05:00
|
|
|
Bundle passphraseBundle = getPassphraseBundleIntent(params, appSettings.getKeyId());
|
|
|
|
|
return passphraseBundle;
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
Bundle outputBundle;
|
2014-02-20 20:40:44 -05:00
|
|
|
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(this, inputData, os);
|
2014-02-19 07:04:29 -05:00
|
|
|
|
2014-02-20 20:31:30 -05:00
|
|
|
builder.assumeSymmetric(false)
|
|
|
|
|
.passphrase(passphrase);
|
2014-02-19 07:04:29 -05:00
|
|
|
|
2014-02-23 19:32:00 -05:00
|
|
|
// TODO: this also decrypts with other secret keys that have no passphrase!!!
|
2014-02-20 20:40:44 -05:00
|
|
|
outputBundle = builder.build().execute();
|
2014-02-23 19:24:46 -05:00
|
|
|
|
2014-02-23 19:32:00 -05:00
|
|
|
//TODO: instead of using all these wrapping use OpenPgpSignatureResult directly
|
|
|
|
|
// in DecryptVerify class and then in DecryptActivity
|
2014-02-20 20:31:30 -05:00
|
|
|
boolean signature = outputBundle.getBoolean(KeychainIntentService.RESULT_SIGNATURE, false);
|
2014-02-14 11:01:17 -05:00
|
|
|
if (signature) {
|
|
|
|
|
long signatureKeyId = outputBundle
|
2014-02-20 20:31:30 -05:00
|
|
|
.getLong(KeychainIntentService.RESULT_SIGNATURE_KEY_ID, 0);
|
2014-02-14 11:01:17 -05:00
|
|
|
String signatureUserId = outputBundle
|
|
|
|
|
.getString(KeychainIntentService.RESULT_SIGNATURE_USER_ID);
|
|
|
|
|
boolean signatureSuccess = outputBundle
|
2014-02-20 20:31:30 -05:00
|
|
|
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS, false);
|
2014-02-14 11:01:17 -05:00
|
|
|
boolean signatureUnknown = outputBundle
|
2014-02-20 20:31:30 -05:00
|
|
|
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_UNKNOWN, false);
|
|
|
|
|
boolean signatureOnly = outputBundle
|
|
|
|
|
.getBoolean(KeychainIntentService.RESULT_CLEARTEXT_SIGNATURE_ONLY, false);
|
2014-02-14 11:01:17 -05:00
|
|
|
|
|
|
|
|
int signatureStatus = OpenPgpSignatureResult.SIGNATURE_ERROR;
|
|
|
|
|
if (signatureSuccess) {
|
|
|
|
|
signatureStatus = OpenPgpSignatureResult.SIGNATURE_SUCCESS_CERTIFIED;
|
|
|
|
|
} else if (signatureUnknown) {
|
|
|
|
|
signatureStatus = OpenPgpSignatureResult.SIGNATURE_UNKNOWN_PUB_KEY;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-23 19:32:00 -05:00
|
|
|
OpenPgpSignatureResult sigResult = new OpenPgpSignatureResult(signatureStatus,
|
|
|
|
|
signatureUserId, signatureOnly, signatureKeyId);
|
2014-02-23 19:24:46 -05:00
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_SIGNATURE, sigResult);
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
|
|
|
|
} finally {
|
|
|
|
|
is.close();
|
|
|
|
|
os.close();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
|
|
|
|
} catch (Exception e) {
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS,
|
|
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
|
|
|
|
return result;
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
private Bundle getKeyIdsImpl(Bundle params) {
|
|
|
|
|
// get key ids based on given user ids
|
|
|
|
|
String[] userIds = params.getStringArray(OpenPgpConstants.PARAMS_USER_IDS);
|
2014-02-14 20:08:27 -05:00
|
|
|
Bundle result = getKeyIdsFromEmails(params, userIds);
|
|
|
|
|
return result;
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-14 07:40:24 -05:00
|
|
|
/**
|
2014-02-17 14:41:54 -05:00
|
|
|
* Check requirements:
|
|
|
|
|
* - params != null
|
|
|
|
|
* - has supported API version
|
|
|
|
|
* - is allowed to call the service (access has been granted)
|
2014-02-14 07:40:24 -05:00
|
|
|
*
|
|
|
|
|
* @param params
|
2014-02-17 14:41:54 -05:00
|
|
|
* @return null if everything is okay, or a Bundle with an error/PendingIntent
|
2014-02-14 07:40:24 -05:00
|
|
|
*/
|
2014-02-17 12:37:01 -05:00
|
|
|
private Bundle checkRequirements(Bundle params) {
|
|
|
|
|
// params Bundle is required!
