import: use wrapped keyring instead of uncached keyring for trust

2024-11-27 11:12:15 -05:00 · 2014-06-12 18:11:31 +02:00 · 2014-06-12 18:11:31 +02:00 · 59701250ba
commit 59701250ba
parent e4a7d4f6e5
2 changed files with 20 additions and 26 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
@ -29,7 +29,7 @@ import android.support.v4.util.LongSparseArray;

 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
-import org.sufficientlysecure.keychain.service.OperationResultParcel;
+import org.sufficientlysecure.keychain.pgp.WrappedPublicKey;
 import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
 import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
 import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
@ -172,36 +172,31 @@ public class ProviderHelper {
        }
    }

-    public Object getUnifiedData(long masterKeyId, String column, int type)
-            throws NotFoundException {
-        return getUnifiedData(masterKeyId, new String[]{column}, new int[]{type}).get(column);
-    }
-
    public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
            throws NotFoundException {
        return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
    }

-    private LongSparseArray<UncachedPublicKey> getUncachedMasterKeys(Uri queryUri) {
-        Cursor cursor = mContentResolver.query(queryUri,
-                new String[]{KeyRingData.MASTER_KEY_ID, KeyRingData.KEY_RING_DATA},
-                null, null, null);
+    private LongSparseArray<WrappedPublicKey> getAllWrappedMasterKeys() {
+        Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
+                KeyRings.MASTER_KEY_ID,
+                // we pick from cache only information that is not easily available from keyrings
+                KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
+                // and of course, ring data
+                KeyRings.PUBKEY_DATA
+            }, KeyRings.HAS_ANY_SECRET + " = 1", null, null);

-        LongSparseArray<UncachedPublicKey> result =
-                new LongSparseArray<UncachedPublicKey>(cursor.getCount());
+        LongSparseArray<WrappedPublicKey> result =
+                new LongSparseArray<WrappedPublicKey>(cursor.getCount());
        try {
            if (cursor != null && cursor.moveToFirst()) do {
                long masterKeyId = cursor.getLong(0);
-                byte[] data = cursor.getBlob(1);
-                if (data != null) {
-                    try {
-                        result.put(masterKeyId,
-                                UncachedKeyRing.decodeFromData(data).getPublicKey());
-                    } catch(PgpGeneralException e) {
-                        Log.e(Constants.TAG, "Error parsing keyring, skipping " + masterKeyId, e);
-                    } catch(IOException e) {
-                        Log.e(Constants.TAG, "IO error, skipping keyring" + masterKeyId, e);
-                    }
+                boolean hasAnySecret = cursor.getInt(1) > 0;
+                int verified = cursor.getInt(2);
+                byte[] blob = cursor.getBlob(3);
+                if (blob != null) {
+                    result.put(masterKeyId,
+                            new WrappedPublicKeyRing(blob, hasAnySecret, verified).getSubkey());
                }
            } while (cursor.moveToNext());
        } finally {
@ -394,8 +389,7 @@ public class ProviderHelper {
            mIndent -= 1;

            // get a list of owned secret keys, for verification filtering
-            LongSparseArray<UncachedPublicKey> trustedKeys =
-                    getUncachedMasterKeys(KeyRingData.buildSecretKeyRingUri());
+            LongSparseArray<WrappedPublicKey> trustedKeys = getAllWrappedMasterKeys();
            log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[]{
                    Integer.toString(trustedKeys.size())
            });
@ -456,7 +450,7 @@ public class ProviderHelper {

                        // verify signatures from known private keys
                        if (trustedKeys.indexOfKey(certId) >= 0) {
-                            UncachedPublicKey trustedKey = trustedKeys.get(certId);
+                            WrappedPublicKey trustedKey = trustedKeys.get(certId);
                            cert.init(trustedKey);
                            if (cert.verifySignature(masterKey, userId)) {
                                item.trustedCerts.add(cert);
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@ -538,7 +538,7 @@
    <string name="msg_ip_trust_using">Using %s trusted keys</string>
    <string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
    <string name="msg_ip_uid_cert_error">Error processing certificate!</string>
-    <string name="msg_ip_uid_cert_good">Found good certificate from %2$s (%2$s)</string>
+    <string name="msg_ip_uid_cert_good">Found good certificate from %1$s (%2$s)</string>
    <string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string>
    <string name="msg_ip_uid_classifying">Classifying user ids</string>
    <string name="msg_ip_uid_insert">Inserting user ids</string>