diff --git a/.gitignore b/.gitignore
index 1dfe84d5a..68f5b5a9e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,6 +14,9 @@ ant.properties
.gradle
build
gradle.properties
+# this is in here because the prepare-tests thing modifies it, and we DON'T
+# want this to be commited. use git add -f to work on this file.
+settings.gradle
#Maven
target
diff --git a/.gitmodules b/.gitmodules
index 60afe0b9d..ca01e1ac6 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -28,6 +28,3 @@
[submodule "extern/minidns"]
path = extern/minidns
url = https://github.com/open-keychain/minidns.git
-[submodule "OpenKeychain/src/test/resources/extern/OpenPGP-Haskell"]
- path = OpenKeychain/src/test/resources/extern/OpenPGP-Haskell
- url = https://github.com/singpolyma/OpenPGP-Haskell.git
diff --git a/.travis.yml b/.travis.yml
index 5da831e61..ef69eb556 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
language: java
-jdk: oraclejdk7
+jdk: openjdk7
before_install:
# Install base Android SDK
- sudo apt-get update -qq
@@ -12,6 +12,9 @@ before_install:
# Install required Android components.
#- echo "y" | android update sdk -a --filter build-tools-19.1.0,android-19,platform-tools,extra-android-support,extra-android-m2repository --no-ui --force
- ( sleep 5 && while [ 1 ]; do sleep 1; echo y; done ) | android update sdk --no-ui --all --force --filter build-tools-19.1.0,android-19,platform-tools,extra-android-support,extra-android-m2repository
+ - ./prepare-tests.sh
install: echo "Installation done"
-script: gradle assemble -S -q
+script:
+ - gradle assemble -S -q
+ - gradle --info OpenKeychain-Test:testDebug
diff --git a/OpenKeychain-Test/build.gradle b/OpenKeychain-Test/build.gradle
new file mode 100644
index 000000000..a98a79dc1
--- /dev/null
+++ b/OpenKeychain-Test/build.gradle
@@ -0,0 +1,118 @@
+buildscript {
+ repositories {
+ mavenCentral()
+ // need this for com.novoda:gradle-android-test-plugin:0.9.9-SNAPSHOT below (0.9.3 in repos doesn't work!)
+ // run ./install-custom-gradle-test-plugin.sh to pull the thing into the local repository
+ mavenLocal()
+ }
+
+ dependencies {
+ // NOTE: Always use fixed version codes not dynamic ones, e.g. 0.7.3 instead of 0.7.+, see README for more information
+ classpath 'com.novoda:gradle-android-test-plugin:0.9.9-SNAPSHOT'
+ }
+}
+
+apply plugin: 'java'
+apply plugin: 'android-test'
+apply plugin: 'jacoco'
+
+dependencies {
+ testCompile 'junit:junit:4.11'
+ testCompile 'com.google.android:android:4.1.1.4'
+ testCompile('com.squareup:fest-android:1.0.+') { exclude module: 'support-v4' }
+ testCompile ('org.robolectric:robolectric:2.3') {
+ exclude module: 'classworlds'
+ exclude module: 'maven-artifact'
+ exclude module: 'maven-artifact-manager'
+ exclude module: 'maven-error-diagnostics'
+ exclude module: 'maven-model'
+ exclude module: 'maven-plugin-registry'
+ exclude module: 'maven-profile'
+ exclude module: 'maven-project'
+ exclude module: 'maven-settings'
+ exclude module: 'nekohtml'
+ exclude module: 'plexus-container-default'
+ exclude module: 'plexus-interpolation'
+ exclude module: 'plexus-utils'
+ exclude module: 'support-v4' // crazy but my android studio don't like this dependency and to fix it remove .idea and re import project
+ exclude module: 'wagon-file'
+ exclude module: 'wagon-http-lightweight'
+ exclude module: 'wagon-http-shared'
+ exclude module: 'wagon-provider-api'
+ }
+}
+
+android {
+ projectUnderTest ':OpenKeychain'
+}
+
+jacoco {
+ toolVersion = "0.7.0.201403182114"
+}
+
+coverageSourceDirs = [
+ '../OpenKeychain/src/main/java',
+ '../OpenKeychain/src/gen',
+ '../OpenKeychain/build/source/apt/debug',
+ '../OpenKeychain/build/source/generated/buildConfig/debug',
+ '../OpenKeychain/build/source/generated/r/debug'
+ ]
+
+jacocoTestReport {
+ reports {
+ xml.enabled = true
+ html.destination "${buildDir}/jacocoHtml"
+ }
+ // class R is used, but usage will not be covered, so ignore this class from report
+ classDirectories = fileTree(dir: '../OpenKeychain/build/intermediates/classes/debug/org/sufficientlysecure/keychain', exclude: 'R*.class')
+ additionalSourceDirs = files(coverageSourceDirs)
+ executionData = files('build/jacoco/testDebug.exec')
+}
+
+// new workaround to force add custom output dirs for android studio
+task addTest {
+ def file = file(project.name + ".iml")
+ doLast {
+ try {
+ def parsedXml = (new XmlParser()).parse(file)
+ def node = parsedXml.component[1]
+ def outputNode = parsedXml.component[1].output[0]
+ def outputTestNode = parsedXml.component[1].'output-test'[0]
+ def rewrite = false
+
+ new Node(node, 'sourceFolder', ['url': 'file://$MODULE_DIR$/' + "${it}", 'isTestSource': "true"])
+
+ if(outputNode == null) {
+ new Node(node, 'output', ['url': 'file://$MODULE_DIR$/build/resources/testDebug'])
+ } else {
+ if(outputNode.attributes['url'] != 'file://$MODULE_DIR$/build/resources/testDebug') {
+ outputNode.attributes = ['url': 'file://$MODULE_DIR$/build/resources/testDebug']
+ rewrite = true
+ }
+ }
+
+ if(outputTestNode == null) {
+ new Node(node, 'output-test', ['url': 'file://$MODULE_DIR$/build/test-classes/debug'])
+ } else {
+ if(outputTestNode.attributes['url'] != 'file://$MODULE_DIR$/build/test-classes/debug') {
+ outputTestNode.attributes = ['url': 'file://$MODULE_DIR$/build/test-classes/debug']
+ rewrite = true
+ }
+ }
+
+ if(rewrite) {
+ def writer = new StringWriter()
+ new XmlNodePrinter(new PrintWriter(writer)).print(parsedXml)
+ file.text = writer.toString()
+ }
+ } catch (FileNotFoundException e) {
+ // iml not found, common on command line only builds
+ }
+
+ }
+}
+
+// always do the addtest on prebuild
+gradle.projectsEvaluated {
+ testDebugClasses.dependsOn(addTest)
+}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringBuilder.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringBuilder.java
new file mode 100644
index 000000000..94193bbcb
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringBuilder.java
@@ -0,0 +1,254 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.support;
+
+import org.spongycastle.bcpg.CompressionAlgorithmTags;
+import org.spongycastle.bcpg.ContainedPacket;
+import org.spongycastle.bcpg.HashAlgorithmTags;
+import org.spongycastle.bcpg.MPInteger;
+import org.spongycastle.bcpg.PublicKeyAlgorithmTags;
+import org.spongycastle.bcpg.PublicKeyPacket;
+import org.spongycastle.bcpg.PublicSubkeyPacket;
+import org.spongycastle.bcpg.RSAPublicBCPGKey;
+import org.spongycastle.bcpg.SignaturePacket;
+import org.spongycastle.bcpg.SignatureSubpacket;
+import org.spongycastle.bcpg.SignatureSubpacketInputStream;
+import org.spongycastle.bcpg.SignatureSubpacketTags;
+import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
+import org.spongycastle.bcpg.UserIDPacket;
+import org.spongycastle.bcpg.sig.Features;
+import org.spongycastle.bcpg.sig.IssuerKeyID;
+import org.spongycastle.bcpg.sig.KeyExpirationTime;
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.spongycastle.bcpg.sig.PreferredAlgorithms;
+import org.spongycastle.bcpg.sig.SignatureCreationTime;
+import org.spongycastle.openpgp.PGPSignature;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * Helps create correct and incorrect keyrings for tests.
+ *
+ * The original "correct" keyring was generated by GnuPG.
