2013-05-28 09:10:36 -04:00
|
|
|
/*
|
2014-02-14 11:01:17 -05:00
|
|
|
* Copyright (C) 2013-2014 Dominik Schürmann <dominik@dominikschuermann.de>
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
2013-05-28 09:10:36 -04:00
|
|
|
*
|
2013-09-06 10:17:01 -04:00
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2013-05-28 09:10:36 -04:00
|
|
|
*/
|
|
|
|
|
|
2014-03-22 20:26:49 -04:00
|
|
|
package org.sufficientlysecure.keychain.remote;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
import android.app.PendingIntent;
|
|
|
|
|
import android.content.Intent;
|
|
|
|
|
import android.database.Cursor;
|
|
|
|
|
import android.net.Uri;
|
|
|
|
|
import android.os.IBinder;
|
|
|
|
|
import android.os.ParcelFileDescriptor;
|
2014-08-23 09:27:25 -04:00
|
|
|
import android.text.TextUtils;
|
2014-03-26 09:11:28 -04:00
|
|
|
|
2013-09-10 17:19:34 -04:00
|
|
|
import org.openintents.openpgp.IOpenPgpService;
|
2014-08-11 15:26:52 -04:00
|
|
|
import org.openintents.openpgp.OpenPgpMetadata;
|
2013-09-10 17:19:34 -04:00
|
|
|
import org.openintents.openpgp.OpenPgpError;
|
|
|
|
|
import org.openintents.openpgp.OpenPgpSignatureResult;
|
2014-03-01 19:20:06 -05:00
|
|
|
import org.openintents.openpgp.util.OpenPgpApi;
|
2014-09-18 16:05:27 -04:00
|
|
|
import org.spongycastle.util.encoders.Hex;
|
2014-10-08 19:37:44 -04:00
|
|
|
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
|
2014-09-23 20:01:53 -04:00
|
|
|
import org.sufficientlysecure.keychain.ui.NfcActivity;
|
2013-05-28 09:10:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.Constants;
|
2014-02-20 20:40:44 -05:00
|
|
|
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
|
2014-09-18 07:19:57 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
|
2014-09-13 16:08:49 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
|
2014-10-10 13:59:25 -04:00
|
|
|
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
|
2014-04-11 13:14:39 -04:00
|
|
|
import org.sufficientlysecure.keychain.pgp.PgpHelper;
|
2014-02-20 20:40:44 -05:00
|
|
|
import org.sufficientlysecure.keychain.pgp.PgpSignEncrypt;
|
2014-03-04 14:53:44 -05:00
|
|
|
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
2014-08-15 22:11:39 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.KeychainContract;
|
2014-04-03 19:04:28 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAccounts;
|
2014-04-13 11:46:39 -04:00
|
|
|
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
2014-03-07 05:24:53 -05:00
|
|
|
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
2014-03-22 20:26:49 -04:00
|
|
|
import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity;
|
2013-05-28 09:10:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
|
2014-10-10 13:59:25 -04:00
|
|
|
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
|
|
|
|
|
import org.sufficientlysecure.keychain.operations.results.SignEncryptResult;
|
2014-04-03 09:16:13 -04:00
|
|
|
import org.sufficientlysecure.keychain.ui.ImportKeysActivity;
|
2014-09-17 15:36:38 -04:00
|
|
|
import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity;
|
2014-05-07 08:53:35 -04:00
|
|
|
import org.sufficientlysecure.keychain.ui.ViewKeyActivity;
|
2013-09-08 10:08:36 -04:00
|
|
|
import org.sufficientlysecure.keychain.util.InputData;
|
|
|
|
|
import org.sufficientlysecure.keychain.util.Log;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
import java.io.InputStream;
|
|
|
|
|
import java.io.OutputStream;
|
|
|
|
|
import java.util.ArrayList;
|
2014-07-22 12:09:12 -04:00
|
|
|
import java.util.Date;
|
2014-04-01 12:44:36 -04:00
|
|
|
import java.util.Set;
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2013-09-15 09:20:15 -04:00
|
|
|
public class OpenPgpService extends RemoteService {
|
2013-09-09 13:38:13 -04:00
|
|
|
|
2014-08-15 22:11:39 -04:00
|
|
|
static final String[] EMAIL_SEARCH_PROJECTION = new String[]{
|
|
|
|
|
KeyRings._ID,
|
|
|
|
|
KeyRings.MASTER_KEY_ID,
|
|
|
|
|
KeyRings.IS_EXPIRED,
|
|
|
|
|
KeyRings.IS_REVOKED,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// do not pre-select revoked or expired keys
|
2014-09-13 16:08:49 -04:00
|
|
|
static final String EMAIL_SEARCH_WHERE = Tables.KEYS + "." + KeychainContract.KeyRings.IS_REVOKED
|
|
|
|
|
+ " = 0 AND " + KeychainContract.KeyRings.IS_EXPIRED + " = 0";
|
2014-07-07 22:24:27 -04:00
|
|
|
|
2013-09-06 12:54:55 -04:00
|
|
|
/**
|
|
|
|
|
* Search database for key ids based on emails.
