Merge branch 'jacobshack-certify' of github.com:open-keychain/open-keychain into jacobshack-certify

This commit is contained in:
Dominik Schürmann 2014-10-04 15:42:36 +02:00
commit 7891560fc2
10 changed files with 804 additions and 440 deletions

View File

@ -51,6 +51,10 @@ public abstract class CanonicalizedKeyRing extends KeyRing {
return mVerified;
}
public byte[] getFingerprint() {
return getRing().getPublicKey().getFingerprint();
}
public String getPrimaryUserId() throws PgpGeneralException {
return getPublicKey().getPrimaryUserId();
}

View File

@ -278,13 +278,12 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
* Certify the given pubkeyid with the given masterkeyid.
*
* @param publicKeyRing Keyring to add certification to.
* @param userIds User IDs to certify, must not be null or empty
* @param userIds User IDs to certify, or all if null
* @return A keyring with added certifications
*/
public UncachedKeyRing certifyUserIds(CanonicalizedPublicKeyRing publicKeyRing, List<String> userIds,
byte[] nfcSignedHash, Date nfcCreationTimestamp)
throws PgpGeneralMsgIdException, NoSuchAlgorithmException, NoSuchProviderException,
PGPException, SignatureException {
throws PGPException {
if (mPrivateKeyState == PRIVATE_KEY_STATE_LOCKED) {
throw new PrivateKeyNotUnlockedException();
}
@ -314,7 +313,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
PGPPublicKey publicKey = publicKeyRing.getPublicKey().getPublicKey();
// fetch public key ring, add the certification and return it
for (String userId : new IterableIterator<String>(userIds.iterator())) {
Iterable<String> it = userIds != null ? userIds
: new IterableIterator<String>(publicKey.getUserIDs());
for (String userId : it) {
PGPSignature sig = signatureGenerator.generateCertification(userId, publicKey);
publicKey = PGPPublicKey.addCertification(publicKey, userId, sig);
}

View File

@ -0,0 +1,149 @@
package org.sufficientlysecure.keychain.pgp;
import android.content.Context;
import org.spongycastle.openpgp.PGPException;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction;
import org.sufficientlysecure.keychain.service.results.CertifyResult;
import org.sufficientlysecure.keychain.service.results.EditKeyResult;
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.service.results.OperationResult.OperationLog;
import org.sufficientlysecure.keychain.service.results.SaveKeyringResult;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.Log;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.concurrent.atomic.AtomicBoolean;
public class PgpCertifyOperation {
private AtomicBoolean mCancelled;
private ProviderHelper mProviderHelper;
public PgpCertifyOperation(ProviderHelper providerHelper, AtomicBoolean cancelled) {
mProviderHelper = providerHelper;
mCancelled = cancelled;
}
private boolean checkCancelled() {
return mCancelled != null && mCancelled.get();
}
public CertifyResult certify(CertifyActionsParcel parcel, String passphrase) {
OperationLog log = new OperationLog();
log.add(LogType.MSG_CRT, 0);
// Retrieve and unlock secret key
CanonicalizedSecretKey certificationKey;
try {
log.add(LogType.MSG_CRT_MASTER_FETCH, 1);
CanonicalizedSecretKeyRing secretKeyRing =
mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
log.add(LogType.MSG_CRT_UNLOCK, 1);
certificationKey = secretKeyRing.getSecretKey();
if (!certificationKey.unlock(passphrase)) {
log.add(LogType.MSG_CRT_ERROR_UNLOCK, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
}
} catch (PgpGeneralException e) {
log.add(LogType.MSG_CRT_ERROR_UNLOCK, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
} catch (NotFoundException e) {
log.add(LogType.MSG_CRT_ERROR_MASTER_NOT_FOUND, 2);
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
}
ArrayList<UncachedKeyRing> certifiedKeys = new ArrayList<UncachedKeyRing>();
log.add(LogType.MSG_CRT_CERTIFYING, 1);
int certifyOk = 0, certifyError = 0;
// Work through all requested certifications
for (CertifyAction action : parcel.mCertifyActions) {
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log);
}
try {
if (action.mUserIds == null) {
log.add(LogType.MSG_CRT_CERTIFY_ALL, 2,
KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId));
} else {
log.add(LogType.MSG_CRT_CERTIFY_SOME, 2, action.mUserIds.size(),
KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId));
}
CanonicalizedPublicKeyRing publicRing =
mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
if ( ! Arrays.equals(publicRing.getFingerprint(), action.mFingerprint)) {
log.add(LogType.MSG_CRT_FP_MISMATCH, 3);
certifyError += 1;
continue;
}
UncachedKeyRing certifiedKey = certificationKey.certifyUserIds(publicRing, action.mUserIds, null, null);
certifiedKeys.add(certifiedKey);
} catch (NotFoundException e) {
certifyError += 1;
log.add(LogType.MSG_CRT_WARN_NOT_FOUND, 3);
} catch (PGPException e) {
certifyError += 1;
log.add(LogType.MSG_CRT_WARN_CERT_FAILED, 3);
Log.e(Constants.TAG, "Encountered PGPException during certification", e);
}
}
log.add(LogType.MSG_CRT_SAVING, 1);
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log);
}
// Write all certified keys into the database
for (UncachedKeyRing certifiedKey : certifiedKeys) {
// Check if we were cancelled
if (checkCancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
return new CertifyResult(CertifyResult.RESULT_CANCELLED, log, certifyOk, certifyError);
}
log.add(LogType.MSG_CRT_SAVE, 2,
KeyFormattingUtils.convertKeyIdToHex(certifiedKey.getMasterKeyId()));
// store the signed key in our local cache
SaveKeyringResult result = mProviderHelper.savePublicKeyRing(certifiedKey);
if (result.success()) {
certifyOk += 1;
} else {
log.add(LogType.MSG_CRT_WARN_SAVE_FAILED, 3);
}
// TODO do something with import results
}
log.add(LogType.MSG_CRT_SUCCESS, 0);
return new CertifyResult(CertifyResult.RESULT_OK, log, certifyOk, certifyError);
}
}