+ */
+public class KeyringBuilder {
+
+
+ private static final BigInteger PUBLIC_KEY_MODULUS = new BigInteger(
+ "cbab78d90d5f2cc0c54dd3c3953005a1e6b521f1ffa5465a102648bf7b91ec72" +
+ "f9c180759301587878caeb73332156209f81ca5b3b94309d96110f6972cfc56a" +
+ "37fd6279f61d71f19b8f64b288e338299dce133520f5b9b4253e6f4ba31ca36a" +
+ "fd87c2081b15f0b283e9350e370e181a23d31379101f17a23ae9192250db6540" +
+ "2e9cab2a275bc5867563227b197c8b136c832a94325b680e144ed864fb00b9b8" +
+ "b07e13f37b40d5ac27dae63cd6a470a7b40fa3c7479b5b43e634850cc680b177" +
+ "8dd6b1b51856f36c3520f258f104db2f96b31a53dd74f708ccfcefccbe420a90" +
+ "1c37f1f477a6a4b15f5ecbbfd93311a647bcc3f5f81c59dfe7252e3cd3be6e27"
+ , 16
+ );
+
+ private static final BigInteger PUBLIC_SUBKEY_MODULUS = new BigInteger(
+ "e8e2e2a33102649f19f8a07486fb076a1406ca888d72ae05d28f0ef372b5408e" +
+ "45132c69f6e5cb6a79bb8aed84634196731393a82d53e0ddd42f28f92cc15850" +
+ "8ce3b7ca1a9830502745aee774f86987993df984781f47c4a2910f95cf4c950c" +
+ "c4c6cccdc134ad408a0c5418b5e360c9781a8434d366053ea6338b975fae88f9" +
+ "383a10a90e7b2caa9ddb95708aa9d8a90246e29b04dbd6136613085c9a287315" +
+ "c6e9c7ff4012defc1713875e3ff6073333a1c93d7cd75ebeaaf16b8b853d96ba" +
+ "7003258779e8d2f70f1bc0bcd3ef91d7a9ccd8e225579b2d6fcae32799b0a6c0" +
+ "e7305fc65dc4edc849c6130a0d669c90c193b1e746c812510f9d600a208be4a5"
+ , 16
+ );
+
+ private static final Date SIGNATURE_DATE = new Date(1404566755000L);
+
+ private static final BigInteger EXPONENT = BigInteger.valueOf(0x010001);
+
+ private static final String USER_ID_STRING = "OpenKeychain User (NOT A REAL KEY) ";
+
+ public static final BigInteger CORRECT_SIGNATURE = new BigInteger(
+ "b065c071d3439d5610eb22e5b4df9e42ed78b8c94f487389e4fc98e8a75a043f" +
+ "14bf57d591811e8e7db2d31967022d2ee64372829183ec51d0e20c42d7a1e519" +
+ "e9fa22cd9db90f0fd7094fd093b78be2c0db62022193517404d749152c71edc6" +
+ "fd48af3416038d8842608ecddebbb11c5823a4321d2029b8993cb017fa8e5ad7" +
+ "8a9a618672d0217c4b34002f1a4a7625a514b6a86475e573cb87c64d7069658e" +
+ "627f2617874007a28d525e0f87d93ca7b15ad10dbdf10251e542afb8f9b16cbf" +
+ "7bebdb5fe7e867325a44e59cad0991cb239b1c859882e2ebb041b80e5cdc3b40" +
+ "ed259a8a27d63869754c0881ccdcb50f0564fecdc6966be4a4b87a3507a9d9be"
+ , 16
+ );
+ public static final BigInteger CORRECT_SUBKEY_SIGNATURE = new BigInteger(
+ "9c40543e646cfa6d3d1863d91a4e8f1421d0616ddb3187505df75fbbb6c59dd5" +
+ "3136b866f246a0320e793cb142c55c8e0e521d1e8d9ab864650f10690f5f1429" +
+ "2eb8402a3b1f82c01079d12f5c57c43fce524a530e6f49f6f87d984e26db67a2" +
+ "d469386dac87553c50147ebb6c2edd9248325405f737b815253beedaaba4f5c9" +
+ "3acd5d07fe6522ceda1027932d849e3ec4d316422cd43ea6e506f643936ab0be" +
+ "8246e546bb90d9a83613185047566864ffe894946477e939725171e0e15710b2" +
+ "089f78752a9cb572f5907323f1b62f14cb07671aeb02e6d7178f185467624ec5" +
+ "74e4a73c439a12edba200a4832106767366a1e6f63da0a42d593fa3914deee2b"
+ , 16
+ );
+ public static final BigInteger KEY_ID = BigInteger.valueOf(0x15130BCF071AE6BFL);
+
+ public static UncachedKeyRing correctRing() {
+ return convertToKeyring(correctKeyringPackets());
+ }
+
+ public static UncachedKeyRing ringWithExtraIncorrectSignature() {
+ List packets = correctKeyringPackets();
+ SignaturePacket incorrectSignaturePacket = createSignaturePacket(CORRECT_SIGNATURE.subtract(BigInteger.ONE));
+ packets.add(2, incorrectSignaturePacket);
+ return convertToKeyring(packets);
+ }
+
+ private static UncachedKeyRing convertToKeyring(List packets) {
+ try {
+ return UncachedKeyRing.decodeFromData(TestDataUtil.concatAll(packets));
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ private static List correctKeyringPackets() {
+ PublicKeyPacket publicKey = createPgpPublicKey(PUBLIC_KEY_MODULUS);
+ UserIDPacket userId = createUserId(USER_ID_STRING);
+ SignaturePacket signaturePacket = createSignaturePacket(CORRECT_SIGNATURE);
+ PublicKeyPacket subKey = createPgpPublicSubKey(PUBLIC_SUBKEY_MODULUS);
+ SignaturePacket subKeySignaturePacket = createSubkeySignaturePacket();
+
+ return new ArrayList(Arrays.asList(
+ publicKey,
+ userId,
+ signaturePacket,
+ subKey,
+ subKeySignaturePacket
+ ));
+ }
+
+ private static SignaturePacket createSignaturePacket(BigInteger signature) {
+ MPInteger[] signatureArray = new MPInteger[]{
+ new MPInteger(signature)
+ };
+
+ int signatureType = PGPSignature.POSITIVE_CERTIFICATION;
+ int keyAlgorithm = SignaturePacket.RSA_GENERAL;
+ int hashAlgorithm = HashAlgorithmTags.SHA1;
+
+ SignatureSubpacket[] hashedData = new SignatureSubpacket[]{
+ new SignatureCreationTime(false, SIGNATURE_DATE),
+ new KeyFlags(false, KeyFlags.CERTIFY_OTHER + KeyFlags.SIGN_DATA),
+ new KeyExpirationTime(false, TimeUnit.DAYS.toSeconds(2)),
+ new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_SYM_ALGS, false, new int[]{
+ SymmetricKeyAlgorithmTags.AES_256,
+ SymmetricKeyAlgorithmTags.AES_192,
+ SymmetricKeyAlgorithmTags.AES_128,
+ SymmetricKeyAlgorithmTags.CAST5,
+ SymmetricKeyAlgorithmTags.TRIPLE_DES
+ }),
+ new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_HASH_ALGS, false, new int[]{
+ HashAlgorithmTags.SHA256,
+ HashAlgorithmTags.SHA1,
+ HashAlgorithmTags.SHA384,
+ HashAlgorithmTags.SHA512,
+ HashAlgorithmTags.SHA224
+ }),
+ new PreferredAlgorithms(SignatureSubpacketTags.PREFERRED_COMP_ALGS, false, new int[]{
+ CompressionAlgorithmTags.ZLIB,
+ CompressionAlgorithmTags.BZIP2,
+ CompressionAlgorithmTags.ZIP
+ }),
+ new Features(false, Features.FEATURE_MODIFICATION_DETECTION),
+ createPreferencesSignatureSubpacket()
+ };
+ SignatureSubpacket[] unhashedData = new SignatureSubpacket[]{
+ new IssuerKeyID(false, KEY_ID.toByteArray())
+ };
+ byte[] fingerPrint = new BigInteger("522c", 16).toByteArray();
+
+ return new SignaturePacket(signatureType,
+ KEY_ID.longValue(),
+ keyAlgorithm,
+ hashAlgorithm,
+ hashedData,
+ unhashedData,
+ fingerPrint,
+ signatureArray);
+ }
+
+ /**
+ * There is no Preferences subpacket in BouncyCastle, so we have
+ * to create one manually.
+ */
+ private static SignatureSubpacket createPreferencesSignatureSubpacket() {
+ SignatureSubpacket prefs;
+ try {
+ prefs = new SignatureSubpacketInputStream(new ByteArrayInputStream(
+ new byte[]{2, SignatureSubpacketTags.KEY_SERVER_PREFS, (byte) 0x80})
+ ).readPacket();
+ } catch (IOException ex) {
+ throw new RuntimeException(ex);
+ }
+ return prefs;
+ }
+
+ private static SignaturePacket createSubkeySignaturePacket() {
+ int signatureType = PGPSignature.SUBKEY_BINDING;
+ int keyAlgorithm = SignaturePacket.RSA_GENERAL;
+ int hashAlgorithm = HashAlgorithmTags.SHA1;
+
+ SignatureSubpacket[] hashedData = new SignatureSubpacket[]{
+ new SignatureCreationTime(false, SIGNATURE_DATE),
+ new KeyFlags(false, KeyFlags.ENCRYPT_COMMS + KeyFlags.ENCRYPT_STORAGE),
+ new KeyExpirationTime(false, TimeUnit.DAYS.toSeconds(2)),
+ };
+ SignatureSubpacket[] unhashedData = new SignatureSubpacket[]{
+ new IssuerKeyID(false, KEY_ID.toByteArray())
+ };
+ byte[] fingerPrint = new BigInteger("234a", 16).toByteArray();
+ MPInteger[] signature = new MPInteger[]{
+ new MPInteger(CORRECT_SUBKEY_SIGNATURE)
+ };
+ return new SignaturePacket(signatureType,
+ KEY_ID.longValue(),
+ keyAlgorithm,
+ hashAlgorithm,
+ hashedData,
+ unhashedData,
+ fingerPrint,
+ signature);
+ }
+
+ private static PublicKeyPacket createPgpPublicKey(BigInteger modulus) {
+ return new PublicKeyPacket(PublicKeyAlgorithmTags.RSA_GENERAL, SIGNATURE_DATE, new RSAPublicBCPGKey(modulus, EXPONENT));
+ }
+
+ private static PublicKeyPacket createPgpPublicSubKey(BigInteger modulus) {
+ return new PublicSubkeyPacket(PublicKeyAlgorithmTags.RSA_GENERAL, SIGNATURE_DATE, new RSAPublicBCPGKey(modulus, EXPONENT));
+ }
+
+ private static UserIDPacket createUserId(String userId) {
+ return new UserIDPacket(userId);
+ }
+
+}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringTestingHelper.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringTestingHelper.java
new file mode 100644
index 000000000..98c7b0743
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringTestingHelper.java
@@ -0,0 +1,355 @@
+/*
+ * Copyright (C) Art O Cathain, Vincent Breitmoser
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+package org.sufficientlysecure.keychain.support;
+
+import android.content.Context;
+
+import org.spongycastle.util.Arrays;
+import org.sufficientlysecure.keychain.pgp.NullProgressable;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.service.OperationResults;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+
+/** Helper methods for keyring tests. */
+public class KeyringTestingHelper {
+
+ private final Context context;
+
+ public KeyringTestingHelper(Context robolectricContext) {
+ this.context = robolectricContext;
+ }
+
+ public boolean addKeyring(Collection blobFiles) throws Exception {
+
+ ProviderHelper providerHelper = new ProviderHelper(context);
+
+ byte[] data = TestDataUtil.readAllFully(blobFiles);
+ UncachedKeyRing ring = UncachedKeyRing.decodeFromData(data);
+ long masterKeyId = ring.getMasterKeyId();
+
+ // Should throw an exception; key is not yet saved
+ retrieveKeyAndExpectNotFound(providerHelper, masterKeyId);
+
+ OperationResults.SaveKeyringResult saveKeyringResult = providerHelper.savePublicKeyRing(ring, new NullProgressable());
+
+ boolean saveSuccess = saveKeyringResult.success();
+
+ // Now re-retrieve the saved key. Should not throw an exception.
+ providerHelper.getWrappedPublicKeyRing(masterKeyId);
+
+ // A different ID should still fail
+ retrieveKeyAndExpectNotFound(providerHelper, masterKeyId - 1);
+
+ return saveSuccess;
+ }
+
+ public static UncachedKeyRing removePacket(UncachedKeyRing ring, int position)
+ throws IOException, PgpGeneralException {
+ return UncachedKeyRing.decodeFromData(removePacket(ring.getEncoded(), position));
+ }
+
+ public static byte[] removePacket(byte[] ring, int position) throws IOException {
+ Iterator it = parseKeyring(ring);
+ ByteArrayOutputStream out = new ByteArrayOutputStream(ring.length);
+
+ int i = 0;
+ while(it.hasNext()) {
+ // at the right position, skip the packet
+ if(i++ == position) {
+ it.next();
+ continue;
+ }
+ // write the old one
+ out.write(it.next().buf);
+ }
+
+ if (i <= position) {
+ throw new IndexOutOfBoundsException("injection index did not not occur in stream!");
+ }
+
+ return out.toByteArray();
+ }
+
+ public static UncachedKeyRing injectPacket(UncachedKeyRing ring, byte[] inject, int position)
+ throws IOException, PgpGeneralException {
+ return UncachedKeyRing.decodeFromData(injectPacket(ring.getEncoded(), inject, position));
+ }
+
+ public static byte[] injectPacket(byte[] ring, byte[] inject, int position) throws IOException {
+
+ Iterator it = parseKeyring(ring);
+ ByteArrayOutputStream out = new ByteArrayOutputStream(ring.length + inject.length);
+
+ int i = 0;
+ while(it.hasNext()) {
+ // at the right position, inject the new packet
+ if(i++ == position) {
+ out.write(inject);
+ }
+ // write the old one
+ out.write(it.next().buf);
+ }
+
+ if (i <= position) {
+ throw new IndexOutOfBoundsException("injection index did not not occur in stream!");
+ }
+
+ return out.toByteArray();
+
+ }
+
+ /** This class contains a single pgp packet, together with information about its position
+ * in the keyring and its packet tag.