|
2014-02-13 20:33:21 -05:00
|
|
|
*
|
2013-09-06 12:54:55 -04:00
|
|
|
* @param encryptionUserIds
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent getKeyIdsFromEmails(Intent data, String[] encryptionUserIds) {
|
2014-08-15 23:28:51 -04:00
|
|
|
boolean noUserIdsCheck = (encryptionUserIds == null || encryptionUserIds.length == 0);
|
2013-09-09 13:38:13 -04:00
|
|
|
boolean missingUserIdsCheck = false;
|
2014-04-03 19:07:09 -04:00
|
|
|
boolean duplicateUserIdsCheck = false;
|
2014-08-15 23:28:51 -04:00
|
|
|
|
2015-01-25 06:36:00 -05:00
|
|
|
ArrayList<Long> keyIds = new ArrayList<>();
|
|
|
|
|
ArrayList<String> missingUserIds = new ArrayList<>();
|
|
|
|
|
ArrayList<String> duplicateUserIds = new ArrayList<>();
|
2014-08-15 23:28:51 -04:00
|
|
|
if (!noUserIdsCheck) {
|
|
|
|
|
for (String email : encryptionUserIds) {
|
|
|
|
|
// try to find the key for this specific email
|
|
|
|
|
Uri uri = KeyRings.buildUnifiedKeyRingsFindByEmailUri(email);
|
|
|
|
|
Cursor cursor = getContentResolver().query(uri, EMAIL_SEARCH_PROJECTION, EMAIL_SEARCH_WHERE, null, null);
|
|
|
|
|
try {
|
|
|
|
|
// result should be one entry containing the key id
|
|
|
|
|
if (cursor != null && cursor.moveToFirst()) {
|
|
|
|
|
long id = cursor.getLong(cursor.getColumnIndex(KeyRings.MASTER_KEY_ID));
|
|
|
|
|
keyIds.add(id);
|
|
|
|
|
} else {
|
|
|
|
|
missingUserIdsCheck = true;
|
|
|
|
|
missingUserIds.add(email);
|
|
|
|
|
Log.d(Constants.TAG, "user id missing");
|
|
|
|
|
}
|
|
|
|
|
// another entry for this email -> too keys with the same email inside user id
|
|
|
|
|
if (cursor != null && cursor.moveToNext()) {
|
|
|
|
|
duplicateUserIdsCheck = true;
|
|
|
|
|
duplicateUserIds.add(email);
|
2013-09-09 13:38:13 -04:00
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
// also pre-select
|
|
|
|
|
long id = cursor.getLong(cursor.getColumnIndex(KeyRings.MASTER_KEY_ID));
|
|
|
|
|
keyIds.add(id);
|
|
|
|
|
Log.d(Constants.TAG, "more than one user id with the same email");
|
|
|
|
|
}
|
|
|
|
|
} finally {
|
|
|
|
|
if (cursor != null) {
|
|
|
|
|
cursor.close();
|
|
|
|
|
}
|
2014-05-08 09:56:32 -04:00
|
|
|
}
|
2013-09-06 12:54:55 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
// convert ArrayList<Long> to long[]
|
2013-09-08 11:04:33 -04:00
|
|
|
long[] keyIdsArray = new long[keyIds.size()];
|
|
|
|
|
for (int i = 0; i < keyIdsArray.length; i++) {
|
|
|
|
|
keyIdsArray[i] = keyIds.get(i);
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
if (noUserIdsCheck || missingUserIdsCheck || duplicateUserIdsCheck) {
|
|
|
|
|
// allow the user to verify pub key selection
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
Intent intent = new Intent(getBaseContext(), RemoteServiceActivity.class);
|
|
|
|
|
intent.setAction(RemoteServiceActivity.ACTION_SELECT_PUB_KEYS);
|
|
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_SELECTED_MASTER_KEY_IDS, keyIdsArray);
|
2014-08-15 23:28:51 -04:00
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_NO_USER_IDS_CHECK, noUserIdsCheck);
|
2014-02-14 11:01:17 -05:00
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_MISSING_USER_IDS, missingUserIds);
|
2014-08-15 23:28:51 -04:00
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_DUPLICATE_USER_IDS, duplicateUserIds);
|
2014-03-01 19:20:06 -05:00
|
|
|
intent.putExtra(RemoteServiceActivity.EXTRA_DATA, data);
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-03-26 09:11:28 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
2014-03-30 13:25:39 -04:00
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
2013-09-09 13:38:13 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
// return PendingIntent to be executed by client
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2014-08-15 23:28:51 -04:00
|
|
|
} else {
|
|
|
|
|
// everything was easy, we have exactly one key for every email
|
2013-09-16 07:00:47 -04:00
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
if (keyIdsArray.length == 0) {
|
|
|
|
|
Log.e(Constants.TAG, "keyIdsArray.length == 0, should never happen!");
|
|
|
|
|
}
|
2013-09-06 12:54:55 -04:00
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_KEY_IDS, keyIdsArray);
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-10-01 04:48:28 -04:00
|
|
|
private Intent getNfcSignIntent(Intent data, long keyId, String pin, byte[] hashToSign, int hashAlgo) {
|
2014-07-17 14:29:07 -04:00
|
|
|
// build PendingIntent for Yubikey NFC operations
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), NfcActivity.class);
|
2014-07-21 09:10:29 -04:00
|
|
|
intent.setAction(NfcActivity.ACTION_SIGN_HASH);
|
2014-09-07 18:01:29 -04:00
|
|
|
// pass params through to activity that it can be returned again later to repeat pgp operation
|
|
|
|
|
intent.putExtra(NfcActivity.EXTRA_DATA, data);
|
|
|
|
|
intent.putExtra(NfcActivity.EXTRA_PIN, pin);
|
2014-10-01 04:48:28 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_KEY_ID, keyId);
|
2014-09-07 18:01:29 -04:00
|
|
|
|
2014-07-22 12:09:12 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_NFC_HASH_TO_SIGN, hashToSign);
|
2014-08-14 08:50:13 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_NFC_HASH_ALGO, hashAlgo);
|
2014-09-07 18:01:29 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
|
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
|
|
|
|
|
|
|
|
|
// return PendingIntent to be executed by client
|
|
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-01 04:48:28 -04:00
|
|
|
private Intent getNfcDecryptIntent(Intent data, long subKeyId, String pin, byte[] encryptedSessionKey) {
|
2014-09-07 18:01:29 -04:00
|
|
|
// build PendingIntent for Yubikey NFC operations
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), NfcActivity.class);
|
|
|
|
|
intent.setAction(NfcActivity.ACTION_DECRYPT_SESSION_KEY);
|
2014-07-17 14:29:07 -04:00
|
|
|
// pass params through to activity that it can be returned again later to repeat pgp operation
|
|
|
|
|
intent.putExtra(NfcActivity.EXTRA_DATA, data);
