mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-12-12 02:12:18 -05:00
actually promote to divert, pass yubikey's AID
This commit is contained in:
parent
22063cdd6e
commit
2151411219
@ -50,7 +50,7 @@ public class PromoteKeyOperation extends BaseOperation {
|
|||||||
super(context, providerHelper, progressable, cancelled);
|
super(context, providerHelper, progressable, cancelled);
|
||||||
}
|
}
|
||||||
|
|
||||||
public PromoteKeyResult execute(long masterKeyId) {
|
public PromoteKeyResult execute(long masterKeyId, byte[] cardAid) {
|
||||||
|
|
||||||
OperationLog log = new OperationLog();
|
OperationLog log = new OperationLog();
|
||||||
log.add(LogType.MSG_PR, 0);
|
log.add(LogType.MSG_PR, 0);
|
||||||
@ -58,27 +58,16 @@ public class PromoteKeyOperation extends BaseOperation {
|
|||||||
// Perform actual type change
|
// Perform actual type change
|
||||||
UncachedKeyRing promotedRing;
|
UncachedKeyRing promotedRing;
|
||||||
{
|
{
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
// This operation is only allowed for pure public keys
|
|
||||||
// TODO delete secret keys if they are stripped, or have been moved to the card?
|
|
||||||
if (mProviderHelper.getCachedPublicKeyRing(masterKeyId).hasAnySecret()) {
|
|
||||||
log.add(LogType.MSG_PR_ERROR_ALREADY_SECRET, 2);
|
|
||||||
return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null);
|
|
||||||
}
|
|
||||||
|
|
||||||
log.add(LogType.MSG_PR_FETCHING, 1,
|
log.add(LogType.MSG_PR_FETCHING, 1,
|
||||||
KeyFormattingUtils.convertKeyIdToHex(masterKeyId));
|
KeyFormattingUtils.convertKeyIdToHex(masterKeyId));
|
||||||
CanonicalizedPublicKeyRing pubRing =
|
CanonicalizedPublicKeyRing pubRing =
|
||||||
mProviderHelper.getCanonicalizedPublicKeyRing(masterKeyId);
|
mProviderHelper.getCanonicalizedPublicKeyRing(masterKeyId);
|
||||||
|
|
||||||
// create divert-to-card secret key from public key
|
// create divert-to-card secret key from public key
|
||||||
promotedRing = pubRing.createDummySecretRing(true);
|
promotedRing = pubRing.createDivertSecretRing(cardAid);
|
||||||
|
|
||||||
} catch (PgpKeyNotFoundException e) {
|
|
||||||
log.add(LogType.MSG_PR_ERROR_KEY_NOT_FOUND, 2);
|
|
||||||
return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null);
|
|
||||||
} catch (NotFoundException e) {
|
} catch (NotFoundException e) {
|
||||||
log.add(LogType.MSG_PR_ERROR_KEY_NOT_FOUND, 2);
|
log.add(LogType.MSG_PR_ERROR_KEY_NOT_FOUND, 2);
|
||||||
return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null);
|
return new PromoteKeyResult(PromoteKeyResult.RESULT_ERROR, log, null);
|
||||||
|
@ -603,7 +603,6 @@ public abstract class OperationResult implements Parcelable {
|
|||||||
|
|
||||||
// promote key
|
// promote key
|
||||||
MSG_PR (LogLevel.START, R.string.msg_pr),
|
MSG_PR (LogLevel.START, R.string.msg_pr),
|
||||||
MSG_PR_ERROR_ALREADY_SECRET (LogLevel.ERROR, R.string.msg_pr_error_already_secret),
|
|
||||||
MSG_PR_ERROR_KEY_NOT_FOUND (LogLevel.ERROR, R.string.msg_pr_error_key_not_found),
|
MSG_PR_ERROR_KEY_NOT_FOUND (LogLevel.ERROR, R.string.msg_pr_error_key_not_found),
|
||||||
MSG_PR_FETCHING (LogLevel.DEBUG, R.string.msg_pr_fetching),
|
MSG_PR_FETCHING (LogLevel.DEBUG, R.string.msg_pr_fetching),
|
||||||
MSG_PR_SUCCESS (LogLevel.OK, R.string.msg_pr_success),
|
MSG_PR_SUCCESS (LogLevel.OK, R.string.msg_pr_success),
|
||||||
|
@ -97,14 +97,15 @@ public class CanonicalizedPublicKeyRing extends CanonicalizedKeyRing {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** Create a dummy secret ring from this key */
|
/** Create a dummy secret ring from this key */
|
||||||
public UncachedKeyRing createDummySecretRing (boolean divertToCard) {
|
public UncachedKeyRing createDummySecretRing () {
|
||||||
|
PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(), null);
|
||||||
PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(),
|
|
||||||
divertToCard
|
|
||||||
? S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD
|
|
||||||
: S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY);
|
|
||||||
return new UncachedKeyRing(secRing);
|
return new UncachedKeyRing(secRing);
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Create a dummy secret ring from this key */
|
||||||
|
public UncachedKeyRing createDivertSecretRing (byte[] cardAid) {
|
||||||
|
PGPSecretKeyRing secRing = PGPSecretKeyRing.constructDummyFromPublic(getRing(), cardAid);
|
||||||
|
return new UncachedKeyRing(secRing);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -187,7 +187,7 @@ public class KeychainIntentService extends IntentService implements Progressable
|
|||||||
|
|
||||||
// promote key
|
// promote key
|
||||||
public static final String PROMOTE_MASTER_KEY_ID = "promote_master_key_id";
|
public static final String PROMOTE_MASTER_KEY_ID = "promote_master_key_id";
|
||||||
public static final String PROMOTE_TYPE = "promote_type";
|
public static final String PROMOTE_CARD_AID = "promote_card_aid";
|
||||||
|
|
||||||
// consolidate
|
// consolidate
|
||||||
public static final String CONSOLIDATE_RECOVERY = "consolidate_recovery";
|
public static final String CONSOLIDATE_RECOVERY = "consolidate_recovery";
|
||||||
@ -488,10 +488,11 @@ public class KeychainIntentService extends IntentService implements Progressable
|
|||||||
|
|
||||||
// Input
|
// Input
|
||||||
long keyRingId = data.getLong(PROMOTE_MASTER_KEY_ID);
|
long keyRingId = data.getLong(PROMOTE_MASTER_KEY_ID);
|
||||||
|
byte[] cardAid = data.getByteArray(PROMOTE_CARD_AID);
|
||||||
|
|
||||||
// Operation
|
// Operation
|
||||||
PromoteKeyOperation op = new PromoteKeyOperation(this, providerHelper, this, mActionCanceled);
|
PromoteKeyOperation op = new PromoteKeyOperation(this, providerHelper, this, mActionCanceled);
|
||||||
PromoteKeyResult result = op.execute(keyRingId);
|
PromoteKeyResult result = op.execute(keyRingId, cardAid);
|
||||||
|
|
||||||
// Result
|
// Result
|
||||||
sendMessageToHandler(MessageStatus.OKAY, result);
|
sendMessageToHandler(MessageStatus.OKAY, result);
|
||||||
|
@ -36,10 +36,10 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
|
|
||||||
public static final String ARG_FINGERPRINT = "fingerprint";
|
public static final String ARG_FINGERPRINT = "fingerprint";
|
||||||
public static final String ARG_USER_ID = "user_id";
|
public static final String ARG_USER_ID = "user_id";
|
||||||
public static final String ARG_AID = "aid";
|
public static final String ARG_CARD_AID = "aid";
|
||||||
private byte[][] mFingerprints;
|
private byte[][] mFingerprints;
|
||||||
private String mUserId;
|
private String mUserId;
|
||||||
private byte[] mAid;
|
private byte[] mCardAid;
|
||||||
private long mMasterKeyId;
|
private long mMasterKeyId;
|
||||||
private Button vButton;
|
private Button vButton;
|
||||||
private TextView vStatus;
|
private TextView vStatus;
|
||||||
@ -51,7 +51,7 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
Bundle args = new Bundle();
|
Bundle args = new Bundle();
|
||||||
args.putByteArray(ARG_FINGERPRINT, fingerprints);
|
args.putByteArray(ARG_FINGERPRINT, fingerprints);
|
||||||
args.putString(ARG_USER_ID, userId);
|
args.putString(ARG_USER_ID, userId);
|
||||||
args.putByteArray(ARG_AID, aid);
|
args.putByteArray(ARG_CARD_AID, aid);
|
||||||
frag.setArguments(args);
|
frag.setArguments(args);
|
||||||
|
|
||||||
return frag;
|
return frag;
|
||||||
@ -70,7 +70,7 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
buf.get(mFingerprints[i]);
|
buf.get(mFingerprints[i]);
|
||||||
}
|
}
|
||||||
mUserId = args.getString(ARG_USER_ID);
|
mUserId = args.getString(ARG_USER_ID);
|
||||||
mAid = args.getByteArray(ARG_AID);
|
mCardAid = args.getByteArray(ARG_CARD_AID);
|
||||||
|
