mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-27 19:22:14 -05:00
import-log: distinguish master/subkeys, distinguish redundant/bad certs, more docs
This commit is contained in:
parent
21e9d0b7b4
commit
109bea7542
@ -185,7 +185,12 @@ public class UncachedKeyRing {
|
|||||||
* - Remove all non-verifying self-certificates
|
* - Remove all non-verifying self-certificates
|
||||||
* - Remove all "future" self-certificates
|
* - Remove all "future" self-certificates
|
||||||
* - Remove all certificates flagged as "local"
|
* - Remove all certificates flagged as "local"
|
||||||
* - Remove all certificates which are superseded by a newer one on the same target
|
* - Remove all certificates which are superseded by a newer one on the same target,
|
||||||
|
* including revocations with later re-certifications.
|
||||||
|
* - Remove all certificates of unknown type:
|
||||||
|
* - key revocation signatures on the master key
|
||||||
|
* - subkey binding signatures for subkeys
|
||||||
|
* - certifications and certification revocations for user ids
|
||||||
*
|
*
|
||||||
* After this cleaning, a number of checks are done: TODO implement
|
* After this cleaning, a number of checks are done: TODO implement
|
||||||
* - See if each subkey retains a valid self certificate
|
* - See if each subkey retains a valid self certificate
|
||||||
@ -208,7 +213,7 @@ public class UncachedKeyRing {
|
|||||||
|
|
||||||
final Date now = new Date();
|
final Date now = new Date();
|
||||||
|
|
||||||
int removedCerts = 0;
|
int redundantCerts = 0, badCerts = 0;
|
||||||
|
|
||||||
PGPPublicKeyRing ring = (PGPPublicKeyRing) mRing;
|
PGPPublicKeyRing ring = (PGPPublicKeyRing) mRing;
|
||||||
PGPPublicKey masterKey = mRing.getPublicKey();
|
PGPPublicKey masterKey = mRing.getPublicKey();
|
||||||
@ -240,7 +245,7 @@ public class UncachedKeyRing {
|
|||||||
"0x" + Integer.toString(type, 16)
|
"0x" + Integer.toString(type, 16)
|
||||||
}, indent);
|
}, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -248,7 +253,7 @@ public class UncachedKeyRing {
|
|||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -256,7 +261,7 @@ public class UncachedKeyRing {
|
|||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -265,13 +270,13 @@ public class UncachedKeyRing {
|
|||||||
if (!cert.verifySignature(masterKey)) {
|
if (!cert.verifySignature(masterKey)) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
} catch (PgpGeneralException e) {
|
} catch (PgpGeneralException e) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_ERR, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_ERR, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -281,12 +286,12 @@ public class UncachedKeyRing {
|
|||||||
// more revocations? at least one is superfluous, then.
|
// more revocations? at least one is superfluous, then.
|
||||||
} else if (revocation.getCreationTime().before(zert.getCreationTime())) {
|
} else if (revocation.getCreationTime().before(zert.getCreationTime())) {
|
||||||
modified = PGPPublicKey.removeCertification(modified, revocation);
|
modified = PGPPublicKey.removeCertification(modified, revocation);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent);
|
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent);
|
||||||
revocation = zert;
|
revocation = zert;
|
||||||
} else {
|
} else {
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent);
|
log.add(LogLevel.INFO, LogType.MSG_KC_REVOKE_DUP, null, indent);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -312,14 +317,14 @@ public class UncachedKeyRing {
|
|||||||
"0x" + Integer.toString(zert.getSignatureType(), 16)
|
"0x" + Integer.toString(zert.getSignatureType(), 16)
|
||||||
}, indent);
|
}, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cert.getCreationTime().after(now)) {
|
if (cert.getCreationTime().after(now)) {
|
||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -327,7 +332,7 @@ public class UncachedKeyRing {
|
|||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, null, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, zert);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -343,14 +348,14 @@ public class UncachedKeyRing {
|
|||||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD,
|
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
} catch (PgpGeneralException e) {
|
} catch (PgpGeneralException e) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_ERR,
|
log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_ERR,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -363,13 +368,13 @@ public class UncachedKeyRing {
|
|||||||
selfCert = zert;
|
selfCert = zert;
|
||||||
} else if (selfCert.getCreationTime().before(cert.getCreationTime())) {
|
} else if (selfCert.getCreationTime().before(cert.getCreationTime())) {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, selfCert);
|
modified = PGPPublicKey.removeCertification(modified, userId, selfCert);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
selfCert = zert;
|
selfCert = zert;
|
||||||
} else {
|
} else {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_DUP,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
}
|
}
|
||||||
@ -378,7 +383,7 @@ public class UncachedKeyRing {
|
|||||||
&& revocation.getCreationTime().before(selfCert.getCreationTime())) {
|
&& revocation.getCreationTime().before(selfCert.getCreationTime())) {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, revocation);
|
modified = PGPPublicKey.removeCertification(modified, userId, revocation);
|
||||||
revocation = null;
|
revocation = null;
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
}
|
}
|
||||||
@ -388,7 +393,7 @@ public class UncachedKeyRing {
|
|||||||
// If this is older than the (latest) self cert, drop it
|
// If this is older than the (latest) self cert, drop it
|
||||||
if (selfCert != null && selfCert.getCreationTime().after(zert.getCreationTime())) {
|
if (selfCert != null && selfCert.getCreationTime().after(zert.getCreationTime())) {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_OLD,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
continue;
|
continue;
|
||||||
@ -399,13 +404,13 @@ public class UncachedKeyRing {
|
|||||||
// more revocations? at least one is superfluous, then.