+ */
+ public static class RawPacket {
+ public int position;
+
+ // packet tag for convenience, this can also be read from the header
+ public int tag;
+
+ public int headerLength, length;
+ // this buf includes the header, so its length is headerLength + length!
+ public byte[] buf;
+
+ @Override
+ public boolean equals(Object other) {
+ return other instanceof RawPacket && Arrays.areEqual(this.buf, ((RawPacket) other).buf);
+ }
+
+ @Override
+ public int hashCode() {
+ return Arrays.hashCode(buf);
+ }
+ }
+
+ /** A comparator which compares RawPackets by their position */
+ public static final Comparator packetOrder = new Comparator() {
+ public int compare(RawPacket left, RawPacket right) {
+ return Integer.compare(left.position, right.position);
+ }
+ };
+
+ /** Diff two keyrings, returning packets only present in one keyring in its associated List.
+ *
+ * Packets in the returned lists are annotated and ordered by their original order of appearance
+ * in their origin keyrings.
+ *
+ * @return true if keyrings differ in at least one packet
+ */
+ public static boolean diffKeyrings(byte[] ringA, byte[] ringB,
+ List onlyA, List onlyB)
+ throws IOException {
+ Iterator streamA = parseKeyring(ringA);
+ Iterator streamB = parseKeyring(ringB);
+
+ HashSet a = new HashSet(), b = new HashSet();
+
+ RawPacket p;
+ int pos = 0;
+ while(true) {
+ p = streamA.next();
+ if (p == null) {
+ break;
+ }
+ p.position = pos++;
+ a.add(p);
+ }
+ pos = 0;
+ while(true) {
+ p = streamB.next();
+ if (p == null) {
+ break;
+ }
+ p.position = pos++;
+ b.add(p);
+ }
+
+ onlyA.clear();
+ onlyB.clear();
+
+ onlyA.addAll(a);
+ onlyA.removeAll(b);
+ onlyB.addAll(b);
+ onlyB.removeAll(a);
+
+ Collections.sort(onlyA, packetOrder);
+ Collections.sort(onlyB, packetOrder);
+
+ return !onlyA.isEmpty() || !onlyB.isEmpty();
+ }
+
+ /** Creates an iterator of RawPackets over a binary keyring. */
+ public static Iterator parseKeyring(byte[] ring) {
+
+ final InputStream stream = new ByteArrayInputStream(ring);
+
+ return new Iterator() {
+ RawPacket next;
+
+ @Override
+ public boolean hasNext() {
+ if (next == null) try {
+ next = readPacket(stream);
+ } catch (IOException e) {
+ return false;
+ }
+ return next != null;
+ }
+
+ @Override
+ public RawPacket next() {
+ if (!hasNext()) {
+ return null;
+ }
+ try {
+ return next;
+ } finally {
+ next = null;
+ }
+ }
+
+ @Override
+ public void remove() {
+ throw new UnsupportedOperationException();
+ }
+ };
+
+ }
+
+ /** Read a single (raw) pgp packet from an input stream.
+ *
+ * Note that the RawPacket.position field is NOT set here!
+ *
+ * Variable length packets are not handled here. we don't use those in our test classes, and
+ * otherwise rely on BouncyCastle's own unit tests to handle those correctly.
+ */
+ private static RawPacket readPacket(InputStream in) throws IOException {
+
+ // save here. this is tag + length, max 6 bytes
+ in.mark(6);
+
+ int hdr = in.read();
+ int headerLength = 1;
+
+ if (hdr < 0) {
+ return null;
+ }
+
+ if ((hdr & 0x80) == 0) {
+ throw new IOException("invalid header encountered");
+ }
+
+ boolean newPacket = (hdr & 0x40) != 0;
+ int tag;
+ int bodyLen;
+
+ if (newPacket) {
+ tag = hdr & 0x3f;
+
+ int l = in.read();
+ headerLength += 1;
+
+ if (l < 192) {
+ bodyLen = l;
+ } else if (l <= 223) {
+ int b = in.read();
+ headerLength += 1;
+
+ bodyLen = ((l - 192) << 8) + (b) + 192;
+ } else if (l == 255) {
+ bodyLen = (in.read() << 24) | (in.read() << 16) | (in.read() << 8) | in.read();
+ headerLength += 4;
+ } else {
+ // bodyLen = 1 << (l & 0x1f);
+ throw new IOException("no support for partial bodies in test classes");
+ }
+ } else {
+ int lengthType = hdr & 0x3;
+
+ tag = (hdr & 0x3f) >> 2;
+
+ switch (lengthType) {
+ case 0:
+ bodyLen = in.read();
+ headerLength += 1;
+ break;
+ case 1:
+ bodyLen = (in.read() << 8) | in.read();
+ headerLength += 2;
+ break;
+ case 2:
+ bodyLen = (in.read() << 24) | (in.read() << 16) | (in.read() << 8) | in.read();
+ headerLength += 4;
+ break;
+ case 3:
+ // bodyLen = 1 << (l & 0x1f);
+ throw new IOException("no support for partial bodies in test classes");
+ default:
+ throw new IOException("unknown length type encountered");
+ }
+ }
+
+ in.reset();
+
+ // read the entire packet INCLUDING the header here
+ byte[] buf = new byte[headerLength+bodyLen];
+ if (in.read(buf) != headerLength+bodyLen) {
+ throw new IOException("read length mismatch!");
+ }
+ RawPacket p = new RawPacket();
+ p.tag = tag;
+ p.headerLength = headerLength;
+ p.length = bodyLen;
+ p.buf = buf;
+ return p;
+
+ }
+
+ public static E getNth(Iterator it, int position) {
+ while(position-- > 0) {
+ it.next();
+ }
+ return it.next();
+ }
+
+ public static long getSubkeyId(UncachedKeyRing ring, int position) {
+ return getNth(ring.getPublicKeys(), position).getKeyId();
+ }
+
+ private void retrieveKeyAndExpectNotFound(ProviderHelper providerHelper, long masterKeyId) {
+ try {
+ providerHelper.getWrappedPublicKeyRing(masterKeyId);
+ throw new AssertionError("Was expecting the previous call to fail!");
+ } catch (ProviderHelper.NotFoundException expectedException) {
+ // good
+ }
+ }
+
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/PgpVerifyTestingHelper.java
similarity index 68%
rename from OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java
rename to OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/PgpVerifyTestingHelper.java
index 1ab5878cc..dd5786512 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/PgpVerifyTestingHelper.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/PgpVerifyTestingHelper.java
@@ -1,4 +1,20 @@
-package org.sufficientlysecure.keychain.testsupport;
+package org.sufficientlysecure.keychain.support;
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
import android.content.Context;
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/ProviderHelperStub.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/ProviderHelperStub.java
new file mode 100644
index 000000000..f06fe0072
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/ProviderHelperStub.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.support;
+
+import android.content.Context;
+import android.net.Uri;
+
+import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
+import org.sufficientlysecure.keychain.provider.ProviderHelper;
+
+/**
+ * Created by art on 21/06/14.
+ */
+class ProviderHelperStub extends ProviderHelper {
+ public ProviderHelperStub(Context context) {
+ super(context);
+ }
+
+ @Override
+ public WrappedPublicKeyRing getWrappedPublicKeyRing(Uri id) throws NotFoundException {
+ byte[] data = TestDataUtil.readFully(getClass().getResourceAsStream("/public-key-for-sample.blob"));
+ return new WrappedPublicKeyRing(data, false, 0);
+ }
+}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/TestDataUtil.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/TestDataUtil.java
new file mode 100644
index 000000000..f2b3c0996
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/TestDataUtil.java
@@ -0,0 +1,142 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.support;
+
+import org.spongycastle.bcpg.ContainedPacket;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.Collection;
+import java.util.Iterator;
+
+/**
+ * Misc support functions. Would just use Guava / Apache Commons but
+ * avoiding extra dependencies.
+ */
+public class TestDataUtil {
+ public static byte[] readFully(InputStream input) {
+ ByteArrayOutputStream output = new ByteArrayOutputStream();
+ appendToOutput(input, output);
+ return output.toByteArray();
+ }
+
+ public static void appendToOutput(InputStream input, OutputStream output) {
+ byte[] buffer = new byte[8192];
+ int bytesRead;
+ try {
+ while ((bytesRead = input.read(buffer)) != -1) {
+ output.write(buffer, 0, bytesRead);
+ }
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static byte[] readAllFully(Collection inputResources) {
+ ByteArrayOutputStream output = new ByteArrayOutputStream();
+
+ for (String inputResource : inputResources) {
+ appendToOutput(getResourceAsStream(inputResource), output);
+ }
+ return output.toByteArray();
+ }
+
+ public static InputStream getResourceAsStream(String resourceName) {
+ return TestDataUtil.class.getResourceAsStream(resourceName);
+ }
+
+ /**
+ * Null-safe equivalent of {@code a.equals(b)}.