View File

@ -38,7 +38,6 @@ import org.sufficientlysecure.keychain.service.results.OperationResult.Operation
import org.sufficientlysecure.keychain.service.results.ImportKeyResult;
import org.sufficientlysecure.keychain.service.results.SaveKeyringResult;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.ProgressScaler;

View File

@ -0,0 +1,111 @@
/*
* Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de>
* Copyright (C) 2014 Vincent Breitmoser <v.breitmoser@mugenguild.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.sufficientlysecure.keychain.service;
import android.os.Parcel;
import android.os.Parcelable;
import java.io.Serializable;
import java.util.ArrayList;
/**
* This class is a a transferable representation for a number of keyrings to
* be certified.
*/
public class CertifyActionsParcel implements Parcelable {
// the master key id to certify with
final public long mMasterKeyId;
public CertifyLevel mLevel;
public ArrayList<CertifyAction> mCertifyActions = new ArrayList<CertifyAction>();
public CertifyActionsParcel(long masterKeyId) {
mMasterKeyId = masterKeyId;
mLevel = CertifyLevel.DEFAULT;
}
public CertifyActionsParcel(Parcel source) {
mMasterKeyId = source.readLong();
// just like parcelables, this is meant for ad-hoc IPC only and is NOT portable!
mLevel = CertifyLevel.values()[source.readInt()];
mCertifyActions = (ArrayList<CertifyAction>) source.readSerializable();
}
public void add(CertifyAction action) {
mCertifyActions.add(action);
}
@Override
public void writeToParcel(Parcel destination, int flags) {
destination.writeLong(mMasterKeyId);
destination.writeInt(mLevel.ordinal());
destination.writeSerializable(mCertifyActions);
}
public static final Creator<CertifyActionsParcel> CREATOR = new Creator<CertifyActionsParcel>() {
public CertifyActionsParcel createFromParcel(final Parcel source) {
return new CertifyActionsParcel(source);
}
public CertifyActionsParcel[] newArray(final int size) {
return new CertifyActionsParcel[size];
}
};
// TODO make this parcelable
public static class CertifyAction implements Serializable {
final public long mMasterKeyId;
final public byte[] mFingerprint;
final public ArrayList<String> mUserIds;
public CertifyAction(long masterKeyId, byte[] fingerprint) {
this(masterKeyId, fingerprint, null);
}
public CertifyAction(long masterKeyId, byte[] fingerprint, ArrayList<String> userIds) {
mMasterKeyId = masterKeyId;
mFingerprint = fingerprint;
mUserIds = userIds;
}
}
@Override
public int describeContents() {
return 0;
}
@Override
public String toString() {
String out = "mMasterKeyId: " + mMasterKeyId + "\n";
out += "mLevel: " + mLevel + "\n";
out += "mCertifyActions: " + mCertifyActions + "\n";
return out;
}
// All supported algorithms
public enum CertifyLevel {
DEFAULT, NONE, CASUAL, POSITIVE
}
}