|
2014-09-07 18:01:29 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_PIN, pin);
|
2014-10-01 04:48:28 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_KEY_ID, subKeyId);
|
2014-09-07 18:01:29 -04:00
|
|
|
|
2014-09-08 08:04:46 -04:00
|
|
|
intent.putExtra(NfcActivity.EXTRA_NFC_ENC_SESSION_KEY, encryptedSessionKey);
|
2014-07-17 14:29:07 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
|
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
|
|
|
|
|
|
|
|
|
// return PendingIntent to be executed by client
|
|
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private Intent getPassphraseIntent(Intent data, long keyId) {
|
2014-02-14 11:01:17 -05:00
|
|
|
// build PendingIntent for passphrase input
|
2014-09-17 15:36:38 -04:00
|
|
|
Intent intent = new Intent(getBaseContext(), PassphraseDialogActivity.class);
|
|
|
|
|
intent.putExtra(PassphraseDialogActivity.EXTRA_SUBKEY_ID, keyId);
|
2014-02-14 20:08:27 -05:00
|
|
|
// pass params through to activity that it can be returned again later to repeat pgp operation
|
2014-09-17 15:36:38 -04:00
|
|
|
intent.putExtra(PassphraseDialogActivity.EXTRA_DATA, data);
|
2014-03-26 09:11:28 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
2014-03-30 13:25:39 -04:00
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
2013-09-08 16:52:38 -04:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
// return PendingIntent to be executed by client
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2014-02-13 20:33:21 -05:00
|
|
|
}
|
|
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent signImpl(Intent data, ParcelFileDescriptor input,
|
2015-01-08 08:48:13 -05:00
|
|
|
ParcelFileDescriptor output, AccountSettings accSettings,
|
|
|
|
|
boolean cleartextSign) {
|
2014-02-14 19:06:03 -05:00
|
|
|
try {
|
2015-01-08 08:48:13 -05:00
|
|
|
boolean asciiArmor = cleartextSign || data.getBooleanExtra(OpenPgpApi.EXTRA_REQUEST_ASCII_ARMOR, true);
|
2014-02-19 04:47:13 -05:00
|
|
|
|
2014-07-22 12:09:12 -04:00
|
|
|
byte[] nfcSignedHash = data.getByteArrayExtra(OpenPgpApi.EXTRA_NFC_SIGNED_HASH);
|
2014-09-18 16:05:27 -04:00
|
|
|
if (nfcSignedHash != null) {
|
|
|
|
|
Log.d(Constants.TAG, "nfcSignedHash:" + Hex.toHexString(nfcSignedHash));
|
|
|
|
|
} else {
|
|
|
|
|
Log.d(Constants.TAG, "nfcSignedHash: null");
|
|
|
|
|
}
|
|
|
|
|
|
2014-09-07 18:17:13 -04:00
|
|
|
// carefully: only set if timestamp exists
|
|
|
|
|
Date nfcCreationDate = null;
|
2014-09-18 16:05:27 -04:00
|
|
|
long nfcCreationTimestamp = data.getLongExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, -1);
|
|
|
|
|
Log.d(Constants.TAG, "nfcCreationTimestamp: " + nfcCreationTimestamp);
|
|
|
|
|
if (nfcCreationTimestamp != -1) {
|
2014-09-07 18:17:13 -04:00
|
|
|
nfcCreationDate = new Date(nfcCreationTimestamp);
|
|
|
|
|
}
|
2014-07-17 14:29:07 -04:00
|
|
|
|
2014-02-14 19:06:03 -05:00
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
2015-01-26 11:33:40 -05:00
|
|
|
OutputStream os = null;
|
|
|
|
|
if (cleartextSign) {
|
|
|
|
|
// output stream only needed for cleartext signatures,
|
|
|
|
|
// detached signatures are returned as extra
|
|
|
|
|
os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
|
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
try {
|
|
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
|
|
|
|
|
2014-09-18 07:19:57 -04:00
|
|
|
// Find the appropriate subkey to sign with
|
2014-10-08 19:37:44 -04:00
|
|
|
long sigSubKeyId;
|
|
|
|
|
try {
|
|
|
|
|
CachedPublicKeyRing signingRing =
|
|
|
|
|
new ProviderHelper(this).getCachedPublicKeyRing(accSettings.getKeyId());
|
|
|
|
|
sigSubKeyId = signingRing.getSecretSignId();
|
|
|
|
|
} catch (PgpKeyNotFoundException e) {
|
|
|
|
|
// secret key that is set for this account is deleted?
|
|
|
|
|
// show account config again!
|
|
|
|
|
return getCreateAccountIntent(data, getAccountName(data));
|
|
|
|
|
}
|
2014-09-18 07:19:57 -04:00
|
|
|
|
2014-10-03 07:25:25 -04:00
|
|
|
// get passphrase from cache, if key has "no" passphrase, this returns an empty String
|
|
|
|
|
String passphrase;
|
|
|
|
|
if (data.hasExtra(OpenPgpApi.EXTRA_PASSPHRASE)) {
|
|
|
|
|
passphrase = data.getStringExtra(OpenPgpApi.EXTRA_PASSPHRASE);
|
|
|
|
|
} else {
|
2014-10-08 18:59:45 -04:00
|
|
|
try {
|
|
|
|
|
passphrase = PassphraseCacheService.getCachedPassphrase(getContext(),
|
|
|
|
|
accSettings.getKeyId(), sigSubKeyId);
|
|
|
|
|
} catch (PassphraseCacheService.KeyNotFoundException e) {
|
2014-10-08 19:37:44 -04:00
|
|
|
// should happen earlier, but return again here if it happens
|
2014-10-08 18:59:45 -04:00
|
|
|
return getCreateAccountIntent(data, getAccountName(data));
|
|
|
|
|
}
|
2014-10-03 07:25:25 -04:00
|
|
|
}
|
|
|
|
|
if (passphrase == null) {
|
|
|
|
|
// get PendingIntent for passphrase input, add it to given params and return to client
|
|
|
|
|
return getPassphraseIntent(data, sigSubKeyId);
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-18 18:18:52 -05:00
|
|
|
// sign-only
|
2014-04-11 13:14:39 -04:00
|
|
|
PgpSignEncrypt.Builder builder = new PgpSignEncrypt.Builder(
|
2014-10-13 09:02:42 -04:00
|
|
|
this, new ProviderHelper(getContext()), null,
|
2014-09-18 09:28:51 -04:00
|
|
|
inputData, os
|
|
|
|
|
);
|
2014-04-29 12:57:43 -04:00
|
|
|
builder.setEnableAsciiArmorOutput(asciiArmor)
|
2015-01-08 08:48:13 -05:00
|
|
|
.setCleartextSignature(cleartextSign)
|
|
|
|
|
.setDetachedSignature(!cleartextSign)
|
2014-08-14 05:44:47 -04:00
|
|
|
.setVersionHeader(PgpHelper.getVersionForHeader(this))
|
2014-04-29 12:57:43 -04:00
|
|
|
.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
|
|
|
|
|
.setSignatureMasterKeyId(accSettings.getKeyId())
|
2014-09-18 07:19:57 -04:00
|
|
|
.setSignatureSubKeyId(sigSubKeyId)
|
2014-07-17 14:29:07 -04:00
|
|
|
.setSignaturePassphrase(passphrase)
|
2014-09-07 18:17:13 -04:00
|
|
|
.setNfcState(nfcSignedHash, nfcCreationDate);
|
2014-04-12 14:33:25 -04:00
|
|
|
|
2014-09-13 18:33:19 -04:00
|
|
|
// execute PGP operation!
