diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperation.java index 46db30ad0..ef08b0b77 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperation.java @@ -50,7 +50,7 @@ public class PromoteKeyOperation extends BaseOperation { super(context, providerHelper, progressable, cancelled); } - public PromoteKeyResult execute(long masterKeyId) { + public PromoteKeyResult execute(long masterKeyId, byte[] cardAid) { OperationLog log = new OperationLog(); log.add(LogType.MSG_PR, 0); @@ -58,27 +58,16 @@ public class PromoteKeyOperation extends BaseOperation { // Perform actual type change UncachedKeyRing promotedRing; { - try { - // This operation is only allowed for pure public keys - // TODO delete secret keys if they are stripped, or have been moved to the card? - if (mProviderHelper.getCachedPublicKeyRing(masterKeyId).hasAnySecret()) { - log.add(LogType.MSG_PR_ERROR_ALREADY_SECRET, 2); - return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null); - } - log.add(LogType.MSG_PR_FETCHING, 1, KeyFormattingUtils.convertKeyIdToHex(masterKeyId)); CanonicalizedPublicKeyRing pubRing = mProviderHelper.getCanonicalizedPublicKeyRing(masterKeyId); // create divert-to-card secret key from public key - promotedRing = pubRing.createDummySecretRing(true); + promotedRing = pubRing.createDivertSecretRing(cardAid); - } catch (PgpKeyNotFoundException e) { - log.add(LogType.MSG_PR_ERROR_KEY_NOT_FOUND, 2); - return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null); } catch (NotFoundException e) { log.add(LogType.MSG_PR_ERROR_KEY_NOT_FOUND, 2); return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java index 561b8f907..47f9271e1 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java @@ -603,7 +603,6 @@ public abstract class OperationResult implements Parcelable { // promote key MSG_PR (LogLevel.START, R.string.msg_pr), - MSG_PR_ERROR_ALREADY_SECRET (LogLevel.ERROR, R.string.msg_pr_error_already_secret), MSG_PR_ERROR_KEY_NOT_FOUND (LogLevel.ERROR, R.string.msg_pr_error_key_not_found), MSG_PR_FETCHING (LogLevel.DEBUG, R.string.msg_pr_fetching), MSG_PR_SUCCESS (LogLevel.OK, R.string.msg_pr_success), diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java index fa5b0785e..8432b8f9f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java @@ -97,14 +97,15 @@ public class CanonicalizedPublicKeyRing extends CanonicalizedKeyRing { } /** Create a dummy secret ring from this key */ - public UncachedKeyRing createDummySecretRing (boolean divertToCard) { - - PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(), - divertToCard - ? S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD - : S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY); + public UncachedKeyRing createDummySecretRing () { + PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(), null); return new UncachedKeyRing(secRing); + } + /** Create a dummy secret ring from this key */ + public UncachedKeyRing createDivertSecretRing (byte[] cardAid) { + PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(), cardAid); + return new UncachedKeyRing(secRing); } } \ No newline at end of file diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index 5a9c146f7..a400066ab 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -187,7 +187,7 @@ public class KeychainIntentService extends IntentService implements Progressable // promote key public static final String PROMOTE_MASTER_KEY_ID = "promote_master_key_id"; - public static final String PROMOTE_TYPE = "promote_type"; + public static final String PROMOTE_CARD_AID = "promote_card_aid"; // consolidate public static final String CONSOLIDATE_RECOVERY = "consolidate_recovery"; @@ -488,10 +488,11 @@ public class KeychainIntentService extends IntentService implements Progressable // Input long keyRingId = data.getLong(PROMOTE_MASTER_KEY_ID); + byte[] cardAid = data.getByteArray(PROMOTE_CARD_AID); // Operation PromoteKeyOperation op = new PromoteKeyOperation(this, providerHelper, this, mActionCanceled); - PromoteKeyResult result = op.execute(keyRingId); + PromoteKeyResult result = op.execute(keyRingId, cardAid); // Result sendMessageToHandler(MessageStatus.OKAY, result); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyYubikeyFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyYubikeyFragment.java index f60b6f299..192d85d58 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyYubikeyFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyYubikeyFragment.java @@ -36,10 +36,10 @@ public class ViewKeyYubikeyFragment extends Fragment public static final String ARG_FINGERPRINT = "fingerprint"; public static final String ARG_USER_ID = "user_id"; - public static final String ARG_AID = "aid"; + public static final String ARG_CARD_AID = "aid"; private byte[][] mFingerprints; private String mUserId; - private byte[] mAid; + private byte[] mCardAid; private long mMasterKeyId; private Button vButton; private TextView vStatus; @@ -51,7 +51,7 @@ public class ViewKeyYubikeyFragment extends Fragment Bundle args = new Bundle(); args.putByteArray(ARG_FINGERPRINT, fingerprints); args.putString(ARG_USER_ID, userId); - args.putByteArray(ARG_AID, aid); + args.putByteArray(ARG_CARD_AID, aid); frag.setArguments(args); return frag; @@ -70,7 +70,7 @@ public class ViewKeyYubikeyFragment extends Fragment buf.get(mFingerprints[i]); } mUserId = args.getString(ARG_USER_ID); - mAid = args.getByteArray(ARG_AID); + mCardAid = args.getByteArray(ARG_CARD_AID); mMasterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mFingerprints[0]); @@ -85,7 +85,7 @@ public class ViewKeyYubikeyFragment extends Fragment TextView vSerNo = (TextView) view.findViewById(R.id.yubikey_serno); TextView vUserId = (TextView) view.findViewById(R.id.yubikey_userid); - String serno = Hex.toHexString(mAid, 10, 4); + String serno = Hex.toHexString(mCardAid, 10, 4); vSerNo.setText(getString(R.string.yubikey_serno, serno)); if (!mUserId.isEmpty()) { @@ -137,6 +137,7 @@ public class ViewKeyYubikeyFragment extends Fragment Bundle data = new Bundle(); data.putLong(KeychainIntentService.PROMOTE_MASTER_KEY_ID, mMasterKeyId); + data.putByteArray(KeychainIntentService.PROMOTE_CARD_AID, mCardAid); intent.putExtra(KeychainIntentService.EXTRA_DATA, data); // Create a new Messenger for the communication back @@ -192,13 +193,13 @@ public class ViewKeyYubikeyFragment extends Fragment if (allBound) { vButton.setVisibility(View.GONE); - vStatus.setText("Key matches, fully bound"); + vStatus.setText(R.string.yubikey_status_bound); } else { vButton.setVisibility(View.VISIBLE); if (noneBound) { - vStatus.setText("Key matches, can be bound"); + vStatus.setText(R.string.yubikey_status_unbound); } else { - vStatus.setText("Key matches, partly bound"); + vStatus.setText(R.string.yubikey_status_partly); } } diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index f7a9a671e..6dfdb8997 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -988,7 +988,6 @@ "Promoting public key to secret key" - "Key is already a secret key!" "Key not found!" "Fetching key to modify (%s)" "Key successfully promoted" @@ -1273,5 +1272,8 @@ "Serial No: %s" "Key holder: " "Key holder: <unset>" + Yubikey matches, bound to key + Yubikey matches, can be bound to key + Yubikey matches, partly bound to key