View File

@ -29,7 +29,9 @@ import android.os.RemoteException;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.pgp.PgpCertifyOperation;
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
import org.sufficientlysecure.keychain.service.results.CertifyResult;
import org.sufficientlysecure.keychain.util.FileHelper;
import org.sufficientlysecure.keychain.util.ParcelableFileCache.IteratorWithSize;
import org.sufficientlysecure.keychain.util.Preferences;
@ -39,7 +41,6 @@ import org.sufficientlysecure.keychain.keyimport.KeybaseKeyserver;
import org.sufficientlysecure.keychain.keyimport.Keyserver;
import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.PassphraseCacheInterface;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
@ -80,7 +81,6 @@ import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicBoolean;
/**
@ -183,10 +183,8 @@ public class KeychainIntentService extends IntentService implements Progressable
public static final String DOWNLOAD_KEY_SERVER = "query_key_server";
public static final String DOWNLOAD_KEY_LIST = "query_key_id";
// sign key
public static final String CERTIFY_KEY_MASTER_KEY_ID = "sign_key_master_key_id";
public static final String CERTIFY_KEY_PUB_KEY_ID = "sign_key_pub_key_id";
public static final String CERTIFY_KEY_UIDS = "sign_key_uids";
// certify key
public static final String CERTIFY_PARCEL = "certify_parcel";
// consolidate
public static final String CONSOLIDATE_RECOVERY = "consolidate_recovery";
@ -253,7 +251,428 @@ public class KeychainIntentService extends IntentService implements Progressable
String action = intent.getAction();
// executeServiceMethod action from extra bundle
if (ACTION_SIGN_ENCRYPT.equals(action)) {
if (ACTION_CERTIFY_KEYRING.equals(action)) {
try {
/* Input */
CertifyActionsParcel parcel = data.getParcelable(CERTIFY_PARCEL);
/* Operation */
String passphrase = PassphraseCacheService.getCachedPassphrase(this,
// certification is always with the master key id, so use that one
parcel.mMasterKeyId, parcel.mMasterKeyId);
if (passphrase == null) {
throw new PgpGeneralException("Unable to obtain passphrase");
}
ProviderHelper providerHelper = new ProviderHelper(this);
PgpCertifyOperation op = new PgpCertifyOperation(providerHelper, mActionCanceled);
CertifyResult result = op.certify(parcel, passphrase);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_CONSOLIDATE.equals(action)) {
ConsolidateResult result;
if (data.containsKey(CONSOLIDATE_RECOVERY) && data.getBoolean(CONSOLIDATE_RECOVERY)) {
result = new ProviderHelper(this).consolidateDatabaseStep2(this);
} else {
result = new ProviderHelper(this).consolidateDatabaseStep1(this);
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
} else if (ACTION_DECRYPT_METADATA.equals(action)) {
try {
/* Input */
String passphrase = data.getString(DECRYPT_PASSPHRASE);
byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY);
InputData inputData = createDecryptInputData(data);
/* Operation */
Bundle resultData = new Bundle();
// verifyText and decrypt returning additional resultData values for the
// verification of signatures
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(
new ProviderHelper(this),
this, inputData, null
);
builder.setProgressable(this)
.setAllowSymmetricDecryption(true)
.setPassphrase(passphrase)
.setDecryptMetadataOnly(true)
.setNfcState(nfcDecryptedSessionKey);
DecryptVerifyResult decryptVerifyResult = builder.build().execute();
resultData.putParcelable(DecryptVerifyResult.EXTRA_RESULT, decryptVerifyResult);
/* Output */
Log.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DECRYPT_VERIFY.equals(action)) {
try {
/* Input */
String passphrase = data.getString(DECRYPT_PASSPHRASE);
byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY);
InputData inputData = createDecryptInputData(data);
OutputStream outStream = createCryptOutputStream(data);
/* Operation */
Bundle resultData = new Bundle();
// verifyText and decrypt returning additional resultData values for the
// verification of signatures
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(
new ProviderHelper(this), this,
inputData, outStream
);
builder.setProgressable(this)
.setAllowSymmetricDecryption(true)
.setPassphrase(passphrase)
.setNfcState(nfcDecryptedSessionKey);
DecryptVerifyResult decryptVerifyResult = builder.build().execute();
outStream.close();
resultData.putParcelable(DecryptVerifyResult.EXTRA_RESULT, decryptVerifyResult);
/* Output */
finalizeDecryptOutputStream(data, resultData, outStream);
Log.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DELETE.equals(action)) {
try {
long[] masterKeyIds = data.getLongArray(DELETE_KEY_LIST);
boolean isSecret = data.getBoolean(DELETE_IS_SECRET);
if (masterKeyIds.length == 0) {
throw new PgpGeneralException("List of keys to delete is empty");
}
if (isSecret && masterKeyIds.length > 1) {
throw new PgpGeneralException("Secret keys can only be deleted individually!");
}
boolean success = false;
for (long masterKeyId : masterKeyIds) {
int count = getContentResolver().delete(
KeyRingData.buildPublicKeyRingUri(masterKeyId), null, null
);
success |= count > 0;
}
if (isSecret && success) {
new ProviderHelper(this).consolidateDatabaseStep1(this);
}
if (success) {
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
}
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DELETE_FILE_SECURELY.equals(action)) {
try {
/* Input */
String deleteFile = data.getString(DELETE_FILE);
/* Operation */
try {
PgpHelper.deleteFileSecurely(this, this, new File(deleteFile));
} catch (FileNotFoundException e) {
throw new PgpGeneralException(
getString(R.string.error_file_not_found, deleteFile));
} catch (IOException e) {
throw new PgpGeneralException(getString(R.string.error_file_delete_failed,
deleteFile));
}
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DOWNLOAD_AND_IMPORT_KEYS.equals(action) || ACTION_IMPORT_KEYBASE_KEYS.equals(action)) {
ArrayList<ImportKeysListEntry> entries = data.getParcelableArrayList(DOWNLOAD_KEY_LIST);
// this downloads the keys and places them into the ImportKeysListEntry entries
String keyServer = data.getString(DOWNLOAD_KEY_SERVER);
ArrayList<ParcelableKeyRing> keyRings = new ArrayList<ParcelableKeyRing>(entries.size());
for (ImportKeysListEntry entry : entries) {
try {
Keyserver server;
ArrayList<String> origins = entry.getOrigins();
if (origins == null) {
origins = new ArrayList<String>();
}
if (origins.isEmpty()) {
origins.add(keyServer);
}
for (String origin : origins) {