|
2014-09-17 07:45:16 -04:00
|
|
|
SignEncryptResult pgpResult = builder.build().execute();
|
|
|
|
|
|
|
|
|
|
if (pgpResult.isPending()) {
|
|
|
|
|
if ((pgpResult.getResult() & SignEncryptResult.RESULT_PENDING_PASSPHRASE) ==
|
|
|
|
|
SignEncryptResult.RESULT_PENDING_PASSPHRASE) {
|
|
|
|
|
return getPassphraseIntent(data, pgpResult.getKeyIdPassphraseNeeded());
|
|
|
|
|
} else if ((pgpResult.getResult() & SignEncryptResult.RESULT_PENDING_NFC) ==
|
|
|
|
|
SignEncryptResult.RESULT_PENDING_NFC) {
|
|
|
|
|
// return PendingIntent to execute NFC activity
|
|
|
|
|
// pass through the signature creation timestamp to be used again on second execution
|
|
|
|
|
// of PgpSignEncrypt when we have the signed hash!
|
|
|
|
|
data.putExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, pgpResult.getNfcTimestamp().getTime());
|
2014-10-01 04:48:28 -04:00
|
|
|
return getNfcSignIntent(data, pgpResult.getNfcKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcHash(), pgpResult.getNfcAlgo());
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
throw new PgpGeneralException(
|
|
|
|
|
"Encountered unhandled type of pending action not supported by API!");
|
2014-09-13 18:33:19 -04:00
|
|
|
}
|
2014-09-17 07:45:16 -04:00
|
|
|
} else if (pgpResult.success()) {
|
2015-01-08 08:48:13 -05:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
if (!cleartextSign) {
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, pgpResult.getDetachedSignature());
|
|
|
|
|
}
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
LogEntryParcel errorMsg = pgpResult.getLog().getLast();
|
2014-09-13 18:33:19 -04:00
|
|
|
throw new Exception(getString(errorMsg.mType.getMsgId()));
|
|
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
} finally {
|
|
|
|
|
is.close();
|
2015-01-26 11:33:40 -05:00
|
|
|
if (os != null) {
|
|
|
|
|
os.close();
|
|
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
|
|
|
|
} catch (Exception e) {
|
2014-07-17 14:29:07 -04:00
|
|
|
Log.d(Constants.TAG, "signImpl", e);
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-06 08:02:21 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR,
|
2014-02-14 19:06:03 -05:00
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-02-14 19:06:03 -05:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent encryptAndSignImpl(Intent data, ParcelFileDescriptor input,
|
2014-04-01 19:56:58 -04:00
|
|
|
ParcelFileDescriptor output, AccountSettings accSettings,
|
|
|
|
|
boolean sign) {
|
2013-06-17 13:51:41 -04:00
|
|
|
try {
|
2014-03-01 19:20:06 -05:00
|
|
|
boolean asciiArmor = data.getBooleanExtra(OpenPgpApi.EXTRA_REQUEST_ASCII_ARMOR, true);
|
2014-08-11 17:57:11 -04:00
|
|
|
String originalFilename = data.getStringExtra(OpenPgpApi.EXTRA_ORIGINAL_FILENAME);
|
|
|
|
|
if (originalFilename == null) {
|
|
|
|
|
originalFilename = "";
|
|
|
|
|
}
|
2013-10-05 12:35:16 -04:00
|
|
|
|
2014-08-15 23:28:51 -04:00
|
|
|
// first try to get key ids from non-ambiguous key id extra
|
|
|
|
|
long[] keyIds = data.getLongArrayExtra(OpenPgpApi.EXTRA_KEY_IDS);
|
|
|
|
|
if (keyIds == null) {
|
2014-02-14 11:01:17 -05:00
|
|
|
// get key ids based on given user ids
|
2014-03-01 19:20:06 -05:00
|
|
|
String[] userIds = data.getStringArrayExtra(OpenPgpApi.EXTRA_USER_IDS);
|
2014-02-14 20:08:27 -05:00
|
|
|
// give params through to activity...
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = getKeyIdsFromEmails(data, userIds);
|
2013-10-05 12:35:16 -04:00
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
if (result.getIntExtra(OpenPgpApi.RESULT_CODE, 0) == OpenPgpApi.RESULT_CODE_SUCCESS) {
|
2014-04-28 14:13:46 -04:00
|
|
|
keyIds = result.getLongArrayExtra(OpenPgpApi.RESULT_KEY_IDS);
|
2014-02-14 11:01:17 -05:00
|
|
|
} else {
|
2014-02-14 19:06:03 -05:00
|
|
|
// if not success -> result contains a PendingIntent for user interaction
|
2014-02-14 20:08:27 -05:00
|
|
|
return result;
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
|
|
|
|
|
2013-06-17 13:51:41 -04:00
|
|
|
// build InputData and write into OutputStream
|
2014-02-14 11:01:17 -05:00
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
|
|
|
|
OutputStream os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
|
|
|
|
try {
|
|
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
2013-06-17 13:51:41 -04:00
|
|
|
|
2014-04-11 13:14:39 -04:00
|
|
|
PgpSignEncrypt.Builder builder = new PgpSignEncrypt.Builder(
|
2014-10-13 09:02:42 -04:00
|
|
|
this, new ProviderHelper(getContext()), null, inputData, os
|
2014-09-18 09:28:51 -04:00
|
|
|
);
|
2014-04-29 12:57:43 -04:00
|
|
|
builder.setEnableAsciiArmorOutput(asciiArmor)
|
2014-08-14 05:44:47 -04:00
|
|
|
.setVersionHeader(PgpHelper.getVersionForHeader(this))
|
2014-04-29 12:57:43 -04:00
|
|
|
.setCompressionId(accSettings.getCompression())
|
|
|
|
|
.setSymmetricEncryptionAlgorithm(accSettings.getEncryptionAlgorithm())
|
2014-08-11 17:57:11 -04:00
|
|
|
.setEncryptionMasterKeyIds(keyIds)
|
2014-10-25 18:18:45 -04:00
|
|
|
.setFailOnMissingEncryptionKeyIds(true)
|
2014-08-15 21:59:58 -04:00
|
|
|
.setOriginalFilename(originalFilename)
|
|
|
|
|
.setAdditionalEncryptId(accSettings.getKeyId()); // add acc key for encryption
|
2014-02-18 18:18:52 -05:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
if (sign) {
|
2014-09-29 18:50:07 -04:00
|
|
|
|
|
|
|
|
// Find the appropriate subkey to sign with
|
2014-10-08 19:51:35 -04:00
|
|
|
long sigSubKeyId;
|
|
|
|
|
try {
|
|
|
|
|
CachedPublicKeyRing signingRing =
|
|
|
|
|
new ProviderHelper(this).getCachedPublicKeyRing(accSettings.getKeyId());
|
|
|
|
|
sigSubKeyId = signingRing.getSecretSignId();
|
|
|
|
|
} catch (PgpKeyNotFoundException e) {
|
|
|
|
|
// secret key that is set for this account is deleted?
