open-keychain/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/remote/OpenPgpService.java

549 lines
21 KiB
Java
Raw Normal View History

2013-05-28 09:10:36 -04:00
/*
* Copyright (C) 2013 Dominik Schürmann <dominik@dominikschuermann.de>
2013-05-28 09:10:36 -04:00
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
2013-05-28 09:10:36 -04:00
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
2013-05-28 09:10:36 -04:00
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
2013-05-28 09:10:36 -04:00
*/
2013-09-15 07:52:05 -04:00
package org.sufficientlysecure.keychain.service.remote;
2013-05-28 09:10:36 -04:00
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.regex.Matcher;
2013-05-29 09:58:50 -04:00
2013-09-10 17:19:34 -04:00
import org.openintents.openpgp.IOpenPgpCallback;
import org.openintents.openpgp.IOpenPgpService;
import org.openintents.openpgp.OpenPgpError;
import org.openintents.openpgp.OpenPgpSignatureResult;
2013-05-28 09:10:36 -04:00
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Id;
import org.sufficientlysecure.keychain.R;
2013-09-08 10:08:36 -04:00
import org.sufficientlysecure.keychain.helper.PgpMain;
2013-09-08 12:21:04 -04:00
import org.sufficientlysecure.keychain.helper.Preferences;
2013-09-06 07:48:27 -04:00
import org.sufficientlysecure.keychain.provider.KeychainContract;
2013-05-28 09:10:36 -04:00
import org.sufficientlysecure.keychain.service.KeychainIntentService;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
2013-09-08 10:08:36 -04:00
import org.sufficientlysecure.keychain.util.InputData;
import org.sufficientlysecure.keychain.util.Log;
2013-05-28 09:10:36 -04:00
import android.content.Intent;
2013-09-06 12:36:16 -04:00
import android.database.Cursor;
2013-09-06 07:48:27 -04:00
import android.net.Uri;
2013-05-28 09:10:36 -04:00
import android.os.Bundle;
import android.os.Handler;
2013-05-28 09:10:36 -04:00
import android.os.IBinder;
import android.os.Message;
import android.os.Messenger;
2013-05-28 09:10:36 -04:00
import android.os.RemoteException;
2013-09-15 08:16:29 -04:00
public class OpenPgpService extends RemoteApiService {
2013-05-28 09:10:36 -04:00
@Override
public void onCreate() {
super.onCreate();
Log.d(Constants.TAG, "CryptoService, onCreate()");
2013-05-28 09:10:36 -04:00
}
@Override
public void onDestroy() {
super.onDestroy();
Log.d(Constants.TAG, "CryptoService, onDestroy()");
2013-05-28 09:10:36 -04:00
}
@Override
public IBinder onBind(Intent intent) {
return mBinder;
2013-05-28 09:10:36 -04:00
}
2013-09-06 07:48:27 -04:00
private String getCachedPassphrase(long keyId) {
String passphrase = PassphraseCacheService.getCachedPassphrase(mContext, keyId);
if (passphrase == null) {
Log.d(Constants.TAG, "No passphrase! Activity required!");
// start passphrase dialog
Bundle extras = new Bundle();
2013-09-10 17:19:34 -04:00
extras.putLong(OpenPgpServiceActivity.EXTRA_SECRET_KEY_ID, keyId);
2013-09-08 12:21:04 -04:00
PassphraseActivityCallback callback = new PassphraseActivityCallback();
Messenger messenger = new Messenger(new Handler(getMainLooper(), callback));
2013-09-10 17:19:34 -04:00
pauseQueueAndStartServiceActivity(OpenPgpServiceActivity.ACTION_CACHE_PASSPHRASE,
messenger, extras);
if (callback.isSuccess()) {
Log.d(Constants.TAG, "New passphrase entered!");
// get again after it was entered
passphrase = PassphraseCacheService.getCachedPassphrase(mContext, keyId);
} else {
Log.d(Constants.TAG, "Passphrase dialog canceled!");
2013-09-08 17:08:30 -04:00
return null;
}
2013-09-06 07:48:27 -04:00
}
return passphrase;
}
2013-09-15 08:16:29 -04:00
public class PassphraseActivityCallback extends UserInputCallback {
2013-09-08 17:08:30 -04:00
private boolean success = false;
public boolean isSuccess() {
return success;
}
@Override
2013-09-15 08:16:29 -04:00
public void handleUserInput(Message msg) {
if (msg.arg1 == OKAY) {
success = true;
} else {
success = false;
}
}
};
2013-09-06 12:54:55 -04:00
/**
* Search database for key ids based on emails.