|
// more revocations? at least one is superfluous, then.
|
||||||
} else if (revocation.getCreationTime().before(cert.getCreationTime())) {
|
} else if (revocation.getCreationTime().before(cert.getCreationTime())) {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, revocation);
|
modified = PGPPublicKey.removeCertification(modified, userId, revocation);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
revocation = zert;
|
revocation = zert;
|
||||||
} else {
|
} else {
|
||||||
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
modified = PGPPublicKey.removeCertification(modified, userId, zert);
|
||||||
removedCerts += 1;
|
redundantCerts += 1;
|
||||||
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP,
|
log.add(LogLevel.INFO, LogType.MSG_KC_UID_REVOKE_DUP,
|
||||||
new String[] { userId }, indent);
|
new String[] { userId }, indent);
|
||||||
}
|
}
|
||||||
@ -418,8 +423,6 @@ public class UncachedKeyRing {
|
|||||||
|
|
||||||
// Replace modified key in the keyring
|
// Replace modified key in the keyring
|
||||||
ring = PGPPublicKeyRing.insertPublicKey(ring, modified);
|
ring = PGPPublicKeyRing.insertPublicKey(ring, modified);
|
||||||
|
|
||||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_MASTER_SUCCESS, null, indent);
|
|
||||||
indent -= 1;
|
indent -= 1;
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -437,18 +440,17 @@ public class UncachedKeyRing {
|
|||||||
// certificate.
|
// certificate.
|
||||||
PGPPublicKey modified = key;
|
PGPPublicKey modified = key;
|
||||||
PGPSignature selfCert = null, revocation = null;
|
PGPSignature selfCert = null, revocation = null;
|
||||||
uids: for (PGPSignature zig : new IterableIterator<PGPSignature>(key.getSignatures())) {
|
uids: for (PGPSignature zert : new IterableIterator<PGPSignature>(key.getSignatures())) {
|
||||||
// remove from keyring (for now)
|
// remove from keyring (for now)
|
||||||
modified = PGPPublicKey.removeCertification(modified, zig);
|
modified = PGPPublicKey.removeCertification(modified, zert);
|
||||||
// add this too, easier than adding it for every single "continue" case
|
|
||||||
removedCerts += 1;
|
|
||||||
|
|
||||||
WrappedSignature cert = new WrappedSignature(zig);
|
WrappedSignature cert = new WrappedSignature(zert);
|
||||||
int type = cert.getSignatureType();
|
int type = cert.getSignatureType();
|
||||||
|
|
||||||
// filter out bad key types...
|
// filter out bad key types...
|
||||||
if (cert.getKeyId() != masterKey.getKeyID()) {
|
if (cert.getKeyId() != masterKey.getKeyID()) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_KEYID, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_KEYID, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -456,18 +458,21 @@ public class UncachedKeyRing {
|
|||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TYPE, new String[]{
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TYPE, new String[]{
|
||||||
"0x" + Integer.toString(type, 16)
|
"0x" + Integer.toString(type, 16)
|
||||||
}, indent);
|
}, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cert.getCreationTime().after(now)) {
|
if (cert.getCreationTime().after(now)) {
|
||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TIME, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_TIME, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cert.isLocal()) {
|
if (cert.isLocal()) {
|
||||||
// Creation date in the future? No way!
|
// Creation date in the future? No way!