|
|
|
|
|
// show account config again!
|
|
|
|
|
return getCreateAccountIntent(data, getAccountName(data));
|
|
|
|
|
}
|
2014-09-29 18:50:07 -04:00
|
|
|
|
2014-10-01 04:48:28 -04:00
|
|
|
String passphrase;
|
2014-03-01 19:20:06 -05:00
|
|
|
if (data.hasExtra(OpenPgpApi.EXTRA_PASSPHRASE)) {
|
|
|
|
|
passphrase = data.getStringExtra(OpenPgpApi.EXTRA_PASSPHRASE);
|
2014-02-14 20:44:03 -05:00
|
|
|
} else {
|
|
|
|
|
passphrase = PassphraseCacheService.getCachedPassphrase(getContext(),
|
2014-09-29 18:50:07 -04:00
|
|
|
accSettings.getKeyId(), sigSubKeyId);
|
2014-02-14 20:44:03 -05:00
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
if (passphrase == null) {
|
2014-02-14 19:06:03 -05:00
|
|
|
// get PendingIntent for passphrase input, add it to given params and return to client
|
2014-09-29 18:50:07 -04:00
|
|
|
return getPassphraseIntent(data, sigSubKeyId);
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2013-06-17 13:51:41 -04:00
|
|
|
|
2014-09-07 18:17:13 -04:00
|
|
|
byte[] nfcSignedHash = data.getByteArrayExtra(OpenPgpApi.EXTRA_NFC_SIGNED_HASH);
|
|
|
|
|
// carefully: only set if timestamp exists
|
|
|
|
|
Date nfcCreationDate = null;
|
2014-09-18 16:05:27 -04:00
|
|
|
long nfcCreationTimestamp = data.getLongExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, -1);
|
|
|
|
|
if (nfcCreationTimestamp != -1) {
|
2014-09-07 18:17:13 -04:00
|
|
|
nfcCreationDate = new Date(nfcCreationTimestamp);
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-18 16:47:26 -05:00
|
|
|
// sign and encrypt
|
2014-04-29 12:57:43 -04:00
|
|
|
builder.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
|
|
|
|
|
.setSignatureMasterKeyId(accSettings.getKeyId())
|
2014-09-18 07:19:57 -04:00
|
|
|
.setSignatureSubKeyId(sigSubKeyId)
|
2014-09-07 18:17:13 -04:00
|
|
|
.setSignaturePassphrase(passphrase)
|
|
|
|
|
.setNfcState(nfcSignedHash, nfcCreationDate);
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2014-04-15 18:32:00 -04:00
|
|
|
|
2014-09-13 18:33:19 -04:00
|
|
|
// execute PGP operation!
|
2014-09-17 07:45:16 -04:00
|
|
|
SignEncryptResult pgpResult = builder.build().execute();
|
|
|
|
|
|
|
|
|
|
if (pgpResult.isPending()) {
|
|
|
|
|
if ((pgpResult.getResult() & SignEncryptResult.RESULT_PENDING_PASSPHRASE) ==
|
|
|
|
|
SignEncryptResult.RESULT_PENDING_PASSPHRASE) {
|
|
|
|
|
return getPassphraseIntent(data, pgpResult.getKeyIdPassphraseNeeded());
|
|
|
|
|
} else if ((pgpResult.getResult() & SignEncryptResult.RESULT_PENDING_NFC) ==
|
|
|
|
|
SignEncryptResult.RESULT_PENDING_NFC) {
|
|
|
|
|
// return PendingIntent to execute NFC activity
|
|
|
|
|
// pass through the signature creation timestamp to be used again on second execution
|
|
|
|
|
// of PgpSignEncrypt when we have the signed hash!
|
|
|
|
|
data.putExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, pgpResult.getNfcTimestamp().getTime());
|
2014-10-01 04:48:28 -04:00
|
|
|
return getNfcSignIntent(data, pgpResult.getNfcKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcHash(), pgpResult.getNfcAlgo());
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
throw new PgpGeneralException(
|
|
|
|
|
"Encountered unhandled type of pending action not supported by API!");
|
2014-09-13 18:33:19 -04:00
|
|
|
}
|
2014-09-17 07:45:16 -04:00
|
|
|
} else if (pgpResult.success()) {
|
2015-01-08 08:48:13 -05:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
LogEntryParcel errorMsg = pgpResult.getLog().getLast();
|
2014-09-13 18:33:19 -04:00
|
|
|
throw new Exception(getString(errorMsg.mType.getMsgId()));
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
} finally {
|
|
|
|
|
is.close();
|
|
|
|
|
os.close();
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
2013-06-17 13:51:41 -04:00
|
|
|
} catch (Exception e) {
|
2014-07-17 14:29:07 -04:00
|
|
|
Log.d(Constants.TAG, "encryptAndSignImpl", e);
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-06 08:02:21 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR,
|
2014-02-14 11:01:17 -05:00
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2013-06-17 13:51:41 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent decryptAndVerifyImpl(Intent data, ParcelFileDescriptor input,
|
2014-08-11 11:29:41 -04:00
|
|
|
ParcelFileDescriptor output, Set<Long> allowedKeyIds,
|
|
|
|
|
boolean decryptMetadataOnly) {
|
2013-05-28 09:10:36 -04:00
|
|
|
try {
|
2014-02-14 11:01:17 -05:00
|
|
|
// Get Input- and OutputStream from ParcelFileDescriptor
|
|
|
|
|
InputStream is = new ParcelFileDescriptor.AutoCloseInputStream(input);
|
2014-08-12 11:04:11 -04:00
|
|
|
|
|
|
|
|
OutputStream os;
|
|
|
|
|
if (decryptMetadataOnly) {
|
|
|
|
|
os = null;
|
|
|
|
|
} else {
|
|
|
|
|
os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
|
|
|
|
|
}
|
2014-02-23 19:24:46 -05:00
|
|
|
|
2014-02-14 11:01:17 -05:00
|
|
|
try {
|
2014-03-04 14:53:44 -05:00
|
|
|
String passphrase = data.getStringExtra(OpenPgpApi.EXTRA_PASSPHRASE);
|
2014-02-14 11:01:17 -05:00
|
|
|
long inputLength = is.available();
|
|
|
|
|
InputData inputData = new InputData(is, inputLength);
|
2013-05-28 09:10:36 -04:00
|
|
|
|
2014-04-11 13:43:46 -04:00
|
|
|
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(
|
2014-10-13 09:02:42 -04:00
|
|
|
this, new ProviderHelper(getContext()), null, inputData, os
|
2014-04-28 14:13:46 -04:00
|
|
|
);
|
2014-08-12 11:04:11 -04:00
|
|
|
|
2014-09-08 08:04:46 -04:00
|
|
|