if (KeybaseKeyserver.ORIGIN.equals(origin)) {
server = new KeybaseKeyserver();
} else {
server = new HkpKeyserver(origin);
}
Log.d(Constants.TAG, "IMPORTING " + entry.getKeyIdHex() + " FROM: " + server);
// if available use complete fingerprint for get request
byte[] downloadedKeyBytes;
if (KeybaseKeyserver.ORIGIN.equals(origin)) {
downloadedKeyBytes = server.get(entry.getExtraData()).getBytes();
} else if (entry.getFingerprintHex() != null) {
downloadedKeyBytes = server.get("0x" + entry.getFingerprintHex()).getBytes();
} else {
downloadedKeyBytes = server.get(entry.getKeyIdHex()).getBytes();
}
// save key bytes in entry object for doing the
// actual import afterwards
keyRings.add(new ParcelableKeyRing(downloadedKeyBytes, entry.getFingerprintHex()));
}
} catch (Exception e) {
sendErrorToHandler(e);
}
}
Intent importIntent = new Intent(this, KeychainIntentService.class);
importIntent.setAction(ACTION_IMPORT_KEYRING);
Bundle importData = new Bundle();
// This is not going through binder, nothing to fear of
importData.putParcelableArrayList(IMPORT_KEY_LIST, keyRings);
importIntent.putExtra(EXTRA_DATA, importData);
importIntent.putExtra(EXTRA_MESSENGER, mMessenger);
// now import it with this service
onHandleIntent(importIntent);
// result is handled in ACTION_IMPORT_KEYRING
} else if (ACTION_EDIT_KEYRING.equals(action)) {
try {
/* Input */
SaveKeyringParcel saveParcel = data.getParcelable(EDIT_KEYRING_PARCEL);
if (saveParcel == null) {
Log.e(Constants.TAG, "bug: missing save_keyring_parcel in data!");
return;
}
/* Operation */
PgpKeyOperation keyOperations =
new PgpKeyOperation(new ProgressScaler(this, 10, 60, 100), mActionCanceled);
EditKeyResult modifyResult;
if (saveParcel.mMasterKeyId != null) {
String passphrase = data.getString(EDIT_KEYRING_PASSPHRASE);
CanonicalizedSecretKeyRing secRing =
new ProviderHelper(this).getCanonicalizedSecretKeyRing(saveParcel.mMasterKeyId);
modifyResult = keyOperations.modifySecretKeyRing(secRing, saveParcel, passphrase);
} else {
modifyResult = keyOperations.createSecretKeyRing(saveParcel);
}
// If the edit operation didn't succeed, exit here
if (!modifyResult.success()) {
// always return SaveKeyringResult, so create one out of the EditKeyResult
SaveKeyringResult saveResult = new SaveKeyringResult(
SaveKeyringResult.RESULT_ERROR,
modifyResult.getLog(),
null);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
UncachedKeyRing ring = modifyResult.getRing();
// Check if the action was cancelled
if (mActionCanceled.get()) {
OperationLog log = modifyResult.getLog();
// If it wasn't added before, add log entry
if (!modifyResult.cancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
}
// If so, just stop without saving
SaveKeyringResult saveResult = new SaveKeyringResult(
SaveKeyringResult.RESULT_CANCELLED, log, null);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
// Save the keyring. The ProviderHelper is initialized with the previous log
SaveKeyringResult saveResult = new ProviderHelper(this, modifyResult.getLog())
.saveSecretKeyRing(ring, new ProgressScaler(this, 60, 95, 100));
// If the edit operation didn't succeed, exit here
if (!saveResult.success()) {
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
// cache new passphrase
if (saveParcel.mNewPassphrase != null) {
PassphraseCacheService.addCachedPassphrase(this, ring.getMasterKeyId(), ring.getMasterKeyId(),
saveParcel.mNewPassphrase, ring.getPublicKey().getPrimaryUserIdWithFallback());
}
setProgress(R.string.progress_done, 100, 100);
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_EXPORT_KEYRING.equals(action)) {
try {
boolean exportSecret = data.getBoolean(EXPORT_SECRET, false);
long[] masterKeyIds = data.getLongArray(EXPORT_KEY_RING_MASTER_KEY_ID);
String outputFile = data.getString(EXPORT_FILENAME);
Uri outputUri = data.getParcelable(EXPORT_URI);
// If not exporting all keys get the masterKeyIds of the keys to export from the intent
boolean exportAll = data.getBoolean(EXPORT_ALL);
if (outputFile != null) {
// check if storage is ready
if (!FileHelper.isStorageMounted(outputFile)) {
throw new PgpGeneralException(getString(R.string.error_external_storage_not_ready));
}
}
ArrayList<Long> publicMasterKeyIds = new ArrayList<Long>();
ArrayList<Long> secretMasterKeyIds = new ArrayList<Long>();
String selection = null;
if (!exportAll) {
selection = KeychainDatabase.Tables.KEYS + "." + KeyRings.MASTER_KEY_ID + " IN( ";
for (long l : masterKeyIds) {
selection += Long.toString(l) + ",";
}
selection = selection.substring(0, selection.length() - 1) + " )";
}
Cursor cursor = getContentResolver().query(KeyRings.buildUnifiedKeyRingsUri(),
new String[]{KeyRings.MASTER_KEY_ID, KeyRings.HAS_ANY_SECRET},
selection, null, null);
try {
if (cursor != null && cursor.moveToFirst()) do {
// export public either way
publicMasterKeyIds.add(cursor.getLong(0));
// add secret if available (and requested)
if (exportSecret && cursor.getInt(1) != 0)
secretMasterKeyIds.add(cursor.getLong(0));
} while (cursor.moveToNext());
} finally {
if (cursor != null) {
cursor.close();
}
}
OutputStream outStream;
if (outputFile != null) {
outStream = new FileOutputStream(outputFile);
} else {
outStream = getContentResolver().openOutputStream(outputUri);
}
PgpImportExport pgpImportExport = new PgpImportExport(this, new ProviderHelper(this), this);
Bundle resultData = pgpImportExport
.exportKeyRings(publicMasterKeyIds, secretMasterKeyIds, outStream);
if (mActionCanceled.get() && outputFile != null) {
new File(outputFile).delete();
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_IMPORT_KEYRING.equals(action)) {
try {
Iterator<ParcelableKeyRing> entries;
int numEntries;
if (data.containsKey(IMPORT_KEY_LIST)) {
// get entries from intent
ArrayList<ParcelableKeyRing> list = data.getParcelableArrayList(IMPORT_KEY_LIST);
entries = list.iterator();
numEntries = list.size();
} else {
// get entries from cached file
ParcelableFileCache<ParcelableKeyRing> cache =
new ParcelableFileCache<ParcelableKeyRing>(this, "key_import.pcl");
IteratorWithSize<ParcelableKeyRing> it = cache.readCache();
entries = it;
numEntries = it.getSize();
}
ProviderHelper providerHelper = new ProviderHelper(this);
PgpImportExport pgpImportExport = new PgpImportExport(
this, providerHelper, this, mActionCanceled);
ImportKeyResult result = pgpImportExport.importKeyRings(entries, numEntries);
// we do this even on failure or cancellation!
if (result.mSecret > 0) {