+ */
+ public static boolean equals(Object a, Object b) {
+ return (a == null) ? (b == null) : a.equals(b);
+ }
+
+ public static boolean iterEquals(Iterator a, Iterator b, EqualityChecker comparator) {
+ while (a.hasNext()) {
+ T aObject = a.next();
+ if (!b.hasNext()) {
+ return false;
+ }
+ T bObject = b.next();
+ if (!comparator.areEquals(aObject, bObject)) {
+ return false;
+ }
+ }
+
+ if (b.hasNext()) {
+ return false;
+ }
+
+ return true;
+ }
+
+
+ public static boolean iterEquals(Iterator a, Iterator b) {
+ return iterEquals(a, b, new EqualityChecker() {
+ @Override
+ public boolean areEquals(T lhs, T rhs) {
+ return TestDataUtil.equals(lhs, rhs);
+ }
+ });
+ }
+
+ public static interface EqualityChecker {
+ public boolean areEquals(T lhs, T rhs);
+ }
+
+
+ public static byte[] concatAll(java.util.List packets) {
+ byte[][] byteArrays = new byte[packets.size()][];
+ try {
+ for (int i = 0; i < packets.size(); i++) {
+ byteArrays[i] = packets.get(i).getEncoded();
+ }
+ } catch (IOException ex) {
+ throw new RuntimeException(ex);
+ }
+
+ return concatAll(byteArrays);
+ }
+
+ public static byte[] concatAll(byte[]... byteArrays) {
+ if (byteArrays.length == 1) {
+ return byteArrays[0];
+ } else if (byteArrays.length == 2) {
+ return concat(byteArrays[0], byteArrays[1]);
+ } else {
+ byte[] first = concat(byteArrays[0], byteArrays[1]);
+ byte[][] remainingArrays = new byte[byteArrays.length - 1][];
+ remainingArrays[0] = first;
+ System.arraycopy(byteArrays, 2, remainingArrays, 1, byteArrays.length - 2);
+ return concatAll(remainingArrays);
+ }
+ }
+
+ private static byte[] concat(byte[] a, byte[] b) {
+ int aLen = a.length;
+ int bLen = b.length;
+ byte[] c = new byte[aLen + bLen];
+ System.arraycopy(a, 0, c, 0, aLen);
+ System.arraycopy(b, 0, c, aLen, bLen);
+ return c;
+ }
+
+}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/UncachedKeyringTestingHelper.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/UncachedKeyringTestingHelper.java
new file mode 100644
index 000000000..6467d3f32
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/UncachedKeyringTestingHelper.java
@@ -0,0 +1,297 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.support;
+
+import org.spongycastle.bcpg.BCPGKey;
+import org.spongycastle.bcpg.PublicKeyPacket;
+import org.spongycastle.bcpg.SignatureSubpacket;
+import org.spongycastle.openpgp.PGPException;
+import org.spongycastle.openpgp.PGPPublicKey;
+import org.spongycastle.openpgp.PGPSignature;
+import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
+import org.spongycastle.openpgp.PGPUserAttributeSubpacketVector;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.service.OperationResultParcel;
+
+import java.util.Arrays;
+
+/**
+ * Created by art on 28/06/14.
+ */
+public class UncachedKeyringTestingHelper {
+
+ public static boolean compareRing(UncachedKeyRing keyRing1, UncachedKeyRing keyRing2) {
+ OperationResultParcel.OperationLog operationLog = new OperationResultParcel.OperationLog();
+ UncachedKeyRing canonicalized = keyRing1.canonicalize(operationLog, 0);
+
+ if (canonicalized == null) {
+ throw new AssertionError("Canonicalization failed; messages: [" + operationLog.toList() + "]");
+ }
+
+ return TestDataUtil.iterEquals(canonicalized.getPublicKeys(), keyRing2.getPublicKeys(), new
+ TestDataUtil.EqualityChecker() {
+ @Override
+ public boolean areEquals(UncachedPublicKey lhs, UncachedPublicKey rhs) {
+ return comparePublicKey(lhs, rhs);
+ }
+ });
+ }
+
+ public static boolean comparePublicKey(UncachedPublicKey key1, UncachedPublicKey key2) {
+ boolean equal = true;
+
+ if (key1.canAuthenticate() != key2.canAuthenticate()) {
+ return false;
+ }
+ if (key1.canCertify() != key2.canCertify()) {
+ return false;
+ }
+ if (key1.canEncrypt() != key2.canEncrypt()) {
+ return false;
+ }
+ if (key1.canSign() != key2.canSign()) {
+ return false;
+ }
+ if (key1.getAlgorithm() != key2.getAlgorithm()) {
+ return false;
+ }
+ if (key1.getBitStrength() != key2.getBitStrength()) {
+ return false;
+ }
+ if (!TestDataUtil.equals(key1.getCreationTime(), key2.getCreationTime())) {
+ return false;
+ }
+ if (!TestDataUtil.equals(key1.getExpiryTime(), key2.getExpiryTime())) {
+ return false;
+ }
+ if (!Arrays.equals(key1.getFingerprint(), key2.getFingerprint())) {
+ return false;
+ }
+ if (key1.getKeyId() != key2.getKeyId()) {
+ return false;
+ }
+ if (key1.getKeyUsage() != key2.getKeyUsage()) {
+ return false;
+ }
+ if (!TestDataUtil.equals(key1.getPrimaryUserId(), key2.getPrimaryUserId())) {
+ return false;
+ }
+
+ // Ooops, getPublicKey is due to disappear. But then how to compare?
+ if (!keysAreEqual(key1.getPublicKey(), key2.getPublicKey())) {
+ return false;
+ }
+
+ return equal;
+ }
+
+ public static boolean keysAreEqual(PGPPublicKey a, PGPPublicKey b) {
+
+ if (a.getAlgorithm() != b.getAlgorithm()) {
+ return false;
+ }
+
+ if (a.getBitStrength() != b.getBitStrength()) {
+ return false;
+ }
+
+ if (!TestDataUtil.equals(a.getCreationTime(), b.getCreationTime())) {
+ return false;
+ }
+
+ if (!Arrays.equals(a.getFingerprint(), b.getFingerprint())) {
+ return false;
+ }
+
+ if (a.getKeyID() != b.getKeyID()) {
+ return false;
+ }
+
+ if (!pubKeyPacketsAreEqual(a.getPublicKeyPacket(), b.getPublicKeyPacket())) {
+ return false;
+ }
+
+ if (a.getVersion() != b.getVersion()) {
+ return false;
+ }
+
+ if (a.getValidDays() != b.getValidDays()) {
+ return false;
+ }
+
+ if (a.getValidSeconds() != b.getValidSeconds()) {
+ return false;
+ }
+
+ if (!Arrays.equals(a.getTrustData(), b.getTrustData())) {
+ return false;
+ }
+
+ if (!TestDataUtil.iterEquals(a.getUserIDs(), b.getUserIDs())) {
+ return false;
+ }
+
+ if (!TestDataUtil.iterEquals(a.getUserAttributes(), b.getUserAttributes(),
+ new TestDataUtil.EqualityChecker() {
+ public boolean areEquals(PGPUserAttributeSubpacketVector lhs, PGPUserAttributeSubpacketVector rhs) {
+ // For once, BC defines equals, so we use it implicitly.
+ return TestDataUtil.equals(lhs, rhs);
+ }
+ }
+ )) {
+ return false;
+ }
+
+
+ if (!TestDataUtil.iterEquals(a.getSignatures(), b.getSignatures(),
+ new TestDataUtil.EqualityChecker() {
+ public boolean areEquals(PGPSignature lhs, PGPSignature rhs) {
+ return signaturesAreEqual(lhs, rhs);
+ }
+ }
+ )) {
+ return false;
+ }
+
+ return true;
+ }
+
+ public static boolean signaturesAreEqual(PGPSignature a, PGPSignature b) {
+
+ if (a.getVersion() != b.getVersion()) {
+ return false;
+ }
+
+ if (a.getKeyAlgorithm() != b.getKeyAlgorithm()) {
+ return false;
+ }
+
+ if (a.getHashAlgorithm() != b.getHashAlgorithm()) {
+ return false;
+ }
+
+ if (a.getSignatureType() != b.getSignatureType()) {
+ return false;
+ }
+
+ try {
+ if (!Arrays.equals(a.getSignature(), b.getSignature())) {
+ return false;
+ }
+ } catch (PGPException ex) {
+ throw new RuntimeException(ex);
+ }
+
+ if (a.getKeyID() != b.getKeyID()) {
+ return false;
+ }
+
+ if (!TestDataUtil.equals(a.getCreationTime(), b.getCreationTime())) {
+ return false;
+ }
+
+ if (!Arrays.equals(a.getSignatureTrailer(), b.getSignatureTrailer())) {
+ return false;
+ }
+
+ if (!subPacketVectorsAreEqual(a.getHashedSubPackets(), b.getHashedSubPackets())) {
+ return false;
+ }
+
+ if (!subPacketVectorsAreEqual(a.getUnhashedSubPackets(), b.getUnhashedSubPackets())) {
+ return false;
+ }
+
+ return true;
+ }
+
+ private static boolean subPacketVectorsAreEqual(PGPSignatureSubpacketVector aHashedSubPackets, PGPSignatureSubpacketVector bHashedSubPackets) {
+ for (int i = 0; i < Byte.MAX_VALUE; i++) {
+ if (!TestDataUtil.iterEquals(Arrays.asList(aHashedSubPackets.getSubpackets(i)).iterator(),
+ Arrays.asList(bHashedSubPackets.getSubpackets(i)).iterator(),
+ new TestDataUtil.EqualityChecker() {
+ @Override
+ public boolean areEquals(SignatureSubpacket lhs, SignatureSubpacket rhs) {
+ return signatureSubpacketsAreEqual(lhs, rhs);
+ }
+ }
+ )) {
+ return false;
+ }
+
+ }
+ return true;
+ }
+
+ private static boolean signatureSubpacketsAreEqual(SignatureSubpacket lhs, SignatureSubpacket rhs) {
+ if (lhs.getType() != rhs.getType()) {
+ return false;
+ }
+ if (!Arrays.equals(lhs.getData(), rhs.getData())) {
+ return false;
+ }
+ return true;
+ }
+
+ public static boolean pubKeyPacketsAreEqual(PublicKeyPacket a, PublicKeyPacket b) {
+
+ if (a.getAlgorithm() != b.getAlgorithm()) {
+ return false;
+ }
+
+ if (!bcpgKeysAreEqual(a.getKey(), b.getKey())) {
+ return false;
+ }
+
+ if (!TestDataUtil.equals(a.getTime(), b.getTime())) {
+ return false;
+ }
+
+ if (a.getValidDays() != b.getValidDays()) {
+ return false;
+ }
+
+ if (a.getVersion() != b.getVersion()) {
+ return false;
+ }
+
+ return true;
+ }
+
+ public static boolean bcpgKeysAreEqual(BCPGKey a, BCPGKey b) {
+
+ if (!TestDataUtil.equals(a.getFormat(), b.getFormat())) {
+ return false;
+ }
+
+ if (!Arrays.equals(a.getEncoded(), b.getEncoded())) {
+ return false;
+ }
+
+ return true;
+ }
+
+
+ public void doTestCanonicalize(UncachedKeyRing inputKeyRing, UncachedKeyRing expectedKeyRing) {
+ if (!compareRing(inputKeyRing, expectedKeyRing)) {
+ throw new AssertionError("Expected [" + inputKeyRing + "] to match [" + expectedKeyRing + "]");
+ }
+ }
+
+}
diff --git a/OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpDecryptVerifyTest.java
similarity index 58%
rename from OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java
rename to OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpDecryptVerifyTest.java
index d759bce05..158650012 100644
--- a/OpenKeychain/src/test/java/tests/PgpDecryptVerifyTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpDecryptVerifyTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
package tests;
import org.junit.Assert;