byte[] nfcDecryptedSessionKey = data.getByteArrayExtra(OpenPgpApi.EXTRA_NFC_DECRYPTED_SESSION_KEY);
|
|
|
|
|
|
2014-08-12 11:04:11 -04:00
|
|
|
// allow only private keys associated with accounts of this app
|
|
|
|
|
// no support for symmetric encryption
|
|
|
|
|
builder.setPassphrase(passphrase)
|
|
|
|
|
.setAllowSymmetricDecryption(false)
|
|
|
|
|
.setAllowedKeyIds(allowedKeyIds)
|
2014-09-08 08:04:46 -04:00
|
|
|
.setDecryptMetadataOnly(decryptMetadataOnly)
|
|
|
|
|
.setNfcState(nfcDecryptedSessionKey);
|
2014-02-19 07:04:29 -05:00
|
|
|
|
2014-09-13 13:30:10 -04:00
|
|
|
// TODO: currently does not support binary signed-only content
|
2014-09-17 07:45:16 -04:00
|
|
|
DecryptVerifyResult pgpResult = builder.build().execute();
|
|
|
|
|
|
|
|
|
|
if (pgpResult.isPending()) {
|
|
|
|
|
if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_ASYM_PASSPHRASE) ==
|
|
|
|
|
DecryptVerifyResult.RESULT_PENDING_ASYM_PASSPHRASE) {
|
|
|
|
|
return getPassphraseIntent(data, pgpResult.getKeyIdPassphraseNeeded());
|
|
|
|
|
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_SYM_PASSPHRASE) ==
|
|
|
|
|
DecryptVerifyResult.RESULT_PENDING_SYM_PASSPHRASE) {
|
|
|
|
|
throw new PgpGeneralException(
|
|
|
|
|
"Decryption of symmetric content not supported by API!");
|
|
|
|
|
} else if ((pgpResult.getResult() & DecryptVerifyResult.RESULT_PENDING_NFC) ==
|
|
|
|
|
DecryptVerifyResult.RESULT_PENDING_NFC) {
|
2014-09-23 18:57:57 -04:00
|
|
|
return getNfcDecryptIntent(
|
2014-10-01 04:48:28 -04:00
|
|
|
data, pgpResult.getNfcSubKeyId(), pgpResult.getNfcPassphrase(), pgpResult.getNfcEncryptedSessionKey());
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
throw new PgpGeneralException(
|
|
|
|
|
"Encountered unhandled type of pending action not supported by API!");
|
2014-09-13 13:30:10 -04:00
|
|
|
}
|
2014-09-17 07:45:16 -04:00
|
|
|
} else if (pgpResult.success()) {
|
2015-01-08 08:48:13 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-04 14:53:44 -05:00
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
OpenPgpSignatureResult signatureResult = pgpResult.getSignatureResult();
|
|
|
|
|
if (signatureResult != null) {
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_SIGNATURE, signatureResult);
|
2014-04-15 18:32:00 -04:00
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 5) {
|
|
|
|
|
// SIGNATURE_KEY_REVOKED and SIGNATURE_KEY_EXPIRED have been added in version 5
|
|
|
|
|
if (signatureResult.getStatus() == OpenPgpSignatureResult.SIGNATURE_KEY_REVOKED
|
|
|
|
|
|| signatureResult.getStatus() == OpenPgpSignatureResult.SIGNATURE_KEY_EXPIRED) {
|
|
|
|
|
signatureResult.setStatus(OpenPgpSignatureResult.SIGNATURE_ERROR);
|
|
|
|
|
}
|
2014-08-31 17:50:04 -04:00
|
|
|
}
|
|
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
if (signatureResult.getStatus() == OpenPgpSignatureResult.SIGNATURE_KEY_MISSING) {
|
|
|
|
|
// If signature is unknown we return an _additional_ PendingIntent
|
|
|
|
|
// to retrieve the missing key
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), ImportKeysActivity.class);
|
|
|
|
|
intent.setAction(ImportKeysActivity.ACTION_IMPORT_KEY_FROM_KEYSERVER_AND_RETURN_TO_SERVICE);
|
|
|
|
|
intent.putExtra(ImportKeysActivity.EXTRA_KEY_ID, signatureResult.getKeyId());
|
|
|
|
|
intent.putExtra(ImportKeysActivity.EXTRA_PENDING_INTENT_DATA, data);
|
2014-03-01 19:20:06 -05:00
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
|
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
2014-03-01 19:20:06 -05:00
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
|
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
2014-03-04 14:53:44 -05:00
|
|
|
|
2014-09-17 07:45:16 -04:00
|
|
|
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) >= 4) {
|
|
|
|
|
OpenPgpMetadata metadata = pgpResult.getDecryptMetadata();
|
|
|
|
|
if (metadata != null) {
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_METADATA, metadata);
|
|
|
|
|
}
|
2014-08-14 07:08:39 -04:00
|
|
|
}
|
2015-01-08 08:48:13 -05:00
|
|
|
|
2015-01-27 03:17:23 -05:00
|
|
|
String charset = pgpResult.getCharset();
|
|
|
|
|
if (charset != null) {
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CHARSET, charset);
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-08 08:48:13 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
2014-09-17 07:45:16 -04:00
|
|
|
} else {
|
|
|
|
|
LogEntryParcel errorMsg = pgpResult.getLog().getLast();
|
|
|
|
|
throw new Exception(getString(errorMsg.mType.getMsgId()));
|
2014-08-11 11:29:41 -04:00
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
} finally {
|
|
|
|
|
is.close();
|
2014-08-12 11:04:11 -04:00
|
|
|
if (os != null) {
|
|
|
|
|
os.close();
|
|
|
|
|
}
|
2014-02-14 11:01:17 -05:00
|
|
|
}
|
|
|
|
|
} catch (Exception e) {
|
2014-07-17 14:29:07 -04:00
|
|
|
Log.d(Constants.TAG, "decryptAndVerifyImpl", e);
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR,
|
|
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
2014-03-01 19:20:06 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-03-07 05:24:53 -05:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private Intent getKeyImpl(Intent data) {
|
|
|
|
|
try {
|
2014-04-28 14:20:23 -04:00
|
|
|
long masterKeyId = data.getLongExtra(OpenPgpApi.EXTRA_KEY_ID, 0);
|
2014-03-07 05:24:53 -05:00
|
|
|
|
2014-04-28 14:20:23 -04:00
|
|
|
try {
|
|
|
|
|
// try to find key, throws NotFoundException if not in db!
