mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-30 12:32:17 -05:00
import: use wrapped keyring instead of uncached keyring for trust
This commit is contained in:
parent
e4a7d4f6e5
commit
59701250ba
@ -29,7 +29,7 @@ import android.support.v4.util.LongSparseArray;
|
|||||||
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
||||||
import org.sufficientlysecure.keychain.service.OperationResultParcel;
|
import org.sufficientlysecure.keychain.pgp.WrappedPublicKey;
|
||||||
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
|
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
|
||||||
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
|
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
|
||||||
import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
|
import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
|
||||||
@ -172,36 +172,31 @@ public class ProviderHelper {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public Object getUnifiedData(long masterKeyId, String column, int type)
|
|
||||||
throws NotFoundException {
|
|
||||||
return getUnifiedData(masterKeyId, new String[]{column}, new int[]{type}).get(column);
|
|
||||||
}
|
|
||||||
|
|
||||||
public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
|
public HashMap<String, Object> getUnifiedData(long masterKeyId, String[] proj, int[] types)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
|
return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
|
||||||
}
|
}
|
||||||
|
|
||||||
private LongSparseArray<UncachedPublicKey> getUncachedMasterKeys(Uri queryUri) {
|
private LongSparseArray<WrappedPublicKey> getAllWrappedMasterKeys() {
|
||||||
Cursor cursor = mContentResolver.query(queryUri,
|
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
|
||||||
new String[]{KeyRingData.MASTER_KEY_ID, KeyRingData.KEY_RING_DATA},
|
KeyRings.MASTER_KEY_ID,
|
||||||
null, null, null);
|
// we pick from cache only information that is not easily available from keyrings
|
||||||
|
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
|
||||||
|
// and of course, ring data
|
||||||
|
KeyRings.PUBKEY_DATA
|
||||||
|
}, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
|
||||||
|
|
||||||
LongSparseArray<UncachedPublicKey> result =
|
LongSparseArray<WrappedPublicKey> result =
|
||||||
new LongSparseArray<UncachedPublicKey>(cursor.getCount());
|
new LongSparseArray<WrappedPublicKey>(cursor.getCount());
|
||||||
try {
|
try {
|
||||||
if (cursor != null && cursor.moveToFirst()) do {
|
if (cursor != null && cursor.moveToFirst()) do {
|
||||||
long masterKeyId = cursor.getLong(0);
|
long masterKeyId = cursor.getLong(0);
|
||||||
byte[] data = cursor.getBlob(1);
|
boolean hasAnySecret = cursor.getInt(1) > 0;
|
||||||
if (data != null) {
|
int verified = cursor.getInt(2);
|
||||||
try {
|
byte[] blob = cursor.getBlob(3);
|
||||||
result.put(masterKeyId,
|
if (blob != null) {
|
||||||
UncachedKeyRing.decodeFromData(data).getPublicKey());
|
result.put(masterKeyId,
|
||||||
} catch(PgpGeneralException e) {
|
new WrappedPublicKeyRing(blob, hasAnySecret, verified).getSubkey());
|
||||||
Log.e(Constants.TAG, "Error parsing keyring, skipping " + masterKeyId, e);
|
|
||||||
} catch(IOException e) {
|
|
||||||
Log.e(Constants.TAG, "IO error, skipping keyring" + masterKeyId, e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} while (cursor.moveToNext());
|
} while (cursor.moveToNext());
|
||||||
} finally {
|
} finally {
|
||||||
@ -394,8 +389,7 @@ public class ProviderHelper {
|
|||||||
mIndent -= 1;
|
mIndent -= 1;
|
||||||
|
|
||||||
// get a list of owned secret keys, for verification filtering
|
// get a list of owned secret keys, for verification filtering
|
||||||
LongSparseArray<UncachedPublicKey> trustedKeys =
|
LongSparseArray<WrappedPublicKey> trustedKeys = getAllWrappedMasterKeys();
|
||||||
getUncachedMasterKeys(KeyRingData.buildSecretKeyRingUri());
|
|
||||||
log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[]{
|
log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[]{
|
||||||
Integer.toString(trustedKeys.size())
|
Integer.toString(trustedKeys.size())
|
||||||
});
|
});
|
||||||
@ -456,7 +450,7 @@ public class ProviderHelper {
|
|||||||
|
|
||||||
// verify signatures from known private keys
|
// verify signatures from known private keys
|
||||||
if (trustedKeys.indexOfKey(certId) >= 0) {
|
if (trustedKeys.indexOfKey(certId) >= 0) {
|
||||||
UncachedPublicKey trustedKey = trustedKeys.get(certId);
|
WrappedPublicKey trustedKey = trustedKeys.get(certId);
|
||||||
cert.init(trustedKey);
|
cert.init(trustedKey);
|
||||||
if (cert.verifySignature(masterKey, userId)) {
|
if (cert.verifySignature(masterKey, userId)) {
|
||||||
item.trustedCerts.add(cert);
|
item.trustedCerts.add(cert);
|
||||||
|
@ -538,7 +538,7 @@
|
|||||||
<string name="msg_ip_trust_using">Using %s trusted keys</string>
|
<string name="msg_ip_trust_using">Using %s trusted keys</string>
|
||||||
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
|
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
|
||||||
<string name="msg_ip_uid_cert_error">Error processing certificate!</string>
|
<string name="msg_ip_uid_cert_error">Error processing certificate!</string>
|
||||||
<string name="msg_ip_uid_cert_good">Found good certificate from %2$s (%2$s)</string>
|
<string name="msg_ip_uid_cert_good">Found good certificate from %1$s (%2$s)</string>
|
||||||
<string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string>
|
<string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string>
|
||||||
<string name="msg_ip_uid_classifying">Classifying user ids</string>
|
<string name="msg_ip_uid_classifying">Classifying user ids</string>
|
||||||
<string name="msg_ip_uid_insert">Inserting user ids</string>
|
<string name="msg_ip_uid_insert">Inserting user ids</string>
|
||||||
|
Loading…
Reference in New Issue
Block a user