@@ -5,7 +22,7 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.robolectric.*;
import org.openintents.openpgp.OpenPgpSignatureResult;
-import org.sufficientlysecure.keychain.testsupport.PgpVerifyTestingHelper;
+import org.sufficientlysecure.keychain.support.PgpVerifyTestingHelper;
@RunWith(RobolectricTestRunner.class)
@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
new file mode 100644
index 000000000..3c5d5b1c2
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
@@ -0,0 +1,785 @@
+package org.sufficientlysecure.keychain.tests;
+
+import junit.framework.AssertionFailedError;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.robolectric.*;
+import org.robolectric.shadows.ShadowLog;
+import org.spongycastle.bcpg.BCPGInputStream;
+import org.spongycastle.bcpg.Packet;
+import org.spongycastle.bcpg.PacketTags;
+import org.spongycastle.bcpg.SecretSubkeyPacket;
+import org.spongycastle.bcpg.SignaturePacket;
+import org.spongycastle.bcpg.UserIDPacket;
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.spongycastle.openpgp.PGPSignature;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.Constants.choice.algorithm;
+import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
+import org.sufficientlysecure.keychain.pgp.WrappedSignature;
+import org.sufficientlysecure.keychain.service.OperationResultParcel;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyChange;
+import org.sufficientlysecure.keychain.support.KeyringBuilder;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
+import org.sufficientlysecure.keychain.support.TestDataUtil;
+import org.sufficientlysecure.keychain.util.ProgressScaler;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.Random;
+
+@RunWith(RobolectricTestRunner.class)
+@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
+public class PgpKeyOperationTest {
+
+ static UncachedKeyRing staticRing;
+ static String passphrase;
+
+ UncachedKeyRing ring;
+ PgpKeyOperation op;
+ SaveKeyringParcel parcel;
+ ArrayList onlyA = new ArrayList();
+ ArrayList onlyB = new ArrayList();
+
+ @BeforeClass public static void setUpOnce() throws Exception {
+ ShadowLog.stream = System.out;
+
+ {
+ String chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789!@#$%^&*()-_=";
+ Random r = new Random();
+ StringBuilder passbuilder = new StringBuilder();
+ // 20% chance for an empty passphrase
+ for(int i = 0, j = r.nextInt(10) > 2 ? r.nextInt(20) : 0; i < j; i++) {
+ passbuilder.append(chars.charAt(r.nextInt(chars.length())));
+ }
+ passphrase = passbuilder.toString();
+ System.out.println("Passphrase is '" + passphrase + "'");
+ }
+
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.ENCRYPT_COMMS, null));
+
+ parcel.mAddUserIds.add("twi");
+ parcel.mAddUserIds.add("pink");
+ parcel.mNewPassphrase = passphrase;
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ staticRing = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertNotNull("initial test key creation must succeed", staticRing);
+
+ // we sleep here for a second, to make sure all new certificates have different timestamps
+ Thread.sleep(1000);
+ }
+
+ @Before public void setUp() throws Exception {
+ // show Log.x messages in system.out
+ ShadowLog.stream = System.out;
+ ring = staticRing;
+
+ // setting up some parameters just to reduce code duplication
+ op = new PgpKeyOperation(new ProgressScaler(null, 0, 100, 100));
+
+ // set this up, gonna need it more than once
+ parcel = new SaveKeyringParcel();
+ parcel.mMasterKeyId = ring.getMasterKeyId();
+ parcel.mFingerprint = ring.getFingerprint();
+
+ }
+
+ @Test
+ public void createSecretKeyRingTests() {
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+
+ {
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, new Random().nextInt(256)+255, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddUserIds.add("shy");
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertNull("creating ring with < 512 bytes keysize should fail", ring);
+ }
+
+ {
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.elgamal, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddUserIds.add("shy");
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertNull("creating ring with ElGamal master key should fail", ring);
+ }
+
+ {
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ 12345, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddUserIds.add("shy");
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+ Assert.assertNull("creating ring with bad algorithm choice should fail", ring);
+ }
+
+ {
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+ parcel.mAddUserIds.add("shy");
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+ Assert.assertNull("creating ring with non-certifying master key should fail", ring);
+ }
+
+ {
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+ Assert.assertNull("creating ring without user ids should fail", ring);
+ }
+
+ {
+ parcel.reset();
+ parcel.mAddUserIds.add("shy");
+ parcel.mNewPassphrase = passphrase;
+
+ UncachedKeyRing ring = op.createSecretKeyRing(parcel, log, 0);
+ Assert.assertNull("creating ring without subkeys should fail", ring);
+ }
+
+ }
+
+ @Test
+ // this is a special case since the flags are in user id certificates rather than
+ // subkey binding certificates
+ public void testMasterFlags() throws Exception {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, null));
+ parcel.mAddUserIds.add("luna");
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ ring = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertEquals("the keyring should contain only the master key",
+ 1, ring.getAvailableSubkeys().size());
+ Assert.assertEquals("first (master) key must have both flags",
+ KeyFlags.CERTIFY_OTHER | KeyFlags.SIGN_DATA, ring.getPublicKey().getKeyUsage());
+
+ }
+
+ @Test
+ public void testCreatedKey() throws Exception {
+
+ // an empty modification should change nothing. this also ensures the keyring
+ // is constant through canonicalization.
+ // applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertNotNull("key creation failed", ring);
+
+ Assert.assertNull("primary user id must be empty",
+ ring.getPublicKey().getPrimaryUserId());
+
+ Assert.assertEquals("number of user ids must be two",
+ 2, ring.getPublicKey().getUnorderedUserIds().size());
+
+ Assert.assertEquals("number of subkeys must be three",
+ 3, ring.getAvailableSubkeys().size());
+
+ Assert.assertTrue("key ring should have been created in the last 120 seconds",
+ ring.getPublicKey().getCreationTime().after(new Date(new Date().getTime()-1000*120)));
+
+ Assert.assertNull("key ring should not expire",
+ ring.getPublicKey().getExpiryTime());
+
+ Iterator it = ring.getPublicKeys();
+
+ Assert.assertEquals("first (master) key can certify",
+ KeyFlags.CERTIFY_OTHER, it.next().getKeyUsage());
+
+ UncachedPublicKey signingKey = it.next();
+ Assert.assertEquals("second key can sign",
+ KeyFlags.SIGN_DATA, signingKey.getKeyUsage());
+ ArrayList sigs = signingKey.getSignatures().next().getEmbeddedSignatures();
+ Assert.assertEquals("signing key signature should have one embedded signature",
+ 1, sigs.size());
+ Assert.assertEquals("embedded signature should be of primary key binding type",
+ PGPSignature.PRIMARYKEY_BINDING, sigs.get(0).getSignatureType());
+ Assert.assertEquals("primary key binding signature issuer should be signing subkey",
+ signingKey.getKeyId(), sigs.get(0).getKeyId());
+
+ Assert.assertEquals("third key can encrypt",
+ KeyFlags.ENCRYPT_COMMS, it.next().getKeyUsage());
+
+ }
+
+ @Test
+ public void testBadKeyModification() throws Exception {
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ // off by one
+ parcel.mMasterKeyId = ring.getMasterKeyId() -1;
+ parcel.mFingerprint = ring.getFingerprint();
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("keyring modification with bad master key id should fail", modified);
+ }
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ // off by one
+ parcel.mMasterKeyId = null;
+ parcel.mFingerprint = ring.getFingerprint();
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("keyring modification with null master key id should fail", modified);
+ }
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mMasterKeyId = ring.getMasterKeyId();
+ parcel.mFingerprint = ring.getFingerprint();
+ // some byte, off by one
+ parcel.mFingerprint[5] += 1;
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("keyring modification with bad fingerprint should fail", modified);
+ }
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mMasterKeyId = ring.getMasterKeyId();
+ parcel.mFingerprint = null;
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("keyring modification with null fingerprint should fail", modified);
+ }
+
+ {
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, "bad passphrase", log, 0);
+
+ Assert.assertNull("keyring modification with bad passphrase should fail", modified);
+ }
+
+ }
+
+ @Test
+ public void testSubkeyAdd() throws Exception {
+
+ long expiry = new Date().getTime() / 1000 + 159;
+ int flags = KeyFlags.SIGN_DATA;
+ int bits = 1024 + new Random().nextInt(8);
+ parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, bits, flags, expiry));
+
+ UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+ Assert.assertEquals("exactly two extra packets in modified", 2, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be secret subkey", p instanceof SecretSubkeyPacket);
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(1).buf)).readPacket();
+ Assert.assertTrue("second new packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ // get new key from ring. it should be the last one (add a check to make sure?)