// cannot cancel from here on out!
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_PREVENT_CANCEL);
providerHelper.consolidateDatabaseStep1(this);
}
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_SIGN_ENCRYPT.equals(action)) {
try {
/* Input */
int source = data.get(SOURCE) != null ? data.getInt(SOURCE) : data.getInt(TARGET);
@ -336,285 +755,9 @@ public class KeychainIntentService extends IntentService implements Progressable
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DECRYPT_VERIFY.equals(action)) {
try {
/* Input */
String passphrase = data.getString(DECRYPT_PASSPHRASE);
byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY);
InputData inputData = createDecryptInputData(data);
OutputStream outStream = createCryptOutputStream(data);
/* Operation */
Bundle resultData = new Bundle();
// verifyText and decrypt returning additional resultData values for the
// verification of signatures
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(
new ProviderHelper(this), this,
inputData, outStream
);
builder.setProgressable(this)
.setAllowSymmetricDecryption(true)
.setPassphrase(passphrase)
.setNfcState(nfcDecryptedSessionKey);
DecryptVerifyResult decryptVerifyResult = builder.build().execute();
outStream.close();
resultData.putParcelable(DecryptVerifyResult.EXTRA_RESULT, decryptVerifyResult);
/* Output */
finalizeDecryptOutputStream(data, resultData, outStream);
Log.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DECRYPT_METADATA.equals(action)) {
try {
/* Input */
String passphrase = data.getString(DECRYPT_PASSPHRASE);
byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY);
InputData inputData = createDecryptInputData(data);
/* Operation */
Bundle resultData = new Bundle();
// verifyText and decrypt returning additional resultData values for the
// verification of signatures
PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder(
new ProviderHelper(this),
this, inputData, null
);
builder.setProgressable(this)
.setAllowSymmetricDecryption(true)
.setPassphrase(passphrase)
.setDecryptMetadataOnly(true)
.setNfcState(nfcDecryptedSessionKey);
DecryptVerifyResult decryptVerifyResult = builder.build().execute();
resultData.putParcelable(DecryptVerifyResult.EXTRA_RESULT, decryptVerifyResult);
/* Output */
Log.logDebugBundle(resultData, "resultData");
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_EDIT_KEYRING.equals(action)) {
try {
/* Input */
SaveKeyringParcel saveParcel = data.getParcelable(EDIT_KEYRING_PARCEL);
if (saveParcel == null) {
Log.e(Constants.TAG, "bug: missing save_keyring_parcel in data!");
return;
}
/* Operation */
PgpKeyOperation keyOperations =
new PgpKeyOperation(new ProgressScaler(this, 10, 60, 100), mActionCanceled);
EditKeyResult modifyResult;
if (saveParcel.mMasterKeyId != null) {
String passphrase = data.getString(EDIT_KEYRING_PASSPHRASE);
CanonicalizedSecretKeyRing secRing =
new ProviderHelper(this).getCanonicalizedSecretKeyRing(saveParcel.mMasterKeyId);
modifyResult = keyOperations.modifySecretKeyRing(secRing, saveParcel, passphrase);
} else {
modifyResult = keyOperations.createSecretKeyRing(saveParcel);
}
// If the edit operation didn't succeed, exit here
if (!modifyResult.success()) {
// always return SaveKeyringResult, so create one out of the EditKeyResult
SaveKeyringResult saveResult = new SaveKeyringResult(
SaveKeyringResult.RESULT_ERROR,
modifyResult.getLog(),
null);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
UncachedKeyRing ring = modifyResult.getRing();
// Check if the action was cancelled
if (mActionCanceled.get()) {
OperationLog log = modifyResult.getLog();
// If it wasn't added before, add log entry
if (!modifyResult.cancelled()) {
log.add(LogType.MSG_OPERATION_CANCELLED, 0);
}
// If so, just stop without saving
SaveKeyringResult saveResult = new SaveKeyringResult(
SaveKeyringResult.RESULT_CANCELLED, log, null);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
// Save the keyring. The ProviderHelper is initialized with the previous log
SaveKeyringResult saveResult = new ProviderHelper(this, modifyResult.getLog())
.saveSecretKeyRing(ring, new ProgressScaler(this, 60, 95, 100));
// If the edit operation didn't succeed, exit here
if (!saveResult.success()) {
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
return;
}
// cache new passphrase
if (saveParcel.mNewPassphrase != null) {
PassphraseCacheService.addCachedPassphrase(this, ring.getMasterKeyId(), ring.getMasterKeyId(),
saveParcel.mNewPassphrase, ring.getPublicKey().getPrimaryUserIdWithFallback());
}
setProgress(R.string.progress_done, 100, 100);
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, saveResult);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DELETE_FILE_SECURELY.equals(action)) {
try {
/* Input */
String deleteFile = data.getString(DELETE_FILE);
/* Operation */
try {
PgpHelper.deleteFileSecurely(this, this, new File(deleteFile));
} catch (FileNotFoundException e) {
throw new PgpGeneralException(
getString(R.string.error_file_not_found, deleteFile));
} catch (IOException e) {
throw new PgpGeneralException(getString(R.string.error_file_delete_failed,
deleteFile));
}
/* Output */
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_IMPORT_KEYRING.equals(action)) {
try {
Iterator<ParcelableKeyRing> entries;
int numEntries;
if (data.containsKey(IMPORT_KEY_LIST)) {
// get entries from intent
ArrayList<ParcelableKeyRing> list = data.getParcelableArrayList(IMPORT_KEY_LIST);
entries = list.iterator();
numEntries = list.size();
} else {
// get entries from cached file
ParcelableFileCache<ParcelableKeyRing> cache =
new ParcelableFileCache<ParcelableKeyRing>(this, "key_import.pcl");
IteratorWithSize<ParcelableKeyRing> it = cache.readCache();
entries = it;
numEntries = it.getSize();
}
ProviderHelper providerHelper = new ProviderHelper(this);
PgpImportExport pgpImportExport = new PgpImportExport(
this, providerHelper, this, mActionCanceled);
ImportKeyResult result = pgpImportExport.importKeyRings(entries, numEntries);
// we do this even on failure or cancellation!
if (result.mSecret > 0) {
// cannot cancel from here on out!
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_PREVENT_CANCEL);
providerHelper.consolidateDatabaseStep1(this);
}
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_EXPORT_KEYRING.equals(action)) {
try {
boolean exportSecret = data.getBoolean(EXPORT_SECRET, false);
long[] masterKeyIds = data.getLongArray(EXPORT_KEY_RING_MASTER_KEY_ID);