|
2014-07-31 11:08:33 -04:00
|
|
|
mProviderHelper.getCanonicalizedPublicKeyRing(masterKeyId);
|
2014-04-28 14:20:23 -04:00
|
|
|
|
|
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
|
2014-05-07 08:53:35 -04:00
|
|
|
// also return PendingIntent that opens the key view activity
|
|
|
|
|
Intent intent = new Intent(getBaseContext(), ViewKeyActivity.class);
|
2014-05-21 15:21:28 -04:00
|
|
|
intent.setData(KeyRings.buildGenericKeyRingUri(masterKeyId));
|
2014-05-07 08:53:35 -04:00
|
|
|
|
|
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
|
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
|
|
|
|
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
2014-04-28 14:20:23 -04:00
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
} catch (ProviderHelper.NotFoundException e) {
|
2014-03-07 05:24:53 -05:00
|
|
|
Intent result = new Intent();
|
|
|
|
|
|
|
|
|
|
// If keys are not in db we return an additional PendingIntent
|
|
|
|
|
// to retrieve the missing key
|
2014-04-03 09:18:05 -04:00
|
|
|
Intent intent = new Intent(getBaseContext(), ImportKeysActivity.class);
|
2014-08-20 13:46:44 -04:00
|
|
|
intent.setAction(ImportKeysActivity.ACTION_IMPORT_KEY_FROM_KEYSERVER_AND_RETURN_TO_SERVICE);
|
2014-04-28 14:20:23 -04:00
|
|
|
intent.putExtra(ImportKeysActivity.EXTRA_KEY_ID, masterKeyId);
|
2014-04-03 09:18:05 -04:00
|
|
|
intent.putExtra(ImportKeysActivity.EXTRA_PENDING_INTENT_DATA, data);
|
2014-03-07 05:24:53 -05:00
|
|
|
|
2014-03-26 09:11:28 -04:00
|
|
|
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
|
|
|
|
|
intent,
|
2014-03-30 13:25:39 -04:00
|
|
|
PendingIntent.FLAG_CANCEL_CURRENT);
|
2014-03-07 05:24:53 -05:00
|
|
|
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception e) {
|
2014-08-12 11:04:11 -04:00
|
|
|
Log.d(Constants.TAG, "getKeyImpl", e);
|
2014-03-07 05:24:53 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-06 08:02:21 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR,
|
2014-02-14 11:01:17 -05:00
|
|
|
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
|
2014-03-07 05:24:53 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-02-14 11:01:17 -05:00
|
|
|
return result;
|
2013-10-05 12:35:16 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent getKeyIdsImpl(Intent data) {
|
2014-04-28 14:13:46 -04:00
|
|
|
// if data already contains key ids extra GET_KEY_IDS has been executed again
|
|
|
|
|
// after user interaction. Then, we just need to return the array again!
|
|
|
|
|
if (data.hasExtra(OpenPgpApi.EXTRA_KEY_IDS)) {
|
|
|
|
|
long[] keyIdsArray = data.getLongArrayExtra(OpenPgpApi.EXTRA_KEY_IDS);
|
|
|
|
|
|
|
|
|
|
Intent result = new Intent();
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_KEY_IDS, keyIdsArray);
|
|
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
|
|
|
|
|
return result;
|
|
|
|
|
} else {
|
|
|
|
|
// get key ids based on given user ids
|
|
|
|
|
String[] userIds = data.getStringArrayExtra(OpenPgpApi.EXTRA_USER_IDS);
|
2014-07-22 12:14:17 -04:00
|
|
|
return getKeyIdsFromEmails(data, userIds);
|
2014-04-28 14:13:46 -04:00
|
|
|
}
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
|
|
|
|
|
2014-02-14 07:40:24 -05:00
|
|
|
/**
|
2014-02-17 14:41:54 -05:00
|
|
|
* Check requirements:
|
|
|
|
|
* - params != null
|
|
|
|
|
* - has supported API version
|
|
|
|
|
* - is allowed to call the service (access has been granted)
|
2014-02-14 07:40:24 -05:00
|
|
|
*
|
2014-03-01 19:20:06 -05:00
|
|
|
* @param data
|
2014-02-17 14:41:54 -05:00
|
|
|
* @return null if everything is okay, or a Bundle with an error/PendingIntent
|
2014-02-14 07:40:24 -05:00
|
|
|
*/
|
2014-03-01 19:20:06 -05:00
|
|
|
private Intent checkRequirements(Intent data) {
|
2014-02-17 12:37:01 -05:00
|
|
|
// params Bundle is required!
|
2014-03-01 19:20:06 -05:00
|
|
|
if (data == null) {
|
|
|
|
|
Intent result = new Intent();
|
2014-02-14 07:40:24 -05:00
|
|
|
OpenPgpError error = new OpenPgpError(OpenPgpError.GENERIC_ERROR, "params Bundle required!");
|
2014-03-06 08:02:21 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR, error);
|
2014-03-01 19:20:06 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-02-14 07:40:24 -05:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
// version code is required and needs to correspond to version code of service!