+ UncachedPublicKey newKey = null;
+ {
+ Iterator it = modified.getPublicKeys();
+ while (it.hasNext()) {
+ newKey = it.next();
+ }
+ }
+
+ Assert.assertNotNull("new key is not null", newKey);
+ Assert.assertNotNull("added key must have an expiry date",
+ newKey.getExpiryTime());
+ Assert.assertEquals("added key must have expected expiry date",
+ expiry, newKey.getExpiryTime().getTime()/1000);
+ Assert.assertEquals("added key must have expected flags",
+ flags, newKey.getKeyUsage());
+ Assert.assertEquals("added key must have expected bitsize",
+ bits, newKey.getBitStrength());
+
+ { // bad keysize should fail
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SubkeyAdd(
+ algorithm.rsa, new Random().nextInt(512), KeyFlags.SIGN_DATA, null));
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("creating a subkey with keysize < 512 should fail", modified);
+ }
+
+ { // a past expiry should fail
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA,
+ new Date().getTime()/1000-10));
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("creating subkey with past expiry date should fail", modified);
+ }
+
+ }
+
+ @Test
+ public void testSubkeyModify() throws Exception {
+
+ long expiry = new Date().getTime()/1000 + 1024;
+ long keyId = KeyringTestingHelper.getSubkeyId(ring, 1);
+
+ UncachedKeyRing modified = ring;
+ {
+ parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, expiry));
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("one extra packet in original", 1, onlyA.size());
+ Assert.assertEquals("one extra packet in modified", 1, onlyB.size());
+
+ Assert.assertEquals("old packet must be signature",
+ PacketTags.SIGNATURE, onlyA.get(0).tag);
+
+ Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertNotNull("modified key must have an expiry date",
+ modified.getPublicKey(keyId).getExpiryTime());
+ Assert.assertEquals("modified key must have expected expiry date",
+ expiry, modified.getPublicKey(keyId).getExpiryTime().getTime()/1000);
+ Assert.assertEquals("modified key must have same flags as before",
+ ring.getPublicKey(keyId).getKeyUsage(), modified.getPublicKey(keyId).getKeyUsage());
+ }
+
+ {
+ int flags = KeyFlags.SIGN_DATA | KeyFlags.ENCRYPT_COMMS;
+ parcel.reset();
+ parcel.mChangeSubKeys.add(new SubkeyChange(keyId, flags, null));
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("old packet must be signature",
+ PacketTags.SIGNATURE, onlyA.get(0).tag);
+
+ Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertEquals("modified key must have expected flags",
+ flags, modified.getPublicKey(keyId).getKeyUsage());
+ Assert.assertNotNull("key must retain its expiry",
+ modified.getPublicKey(keyId).getExpiryTime());
+ Assert.assertEquals("key expiry must be unchanged",
+ expiry, modified.getPublicKey(keyId).getExpiryTime().getTime()/1000);
+ }
+
+ { // a past expiry should fail
+ parcel.reset();
+ parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime()/1000-10));
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("setting subkey expiry to a past date should fail", modified);
+ }
+
+ { // modifying nonexistent keyring should fail
+ parcel.reset();
+ parcel.mChangeSubKeys.add(new SubkeyChange(123, null, null));
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("modifying non-existent subkey should fail", modified);
+ }
+
+ }
+
+ @Test
+ public void testSubkeyRevoke() throws Exception {
+
+ long keyId = KeyringTestingHelper.getSubkeyId(ring, 1);
+ int flags = ring.getPublicKey(keyId).getKeyUsage();
+
+ UncachedKeyRing modified;
+
+ {
+
+ parcel.reset();
+ parcel.mRevokeSubKeys.add(123L);
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("revoking a nonexistent subkey should fail", otherModified);
+
+ }
+
+ { // revoked second subkey
+
+ parcel.reset();
+ parcel.mRevokeSubKeys.add(keyId);
+
+ modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.SUBKEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertTrue("subkey must actually be revoked",
+ modified.getPublicKey(keyId).isRevoked());
+ }
+
+ { // re-add second subkey
+
+ parcel.reset();
+ parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, null));
+
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("exactly two outdated packets in original", 2, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(0).buf)).readPacket();
+ Assert.assertTrue("first outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("first outdated signature type must be subkey binding certification",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("first outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(1).buf)).readPacket();
+ Assert.assertTrue("second outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("second outdated signature type must be subkey revocation",
+ PGPSignature.SUBKEY_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("second outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("new packet must be signature ", p instanceof SignaturePacket);
+ Assert.assertEquals("new signature type must be subkey binding certification",
+ PGPSignature.SUBKEY_BINDING, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ Assert.assertFalse("subkey must no longer be revoked",
+ modified.getPublicKey(keyId).isRevoked());
+ Assert.assertEquals("subkey must have the same usage flags as before",
+ flags, modified.getPublicKey(keyId).getKeyUsage());
+
+ }
+ }
+
+ @Test
+ public void testUserIdRevoke() throws Exception {
+
+ UncachedKeyRing modified;
+ String uid = ring.getPublicKey().getUnorderedUserIds().get(1);
+
+ { // revoke second user id
+
+ parcel.mRevokeUserIds.add(uid);
+
+ modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be secret subkey", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be subkey binding certificate",
+ PGPSignature.CERTIFICATION_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ }
+
+ { // re-add second user id
+
+ parcel.reset();
+ parcel.mChangePrimaryUserId = uid;
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(modified.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("setting primary user id to a revoked user id should fail", otherModified);
+
+ }
+
+ { // re-add second user id
+
+ parcel.reset();
+ parcel.mAddUserIds.add(uid);
+
+ applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("exactly two outdated packets in original", 2, onlyA.size());
+ Assert.assertEquals("exactly one extra packet in modified", 1, onlyB.size());
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(0).buf)).readPacket();
+ Assert.assertTrue("first outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("first outdated signature type must be positive certification",
+ PGPSignature.POSITIVE_CERTIFICATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("first outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(1).buf)).readPacket();
+ Assert.assertTrue("second outdated packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("second outdated signature type must be certificate revocation",
+ PGPSignature.CERTIFICATION_REVOCATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("second outdated signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("new packet must be signature ", p instanceof SignaturePacket);
+ Assert.assertEquals("new signature type must be positive certification",
+ PGPSignature.POSITIVE_CERTIFICATION, ((SignaturePacket) p).getSignatureType());
+ Assert.assertEquals("signature must have been created by master key",
+ ring.getMasterKeyId(), ((SignaturePacket) p).getKeyID());
+ }
+
+ }
+
+ @Test
+ public void testUserIdAdd() throws Exception {
+
+ {
+ parcel.mAddUserIds.add("");
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+ Assert.assertNull("adding an empty user id should fail", modified);
+ }
+
+ parcel.reset();
+ parcel.mAddUserIds.add("rainbow");
+
+ UncachedKeyRing modified = applyModificationWithChecks(parcel, ring, onlyA, onlyB);
+
+ Assert.assertTrue("keyring must contain added user id",
+ modified.getPublicKey().getUnorderedUserIds().contains("rainbow"));
+
+ Assert.assertEquals("no extra packets in original", 0, onlyA.size());
+ Assert.assertEquals("exactly two extra packets in modified", 2, onlyB.size());
+
+ Assert.assertTrue("keyring must contain added user id",
+ modified.getPublicKey().getUnorderedUserIds().contains("rainbow"));
+
+ Packet p;
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(0).buf)).readPacket();
+ Assert.assertTrue("first new packet must be user id", p instanceof UserIDPacket);
+ Assert.assertEquals("user id packet must match added user id",
+ "rainbow", ((UserIDPacket) p).getID());
+
+ p = new BCPGInputStream(new ByteArrayInputStream(onlyB.get(1).buf)).readPacket();
+ Assert.assertTrue("second new packet must be signature", p instanceof SignaturePacket);
+ Assert.assertEquals("signature type must be positive certification",
+ PGPSignature.POSITIVE_CERTIFICATION, ((SignaturePacket) p).getSignatureType());
+
+ }
+
+ @Test
+ public void testUserIdPrimary() throws Exception {
+
+ UncachedKeyRing modified = ring;
+ String uid = ring.getPublicKey().getUnorderedUserIds().get(1);
+
+ { // first part, add new user id which is also primary
+ parcel.mAddUserIds.add("jack");
+ parcel.mChangePrimaryUserId = "jack";
+
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("primary user id must be the one added",
+ "jack", modified.getPublicKey().getPrimaryUserId());
+ }
+
+ { // second part, change primary to a different one
+ parcel.reset();
+ parcel.mChangePrimaryUserId = uid;
+
+ modified = applyModificationWithChecks(parcel, modified, onlyA, onlyB);
+
+ Assert.assertEquals("old keyring must have two outdated certificates", 2, onlyA.size());
+ Assert.assertEquals("new keyring must have two new packets", 2, onlyB.size());
+
+ Assert.assertEquals("primary user id must be the one changed to",
+ "pink", modified.getPublicKey().getPrimaryUserId());
+ }
+
+ { // third part, change primary to a non-existent one
+ parcel.reset();
+ //noinspection SpellCheckingInspection
+ parcel.mChangePrimaryUserId = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
+ if (parcel.mChangePrimaryUserId.equals(passphrase)) {
+ parcel.mChangePrimaryUserId += "A";
+ }
+
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+
+ Assert.assertNull("changing primary user id to a non-existent one should fail", modified);
+ }
+
+ // check for revoked primary user id already done in revoke test
+
+ }
+
+
+ private static UncachedKeyRing applyModificationWithChecks(SaveKeyringParcel parcel,
+ UncachedKeyRing ring,
+ ArrayList onlyA,
+ ArrayList onlyB) {
+ return applyModificationWithChecks(parcel, ring, onlyA, onlyB, true, true);
+ }
+
+ // applies a parcel modification while running some integrity checks
+ private static UncachedKeyRing applyModificationWithChecks(SaveKeyringParcel parcel,
+ UncachedKeyRing ring,
+ ArrayList onlyA,
+ ArrayList onlyB,
+ boolean canonicalize,
+ boolean constantCanonicalize) {
+ try {
+
+ Assert.assertTrue("modified keyring must be secret", ring.isSecret());
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
+
+ PgpKeyOperation op = new PgpKeyOperation(null);
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing rawModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
+ Assert.assertNotNull("key modification failed", rawModified);
+
+ if (!canonicalize) {
+ Assert.assertTrue("keyring must differ from original", KeyringTestingHelper.diffKeyrings(
+ ring.getEncoded(), rawModified.getEncoded(), onlyA, onlyB));
+ return rawModified;
+ }
+
+ UncachedKeyRing modified = rawModified.canonicalize(log, 0);
+ if (constantCanonicalize) {
+ Assert.assertTrue("key must be constant through canonicalization",
+ !KeyringTestingHelper.diffKeyrings(
+ modified.getEncoded(), rawModified.getEncoded(), onlyA, onlyB)
+ );
+ }
+ Assert.assertTrue("keyring must differ from original", KeyringTestingHelper.diffKeyrings(
+ ring.getEncoded(), modified.getEncoded(), onlyA, onlyB));
+ return modified;
+
+ } catch (IOException e) {
+ throw new AssertionFailedError("error during encoding!");
+ }
+ }
+
+ @Test
+ public void testVerifySuccess() throws Exception {
+
+ UncachedKeyRing expectedKeyRing = KeyringBuilder.correctRing();
+ UncachedKeyRing inputKeyRing = KeyringBuilder.ringWithExtraIncorrectSignature();
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing canonicalizedRing = inputKeyRing.canonicalize(log, 0);
+
+ if (canonicalizedRing == null) {
+ throw new AssertionError("Canonicalization failed; messages: [" + log + "]");
+ }
+
+ ArrayList onlyA = new ArrayList();
+ ArrayList onlyB = new ArrayList();
+ //noinspection unchecked
+ Assert.assertTrue("keyrings differ", !KeyringTestingHelper.diffKeyrings(
+ expectedKeyRing.getEncoded(), expectedKeyRing.getEncoded(), onlyA, onlyB));
+
+ }
+
+ /**
+ * Just testing my own test code. Should really be using a library for this.
+ */
+ @Test
+ public void testConcat() throws Exception {
+ byte[] actual = TestDataUtil.concatAll(new byte[]{1}, new byte[]{2,-2}, new byte[]{5},new byte[]{3});
+ byte[] expected = new byte[]{1,2,-2,5,3};
+ Assert.assertEquals(java.util.Arrays.toString(expected), java.util.Arrays.toString(actual));
+ }
+
+
+}
diff --git a/OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/ProviderHelperKeyringTest.java
similarity index 78%
rename from OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java
rename to OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/ProviderHelperKeyringTest.java
index 3d48c2f97..665e8ef2b 100644
--- a/OpenKeychain/src/test/java/tests/ProviderHelperKeyringTest.java
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/ProviderHelperKeyringTest.java
@@ -1,3 +1,20 @@
+/*
+ * Copyright (C) Art O Cathain
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
package tests;
import java.util.Collections;
@@ -9,9 +26,7 @@ import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.robolectric.*;
-import org.openintents.openpgp.OpenPgpSignatureResult;
-import org.sufficientlysecure.keychain.testsupport.KeyringTestingHelper;
-import org.sufficientlysecure.keychain.testsupport.PgpVerifyTestingHelper;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
@RunWith(RobolectricTestRunner.class)
@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
@@ -24,7 +39,7 @@ public class ProviderHelperKeyringTest {
)));
}
- @Test
+ // @Test
public void testSavePublicKeyringRsa() throws Exception {
Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList(
"000001-006.public_key",
@@ -45,7 +60,7 @@ public class ProviderHelperKeyringTest {
))));
}
- @Test
+ // @Test
public void testSavePublicKeyringDsa() throws Exception {
Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList(
"000016-006.public_key",
@@ -62,7 +77,7 @@ public class ProviderHelperKeyringTest {
))));
}
- @Test
+ // @Test
public void testSavePublicKeyringDsa2() throws Exception {
Assert.assertTrue(new KeyringTestingHelper(Robolectric.application).addKeyring(prependResourcePath(Arrays.asList(
"000027-006.public_key",
@@ -79,7 +94,7 @@ public class ProviderHelperKeyringTest {
private static Collection prependResourcePath(Collection files) {
Collection prependedFiles = new ArrayList();
for (String file: files) {
- prependedFiles.add("/extern/OpenPGP-Haskell/tests/data/" + file);
+ prependedFiles.add("/OpenPGP-Haskell/tests/data/" + file);
}
return prependedFiles;
}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringCanonicalizeTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringCanonicalizeTest.java
new file mode 100644
index 000000000..b7181fdab
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringCanonicalizeTest.java
@@ -0,0 +1,625 @@
+package org.sufficientlysecure.keychain.tests;
+
+import org.junit.BeforeClass;
+import org.junit.runner.RunWith;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.Before;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.shadows.ShadowLog;
+import org.spongycastle.bcpg.BCPGInputStream;
+import org.spongycastle.bcpg.Packet;
+import org.spongycastle.bcpg.PacketTags;
+import org.spongycastle.bcpg.UserIDPacket;
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.spongycastle.openpgp.PGPPrivateKey;
+import org.spongycastle.openpgp.PGPPublicKey;
+import org.spongycastle.openpgp.PGPSecretKey;
+import org.spongycastle.openpgp.PGPSecretKeyRing;
+import org.spongycastle.openpgp.PGPSignature;
+import org.spongycastle.openpgp.PGPSignatureGenerator;
+import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator;
+import org.spongycastle.openpgp.PGPUtil;
+import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.spongycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
+import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
+import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.pgp.WrappedSignature;
+import org.sufficientlysecure.keychain.service.OperationResultParcel;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
+
+import java.io.ByteArrayInputStream;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+
+
+/** Tests for the UncachedKeyring.canonicalize method.