|
2014-02-14 07:40:24 -05:00
|
|
|
if (params == null) {
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
OpenPgpError error = new OpenPgpError(OpenPgpError.GENERIC_ERROR, "params Bundle required!");
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS, error);
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
// version code is required and needs to correspond to version code of service!
|
2014-02-14 07:40:24 -05:00
|
|
|
if (params.getInt(OpenPgpConstants.PARAMS_API_VERSION) != OpenPgpConstants.API_VERSION) {
|
|
|
|
|
Bundle result = new Bundle();
|
|
|
|
|
OpenPgpError error = new OpenPgpError(OpenPgpError.INCOMPATIBLE_API_VERSIONS, "Incompatible API versions!");
|
|
|
|
|
result.putParcelable(OpenPgpConstants.RESULT_ERRORS, error);
|
|
|
|
|
result.putInt(OpenPgpConstants.RESULT_CODE, OpenPgpConstants.RESULT_CODE_ERROR);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
// check if caller is allowed to access openpgp keychain
|
|
|
|
|
Bundle result = isAllowed(params);
|
|
|
|
|
if (result != null) {
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 07:40:24 -05:00
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 13:50:07 -05:00
|
|
|
// TODO: multi-threading
|
2013-09-10 17:19:34 -04:00
|
|
|
private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() {
|
2013-05-28 09:10:36 -04:00
|
|
|
|
|
|
|
|
@Override
|
2014-02-13 20:33:21 -05:00
|
|
|
public Bundle sign(Bundle params, final ParcelFileDescriptor input, final ParcelFileDescriptor output) {
|
|
|
|
|
final AppSettings appSettings = getAppSettings();
|
|
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
Bundle errorResult = checkRequirements(params);
|
2014-02-14 07:40:24 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
2014-02-13 20:33:21 -05:00
|
|
|
}
|
2013-06-17 13:51:41 -04:00
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
return signImpl(params, input, output, appSettings);
|
2013-05-28 09:10:36 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
2014-02-13 20:33:21 -05:00
|
|
|
public Bundle encrypt(Bundle params, ParcelFileDescriptor input, ParcelFileDescriptor output) {
|
2014-02-14 11:01:17 -05:00
|
|
|
final AppSettings appSettings = getAppSettings();
|
2013-09-06 12:54:55 -04:00
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
Bundle errorResult = checkRequirements(params);
|
2014-02-14 11:01:17 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return encryptAndSignImpl(params, input, output, appSettings, false);
|
2013-05-28 09:10:36 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
2014-02-13 20:33:21 -05:00
|
|
|
public Bundle signAndEncrypt(Bundle params, ParcelFileDescriptor input, ParcelFileDescriptor output) {
|
2014-02-14 11:01:17 -05:00
|
|
|
final AppSettings appSettings = getAppSettings();
|
2013-06-17 09:52:09 -04:00
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
Bundle errorResult = checkRequirements(params);
|
2014-02-14 11:01:17 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return encryptAndSignImpl(params, input, output, appSettings, true);
|
2013-05-28 09:10:36 -04:00
|
|
|
}
|
|
|
|
|
|
2013-10-02 13:08:33 -04:00
|
|
|
@Override
|
2014-02-13 20:33:21 -05:00
|
|
|
public Bundle decryptAndVerify(Bundle params, ParcelFileDescriptor input, ParcelFileDescriptor output) {
|
2014-02-14 19:06:03 -05:00
|
|
|
final AppSettings appSettings = getAppSettings();
|
2013-10-05 12:35:16 -04:00
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
Bundle errorResult = checkRequirements(params);
|
2014-02-14 19:06:03 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return decryptAndVerifyImpl(params, input, output, appSettings);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public Bundle getKeyIds(Bundle params) {
|
2014-02-17 12:37:01 -05:00
|
|
|
Bundle errorResult = checkRequirements(params);
|
2014-02-14 19:06:03 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return getKeyIdsImpl(params);
|
2013-10-02 13:08:33 -04:00
|
|
|
}
|
|
|
|
|
|
2013-06-17 09:52:09 -04:00
|
|
|
};
|
|
|
|
|
|
2013-09-16 07:08:02 -04:00
|
|
|
@Override
|
|
|
|
|
public IBinder onBind(Intent intent) {
|
|
|
|
|
return mBinder;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-28 09:10:36 -04:00
|
|
|
}
|