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_LOCAL, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_LOCAL, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -478,20 +483,22 @@ public class UncachedKeyRing {
|
|||||||
cert.init(masterKey);
|
cert.init(masterKey);
|
||||||
if (!cert.verifySignature(masterKey, key)) {
|
if (!cert.verifySignature(masterKey, key)) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
} catch (PgpGeneralException e) {
|
} catch (PgpGeneralException e) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_ERR, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_BAD_ERR, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (zig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) {
|
if (zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) {
|
||||||
int flags = ((KeyFlags) zig.getHashedSubPackets()
|
int flags = ((KeyFlags) zert.getHashedSubPackets()
|
||||||
.getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
|
.getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
|
||||||
// If this subkey is allowed to sign data,
|
// If this subkey is allowed to sign data,
|
||||||
if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
|
if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
|
||||||
try {
|
try {
|
||||||
PGPSignatureList list = zig.getUnhashedSubPackets().getEmbeddedSignatures();
|
PGPSignatureList list = zert.getUnhashedSubPackets().getEmbeddedSignatures();
|
||||||
boolean ok = false;
|
boolean ok = false;
|
||||||
for (int i = 0; i < list.size(); i++) {
|
for (int i = 0; i < list.size(); i++) {
|
||||||
WrappedSignature subsig = new WrappedSignature(list.get(i));
|
WrappedSignature subsig = new WrappedSignature(list.get(i));
|
||||||
@ -501,16 +508,19 @@ public class UncachedKeyRing {
|
|||||||
ok = true;
|
ok = true;
|
||||||
} else {
|
} else {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue uids;
|
continue uids;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!ok) {
|
if (!ok) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -518,10 +528,11 @@ public class UncachedKeyRing {
|
|||||||
|
|
||||||
// if we already have a cert, and this one is not newer: skip it
|
// if we already have a cert, and this one is not newer: skip it
|
||||||
if (selfCert != null && selfCert.getCreationTime().before(cert.getCreationTime())) {
|
if (selfCert != null && selfCert.getCreationTime().before(cert.getCreationTime())) {
|
||||||
|
redundantCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
selfCert = zig;
|
selfCert = zert;
|
||||||
// if this is newer than a possibly existing revocation, drop that one
|
// if this is newer than a possibly existing revocation, drop that one
|
||||||
if (revocation != null && selfCert.getCreationTime().after(revocation.getCreationTime())) {
|
if (revocation != null && selfCert.getCreationTime().after(revocation.getCreationTime())) {
|
||||||
revocation = null;
|
revocation = null;
|
||||||
@ -535,17 +546,22 @@ public class UncachedKeyRing {
|
|||||||
cert.init(masterKey);
|
cert.init(masterKey);
|
||||||
if (!cert.verifySignature(key)) {
|
if (!cert.verifySignature(key)) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
} catch (PgpGeneralException e) {
|
} catch (PgpGeneralException e) {
|
||||||
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD_ERR, null, indent);
|
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD_ERR, null, indent);
|
||||||
|
badCerts += 1;
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
// if there is no binding (yet), or the revocation is newer than the binding: keep it
|
// if there is no binding (yet), or the revocation is newer than the binding: keep it
|
||||||
if (selfCert == null || selfCert.getCreationTime().before(cert.getCreationTime())) {
|
if (selfCert != null && selfCert.getCreationTime().after(cert.getCreationTime())) {
|
||||||
revocation = zig;
|
redundantCerts += 1;
|
||||||
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
revocation = zert;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -561,22 +577,25 @@ public class UncachedKeyRing {
|
|||||||
|
|
||||||
// re-add certification
|
// re-add certification
|
||||||
modified = PGPPublicKey.addCertification(modified, selfCert);
|
modified = PGPPublicKey.addCertification(modified, selfCert);
|
||||||
removedCerts -= 1;
|
|
||||||
// add revocation, if any
|
// add revocation, if any
|
||||||
if (revocation != null) {
|
if (revocation != null) {
|
||||||
modified = PGPPublicKey.addCertification(modified, revocation);
|
modified = PGPPublicKey.addCertification(modified, revocation);
|
||||||
removedCerts -= 1;
|
|
||||||
}
|
}
|
||||||
// replace pubkey in keyring
|
// replace pubkey in keyring
|
||||||
ring = PGPPublicKeyRing.insertPublicKey(ring, modified);
|
ring = PGPPublicKeyRing.insertPublicKey(ring, modified);
|
||||||
|
|
||||||
log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_SUCCESS, null, indent);
|
|
||||||
indent -= 1;
|
