don't show allowed key list if no key exists, and some minor PgpDecryptVerify changes

2024-11-23 17:22:16 -05:00 · 2015-05-28 02:27:44 +02:00 · 2015-05-28 02:27:44 +02:00 · 5c8af1c5a5
commit 5c8af1c5a5
parent 1fb7477a5a
13 changed files with 75 additions and 39 deletions
--- a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
@ -29,6 +29,7 @@ import org.robolectric.shadows.ShadowLog;
 import org.spongycastle.bcpg.sig.KeyFlags;
 import org.spongycastle.jce.provider.BouncyCastleProvider;
 import org.spongycastle.openpgp.PGPEncryptedData;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
 import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
@ -214,7 +215,7 @@ public class PgpEncryptDecryptTest {
        String plaintext = "dies ist ein plaintext ☭" + TestingUtils.genPassphrase(true);
        byte[] ciphertext;
-        { // encrypt data with a given passphrase
+        { // encrypt data with key
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes());
@ -334,7 +335,7 @@ public class PgpEncryptDecryptTest {
                    out.toByteArray().length, metadata.getOriginalSize());
        }
-        { // decryption with passphrase cached should succeed for the first key
+        { // decryption should succeed if key is allowed
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            ByteArrayInputStream in = new ByteArrayInputStream(ciphertext);
@ -350,12 +351,32 @@ public class PgpEncryptDecryptTest {
            b.setAllowedKeyIds(allowed);
            DecryptVerifyResult result = b.build().execute(new CryptoInputParcel());
-            Assert.assertTrue("decryption with cached passphrase must succeed for the first key", result.success());
+            Assert.assertTrue("decryption with cached passphrase must succeed for allowed key", result.success());
            Assert.assertArrayEquals("decrypted ciphertext with cached passphrase  should equal plaintext",
                    out.toByteArray(), plaintext.getBytes());
            Assert.assertTrue("other key was skipped", result.getLog().containsType(LogType.MSG_DC_ASKIP_NOT_ALLOWED));
            Assert.assertNull("signature should be empty", result.getSignatureResult());
        }
        { // decryption should fail if no key is allowed
            ByteArrayOutputStream out = new ByteArrayOutputStream();
            ByteArrayInputStream in = new ByteArrayInputStream(ciphertext);
            InputData data = new InputData(in, in.available());
            // provide passphrase for the second, and check that the first is never asked for!
            PgpDecryptVerify.Builder b = builderWithFakePassphraseCache(data, out,
                    mKeyPhrase2, mStaticRing2.getMasterKeyId(), null);
            // no keys allowed!
            b.setAllowedKeyIds(new HashSet<Long>());
            DecryptVerifyResult result = b.build().execute(new CryptoInputParcel());
            Assert.assertFalse("decryption must fail if no key allowed", result.success());
            Assert.assertEquals("decryption must fail with key disllowed status",
                    DecryptVerifyResult.RESULT_KEY_DISALLOWED, result.getResult());
        }
        { // decryption with passphrase cached should succeed for the other key if first is gone
            // delete first key from database
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
@ -27,12 +27,19 @@ import org.sufficientlysecure.keychain.util.Passphrase;
 public class DecryptVerifyResult extends InputPendingResult {
    public static final int RESULT_NO_DATA = RESULT_ERROR + 16;
    public static final int RESULT_KEY_DISALLOWED = RESULT_ERROR + 32;
    OpenPgpSignatureResult mSignatureResult;
    OpenPgpMetadata mDecryptMetadata;
    // This holds the charset which was specified in the ascii armor, if specified
    // https://tools.ietf.org/html/rfc4880#page56
    String mCharset;
    public boolean isKeysDisallowed () {
        return (mResult & RESULT_KEY_DISALLOWED) == RESULT_KEY_DISALLOWED;
    }
    public OpenPgpSignatureResult getSignatureResult() {
        return mSignatureResult;
    }
@ -57,10 +64,6 @@ public class DecryptVerifyResult extends InputPendingResult {
        mCharset = charset;
    }
    public boolean isPending() {
        return (mResult & RESULT_PENDING) == RESULT_PENDING;
    }
    public DecryptVerifyResult(int result, OperationLog log) {
        super(result, log);
    }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@ -590,7 +590,7 @@ public abstract class OperationResult implements Parcelable {
        MSG_DC_ERROR_EXTRACT_KEY (LogLevel.ERROR, R.string.msg_dc_error_extract_key),