*
* @param encryptionUserIds
* @return
*/
private long[] getKeyIdsFromEmails(String[] encryptionUserIds, long ownKeyId) {
2013-09-06 12:54:55 -04:00
// find key ids to given emails in database
ArrayList<Long> keyIds = new ArrayList<Long>();
boolean missingUserIdsCheck = false;
boolean dublicateUserIdsCheck = false;
ArrayList<String> missingUserIds = new ArrayList<String>();
ArrayList<String> dublicateUserIds = new ArrayList<String>();
2013-09-06 12:54:55 -04:00
for (String email : encryptionUserIds) {
Uri uri = KeychainContract.KeyRings.buildPublicKeyRingsByEmailsUri(email);
Cursor cur = getContentResolver().query(uri, null, null, null, null);
if (cur.moveToFirst()) {
long id = cur.getLong(cur.getColumnIndex(KeychainContract.KeyRings.MASTER_KEY_ID));
keyIds.add(id);
} else {
missingUserIdsCheck = true;
missingUserIds.add(email);
2013-09-06 12:54:55 -04:00
Log.d(Constants.TAG, "user id missing");
}
if (cur.moveToNext()) {
dublicateUserIdsCheck = true;
dublicateUserIds.add(email);
2013-09-06 12:54:55 -04:00
Log.d(Constants.TAG, "more than one user id with the same email");
}
}
// also encrypt to our self (so that we can decrypt it later!)
keyIds.add(ownKeyId);
2013-09-06 12:54:55 -04:00
// convert to long[]
long[] keyIdsArray = new long[keyIds.size()];
for (int i = 0; i < keyIdsArray.length; i++) {
keyIdsArray[i] = keyIds.get(i);
}
if (missingUserIdsCheck || dublicateUserIdsCheck) {
SelectPubKeysActivityCallback callback = new SelectPubKeysActivityCallback();
Messenger messenger = new Messenger(new Handler(getMainLooper(), callback));
Bundle extras = new Bundle();
2013-09-10 17:19:34 -04:00
extras.putLongArray(OpenPgpServiceActivity.EXTRA_SELECTED_MASTER_KEY_IDS, keyIdsArray);
extras.putStringArrayList(OpenPgpServiceActivity.EXTRA_MISSING_USER_IDS, missingUserIds);
extras.putStringArrayList(OpenPgpServiceActivity.EXTRA_DUBLICATE_USER_IDS,
dublicateUserIds);
2013-09-10 17:19:34 -04:00
pauseQueueAndStartServiceActivity(OpenPgpServiceActivity.ACTION_SELECT_PUB_KEYS,
messenger, extras);
if (callback.isSuccess()) {
Log.d(Constants.TAG, "New selection of pub keys!");
keyIdsArray = callback.getPubKeyIds();
} else {
Log.d(Constants.TAG, "Pub key selection canceled!");
return null;
}
}
if (keyIdsArray.length == 0) {
return null;
}
return keyIdsArray;
2013-09-06 12:54:55 -04:00
}
2013-09-15 08:16:29 -04:00
public class SelectPubKeysActivityCallback extends UserInputCallback {
public static final String PUB_KEY_IDS = "pub_key_ids";
private boolean success = false;
private long[] pubKeyIds;
public boolean isSuccess() {
return success;
}
public long[] getPubKeyIds() {
return pubKeyIds;
}
@Override
2013-09-15 08:16:29 -04:00
public void handleUserInput(Message msg) {
if (msg.arg1 == OKAY) {
success = true;
pubKeyIds = msg.getData().getLongArray(PUB_KEY_IDS);
} else {
success = false;
}
}
};
2013-09-06 12:54:55 -04:00
private synchronized void encryptAndSignSafe(byte[] inputBytes, String[] encryptionUserIds,
2013-09-10 17:19:34 -04:00
boolean asciiArmor, IOpenPgpCallback callback, AppSettings appSettings, boolean sign)
throws RemoteException {
2013-06-17 13:51:41 -04:00
try {
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData inputData = new InputData(inputStream, inputLength);
2013-09-06 07:48:27 -04:00
OutputStream outputStream = new ByteArrayOutputStream();
long[] keyIds = getKeyIdsFromEmails(encryptionUserIds, appSettings.getKeyId());
if (keyIds == null) {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(OpenPgpError.ID_NO_USER_IDS, "No user ids!"));
return;
}
2013-09-06 07:48:27 -04:00
2013-09-06 12:54:55 -04:00
if (sign) {
2013-09-08 12:21:04 -04:00
String passphrase = getCachedPassphrase(appSettings.getKeyId());
2013-09-08 17:08:30 -04:00
if (passphrase == null) {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(OpenPgpError.ID_NO_OR_WRONG_PASSPHRASE,