String outputFile = data.getString(EXPORT_FILENAME);
Uri outputUri = data.getParcelable(EXPORT_URI);
// If not exporting all keys get the masterKeyIds of the keys to export from the intent
boolean exportAll = data.getBoolean(EXPORT_ALL);
if (outputFile != null) {
// check if storage is ready
if (!FileHelper.isStorageMounted(outputFile)) {
throw new PgpGeneralException(getString(R.string.error_external_storage_not_ready));
}
}
ArrayList<Long> publicMasterKeyIds = new ArrayList<Long>();
ArrayList<Long> secretMasterKeyIds = new ArrayList<Long>();
String selection = null;
if (!exportAll) {
selection = KeychainDatabase.Tables.KEYS + "." + KeyRings.MASTER_KEY_ID + " IN( ";
for (long l : masterKeyIds) {
selection += Long.toString(l) + ",";
}
selection = selection.substring(0, selection.length() - 1) + " )";
}
Cursor cursor = getContentResolver().query(KeyRings.buildUnifiedKeyRingsUri(),
new String[]{KeyRings.MASTER_KEY_ID, KeyRings.HAS_ANY_SECRET},
selection, null, null);
try {
if (cursor != null && cursor.moveToFirst()) do {
// export public either way
publicMasterKeyIds.add(cursor.getLong(0));
// add secret if available (and requested)
if (exportSecret && cursor.getInt(1) != 0)
secretMasterKeyIds.add(cursor.getLong(0));
} while (cursor.moveToNext());
} finally {
if (cursor != null) {
cursor.close();
}
}
OutputStream outStream;
if (outputFile != null) {
outStream = new FileOutputStream(outputFile);
} else {
outStream = getContentResolver().openOutputStream(outputUri);
}
PgpImportExport pgpImportExport = new PgpImportExport(this, new ProviderHelper(this), this);
Bundle resultData = pgpImportExport
.exportKeyRings(publicMasterKeyIds, secretMasterKeyIds, outStream);
if (mActionCanceled.get() && outputFile != null) {
new File(outputFile).delete();
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, resultData);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_UPLOAD_KEYRING.equals(action)) {
try {
/* Input */
@ -638,142 +781,6 @@ public class KeychainIntentService extends IntentService implements Progressable
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DOWNLOAD_AND_IMPORT_KEYS.equals(action) || ACTION_IMPORT_KEYBASE_KEYS.equals(action)) {
ArrayList<ImportKeysListEntry> entries = data.getParcelableArrayList(DOWNLOAD_KEY_LIST);
// this downloads the keys and places them into the ImportKeysListEntry entries
String keyServer = data.getString(DOWNLOAD_KEY_SERVER);
ArrayList<ParcelableKeyRing> keyRings = new ArrayList<ParcelableKeyRing>(entries.size());
for (ImportKeysListEntry entry : entries) {
try {
Keyserver server;
ArrayList<String> origins = entry.getOrigins();
if (origins == null) {
origins = new ArrayList<String>();
}
if (origins.isEmpty()) {
origins.add(keyServer);
}
for (String origin : origins) {
if (KeybaseKeyserver.ORIGIN.equals(origin)) {
server = new KeybaseKeyserver();
} else {
server = new HkpKeyserver(origin);
}
Log.d(Constants.TAG, "IMPORTING " + entry.getKeyIdHex() + " FROM: " + server);
// if available use complete fingerprint for get request
byte[] downloadedKeyBytes;
if (KeybaseKeyserver.ORIGIN.equals(origin)) {
downloadedKeyBytes = server.get(entry.getExtraData()).getBytes();
} else if (entry.getFingerprintHex() != null) {
downloadedKeyBytes = server.get("0x" + entry.getFingerprintHex()).getBytes();
} else {
downloadedKeyBytes = server.get(entry.getKeyIdHex()).getBytes();
}
// save key bytes in entry object for doing the
// actual import afterwards
keyRings.add(new ParcelableKeyRing(downloadedKeyBytes, entry.getFingerprintHex()));
}
} catch (Exception e) {
sendErrorToHandler(e);
}
}
Intent importIntent = new Intent(this, KeychainIntentService.class);
importIntent.setAction(ACTION_IMPORT_KEYRING);
Bundle importData = new Bundle();
// This is not going through binder, nothing to fear of
importData.putParcelableArrayList(IMPORT_KEY_LIST, keyRings);
importIntent.putExtra(EXTRA_DATA, importData);
importIntent.putExtra(EXTRA_MESSENGER, mMessenger);
// now import it with this service
onHandleIntent(importIntent);
// result is handled in ACTION_IMPORT_KEYRING
} else if (ACTION_CERTIFY_KEYRING.equals(action)) {
try {
/* Input */
long masterKeyId = data.getLong(CERTIFY_KEY_MASTER_KEY_ID);
long pubKeyId = data.getLong(CERTIFY_KEY_PUB_KEY_ID);
ArrayList<String> userIds = data.getStringArrayList(CERTIFY_KEY_UIDS);
/* Operation */
String signaturePassphrase = PassphraseCacheService.getCachedPassphrase(this,
masterKeyId, masterKeyId);
if (signaturePassphrase == null) {
throw new PgpGeneralException("Unable to obtain passphrase");
}
ProviderHelper providerHelper = new ProviderHelper(this);
CanonicalizedPublicKeyRing publicRing = providerHelper.getCanonicalizedPublicKeyRing(pubKeyId);
CanonicalizedSecretKeyRing secretKeyRing = providerHelper.getCanonicalizedSecretKeyRing(masterKeyId);
CanonicalizedSecretKey certificationKey = secretKeyRing.getSecretKey();
if (!certificationKey.unlock(signaturePassphrase)) {
throw new PgpGeneralException("Error extracting key (bad passphrase?)");
}
// TODO: supply nfc stuff
UncachedKeyRing newRing = certificationKey.certifyUserIds(publicRing, userIds, null, null);
// store the signed key in our local cache
providerHelper.savePublicKeyRing(newRing);
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_DELETE.equals(action)) {
try {
long[] masterKeyIds = data.getLongArray(DELETE_KEY_LIST);
boolean isSecret = data.getBoolean(DELETE_IS_SECRET);
if (masterKeyIds.length == 0) {
throw new PgpGeneralException("List of keys to delete is empty");
}
if (isSecret && masterKeyIds.length > 1) {
throw new PgpGeneralException("Secret keys can only be deleted individually!");
}
boolean success = false;
for (long masterKeyId : masterKeyIds) {
int count = getContentResolver().delete(
KeyRingData.buildPublicKeyRingUri(masterKeyId), null, null
);
success |= count > 0;
}
if (isSecret && success) {
new ProviderHelper(this).consolidateDatabaseStep1(this);
}
if (success) {
// make sure new data is synced into contacts
ContactSyncAdapterService.requestSync();
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY);
}
} catch (Exception e) {
sendErrorToHandler(e);
}
} else if (ACTION_CONSOLIDATE.equals(action)) {
ConsolidateResult result;
if (data.containsKey(CONSOLIDATE_RECOVERY) && data.getBoolean(CONSOLIDATE_RECOVERY)) {
result = new ProviderHelper(this).consolidateDatabaseStep2(this);
} else {
result = new ProviderHelper(this).consolidateDatabaseStep1(this);
}
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
}
}