indent -= 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (removedCerts > 0) {
|
if (badCerts > 0 && redundantCerts > 0) {
|
||||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_REMOVED,
|
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD_AND_RED,
|
||||||
new String[] { Integer.toString(removedCerts) }, indent);
|
new String[] { Integer.toString(badCerts),
|
||||||
|
Integer.toString(redundantCerts) }, indent);
|
||||||
|
} else if (badCerts > 0) {
|
||||||
|
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_BAD,
|
||||||
|
new String[] { Integer.toString(badCerts) }, indent);
|
||||||
|
} else if (redundantCerts > 0) {
|
||||||
|
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS_REDUNDANT,
|
||||||
|
new String[] { Integer.toString(redundantCerts) }, indent);
|
||||||
} else {
|
} else {
|
||||||
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS, null, indent);
|
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS, null, indent);
|
||||||
}
|
}
|
||||||
|
@ -302,7 +302,6 @@ public class ProviderHelper {
|
|||||||
|
|
||||||
log(LogLevel.INFO, LogType.MSG_IP_INSERT_KEYRING);
|
log(LogLevel.INFO, LogType.MSG_IP_INSERT_KEYRING);
|
||||||
{ // insert keyring
|
{ // insert keyring
|
||||||
// insert new version of this keyRing
|
|
||||||
ContentValues values = new ContentValues();
|
ContentValues values = new ContentValues();
|
||||||
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
||||||
try {
|
try {
|
||||||
@ -322,8 +321,9 @@ public class ProviderHelper {
|
|||||||
Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId));
|
Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId));
|
||||||
int rank = 0;
|
int rank = 0;
|
||||||
for (UncachedPublicKey key : new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
|
for (UncachedPublicKey key : new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY, new String[]{
|
long keyId = key.getKeyId();
|
||||||
PgpKeyHelper.convertKeyIdToHex(key.getKeyId())
|
log(LogLevel.DEBUG, keyId == masterKeyId ? LogType.MSG_IP_MASTER : LogType.MSG_IP_SUBKEY, new String[]{
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(keyId)
|
||||||
});
|
});
|
||||||
mIndent += 1;
|
mIndent += 1;
|
||||||
|
|
||||||
@ -341,21 +341,41 @@ public class ProviderHelper {
|
|||||||
values.put(Keys.CAN_ENCRYPT, e);
|
values.put(Keys.CAN_ENCRYPT, e);
|
||||||
values.put(Keys.CAN_SIGN, s);
|
values.put(Keys.CAN_SIGN, s);
|
||||||
values.put(Keys.IS_REVOKED, key.isRevoked());
|
values.put(Keys.IS_REVOKED, key.isRevoked());
|
||||||
if (c) {
|
if (masterKeyId == keyId) {
|
||||||
if (e) {
|
if (c) {
|
||||||
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CES
|
if (e) {
|
||||||
: LogType.MSG_IP_SUBKEY_FLAGS_CEX, null);
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_CES
|
||||||
|
: LogType.MSG_IP_MASTER_FLAGS_CEX, null);
|
||||||
|
} else {
|
||||||
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_CXS
|
||||||
|
: LogType.MSG_IP_MASTER_FLAGS_CXX, null);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CXS
|
if (e) {
|
||||||
: LogType.MSG_IP_SUBKEY_FLAGS_CXX, null);
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_XES
|
||||||
|
: LogType.MSG_IP_MASTER_FLAGS_XEX, null);
|
||||||
|
} else {
|
||||||
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_MASTER_FLAGS_XXS
|
||||||
|
: LogType.MSG_IP_MASTER_FLAGS_XXX, null);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (e) {
|
if (c) {
|
||||||
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XES
|
if (e) {
|
||||||
: LogType.MSG_IP_SUBKEY_FLAGS_XEX, null);
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CES
|
||||||
|
: LogType.MSG_IP_SUBKEY_FLAGS_CEX, null);
|
||||||
|
} else {
|
||||||
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_CXS
|
||||||
|
: LogType.MSG_IP_SUBKEY_FLAGS_CXX, null);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XXS
|
if (e) {
|
||||||
: LogType.MSG_IP_SUBKEY_FLAGS_XXX, null);
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XES
|
||||||
|
: LogType.MSG_IP_SUBKEY_FLAGS_XEX, null);
|
||||||
|
} else {
|
||||||
|
log(LogLevel.DEBUG, s ? LogType.MSG_IP_SUBKEY_FLAGS_XXS
|
||||||
|
: LogType.MSG_IP_SUBKEY_FLAGS_XXX, null);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -365,13 +385,13 @@ public class ProviderHelper {
|
|||||||
if (expiryDate != null) {
|
if (expiryDate != null) {
|
||||||
values.put(Keys.EXPIRY, expiryDate.getTime() / 1000);
|
values.put(Keys.EXPIRY, expiryDate.getTime() / 1000);
|
||||||
if (key.isExpired()) {
|
if (key.isExpired()) {
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY_EXPIRED, new String[]{
|
log(LogLevel.DEBUG, keyId == masterKeyId ?
|
||||||
expiryDate.toString()
|
LogType.MSG_IP_MASTER_EXPIRED : LogType.MSG_IP_SUBKEY_EXPIRED,
|
||||||
});
|
new String[]{ expiryDate.toString() });
|
||||||
} else {
|
} else {
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_SUBKEY_EXPIRES, new String[]{
|
log(LogLevel.DEBUG, keyId == masterKeyId ?