|
||||||
mMasterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mFingerprints[0]);
|
mMasterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mFingerprints[0]);
|
||||||
|
|
||||||
@ -85,7 +85,7 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
TextView vSerNo = (TextView) view.findViewById(R.id.yubikey_serno);
|
TextView vSerNo = (TextView) view.findViewById(R.id.yubikey_serno);
|
||||||
TextView vUserId = (TextView) view.findViewById(R.id.yubikey_userid);
|
TextView vUserId = (TextView) view.findViewById(R.id.yubikey_userid);
|
||||||
|
|
||||||
String serno = Hex.toHexString(mAid, 10, 4);
|
String serno = Hex.toHexString(mCardAid, 10, 4);
|
||||||
vSerNo.setText(getString(R.string.yubikey_serno, serno));
|
vSerNo.setText(getString(R.string.yubikey_serno, serno));
|
||||||
|
|
||||||
if (!mUserId.isEmpty()) {
|
if (!mUserId.isEmpty()) {
|
||||||
@ -137,6 +137,7 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
|
|
||||||
Bundle data = new Bundle();
|
Bundle data = new Bundle();
|
||||||
data.putLong(KeychainIntentService.PROMOTE_MASTER_KEY_ID, mMasterKeyId);
|
data.putLong(KeychainIntentService.PROMOTE_MASTER_KEY_ID, mMasterKeyId);
|
||||||
|
data.putByteArray(KeychainIntentService.PROMOTE_CARD_AID, mCardAid);
|
||||||
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
|
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
|
||||||
|
|
||||||
// Create a new Messenger for the communication back
|
// Create a new Messenger for the communication back
|
||||||
@ -192,13 +193,13 @@ public class ViewKeyYubikeyFragment extends Fragment
|
|||||||
|
|
||||||
if (allBound) {
|
if (allBound) {
|
||||||
vButton.setVisibility(View.GONE);
|
vButton.setVisibility(View.GONE);
|
||||||
vStatus.setText("Key matches, fully bound");
|
vStatus.setText(R.string.yubikey_status_bound);
|
||||||
} else {
|
} else {
|
||||||
vButton.setVisibility(View.VISIBLE);
|
vButton.setVisibility(View.VISIBLE);
|
||||||
if (noneBound) {
|
if (noneBound) {
|
||||||
vStatus.setText("Key matches, can be bound");
|
vStatus.setText(R.string.yubikey_status_unbound);
|
||||||
} else {
|
} else {
|
||||||
vStatus.setText("Key matches, partly bound");
|
vStatus.setText(R.string.yubikey_status_partly);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -988,7 +988,6 @@
|
|||||||
|
|
||||||
<!-- Promote key -->
|
<!-- Promote key -->
|
||||||
<string name="msg_pr">"Promoting public key to secret key"</string>
|
<string name="msg_pr">"Promoting public key to secret key"</string>
|
||||||
<string name="msg_pr_error_already_secret">"Key is already a secret key!"</string>
|
|
||||||
<string name="msg_pr_error_key_not_found">"Key not found!"</string>
|
<string name="msg_pr_error_key_not_found">"Key not found!"</string>
|
||||||
<string name="msg_pr_fetching">"Fetching key to modify (%s)"</string>
|
<string name="msg_pr_fetching">"Fetching key to modify (%s)"</string>
|
||||||
<string name="msg_pr_success">"Key successfully promoted"</string>
|
<string name="msg_pr_success">"Key successfully promoted"</string>
|
||||||
@ -1273,5 +1272,8 @@
|
|||||||
<string name="yubikey_serno">"Serial No: %s"</string>
|
<string name="yubikey_serno">"Serial No: %s"</string>
|
||||||
<string name="yubikey_key_holder">"Key holder: "</string>
|
<string name="yubikey_key_holder">"Key holder: "</string>
|
||||||
<string name="yubikey_key_holder_unset">"Key holder: <unset>"</string>
|
<string name="yubikey_key_holder_unset">"Key holder: <unset>"</string>
|
||||||
|
<string name="yubikey_status_bound">Yubikey matches, bound to key</string>
|
||||||
|
<string name="yubikey_status_unbound">Yubikey matches, can be bound to key</string>
|
||||||
|
<string name="yubikey_status_partly">Yubikey matches, partly bound to key</string>
|
||||||
|
|
||||||
</resources>
|
</resources>
|
||||||
|
Loading…
Reference in New Issue
Block a user