        MSG_DC_ERROR_INTEGRITY_CHECK (LogLevel.ERROR, R.string.msg_dc_error_integrity_check),
        MSG_DC_ERROR_INTEGRITY_MISSING (LogLevel.ERROR, R.string.msg_dc_error_integrity_missing),
-        MSG_DC_ERROR_INVALID_SIGLIST(LogLevel.ERROR, R.string.msg_dc_error_invalid_siglist),
+        MSG_DC_ERROR_INVALID_DATA (LogLevel.ERROR, R.string.msg_dc_error_invalid_data),
        MSG_DC_ERROR_IO (LogLevel.ERROR, R.string.msg_dc_error_io),
        MSG_DC_ERROR_NO_DATA (LogLevel.ERROR, R.string.msg_dc_error_no_data),
        MSG_DC_ERROR_NO_KEY (LogLevel.ERROR, R.string.msg_dc_error_no_key),
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@ -384,7 +384,7 @@ public class PgpDecryptVerify extends BaseOperation {
        }
        if (enc == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, indent);
            return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
        }
@ -419,6 +419,7 @@ public class PgpDecryptVerify extends BaseOperation {
        }
        Passphrase passphrase = null;
        boolean skippedDisallowedKey = false;
        // go through all objects and find one we can decrypt
        while (it.hasNext()) {
@ -451,13 +452,6 @@ public class PgpDecryptVerify extends BaseOperation {
                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                    continue;
                }
                // get subkey which has been used for this encryption packet
                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
                if (secretEncryptionKey == null) {
                    // should actually never happen, so no need to be more specific.
                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                    continue;
                }
                // allow only specific keys for decryption?
                if (mAllowedKeyIds != null) {
@ -469,11 +463,20 @@ public class PgpDecryptVerify extends BaseOperation {
                    if (!mAllowedKeyIds.contains(masterKeyId)) {
                        // this key is in our db, but NOT allowed!
                        // continue with the next packet in the while loop
                        skippedDisallowedKey = true;
                        log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent + 1);
                        continue;
                    }
                }
                // get subkey which has been used for this encryption packet
                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
                if (secretEncryptionKey == null) {
                    // should actually never happen, so no need to be more specific.
                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                    continue;
                }
                /* secret key exists in database and is allowed! */
                asymmetricPacketFound = true;
@ -604,10 +607,18 @@ public class PgpDecryptVerify extends BaseOperation {
            }
            encryptedData = encryptedDataAsymmetric;
        } else {
-            // If we didn't find any useful data, error out
+            // there wasn't even any useful data
            if (!anyPacketFound) {
                log.add(LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_NO_DATA, log);
            }
            // there was data but key wasn't allowed
            if (skippedDisallowedKey) {
                log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_KEY_DISALLOWED, log);
            }
            // no packet has been found where we have the corresponding secret key in our db
-            log.add(
+            log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
                    anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
            return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
        }
@ -910,7 +921,7 @@ public class PgpDecryptVerify extends BaseOperation {
        PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
        if (sigList == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
            return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
        }
@ -993,7 +1004,7 @@ public class PgpDecryptVerify extends BaseOperation {
        } else if (o instanceof PGPSignatureList) {
            sigList = (PGPSignatureList) o;
        } else {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
            return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
        }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@ -34,7 +34,6 @@ import org.openintents.openpgp.util.OpenPgpApi;