+ *
+ * This is a complex and crypto-relevant method, which takes care of sanitizing keyrings.
+ * Test cases are made for all its assertions.
+ */
+
+@RunWith(RobolectricTestRunner.class)
+@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
+public class UncachedKeyringCanonicalizeTest {
+
+ static UncachedKeyRing staticRing;
+ static int totalPackets;
+ UncachedKeyRing ring;
+ ArrayList onlyA = new ArrayList();
+ ArrayList onlyB = new ArrayList();
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ PGPSignatureSubpacketGenerator subHashedPacketsGen;
+ PGPSecretKey secretKey;
+
+ @BeforeClass
+ public static void setUpOnce() throws Exception {
+ ShadowLog.stream = System.out;
+
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.ENCRYPT_COMMS, null));
+
+ parcel.mAddUserIds.add("twi");
+ parcel.mAddUserIds.add("pink");
+ // passphrase is tested in PgpKeyOperationTest, just use empty here
+ parcel.mNewPassphrase = "";
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ staticRing = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertNotNull("initial test key creation must succeed", staticRing);
+
+ // just for later reference
+ totalPackets = 9;
+
+ // we sleep here for a second, to make sure all new certificates have different timestamps
+ Thread.sleep(1000);
+ }
+
+ @Before public void setUp() throws Exception {
+ // show Log.x messages in system.out
+ ShadowLog.stream = System.out;
+ ring = staticRing;
+
+ subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
+ secretKey = new PGPSecretKeyRing(ring.getEncoded(), new JcaKeyFingerprintCalculator())
+ .getSecretKey();
+ }
+
+ /** Make sure the assumptions made about the generated ring packet structure are valid. */
+ @Test public void testGeneratedRingStructure() throws Exception {
+
+ Iterator it = KeyringTestingHelper.parseKeyring(ring.getEncoded());
+
+ Assert.assertEquals("packet #1 should be secret key",
+ PacketTags.SECRET_KEY, it.next().tag);
+
+ Assert.assertEquals("packet #2 should be user id",
+ PacketTags.USER_ID, it.next().tag);
+ Assert.assertEquals("packet #3 should be signature",
+ PacketTags.SIGNATURE, it.next().tag);
+
+ Assert.assertEquals("packet #4 should be user id",
+ PacketTags.USER_ID, it.next().tag);
+ Assert.assertEquals("packet #5 should be signature",
+ PacketTags.SIGNATURE, it.next().tag);
+
+ Assert.assertEquals("packet #6 should be secret subkey",
+ PacketTags.SECRET_SUBKEY, it.next().tag);
+ Assert.assertEquals("packet #7 should be signature",
+ PacketTags.SIGNATURE, it.next().tag);
+
+ Assert.assertEquals("packet #8 should be secret subkey",
+ PacketTags.SECRET_SUBKEY, it.next().tag);
+ Assert.assertEquals("packet #9 should be signature",
+ PacketTags.SIGNATURE, it.next().tag);
+
+ Assert.assertFalse("exactly 9 packets total", it.hasNext());
+
+ Assert.assertArrayEquals("created keyring should be constant through canonicalization",
+ ring.getEncoded(), ring.canonicalize(log, 0).getEncoded());
+
+ }
+
+ @Test public void testUidSignature() throws Exception {
+
+ UncachedPublicKey masterKey = ring.getPublicKey();
+ final WrappedSignature sig = masterKey.getSignaturesForId("twi").next();
+
+ byte[] raw = sig.getEncoded();
+ // destroy the signature
+ raw[raw.length - 5] += 1;
+ final WrappedSignature brokenSig = WrappedSignature.fromBytes(raw);
+
+ { // bad certificates get stripped
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, brokenSig.getEncoded(), 3);
+ modified = modified.canonicalize(log, 0);
+
+ Assert.assertTrue("canonicalized keyring with invalid extra sig must be same as original one",
+ !KeyringTestingHelper.diffKeyrings(
+ ring.getEncoded(), modified.getEncoded(), onlyA, onlyB));
+ }
+
+ // remove user id certificate for one user
+ final UncachedKeyRing base = KeyringTestingHelper.removePacket(ring, 2);
+
+ { // user id without certificate should be removed
+ UncachedKeyRing modified = base.canonicalize(log, 0);
+ Assert.assertTrue("canonicalized keyring must differ", KeyringTestingHelper.diffKeyrings(
+ ring.getEncoded(), modified.getEncoded(), onlyA, onlyB));
+
+ Assert.assertEquals("two packets should be stripped after canonicalization", 2, onlyA.size());
+ Assert.assertEquals("no new packets after canonicalization", 0, onlyB.size());
+
+ Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(0).buf)).readPacket();
+ Assert.assertTrue("first stripped packet must be user id", p instanceof UserIDPacket);
+ Assert.assertEquals("missing user id must be the expected one",
+ "twi", ((UserIDPacket) p).getID());
+
+ Assert.assertArrayEquals("second stripped packet must be signature we removed",
+ sig.getEncoded(), onlyA.get(1).buf);
+
+ }
+
+ { // add error to signature
+
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(base, brokenSig.getEncoded(), 3);
+ modified = modified.canonicalize(log, 0);
+
+ Assert.assertTrue("canonicalized keyring must differ", KeyringTestingHelper.diffKeyrings(
+ ring.getEncoded(), modified.getEncoded(), onlyA, onlyB));
+
+ Assert.assertEquals("two packets should be missing after canonicalization", 2, onlyA.size());
+ Assert.assertEquals("no new packets after canonicalization", 0, onlyB.size());
+
+ Packet p = new BCPGInputStream(new ByteArrayInputStream(onlyA.get(0).buf)).readPacket();
+ Assert.assertTrue("first stripped packet must be user id", p instanceof UserIDPacket);
+ Assert.assertEquals("missing user id must be the expected one",
+ "twi", ((UserIDPacket) p).getID());
+
+ Assert.assertArrayEquals("second stripped packet must be signature we removed",
+ sig.getEncoded(), onlyA.get(1).buf);
+ }
+
+ }
+
+ @Test public void testUidDestroy() throws Exception {
+
+ // signature for "twi"
+ ring = KeyringTestingHelper.removePacket(ring, 2);
+ // signature for "pink"
+ ring = KeyringTestingHelper.removePacket(ring, 3);
+
+ // canonicalization should fail, because there are no valid uids left
+ UncachedKeyRing canonicalized = ring.canonicalize(log, 0);
+ Assert.assertNull("canonicalization of keyring with no valid uids should fail", canonicalized);
+
+ }
+
+ @Test public void testRevocationRedundant() throws Exception {
+
+ PGPSignature revocation = forgeSignature(
+ secretKey, PGPSignature.KEY_REVOCATION, subHashedPacketsGen, secretKey.getPublicKey());
+
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, revocation.getEncoded(), 1);
+
+ // try to add the same packet again, it should be rejected in all positions
+ injectEverywhere(modified, revocation.getEncoded());
+
+ // an older (but different!) revocation should be rejected as well
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -1000*1000));
+ revocation = forgeSignature(
+ secretKey, PGPSignature.KEY_REVOCATION, subHashedPacketsGen, secretKey.getPublicKey());
+
+ injectEverywhere(modified, revocation.getEncoded());
+
+ }
+
+ @Test public void testUidRedundant() throws Exception {
+
+ // an older uid certificate should be rejected
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -1000*1000));
+ PGPSignature revocation = forgeSignature(
+ secretKey, PGPSignature.DEFAULT_CERTIFICATION, subHashedPacketsGen, "twi", secretKey.getPublicKey());
+
+ injectEverywhere(ring, revocation.getEncoded());
+
+ }
+
+ @Test public void testUidRevocationOutdated() throws Exception {
+ // an older uid revocation cert should be rejected
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -1000*1000));
+ PGPSignature revocation = forgeSignature(
+ secretKey, PGPSignature.CERTIFICATION_REVOCATION, subHashedPacketsGen, "twi", secretKey.getPublicKey());
+
+ injectEverywhere(ring, revocation.getEncoded());
+
+ }
+
+ @Test public void testUidRevocationRedundant() throws Exception {
+
+ PGPSignature revocation = forgeSignature(
+ secretKey, PGPSignature.CERTIFICATION_REVOCATION, subHashedPacketsGen, "twi", secretKey.getPublicKey());
+
+ // add that revocation to the base, and check if the redundant one will be rejected as well
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, revocation.getEncoded(), 2);
+
+ injectEverywhere(modified, revocation.getEncoded());
+
+ // an older (but different!) uid revocation should be rejected as well
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -1000*1000));
+ revocation = forgeSignature(
+ secretKey, PGPSignature.CERTIFICATION_REVOCATION, subHashedPacketsGen, "twi", secretKey.getPublicKey());
+
+ injectEverywhere(modified, revocation.getEncoded());
+
+ }
+
+ @Test public void testSignatureBroken() throws Exception {
+
+ injectEverytype(secretKey, ring, subHashedPacketsGen, true);
+
+ }
+
+ @Test public void testForeignSignature() throws Exception {
+
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddUserIds.add("trix");
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ UncachedKeyRing foreign = op.createSecretKeyRing(parcel, log, 0);
+
+ Assert.assertNotNull("initial test key creation must succeed", foreign);
+ PGPSecretKey foreignSecretKey =
+ new PGPSecretKeyRing(foreign.getEncoded(), new JcaKeyFingerprintCalculator())
+ .getSecretKey();
+
+ injectEverytype(foreignSecretKey, ring, subHashedPacketsGen);
+
+ }
+
+ @Test public void testSignatureFuture() throws Exception {
+
+ // generate future
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() + 1000 * 1000));
+