View File

@ -0,0 +1,57 @@
/*
* Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de>
* Copyright (C) 2014 Vincent Breitmoser <v.breitmoser@mugenguild.com>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.sufficientlysecure.keychain.service.results;
import android.os.Parcel;
public class CertifyResult extends OperationResult {
int mCertifyOk, mCertifyError;
public CertifyResult(int result, OperationLog log) {
super(result, log);
}
public CertifyResult(int result, OperationLog log, int certifyOk, int certifyError) {
this(result, log);
mCertifyOk = certifyOk;
mCertifyError = certifyError;
}
/** Construct from a parcel - trivial because we have no extra data. */
public CertifyResult(Parcel source) {
super(source);
}
@Override
public void writeToParcel(Parcel dest, int flags) {
super.writeToParcel(dest, flags);
}
public static Creator<CertifyResult> CREATOR = new Creator<CertifyResult>() {
public CertifyResult createFromParcel(final Parcel source) {
return new CertifyResult(source);
}
public CertifyResult[] newArray(final int size) {
return new CertifyResult[size];
}
};
}

View File

@ -517,8 +517,23 @@ public abstract class OperationResult implements Parcelable {
MSG_SE_SIGCRYPTING (LogLevel.DEBUG, R.string.msg_se_sigcrypting),
MSG_SE_SYMMETRIC (LogLevel.INFO, R.string.msg_se_symmetric),
MSG_CRT_UPLOAD_SUCCESS (LogLevel.OK, R.string.msg_crt_upload_success),
MSG_CRT_CERTIFYING (LogLevel.DEBUG, R.string.msg_crt_certifying),
MSG_CRT_CERTIFY_ALL (LogLevel.DEBUG, R.string.msg_crt_certify_all),
MSG_CRT_CERTIFY_SOME (LogLevel.DEBUG, R.plurals.msg_crt_certify_some),
MSG_CRT_ERROR_MASTER_NOT_FOUND (LogLevel.ERROR, R.string.msg_crt_error_master_not_found),
MSG_CRT_ERROR_UNLOCK (LogLevel.ERROR, R.string.msg_crt_error_unlock),
MSG_CRT_FP_MISMATCH (LogLevel.WARN, R.string.msg_crt_fp_mismatch),
MSG_CRT (LogLevel.START, R.string.msg_crt),
MSG_CRT_MASTER_FETCH (LogLevel.DEBUG, R.string.msg_crt_master_fetch),
MSG_CRT_SAVE (LogLevel.DEBUG, R.string.msg_crt_save),
MSG_CRT_SAVING (LogLevel.DEBUG, R.string.msg_crt_saving),
MSG_CRT_SUCCESS (LogLevel.OK, R.string.msg_crt_success),
MSG_CRT_UNLOCK (LogLevel.DEBUG, R.string.msg_crt_unlock),
MSG_CRT_WARN_NOT_FOUND (LogLevel.WARN, R.string.msg_crt_warn_not_found),
MSG_CRT_WARN_CERT_FAILED (LogLevel.WARN, R.string.msg_crt_warn_cert_failed),
MSG_CRT_WARN_SAVE_FAILED (LogLevel.WARN, R.string.msg_crt_warn_save_failed),
MSG_CRT_UPLOAD_SUCCESS (LogLevel.OK, R.string.msg_crt_upload_success),
MSG_ACC_SAVED (LogLevel.INFO, R.string.api_settings_save_msg),