 import org.spongycastle.bcpg.CompressionAlgorithmTags;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.PgpConstants;
@ -601,9 +600,8 @@ public class OpenPgpService extends RemoteService {
                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
                return result;
            } else {
-                LogEntryParcel errorMsg = pgpResult.getLog().getLast();
+                //
-
+                if (pgpResult.isKeysDisallowed()) {
                if (errorMsg.mType == OperationResult.LogType.MSG_DC_ERROR_NO_KEY) {
                    // allow user to select allowed keys
                    Intent result = new Intent();
                    result.putExtra(OpenPgpApi.RESULT_INTENT, getSelectAllowedKeysIntent(data));
@ -611,14 +609,17 @@ public class OpenPgpService extends RemoteService {
                    return result;
                }
-                throw new Exception(getString(errorMsg.mType.getMsgId()));
+                String errorMsg = getString(pgpResult.getLog().getLast().mType.getMsgId());
                Intent result = new Intent();
                result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, errorMsg));
                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
                return result;
            }
-        } catch (Exception e) {
+        } catch (IOException e) {
-            Log.d(Constants.TAG, "decryptAndVerifyImpl", e);
+            Log.e(Constants.TAG, "decryptAndVerifyImpl", e);
            Intent result = new Intent();
-            result.putExtra(OpenPgpApi.RESULT_ERROR,
+            result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
                    new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
            result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
            return result;
        } finally {
--- a/OpenKeychain/src/main/res/values-de/strings.xml
+++ b/OpenKeychain/src/main/res/values-de/strings.xml
@ -929,7 +929,7 @@
  <string name="msg_dc_error_extract_key">Unbekannter Fehler bei Schlüsselentsperrung!</string>
  <string name="msg_dc_error_integrity_check">Integritätsprüfungsfehler!</string>
  <string name="msg_dc_error_integrity_missing">Fehlende Integritätsprüfung Dies kann passieren, wenn die Verschlüsselungsanwendung veraltet ist oder durch einen Downgrade-Angriff.</string>
-  <string name="msg_dc_error_invalid_siglist">Keine gültigen Signaturdaten gefunden!</string>
+  <string name="msg_dc_error_invalid_data">Keine gültigen Signaturdaten gefunden!</string>
  <string name="msg_dc_error_io">Ein-/Ausgabefehler während Vorgang aufgetreten!</string>
  <string name="msg_dc_error_no_data">Keine verschlüsselten Daten in Datenstrom gefunden!</string>
  <string name="msg_dc_error_no_key">Keine verschlüsselten Daten mit bekanntem geheimen Schlüssel in Datenstrom gefunden!</string>
--- a/OpenKeychain/src/main/res/values-es/strings.xml
+++ b/OpenKeychain/src/main/res/values-es/strings.xml
@ -928,7 +928,7 @@
  <string name="msg_dc_error_extract_key">¡Error desconocido al desbloquear clave!</string>
  <string name="msg_dc_error_integrity_check">¡Error de comprobación de integridad!</string>
  <string name="msg_dc_error_integrity_missing">¡Verificación de integridad ausente! Esto puede ocurrir porque la aplicación de cifrado no está actualizada, o debido a un ataque desactualización.</string>
-  <string name="msg_dc_error_invalid_siglist">¡No se encontraron datos de firma válidos!</string>
+  <string name="msg_dc_error_invalid_data">¡No se encontraron datos de firma válidos!</string>
  <string name="msg_dc_error_io">¡Se encontró Excepción de E/S durante la operación!</string>
  <string name="msg_dc_error_no_data">¡No se encontraron datos cifrados en el flujo de datos (`stream`)!</string>
  <string name="msg_dc_error_no_key">¡No se encontraron datos cifrados con clave secreta (privada) conocida en el flujo de datos (`stream`)!</string>
--- a/OpenKeychain/src/main/res/values-fr/strings.xml
+++ b/OpenKeychain/src/main/res/values-fr/strings.xml
@ -928,7 +928,7 @@
  <string name="msg_dc_error_extract_key">Erreur inconnue de déverrouillage de la clef !</string>
  <string name="msg_dc_error_integrity_check">Erreur de vérification de l\'intégrité !</string>
  <string name="msg_dc_error_integrity_missing">Vérification de l\'intégrité absente ! Ceci peut arriver car l\'application n\'est pas à jour, ou à cause d\'une attaque par mise à niveau inférieur.</string>
-  <string name="msg_dc_error_invalid_siglist">Aucune donnée de signature valide trouvée !</string>