|
2014-08-11 11:22:53 -04:00
|
|
|
// History of versions in org.openintents.openpgp.util.OpenPgpApi
|
2014-08-31 17:50:04 -04:00
|
|
|
// we support 3, 4, 5
|
2014-08-11 11:22:53 -04:00
|
|
|
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 3
|
2014-08-31 17:50:04 -04:00
|
|
|
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 4
|
|
|
|
|
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 5) {
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = new Intent();
|
2014-03-13 13:50:45 -04:00
|
|
|
OpenPgpError error = new OpenPgpError
|
2014-08-12 07:54:46 -04:00
|
|
|
(OpenPgpError.INCOMPATIBLE_API_VERSIONS, "Incompatible API versions!\n"
|
|
|
|
|
+ "used API version: " + data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) + "\n"
|
|
|
|
|
+ "supported API versions: 3, 4");
|
2014-03-06 08:02:21 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_ERROR, error);
|
2014-03-01 19:20:06 -05:00
|
|
|
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
|
2014-02-14 07:40:24 -05:00
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 12:37:01 -05:00
|
|
|
// check if caller is allowed to access openpgp keychain
|
2014-03-01 19:20:06 -05:00
|
|
|
Intent result = isAllowed(data);
|
2014-02-17 12:37:01 -05:00
|
|
|
if (result != null) {
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-14 07:40:24 -05:00
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-23 09:27:25 -04:00
|
|
|
private String getAccountName(Intent data) {
|
|
|
|
|
String accName = data.getStringExtra(OpenPgpApi.EXTRA_ACCOUNT_NAME);
|
|
|
|
|
// if no account name is given use name "default"
|
|
|
|
|
if (TextUtils.isEmpty(accName)) {
|
|
|
|
|
accName = "default";
|
|
|
|
|
}
|
|
|
|
|
Log.d(Constants.TAG, "accName: " + accName);
|
|
|
|
|
return accName;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-17 13:50:07 -05:00
|
|
|
// TODO: multi-threading
|
2013-09-10 17:19:34 -04:00
|
|
|
private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() {
|
2013-05-28 09:10:36 -04:00
|
|
|
|
|
|
|
|
@Override
|
2014-03-01 19:20:06 -05:00
|
|
|
public Intent execute(Intent data, ParcelFileDescriptor input, ParcelFileDescriptor output) {
|
|
|
|
|
Intent errorResult = checkRequirements(data);
|
2014-02-14 11:01:17 -05:00
|
|
|
if (errorResult != null) {
|
|
|
|
|
return errorResult;
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-23 09:27:25 -04:00
|
|
|
String accName = getAccountName(data);
|
2014-03-25 14:11:20 -04:00
|
|
|
final AccountSettings accSettings = getAccSettings(accName);
|
2014-03-25 18:09:57 -04:00
|
|
|
if (accSettings == null) {
|
|
|
|
|
return getCreateAccountIntent(data, accName);
|
|
|
|
|
}
|
2013-06-17 09:52:09 -04:00
|
|
|
|
2014-03-01 19:20:06 -05:00
|
|
|
String action = data.getAction();
|
2015-01-08 08:48:13 -05:00
|
|
|
if (OpenPgpApi.ACTION_CLEARTEXT_SIGN.equals(action)) {
|
|
|
|
|
return signImpl(data, input, output, accSettings, true);
|
|
|
|
|
} else if (OpenPgpApi.ACTION_SIGN.equals(action)) {
|
|
|
|
|
// DEPRECATED: same as ACTION_CLEARTEXT_SIGN
|
2015-01-26 11:33:40 -05:00
|
|
|
Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!");
|
2015-01-08 08:48:13 -05:00
|
|
|
return signImpl(data, input, output, accSettings, true);
|
|
|
|
|
} else if (OpenPgpApi.ACTION_DETACHED_SIGN.equals(action)) {
|
|
|
|
|
return signImpl(data, input, output, accSettings, false);
|
2014-03-01 19:20:06 -05:00
|
|
|
} else if (OpenPgpApi.ACTION_ENCRYPT.equals(action)) {
|
2014-03-25 14:11:20 -04:00
|
|
|
return encryptAndSignImpl(data, input, output, accSettings, false);
|
2014-03-06 08:02:21 -05:00
|
|
|
} else if (OpenPgpApi.ACTION_SIGN_AND_ENCRYPT.equals(action)) {
|
2014-03-25 14:11:20 -04:00
|
|
|
return encryptAndSignImpl(data, input, output, accSettings, true);
|
2014-03-01 19:20:06 -05:00
|
|
|
} else if (OpenPgpApi.ACTION_DECRYPT_VERIFY.equals(action)) {
|
2014-04-01 12:44:36 -04:00
|
|
|
String currentPkg = getCurrentCallingPackage();
|
|
|
|
|
Set<Long> allowedKeyIds =
|
2014-04-11 11:45:52 -04:00
|
|
|
mProviderHelper.getAllKeyIdsForApp(
|
|
|
|
|
ApiAccounts.buildBaseUri(currentPkg));
|
2014-08-11 11:29:41 -04:00
|
|
|
return decryptAndVerifyImpl(data, input, output, allowedKeyIds, false);
|
|
|
|
|
} else if (OpenPgpApi.ACTION_DECRYPT_METADATA.equals(action)) {
|
|
|
|
|
String currentPkg = getCurrentCallingPackage();
|
|
|
|
|
Set<Long> allowedKeyIds =
|
|
|
|
|
mProviderHelper.getAllKeyIdsForApp(
|
|
|
|
|
ApiAccounts.buildBaseUri(currentPkg));
|
|
|
|
|
return decryptAndVerifyImpl(data, input, output, allowedKeyIds, true);
|
2014-03-07 05:24:53 -05:00
|
|
|
} else if (OpenPgpApi.ACTION_GET_KEY.equals(action)) {
|
|
|
|
|
return getKeyImpl(data);
|
2014-03-01 19:20:06 -05:00
|
|
|
} else if (OpenPgpApi.ACTION_GET_KEY_IDS.equals(action)) {
|
|
|
|
|
return getKeyIdsImpl(data);
|
|
|
|
|
} else {
|
|
|
|
|
return null;
|
2014-02-14 19:06:03 -05:00
|
|
|
}
|
2013-10-02 13:08:33 -04:00
|
|
|
}
|
|
|
|
|
|
2013-06-17 09:52:09 -04:00
|
|
|
};
|
|
|
|
|
|
2013-09-16 07:08:02 -04:00
|
|
|
@Override
|
|
|
|
|
public IBinder onBind(Intent intent) {
|
|
|
|
|
return mBinder;
|
|
|
|
|
}
|
|
|
|
|
|
2013-05-28 09:10:36 -04:00
|
|
|
}
|