|
||||||
expiryDate.toString()
|
LogType.MSG_IP_MASTER_EXPIRES : LogType.MSG_IP_SUBKEY_EXPIRES,
|
||||||
});
|
new String[] { expiryDate.toString() });
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -415,10 +435,9 @@ public class ProviderHelper {
|
|||||||
if (!cert.isRevocation()) {
|
if (!cert.isRevocation()) {
|
||||||
item.selfCert = cert;
|
item.selfCert = cert;
|
||||||
item.isPrimary = cert.isPrimaryUserId();
|
item.isPrimary = cert.isPrimaryUserId();
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_UID_SELF_GOOD);
|
|
||||||
} else {
|
} else {
|
||||||
item.isRevoked = true;
|
item.isRevoked = true;
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_UID_REVOKED);
|
log(LogLevel.INFO, LogType.MSG_IP_UID_REVOKED);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -479,7 +498,6 @@ public class ProviderHelper {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
log(LogLevel.DEBUG, LogType.MSG_IP_PREPARE_SUCCESS);
|
|
||||||
mIndent -= 1;
|
mIndent -= 1;
|
||||||
|
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
|
@ -16,6 +16,7 @@ import java.util.ArrayList;
|
|||||||
* list (ie, enum) of all possible log types, which should in all cases be tied
|
* list (ie, enum) of all possible log types, which should in all cases be tied
|
||||||
* to string resource ids.
|
* to string resource ids.
|
||||||
*
|
*
|
||||||
|
*
|
||||||
*/
|
*/
|
||||||
public class OperationResultParcel implements Parcelable {
|
public class OperationResultParcel implements Parcelable {
|
||||||
/** Holds the overall result, the number specifying varying degrees of success. The first bit
|
/** Holds the overall result, the number specifying varying degrees of success. The first bit
|
||||||
@ -101,6 +102,23 @@ public class OperationResultParcel implements Parcelable {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** This is an enum of all possible log events.
|
||||||
|
*
|
||||||
|
* Element names should generally be prefixed with MSG_XX_ where XX is an
|
||||||
|
* identifier based on the related activity.
|
||||||
|
*
|
||||||
|
* Log messages should occur for each distinguishable action group. For
|
||||||
|
* each such group, one message is displayed followed by warnings or
|
||||||
|
* errors, and optionally subactions. The granularity should generally be
|
||||||
|
* optimistic: No "success" messages are printed except for the outermost
|
||||||
|
* operations - the success of an action group is indicated by the
|
||||||
|
* beginning message of the next action group.
|
||||||
|
*
|
||||||
|
* Log messages should be in present tense, There should be no trailing
|
||||||
|
* punctuation, except for error messages which may end in an exclamation
|
||||||
|
* mark.
|
||||||
|
*
|
||||||
|
*/
|
||||||
public static enum LogType {
|
public static enum LogType {
|
||||||
|
|
||||||
// import public
|
// import public
|
||||||
@ -114,15 +132,24 @@ public class OperationResultParcel implements Parcelable {
|
|||||||
MSG_IP_FAIL_OP_EX (R.string.msg_ip_fail_op_ex),
|
MSG_IP_FAIL_OP_EX (R.string.msg_ip_fail_op_ex),
|
||||||
MSG_IP_FAIL_REMOTE_EX (R.string.msg_ip_fail_remote_ex),
|
MSG_IP_FAIL_REMOTE_EX (R.string.msg_ip_fail_remote_ex),
|
||||||
MSG_IP_INSERT_KEYRING (R.string.msg_ip_insert_keyring),
|
MSG_IP_INSERT_KEYRING (R.string.msg_ip_insert_keyring),
|
||||||
MSG_IP_INSERT_SUBKEYS (R.string.msg_ip_insert_subkeys),
|
MSG_IP_INSERT_SUBKEYS (R.string.msg_ip_insert_keys),
|
||||||
MSG_IP_PREPARE (R.string.msg_ip_prepare),
|
MSG_IP_PREPARE (R.string.msg_ip_prepare),
|
||||||
MSG_IP_PREPARE_SUCCESS(R.string.msg_ip_prepare_success),
|
|
||||||
MSG_IP_PRESERVING_SECRET (R.string.msg_ip_preserving_secret),
|
MSG_IP_PRESERVING_SECRET (R.string.msg_ip_preserving_secret),
|
||||||
MSG_IP_REINSERT_SECRET (R.string.msg_ip_reinsert_secret),
|
MSG_IP_REINSERT_SECRET (R.string.msg_ip_reinsert_secret),
|
||||||
|
MSG_IP_MASTER (R.string.msg_ip_master),
|
||||||
|
