moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-30 12:32:17 -05:00
Code Issues Releases Wiki Activity

import: use wrapped keyring instead of uncached keyring for trust

Browse Source
This commit is contained in:
Vincent Breitmoser 2014-06-12 18:11:31 +02:00
parent e4a7d4f6e5
commit 59701250ba
2 changed files with 20 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
View File

@ -29,7 +29,7 @@ import android.support.v4.util.LongSparseArray;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.KeyRing; import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.service.OperationResultParcel; import org.sufficientlysecure.keychain.pgp.WrappedPublicKey;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType; import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel; import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog; import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
@ -172,36 +172,31 @@ public class ProviderHelper {
} }
} }
public Object getUnifiedData(long masterKeyId, String column, int type)
throws NotFoundException {
return getUnifiedData(masterKeyId, new String[]{column}, new int[]{type}).get(column);
}
public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types) public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
throws NotFoundException { throws NotFoundException {
return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types); return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
} }
private LongSparseArray<UncachedPublicKey> getUncachedMasterKeys(Uri queryUri) { private LongSparseArray<WrappedPublicKey> getAllWrappedMasterKeys() {
Cursor cursor = mContentResolver.query(queryUri, Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
new String[]{KeyRingData.MASTER_KEY_ID, KeyRingData.KEY_RING_DATA}, KeyRings.MASTER_KEY_ID,
null, null, null); // we pick from cache only information that is not easily available from keyrings
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
// and of course, ring data
KeyRings.PUBKEY_DATA
}, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
LongSparseArray<UncachedPublicKey> result = LongSparseArray<WrappedPublicKey> result =
new LongSparseArray<UncachedPublicKey>(cursor.getCount()); new LongSparseArray<WrappedPublicKey>(cursor.getCount());
try { try {
if (cursor != null && cursor.moveToFirst()) do { if (cursor != null && cursor.moveToFirst()) do {
long masterKeyId = cursor.getLong(0); long masterKeyId = cursor.getLong(0);
byte[] data = cursor.getBlob(1); boolean hasAnySecret = cursor.getInt(1) > 0;
if (data != null) { int verified = cursor.getInt(2);
try { byte[] blob = cursor.getBlob(3);
if (blob != null) {
result.put(masterKeyId, result.put(masterKeyId,
UncachedKeyRing.decodeFromData(data).getPublicKey()); new WrappedPublicKeyRing(blob, hasAnySecret, verified).getSubkey());
} catch(PgpGeneralException e) {
Log.e(Constants.TAG, "Error parsing keyring, skipping " + masterKeyId, e);
} catch(IOException e) {
Log.e(Constants.TAG, "IO error, skipping keyring" + masterKeyId, e);
}
} }
} while (cursor.moveToNext()); } while (cursor.moveToNext());
} finally { } finally {
@ -394,8 +389,7 @@ public class ProviderHelper {
mIndent -= 1; mIndent -= 1;
// get a list of owned secret keys, for verification filtering // get a list of owned secret keys, for verification filtering
LongSparseArray<UncachedPublicKey> trustedKeys = LongSparseArray<WrappedPublicKey> trustedKeys = getAllWrappedMasterKeys();
getUncachedMasterKeys(KeyRingData.buildSecretKeyRingUri());
log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[]{ log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[]{
Integer.toString(trustedKeys.size()) Integer.toString(trustedKeys.size())
}); });
@ -456,7 +450,7 @@ public class ProviderHelper {
// verify signatures from known private keys // verify signatures from known private keys
if (trustedKeys.indexOfKey(certId) >= 0) { if (trustedKeys.indexOfKey(certId) >= 0) {
UncachedPublicKey trustedKey = trustedKeys.get(certId); WrappedPublicKey trustedKey = trustedKeys.get(certId);
cert.init(trustedKey); cert.init(trustedKey);
if (cert.verifySignature(masterKey, userId)) { if (cert.verifySignature(masterKey, userId)) {
item.trustedCerts.add(cert); item.trustedCerts.add(cert);

2
OpenKeychain/src/main/res/values/strings.xml
View File

@ -538,7 +538,7 @@
<string name="msg_ip_trust_using">Using %s trusted keys</string> <string name="msg_ip_trust_using">Using %s trusted keys</string>
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string> <string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
<string name="msg_ip_uid_cert_error">Error processing certificate!</string> <string name="msg_ip_uid_cert_error">Error processing certificate!</string>
<string name="msg_ip_uid_cert_good">Found good certificate from %2$s (%2$s)</string> <string name="msg_ip_uid_cert_good">Found good certificate from %1$s (%2$s)</string>
<string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string> <string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string>
<string name="msg_ip_uid_classifying">Classifying user ids</string> <string name="msg_ip_uid_classifying">Classifying user ids</string>
<string name="msg_ip_uid_insert">Inserting user ids</string> <string name="msg_ip_uid_insert">Inserting user ids</string>