View File

@ -48,6 +48,10 @@ import android.widget.TextView;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel;
import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction;
import org.sufficientlysecure.keychain.service.results.CertifyResult;
import org.sufficientlysecure.keychain.service.results.SingletonResult;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.Preferences;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
@ -55,9 +59,7 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.UserIds;
import org.sufficientlysecure.keychain.service.KeychainIntentService;
import org.sufficientlysecure.keychain.service.KeychainIntentServiceHandler;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
import org.sufficientlysecure.keychain.service.results.OperationResult.LogLevel;
import org.sufficientlysecure.keychain.service.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.service.results.SingletonResult;
import org.sufficientlysecure.keychain.ui.adapter.UserIdsAdapter;
import org.sufficientlysecure.keychain.ui.dialog.PassphraseDialogFragment;
import org.sufficientlysecure.keychain.ui.widget.CertifyKeySpinner;
@ -83,6 +85,7 @@ public class CertifyKeyFragment extends LoaderFragment
private Uri mDataUri;
private long mPubKeyId = Constants.key.none;
private byte[] mPubFingerprint;
private long mMasterKeyId = Constants.key.none;
private UserIdsAdapter mUserIdsAdapter;
@ -243,8 +246,8 @@ public class CertifyKeyFragment extends LoaderFragment
String mainUserId = data.getString(INDEX_USER_ID);
mInfoPrimaryUserId.setText(mainUserId);
byte[] fingerprintBlob = data.getBlob(INDEX_FINGERPRINT);
String fingerprint = KeyFormattingUtils.convertFingerprintToHex(fingerprintBlob);
mPubFingerprint = data.getBlob(INDEX_FINGERPRINT);
String fingerprint = KeyFormattingUtils.convertFingerprintToHex(mPubFingerprint);
mInfoFingerprint.setText(KeyFormattingUtils.colorizeFingerprint(fingerprint));
}
break;
@ -312,27 +315,27 @@ public class CertifyKeyFragment extends LoaderFragment
intent.setAction(KeychainIntentService.ACTION_CERTIFY_KEYRING);
// fill values for this action
CertifyActionsParcel parcel = new CertifyActionsParcel(mMasterKeyId);
parcel.add(new CertifyAction(mPubKeyId, mPubFingerprint, userIds));
Bundle data = new Bundle();
data.putLong(KeychainIntentService.CERTIFY_KEY_MASTER_KEY_ID, mMasterKeyId);
data.putLong(KeychainIntentService.CERTIFY_KEY_PUB_KEY_ID, mPubKeyId);
data.putStringArrayList(KeychainIntentService.CERTIFY_KEY_UIDS, userIds);
data.putParcelable(KeychainIntentService.CERTIFY_PARCEL, parcel);
intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
// Message is received after signing is done in KeychainIntentService
KeychainIntentServiceHandler saveHandler = new KeychainIntentServiceHandler(mActivity,
getString(R.string.progress_certifying), ProgressDialog.STYLE_SPINNER) {
getString(R.string.progress_certifying), ProgressDialog.STYLE_SPINNER, true) {
public void handleMessage(Message message) {
// handle messages by standard KeychainIntentServiceHandler first
super.handleMessage(message);
if (message.arg1 == KeychainIntentServiceHandler.MESSAGE_OKAY) {
SingletonResult result = new SingletonResult(
SingletonResult.RESULT_OK, LogType.MSG_CRT_SUCCESS);
Bundle data = message.getData();
CertifyResult result = data.getParcelable(CertifyResult.EXTRA_RESULT);
Intent intent = new Intent();
intent.putExtra(SingletonResult.EXTRA_RESULT, result);
intent.putExtra(CertifyResult.EXTRA_RESULT, result);
mActivity.setResult(CertifyKeyActivity.RESULT_OK, intent);
// check if we need to send the key to the server or not

View File

@ -877,8 +877,26 @@
<string name="msg_se">"Starting sign and/or encrypt operation"</string>
<string name="msg_se_symmetric">"Preparing symmetric encryption"</string>
<string name="msg_crt_upload_success">"Successfully uploaded key to server"</string>
<string name="msg_crt_certifying">"Generating certifications"</string>
<string name="msg_crt_certify_all">"Certifying all user ids for key %s"</string>
<plurals name="msg_crt_certify_some">
<item quantity="one">"Certifying one user id for key %2$s"</item>
<item quantity="other">"Certifying %1$d user ids for key %2$s"</item>
</plurals>
<string name="msg_crt_error_master_not_found">"Master key not found!"</string>
<string name="msg_crt_error_unlock">"Error unlocking master key!"</string>
<string name="msg_crt_fp_mismatch">"Fingerprint mismatch, not certifying!"</string>
<string name="msg_crt">"Certifying keyrings"</string>
<string name="msg_crt_master_fetch">"Fetching certifying master key"</string>
<string name="msg_crt_save">"Saving certified key %s"</string>
<string name="msg_crt_saving">"Saving keyrings"</string>
<string name="msg_crt_unlock">"Unlocking master key"</string>
<string name="msg_crt_success">"Successfully certified identities"</string>
<string name="msg_crt_warn_not_found">"Key not found!"</string>
<string name="msg_crt_warn_cert_failed">"Certificate generation failed!"</string>
<string name="msg_crt_warn_save_failed">"Save operation failed!"</string>
<string name="msg_crt_upload_success">"Successfully uploaded key to server"</string>
<string name="msg_acc_saved">"Account saved"</string>