MSG_IP_MASTER_EXPIRED (R.string.msg_ip_master_expired),
|
||||||
|
MSG_IP_MASTER_EXPIRES (R.string.msg_ip_master_expires),
|
||||||
|
MSG_IP_MASTER_FLAGS_CES (R.string.msg_ip_master_flags_ces),
|
||||||
|
MSG_IP_MASTER_FLAGS_CEX (R.string.msg_ip_master_flags_cex),
|
||||||
|
MSG_IP_MASTER_FLAGS_CXS (R.string.msg_ip_master_flags_cxs),
|
||||||
|
MSG_IP_MASTER_FLAGS_XES (R.string.msg_ip_master_flags_xes),
|
||||||
|
MSG_IP_MASTER_FLAGS_CXX (R.string.msg_ip_master_flags_cxx),
|
||||||
|
MSG_IP_MASTER_FLAGS_XEX (R.string.msg_ip_master_flags_xex),
|
||||||
|
MSG_IP_MASTER_FLAGS_XXS (R.string.msg_ip_master_flags_xxs),
|
||||||
|
MSG_IP_MASTER_FLAGS_XXX (R.string.msg_ip_master_flags_xxx),
|
||||||
MSG_IP_SUBKEY (R.string.msg_ip_subkey),
|
MSG_IP_SUBKEY (R.string.msg_ip_subkey),
|
||||||
MSG_IP_SUBKEY_EXPIRED (R.string.msg_ip_subkey_expired),
|
MSG_IP_SUBKEY_EXPIRED (R.string.msg_ip_subkey_expired),
|
||||||
MSG_IP_SUBKEY_EXPIRES (R.string.msg_ip_subkey_expires),
|
MSG_IP_SUBKEY_EXPIRES (R.string.msg_ip_subkey_expires),
|
||||||
MSG_IP_SUBKEY_FLAGS (R.string.msg_ip_subkey_flags),
|
|
||||||
MSG_IP_SUBKEY_FLAGS_CES (R.string.msg_ip_subkey_flags_ces),
|
MSG_IP_SUBKEY_FLAGS_CES (R.string.msg_ip_subkey_flags_ces),
|
||||||
MSG_IP_SUBKEY_FLAGS_CEX (R.string.msg_ip_subkey_flags_cex),
|
MSG_IP_SUBKEY_FLAGS_CEX (R.string.msg_ip_subkey_flags_cex),
|
||||||
MSG_IP_SUBKEY_FLAGS_CXS (R.string.msg_ip_subkey_flags_cxs),
|
MSG_IP_SUBKEY_FLAGS_CXS (R.string.msg_ip_subkey_flags_cxs),
|
||||||
@ -140,7 +167,6 @@ public class OperationResultParcel implements Parcelable {
|
|||||||
MSG_IP_UID_REORDER(R.string.msg_ip_uid_reorder),
|
MSG_IP_UID_REORDER(R.string.msg_ip_uid_reorder),
|
||||||
MSG_IP_UID_PROCESSING (R.string.msg_ip_uid_processing),
|
MSG_IP_UID_PROCESSING (R.string.msg_ip_uid_processing),
|
||||||
MSG_IP_UID_REVOKED (R.string.msg_ip_uid_revoked),
|
MSG_IP_UID_REVOKED (R.string.msg_ip_uid_revoked),
|
||||||
MSG_IP_UID_SELF_GOOD (R.string.msg_ip_uid_self_good),
|
|
||||||
|
|
||||||
// import secret
|
// import secret
|
||||||
MSG_IS(R.string.msg_is),
|
MSG_IS(R.string.msg_is),
|
||||||
@ -155,7 +181,6 @@ public class OperationResultParcel implements Parcelable {
|
|||||||
// keyring canonicalization
|
// keyring canonicalization
|
||||||
MSG_KC (R.string.msg_kc),
|
MSG_KC (R.string.msg_kc),
|
||||||
MSG_KC_MASTER (R.string.msg_kc_master),
|
MSG_KC_MASTER (R.string.msg_kc_master),
|
||||||
MSG_KC_MASTER_SUCCESS (R.string.msg_kc_master_success),
|
|
||||||
MSG_KC_REVOKE_BAD_ERR (R.string.msg_kc_revoke_bad_err),
|
MSG_KC_REVOKE_BAD_ERR (R.string.msg_kc_revoke_bad_err),
|
||||||
MSG_KC_REVOKE_BAD_LOCAL (R.string.msg_kc_revoke_bad_local),
|
MSG_KC_REVOKE_BAD_LOCAL (R.string.msg_kc_revoke_bad_local),
|
||||||
MSG_KC_REVOKE_BAD_TIME (R.string.msg_kc_revoke_bad_time),
|
MSG_KC_REVOKE_BAD_TIME (R.string.msg_kc_revoke_bad_time),
|
||||||
@ -176,8 +201,9 @@ public class OperationResultParcel implements Parcelable {
|
|||||||
MSG_KC_SUB_REVOKE_BAD_ERR (R.string.msg_kc_sub_revoke_bad_err),
|
MSG_KC_SUB_REVOKE_BAD_ERR (R.string.msg_kc_sub_revoke_bad_err),
|
||||||
MSG_KC_SUB_REVOKE_BAD (R.string.msg_kc_sub_revoke_bad),
|
MSG_KC_SUB_REVOKE_BAD (R.string.msg_kc_sub_revoke_bad),
|
||||||
MSG_KC_SUB_REVOKE_DUP (R.string.msg_kc_sub_revoke_dup),
|
MSG_KC_SUB_REVOKE_DUP (R.string.msg_kc_sub_revoke_dup),
|
||||||
MSG_KC_SUB_SUCCESS (R.string.msg_kc_sub_success),
|
MSG_KC_SUCCESS_BAD (R.string.msg_kc_success_bad),
|
||||||
MSG_KC_SUCCESS_REMOVED (R.string.msg_kc_success_removed),
|
MSG_KC_SUCCESS_BAD_AND_RED (R.string.msg_kc_success_bad_and_red),
|
||||||
|
MSG_KC_SUCCESS_REDUNDANT (R.string.msg_kc_success_redundant),
|
||||||
MSG_KC_SUCCESS (R.string.msg_kc_success),
|
MSG_KC_SUCCESS (R.string.msg_kc_success),
|
||||||
MSG_KC_UID_BAD_ERR (R.string.msg_kc_uid_bad_err),
|
MSG_KC_UID_BAD_ERR (R.string.msg_kc_uid_bad_err),
|
||||||
MSG_KC_UID_BAD_LOCAL (R.string.msg_kc_uid_bad_local),
|
MSG_KC_UID_BAD_LOCAL (R.string.msg_kc_uid_bad_local),
|