2013-09-08 17:08:30 -04:00
"No or wrong passphrase!"));
return;
}
2013-09-08 12:21:04 -04:00
PgpMain.encryptAndSign(mContext, null, inputData, outputStream, asciiArmor,
appSettings.getCompression(), keyIds, null,
2013-09-06 12:54:55 -04:00
appSettings.getEncryptionAlgorithm(), appSettings.getKeyId(),
appSettings.getHashAlgorithm(), true, passphrase);
} else {
PgpMain.encryptAndSign(mContext, null, inputData, outputStream, asciiArmor,
appSettings.getCompression(), keyIds, null,
2013-09-06 12:54:55 -04:00
appSettings.getEncryptionAlgorithm(), Id.key.none,
appSettings.getHashAlgorithm(), true, null);
}
2013-06-17 13:51:41 -04:00
2013-09-06 07:48:27 -04:00
outputStream.close();
2013-06-17 13:51:41 -04:00
2013-09-06 07:48:27 -04:00
byte[] outputBytes = ((ByteArrayOutputStream) outputStream).toByteArray();
2013-06-17 13:51:41 -04:00
2013-09-06 07:48:27 -04:00
// return over handler on client side
callback.onSuccess(outputBytes, null);
2013-06-17 13:51:41 -04:00
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(0, e.getMessage()));
2013-06-17 13:51:41 -04:00
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
// TODO: asciiArmor?!
2013-09-10 17:19:34 -04:00
private void signSafe(byte[] inputBytes, IOpenPgpCallback callback, AppSettings appSettings)
throws RemoteException {
2013-09-08 12:21:04 -04:00
try {
Log.d(Constants.TAG, "current therad id: " + Thread.currentThread().getId());
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData inputData = new InputData(inputStream, inputLength);
OutputStream outputStream = new ByteArrayOutputStream();
String passphrase = getCachedPassphrase(appSettings.getKeyId());
2013-09-08 17:08:30 -04:00
if (passphrase == null) {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(OpenPgpError.ID_NO_OR_WRONG_PASSPHRASE,
2013-09-08 17:08:30 -04:00
"No or wrong passphrase!"));
return;
}
2013-09-08 12:21:04 -04:00
PgpMain.signText(this, null, inputData, outputStream, appSettings.getKeyId(),
passphrase, appSettings.getHashAlgorithm(), Preferences.getPreferences(this)
.getForceV3Signatures());
outputStream.close();
byte[] outputBytes = ((ByteArrayOutputStream) outputStream).toByteArray();
// return over handler on client side
callback.onSuccess(outputBytes, null);
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(0, e.getMessage()));
2013-09-08 12:21:04 -04:00
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
2013-09-06 12:36:16 -04:00
}
2013-09-10 17:19:34 -04:00
private synchronized void decryptAndVerifySafe(byte[] inputBytes, IOpenPgpCallback callback,
2013-09-06 12:36:16 -04:00
AppSettings appSettings) throws RemoteException {
2013-05-28 09:10:36 -04:00
try {
2013-09-09 16:38:09 -04:00
// TODO: this is not really needed
// checked if it is text with BEGIN and END tags
String message = new String(inputBytes);
Log.d(Constants.TAG, "in: " + message);
boolean signedOnly = false;
2013-09-09 16:38:09 -04:00
Matcher matcher = PgpMain.PGP_MESSAGE.matcher(message);
if (matcher.matches()) {
2013-09-09 16:38:09 -04:00
Log.d(Constants.TAG, "PGP_MESSAGE matched");
message = matcher.group(1);
// replace non breakable spaces
message = message.replaceAll("\\xa0", " ");
// overwrite inputBytes
inputBytes = message.getBytes();
} else {
matcher = PgpMain.PGP_SIGNED_MESSAGE.matcher(message);
if (matcher.matches()) {
signedOnly = true;
Log.d(Constants.TAG, "PGP_SIGNED_MESSAGE matched");
message = matcher.group(1);
// replace non breakable spaces
message = message.replaceAll("\\xa0", " ");
// overwrite inputBytes
inputBytes = message.getBytes();
} else {
Log.d(Constants.TAG, "Nothing matched! Binary?");
}
}
2013-09-09 16:38:09 -04:00
// END TODO
Log.d(Constants.TAG, "in: " + new String(inputBytes));
2013-05-28 09:10:36 -04:00
2013-09-06 07:48:27 -04:00
// TODO: This allows to decrypt messages with ALL secret keys, not only the one for the
// app, Fix this?