+  <string name="msg_dc_error_invalid_data">Aucune donnée de signature valide trouvée !</string>
  <string name="msg_dc_error_io">Une exception E/S a été rencontrée durant l\'opération !</string>
  <string name="msg_dc_error_no_data">Aucune donnée chiffrée n\'a été trouvée dans le flux !</string>
  <string name="msg_dc_error_no_key">Aucune donnée chiffrée avec une clef secrète connue n\'a été trouvée dans le flux !</string>
--- a/OpenKeychain/src/main/res/values-ja/strings.xml
+++ b/OpenKeychain/src/main/res/values-ja/strings.xml
@ -913,7 +913,7 @@
  <string name="msg_dc_error_extract_key">鍵のロック解除で不明なエラー!</string>
  <string name="msg_dc_error_integrity_check">完全性チェックエラー!</string>
  <string name="msg_dc_error_integrity_missing">完全聖チェックの欠落!これは暗号化アプリケーションが期限切れになった場合、もしくは暗号強度低下攻撃がある場合に発生します。</string>
-  <string name="msg_dc_error_invalid_siglist">正常な署名データが見付からなかった!</string>
+  <string name="msg_dc_error_invalid_data">正常な署名データが見付からなかった!</string>
  <string name="msg_dc_error_io">操作中にIO例外に当たりました!</string>
  <string name="msg_dc_error_no_data">ストリーム中に暗号化されたデータが見付からなかった!</string>
  <string name="msg_dc_error_no_key">ストリーム中に既知の秘密鍵で暗号化されたデータが見付からなかった!</string>
--- a/OpenKeychain/src/main/res/values-nl/strings.xml
+++ b/OpenKeychain/src/main/res/values-nl/strings.xml
@ -928,7 +928,7 @@
  <string name="msg_dc_error_extract_key">Onbekende fout bij ontgrendelen van sleutel!</string>
  <string name="msg_dc_error_integrity_check">Fout bij integriteitscontrole!</string>
  <string name="msg_dc_error_integrity_missing">Integriteitscheck ontbreekt! Dit kan gebeuren omdat de versleutelingsapplicatie verouderd is, of door een downgrade-aanval.</string>
-  <string name="msg_dc_error_invalid_siglist">Geen geldige ondertekeningsgegevens gevonden!</string>
+  <string name="msg_dc_error_invalid_data">Geen geldige ondertekeningsgegevens gevonden!</string>
  <string name="msg_dc_error_io">I/O-uitzondering tegengekomen tijdens bewerking!</string>
  <string name="msg_dc_error_no_data">Geen versleutelde gegevens gevonden!</string>
  <string name="msg_dc_error_no_key">Geen versleutelde gegevens met bekende geheime sleutel gevonden!</string>
--- a/OpenKeychain/src/main/res/values-sr/strings.xml
+++ b/OpenKeychain/src/main/res/values-sr/strings.xml
@ -915,7 +915,7 @@
  <string name="msg_dc_error_extract_key">Непозната грешка откључавања кључа!</string>
  <string name="msg_dc_error_integrity_check">Грешка провере интегритета!</string>
  <string name="msg_dc_error_integrity_missing">Недостаје провера интегритета! Ово може да се деси ако је апликација за шифровање застарела, или услед напада старијег издања.</string>
-  <string name="msg_dc_error_invalid_siglist">Нису нађени исправни подаци потписа!</string>
+  <string name="msg_dc_error_invalid_data">Нису нађени исправни подаци потписа!</string>
  <string name="msg_dc_error_io">Наиђох на У/И изузетак током радње!</string>
  <string name="msg_dc_error_no_data">Шифровани подаци нису нађени у току!</string>
  <string name="msg_dc_error_no_key">Подаци шифровани познатим тајним кључем нису нађени у току!</string>
--- a/OpenKeychain/src/main/res/values-zh-rTW/strings.xml
+++ b/OpenKeychain/src/main/res/values-zh-rTW/strings.xml
@ -510,7 +510,7 @@
  <!--Other messages used in OperationLogs-->
  <string name="msg_ek_error_not_found">找不到金鑰！</string>
  <!--Messages for DecryptVerify operation-->
-  <string name="msg_dc_error_invalid_siglist">找不到有效的簽名資訊！</string>
+  <string name="msg_dc_error_invalid_data">找不到有效的簽名資訊！</string>
  <string name="msg_dc">開始解密…</string>
  <!--Messages for VerifySignedLiteralData operation-->
  <!--Messages for SignEncrypt operation-->
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@ -1041,7 +1041,7 @@
    <string name="msg_dc_error_extract_key">"Unknown error unlocking key!"</string>
    <string name="msg_dc_error_integrity_check">"Integrity check error!"</string>
    <string name="msg_dc_error_integrity_missing">"Missing integrity check! This can happen because the encrypting application is out of date, or from a downgrade attack."</string>
-    <string name="msg_dc_error_invalid_siglist">"No valid signature data found!"</string>
+    <string name="msg_dc_error_invalid_data">"No valid OpenPGP encrypted or signed data found!"</string>
    <string name="msg_dc_error_io">"Encountered IO Exception during operation!"</string>
    <string name="msg_dc_error_no_data">"No encrypted data found in stream!"</string>
    <string name="msg_dc_error_no_key">"No encrypted data with known secret key found in stream!"</string>