||||||
|
@ -516,14 +516,23 @@
|
|||||||
<string name="msg_ip_fail_remote_ex">Operation failed due to internal error</string>
|
<string name="msg_ip_fail_remote_ex">Operation failed due to internal error</string>
|
||||||
<string name="msg_ip">Importing public keyring %s</string>
|
<string name="msg_ip">Importing public keyring %s</string>
|
||||||
<string name="msg_ip_insert_keyring">Encoding keyring data</string>
|
<string name="msg_ip_insert_keyring">Encoding keyring data</string>
|
||||||
<string name="msg_ip_insert_subkeys">Evaluating subkeys</string>
|
<string name="msg_ip_insert_keys">Parsing keys</string>
|
||||||
<string name="msg_ip_prepare">Preparing database operations</string>
|
<string name="msg_ip_prepare">Preparing database operations</string>
|
||||||
<string name="msg_ip_prepare_success">OK</string>
|
|
||||||
<string name="msg_ip_preserving_secret">Preserving available secret key</string>
|
<string name="msg_ip_preserving_secret">Preserving available secret key</string>
|
||||||
|
<string name="msg_ip_master">Processing master key %s</string>
|
||||||
|
<string name="msg_ip_master_expired">Keyring expired on %s</string>
|
||||||
|
<string name="msg_ip_master_expires">Keyring expires on %s</string>
|
||||||
|
<string name="msg_ip_master_flags_ces">Master key flags: certify, encrypt, sign</string>
|
||||||
|
<string name="msg_ip_master_flags_cex">Master key flags: certify, encrypt</string>
|
||||||
|
<string name="msg_ip_master_flags_cxs">Master key flags: certify, sign</string>
|
||||||
|
<string name="msg_ip_master_flags_xes">Master key flags: encrypt, sign</string>
|
||||||
|
<string name="msg_ip_master_flags_cxx">Master key flags: certify</string>
|
||||||
|
<string name="msg_ip_master_flags_xex">Master key flags: encrypt</string>
|
||||||
|
<string name="msg_ip_master_flags_xxs">Master key flags: sign</string>
|
||||||
|
<string name="msg_ip_master_flags_xxx">Master key flags: none</string>
|
||||||
<string name="msg_ip_subkey">Processing subkey %s</string>
|
<string name="msg_ip_subkey">Processing subkey %s</string>
|
||||||
<string name="msg_ip_subkey_expired">Subkey expired on %s</string>
|
<string name="msg_ip_subkey_expired">Subkey expired on %s</string>
|
||||||
<string name="msg_ip_subkey_expires">Subkey expires on %s</string>
|
<string name="msg_ip_subkey_expires">Subkey expires on %s</string>
|
||||||
<string name="msg_ip_subkey_flags">Subkey flags: %s</string>
|
|
||||||
<string name="msg_ip_subkey_flags_ces">Subkey flags: certify, encrypt, sign</string>
|
<string name="msg_ip_subkey_flags_ces">Subkey flags: certify, encrypt, sign</string>
|
||||||
<string name="msg_ip_subkey_flags_cex">Subkey flags: certify, encrypt</string>
|
<string name="msg_ip_subkey_flags_cex">Subkey flags: certify, encrypt</string>
|
||||||
<string name="msg_ip_subkey_flags_cxs">Subkey flags: certify, sign</string>
|
<string name="msg_ip_subkey_flags_cxs">Subkey flags: certify, sign</string>
|
||||||
@ -536,13 +545,12 @@
|
|||||||
<string name="msg_ip_reinsert_secret">Re-inserting secret key</string>
|
<string name="msg_ip_reinsert_secret">Re-inserting secret key</string>
|
||||||
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
|
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
|
||||||
<string name="msg_ip_uid_cert_error">Error processing certificate!</string>
|
<string name="msg_ip_uid_cert_error">Error processing certificate!</string>
|
||||||
<string name="msg_ip_uid_cert_good">Found good certificate from %1$s (%2$s)</string>
|
<string name="msg_ip_uid_cert_good">User id is certified by %1$s (%2$s)</string>
|
||||||
<string name="msg_ip_uid_certs_unknown">Ignoring %s certificates from unknown pubkeys</string>
|
<string name="msg_ip_uid_certs_unknown">Ignoring %s certificates from unknown pubkeys</string>
|
||||||
<string name="msg_ip_uid_classifying">Classifying user ids, using %s trusted signatures</string>
|
<string name="msg_ip_uid_classifying">Classifying user ids, using %s trusted signatures</string>