// long secretKeyId = PgpMain.getDecryptionKeyId(mContext, inputStream);
// if (secretKeyId == Id.key.none) {
// throw new PgpMain.PgpGeneralException(getString(R.string.error_noSecretKeyFound));
// }
2013-09-09 16:38:09 -04:00
String passphrase = null;
boolean assumeSymmetricEncryption = false;
2013-09-09 16:38:09 -04:00
if (!signedOnly) {
// BEGIN Get key
// TODO: this input stream is consumed after PgpMain.getDecryptionKeyId()... do it
// better!
InputStream inputStream2 = new ByteArrayInputStream(inputBytes);
// TODO: duplicates functions from DecryptActivity!
// TODO: we need activity to input symmetric passphrase
long secretKeyId;
try {
if (inputStream2.markSupported()) {
inputStream2.mark(200); // should probably set this to the max size of two
// pgpF
// objects, if it even needs to be anything other
// than
// 0.
}
secretKeyId = PgpMain.getDecryptionKeyId(this, inputStream2);
if (secretKeyId == Id.key.none) {
throw new PgpMain.PgpGeneralException(
getString(R.string.error_noSecretKeyFound));
}
assumeSymmetricEncryption = false;
} catch (PgpMain.NoAsymmetricEncryptionException e) {
if (inputStream2.markSupported()) {
inputStream2.reset();
}
secretKeyId = Id.key.symmetric;
if (!PgpMain.hasSymmetricEncryption(this, inputStream2)) {
throw new PgpMain.PgpGeneralException(
getString(R.string.error_noKnownEncryptionFound));
}
assumeSymmetricEncryption = true;
}
2013-09-09 16:38:09 -04:00
Log.d(Constants.TAG, "secretKeyId " + secretKeyId);
passphrase = getCachedPassphrase(secretKeyId);
if (passphrase == null) {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(OpenPgpError.ID_NO_OR_WRONG_PASSPHRASE,
2013-09-09 16:38:09 -04:00
"No or wrong passphrase!"));
return;
}
}
2013-05-28 09:10:36 -04:00
2013-09-09 16:38:09 -04:00
// build InputData and write into OutputStream
InputStream inputStream = new ByteArrayInputStream(inputBytes);
long inputLength = inputBytes.length;
InputData inputData = new InputData(inputStream, inputLength);
2013-05-28 09:10:36 -04:00
2013-09-09 16:38:09 -04:00
OutputStream outputStream = new ByteArrayOutputStream();
2013-05-28 09:10:36 -04:00
Bundle outputBundle;
if (signedOnly) {
// TODO: download missing keys from keyserver?