|
||||||
<string name="msg_ip_uid_reorder">Re-ordering user ids</string>
|
<string name="msg_ip_uid_reorder">Re-ordering user ids</string>
|
||||||
<string name="msg_ip_uid_processing">Processing user id %s</string>
|
<string name="msg_ip_uid_processing">Processing user id %s</string>
|
||||||
<string name="msg_ip_uid_revoked">Found uid revocation certificate</string>
|
<string name="msg_ip_uid_revoked">User id is revoked</string>
|
||||||
<string name="msg_ip_uid_self_good">Found good self certificate</string>
|
|
||||||
<string name="msg_is_bad_type_public">Tried to import public keyring as secret. This is a bug, please file a report!</string>
|
<string name="msg_is_bad_type_public">Tried to import public keyring as secret. This is a bug, please file a report!</string>
|
||||||
|
|
||||||
<!-- Import Secret log entries -->
|
<!-- Import Secret log entries -->
|
||||||
@ -557,7 +565,6 @@
|
|||||||
<!-- Keyring Canonicalization log entries -->
|
<!-- Keyring Canonicalization log entries -->
|
||||||
<string name="msg_kc">Canonicalizing keyring %s</string>
|
<string name="msg_kc">Canonicalizing keyring %s</string>
|
||||||
<string name="msg_kc_master">Processing master key</string>
|
<string name="msg_kc_master">Processing master key</string>
|
||||||
<string name="msg_kc_master_success">OK</string>
|
|
||||||
<string name="msg_kc_revoke_bad_err">Removing bad keyring revocation certificate</string>
|
<string name="msg_kc_revoke_bad_err">Removing bad keyring revocation certificate</string>
|
||||||
<string name="msg_kc_revoke_bad_local">Removing keyring revocation certificate with "local" flag</string>
|
<string name="msg_kc_revoke_bad_local">Removing keyring revocation certificate with "local" flag</string>
|
||||||
<string name="msg_kc_revoke_bad_time">Removing keyring revocation certificate with future timestamp</string>
|
<string name="msg_kc_revoke_bad_time">Removing keyring revocation certificate with future timestamp</string>
|
||||||
@ -578,9 +585,10 @@
|
|||||||
<string name="msg_kc_sub_revoke_bad_err">Removing bad subkey revocation key</string>
|
<string name="msg_kc_sub_revoke_bad_err">Removing bad subkey revocation key</string>
|
||||||
<string name="msg_kc_sub_revoke_bad">Removing bad subkey revocation key</string>
|
<string name="msg_kc_sub_revoke_bad">Removing bad subkey revocation key</string>
|
||||||
<string name="msg_kc_sub_revoke_dup">Removing redundant keyring revocation key</string>
|
<string name="msg_kc_sub_revoke_dup">Removing redundant keyring revocation key</string>
|
||||||
<string name="msg_kc_sub_success">Subkey binding OK</string>
|
|
||||||
<string name="msg_kc_success">Keyring canonicalization successful</string>
|
<string name="msg_kc_success">Keyring canonicalization successful</string>
|
||||||
<string name="msg_kc_success_removed">Keyring canonicalization successful, removed %s certificates</string>
|
<string name="msg_kc_success_bad">Keyring canonicalization successful, removed %s erroneous certificates</string>
|
||||||
|
<string name="msg_kc_success_bad_and_red">Keyring canonicalization successful, removed %1$s erroneous and %2$s redundant certificates</string>
|
||||||
|
<string name="msg_kc_success_redundant">Keyring canonicalization successful, removed %s redundant certificates</string>
|
||||||
<string name="msg_kc_uid_bad_err">Removing bad self certificate for user id %s</string>
|
<string name="msg_kc_uid_bad_err">Removing bad self certificate for user id %s</string>
|
||||||
<string name="msg_kc_uid_bad_local">Removing user id certificate with "local" flag</string>
|
<string name="msg_kc_uid_bad_local">Removing user id certificate with "local" flag</string>
|
||||||
<string name="msg_kc_uid_bad_time">Removing user id with future timestamp</string>
|
<string name="msg_kc_uid_bad_time">Removing user id with future timestamp</string>
|
||||||
|
Loading…
Reference in New Issue
Block a user