outputBundle = PgpMain.verifyText(this, null, inputData, outputStream, false);
} else {
// TODO: assume symmetric: callback to enter symmetric pass
outputBundle = PgpMain.decryptAndVerify(this, null, inputData, outputStream,
2013-09-09 16:38:09 -04:00
passphrase, assumeSymmetricEncryption);
}
2013-05-28 09:10:36 -04:00
outputStream.close();
byte[] outputBytes = ((ByteArrayOutputStream) outputStream).toByteArray();
// get signature informations from bundle
boolean signature = outputBundle.getBoolean(KeychainIntentService.RESULT_SIGNATURE);
2013-09-10 17:19:34 -04:00
OpenPgpSignatureResult sigResult = null;
if (signature) {
2013-09-13 20:08:06 -04:00
long signatureKeyId = outputBundle
.getLong(KeychainIntentService.RESULT_SIGNATURE_KEY_ID);
String signatureUserId = outputBundle
.getString(KeychainIntentService.RESULT_SIGNATURE_USER_ID);
boolean signatureSuccess = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_SUCCESS);
boolean signatureUnknown = outputBundle
.getBoolean(KeychainIntentService.RESULT_SIGNATURE_UNKNOWN);
2013-09-15 08:16:29 -04:00
2013-09-13 20:08:06 -04:00
int signatureStatus = OpenPgpSignatureResult.SIGNATURE_ERROR;
if (signatureSuccess) {
signatureStatus = OpenPgpSignatureResult.SIGNATURE_SUCCESS;
} else if (signatureUnknown) {
signatureStatus = OpenPgpSignatureResult.SIGNATURE_UNKNOWN;
}
sigResult = new OpenPgpSignatureResult(signatureStatus, signatureUserId, signedOnly);
}
2013-05-28 09:10:36 -04:00
// return over handler on client side
2013-07-01 17:19:53 -04:00
callback.onSuccess(outputBytes, sigResult);
2013-05-28 09:10:36 -04:00
} catch (Exception e) {
Log.e(Constants.TAG, "KeychainService, Exception!", e);
try {
2013-09-10 17:19:34 -04:00
callback.onError(new OpenPgpError(0, e.getMessage()));
2013-05-28 09:10:36 -04:00
} catch (Exception t) {
Log.e(Constants.TAG, "Error returning exception to client", t);
}
}
}
2013-09-10 17:19:34 -04:00
private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() {
2013-05-28 09:10:36 -04:00
@Override
2013-06-17 13:51:41 -04:00
public void encrypt(final byte[] inputBytes, final String[] encryptionUserIds,
2013-09-10 17:19:34 -04:00
final boolean asciiArmor, final IOpenPgpCallback callback) throws RemoteException {
2013-05-28 09:10:36 -04:00
2013-09-06 07:48:27 -04:00
final AppSettings settings = getAppSettings();
2013-06-17 13:51:41 -04:00
Runnable r = new Runnable() {
@Override
public void run() {
try {
encryptAndSignSafe(inputBytes, encryptionUserIds, asciiArmor, callback,
settings, false);
2013-06-17 13:51:41 -04:00
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
2013-05-28 09:10:36 -04:00
}
@Override
2013-09-13 20:08:06 -04:00
public void signAndEncrypt(final byte[] inputBytes, final String[] encryptionUserIds,
2013-09-10 17:19:34 -04:00
final boolean asciiArmor, final IOpenPgpCallback callback) throws RemoteException {
2013-09-06 12:36:16 -04:00
final AppSettings settings = getAppSettings();
Runnable r = new Runnable() {
@Override
public void run() {
try {
encryptAndSignSafe(inputBytes, encryptionUserIds, asciiArmor, callback,
settings, true);
2013-09-06 12:36:16 -04:00
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
2013-05-28 09:10:36 -04:00
}
@Override
2013-09-10 17:19:34 -04:00
public void sign(final byte[] inputBytes, boolean asciiArmor,
final IOpenPgpCallback callback) throws RemoteException {
2013-09-06 12:54:55 -04:00
final AppSettings settings = getAppSettings();
Runnable r = new Runnable() {
@Override
public void run() {
try {
signSafe(inputBytes, callback, settings);
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
2013-05-28 09:10:36 -04:00
}
@Override
2013-09-10 17:19:34 -04:00
public void decryptAndVerify(final byte[] inputBytes, final IOpenPgpCallback callback)
2013-05-28 09:10:36 -04:00
throws RemoteException {
2013-09-06 12:36:16 -04:00
final AppSettings settings = getAppSettings();
Runnable r = new Runnable() {
@Override
public void run() {
try {
2013-09-06 12:36:16 -04:00
decryptAndVerifySafe(inputBytes, callback, settings);
} catch (RemoteException e) {
Log.e(Constants.TAG, "CryptoService", e);
}
}
};
checkAndEnqueue(r);
2013-05-28 09:10:36 -04:00
}
};
2013-05-28 09:10:36 -04:00
}