+ injectEverytype(secretKey, ring, subHashedPacketsGen);
+
+
+ }
+
+ @Test public void testSignatureLocal() throws Exception {
+
+ // generate future
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date());
+ subHashedPacketsGen.setExportable(false, false);
+
+ injectEverytype(secretKey, ring, subHashedPacketsGen);
+
+ }
+
+ @Test public void testSubkeyDestroy() throws Exception {
+
+ // signature for second key (first subkey)
+ UncachedKeyRing modified = KeyringTestingHelper.removePacket(ring, 6);
+
+ // canonicalization should fail, because there are no valid uids left
+ UncachedKeyRing canonicalized = modified.canonicalize(log, 0);
+ Assert.assertTrue("keyring with missing subkey binding sig should differ from intact one after canonicalization",
+ KeyringTestingHelper.diffKeyrings(ring.getEncoded(), canonicalized.getEncoded(),
+ onlyA, onlyB)
+ );
+
+ Assert.assertEquals("canonicalized keyring should have two extra packets", 2, onlyA.size());
+ Assert.assertEquals("canonicalized keyring should have no extra packets", 0, onlyB.size());
+
+ Assert.assertEquals("first missing packet should be the subkey",
+ PacketTags.SECRET_SUBKEY, onlyA.get(0).tag);
+ Assert.assertEquals("second missing packet should be subkey's signature",
+ PacketTags.SIGNATURE, onlyA.get(1).tag);
+ Assert.assertEquals("second missing packet should be next to subkey",
+ onlyA.get(0).position + 1, onlyA.get(1).position);
+
+ }
+
+ @Test public void testSubkeyBindingNoPKB() throws Exception {
+
+ UncachedPublicKey pKey = KeyringTestingHelper.getNth(ring.getPublicKeys(), 1);
+ Assert.assertTrue("second subkey must be able to sign", pKey.canSign());
+
+ PGPSignature sig;
+
+ subHashedPacketsGen.setKeyFlags(false, KeyFlags.SIGN_DATA);
+
+ {
+ // forge a (newer) signature, which has the sign flag but no primary key binding sig
+ PGPSignatureSubpacketGenerator unhashedSubs = new PGPSignatureSubpacketGenerator();
+
+ // just add any random signature, because why not
+ unhashedSubs.setEmbeddedSignature(false, forgeSignature(
+ secretKey, PGPSignature.POSITIVE_CERTIFICATION, subHashedPacketsGen,
+ secretKey.getPublicKey()
+ )
+ );
+
+ sig = forgeSignature(
+ secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen, unhashedSubs,
+ secretKey.getPublicKey(), pKey.getPublicKey());
+
+ // inject in the right position
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, sig.getEncoded(), 6);
+
+ // canonicalize, and check if we lose the bad signature
+ UncachedKeyRing canonicalized = modified.canonicalize(log, 0);
+ Assert.assertFalse("subkey binding signature should be gone after canonicalization",
+ KeyringTestingHelper.diffKeyrings(ring.getEncoded(), canonicalized.getEncoded(),
+ onlyA, onlyB)
+ );
+ }
+
+ { // now try one with a /bad/ primary key binding signature
+
+ PGPSignatureSubpacketGenerator unhashedSubs = new PGPSignatureSubpacketGenerator();
+ // this one is signed by the primary key itself, not the subkey - but it IS primary binding
+ unhashedSubs.setEmbeddedSignature(false, forgeSignature(
+ secretKey, PGPSignature.PRIMARYKEY_BINDING, subHashedPacketsGen,
+ secretKey.getPublicKey(), pKey.getPublicKey()
+ )
+ );
+
+ sig = forgeSignature(
+ secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen, unhashedSubs,
+ secretKey.getPublicKey(), pKey.getPublicKey());
+
+ // inject in the right position
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, sig.getEncoded(), 6);
+
+ // canonicalize, and check if we lose the bad signature
+ UncachedKeyRing canonicalized = modified.canonicalize(log, 0);
+ Assert.assertFalse("subkey binding signature should be gone after canonicalization",
+ KeyringTestingHelper.diffKeyrings(ring.getEncoded(), canonicalized.getEncoded(),
+ onlyA, onlyB)
+ );
+ }
+
+ }
+
+ @Test public void testSubkeyBindingRedundant() throws Exception {
+
+ UncachedPublicKey pKey = KeyringTestingHelper.getNth(ring.getPublicKeys(), 2);
+
+ subHashedPacketsGen.setKeyFlags(false, KeyFlags.ENCRYPT_COMMS);
+ PGPSignature sig2 = forgeSignature(
+ secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen,
+ secretKey.getPublicKey(), pKey.getPublicKey());
+
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -1000*1000));
+ PGPSignature sig1 = forgeSignature(
+ secretKey, PGPSignature.SUBKEY_REVOCATION, subHashedPacketsGen,
+ secretKey.getPublicKey(), pKey.getPublicKey());
+
+ subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
+ subHashedPacketsGen.setSignatureCreationTime(false, new Date(new Date().getTime() -100*1000));
+ PGPSignature sig3 = forgeSignature(
+ secretKey, PGPSignature.SUBKEY_BINDING, subHashedPacketsGen,
+ secretKey.getPublicKey(), pKey.getPublicKey());
+
+ UncachedKeyRing modified = KeyringTestingHelper.injectPacket(ring, sig1.getEncoded(), 8);
+ modified = KeyringTestingHelper.injectPacket(modified, sig2.getEncoded(), 9);
+ modified = KeyringTestingHelper.injectPacket(modified, sig1.getEncoded(), 10);
+ modified = KeyringTestingHelper.injectPacket(modified, sig3.getEncoded(), 11);
+
+ // canonicalize, and check if we lose the bad signature
+ UncachedKeyRing canonicalized = modified.canonicalize(log, 0);
+ Assert.assertTrue("subkey binding signature should be gone after canonicalization",
+ KeyringTestingHelper.diffKeyrings(modified.getEncoded(), canonicalized.getEncoded(),
+ onlyA, onlyB)
+ );
+
+ Assert.assertEquals("canonicalized keyring should have lost two packets", 3, onlyA.size());
+ Assert.assertEquals("canonicalized keyring should have no extra packets", 0, onlyB.size());
+
+ Assert.assertEquals("first missing packet should be the subkey",
+ PacketTags.SIGNATURE, onlyA.get(0).tag);
+ Assert.assertEquals("second missing packet should be a signature",
+ PacketTags.SIGNATURE, onlyA.get(1).tag);
+ Assert.assertEquals("second missing packet should be a signature",
+ PacketTags.SIGNATURE, onlyA.get(2).tag);
+
+ }
+
+ private static final int[] sigtypes_direct = new int[] {
+ PGPSignature.KEY_REVOCATION,
+ PGPSignature.DIRECT_KEY,
+ };
+ private static final int[] sigtypes_uid = new int[] {
+ PGPSignature.DEFAULT_CERTIFICATION,
+ PGPSignature.NO_CERTIFICATION,
+ PGPSignature.CASUAL_CERTIFICATION,
+ PGPSignature.POSITIVE_CERTIFICATION,
+ PGPSignature.CERTIFICATION_REVOCATION,
+ };
+ private static final int[] sigtypes_subkey = new int[] {
+ PGPSignature.SUBKEY_BINDING,
+ PGPSignature.PRIMARYKEY_BINDING,
+ PGPSignature.SUBKEY_REVOCATION,
+ };
+
+ private static void injectEverytype(PGPSecretKey secretKey,
+ UncachedKeyRing ring,
+ PGPSignatureSubpacketGenerator subHashedPacketsGen)
+ throws Exception {
+ injectEverytype(secretKey, ring, subHashedPacketsGen, false);
+ }
+
+ private static void injectEverytype(PGPSecretKey secretKey,
+ UncachedKeyRing ring,
+ PGPSignatureSubpacketGenerator subHashedPacketsGen,
+ boolean breakSig)
+ throws Exception {
+
+ for (int sigtype : sigtypes_direct) {
+ PGPSignature sig = forgeSignature(
+ secretKey, sigtype, subHashedPacketsGen, secretKey.getPublicKey());
+ byte[] encoded = sig.getEncoded();
+ if (breakSig) {
+ encoded[encoded.length-10] += 1;
+ }
+ injectEverywhere(ring, encoded);
+ }
+
+ for (int sigtype : sigtypes_uid) {
+ PGPSignature sig = forgeSignature(
+ secretKey, sigtype, subHashedPacketsGen, "twi", secretKey.getPublicKey());
+
+ byte[] encoded = sig.getEncoded();
+ if (breakSig) {
+ encoded[encoded.length-10] += 1;
+ }
+ injectEverywhere(ring, encoded);
+ }
+
+ for (int sigtype : sigtypes_subkey) {
+ PGPSignature sig = forgeSignature(
+ secretKey, sigtype, subHashedPacketsGen,
+ secretKey.getPublicKey(), secretKey.getPublicKey());
+
+ byte[] encoded = sig.getEncoded();
+ if (breakSig) {
+ encoded[encoded.length-10] += 1;
+ }
+ injectEverywhere(ring, encoded);
+ }
+
+ }
+
+ private static void injectEverywhere(UncachedKeyRing ring, byte[] packet) throws Exception {
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+
+ byte[] encodedRing = ring.getEncoded();
+
+ for(int i = 0; i < totalPackets; i++) {
+
+ byte[] brokenEncoded = KeyringTestingHelper.injectPacket(encodedRing, packet, i);
+
+ try {
+
+ UncachedKeyRing brokenRing = UncachedKeyRing.decodeFromData(brokenEncoded);
+
+ brokenRing = brokenRing.canonicalize(log, 0);
+ if (brokenRing == null) {
+ System.out.println("ok, canonicalization failed.");
+ continue;
+ }
+
+ Assert.assertArrayEquals("injected bad signature must be gone after canonicalization",
+ ring.getEncoded(), brokenRing.getEncoded());
+
+ } catch (Exception e) {
+ System.out.println("ok, rejected with: " + e.getMessage());
+ }
+ }
+
+ }
+
+ private static PGPSignature forgeSignature(PGPSecretKey key, int type,
+ PGPSignatureSubpacketGenerator subpackets,
+ PGPPublicKey publicKey)
+ throws Exception {
+
+ PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
+ Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
+ PGPPrivateKey privateKey = key.extractPrivateKey(keyDecryptor);
+
+ PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
+ publicKey.getAlgorithm(), PGPUtil.SHA1)
+ .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
+
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
+ sGen.setHashedSubpackets(subpackets.generate());
+ sGen.init(type, privateKey);
+ return sGen.generateCertification(publicKey);
+
+ }
+
+ private static PGPSignature forgeSignature(PGPSecretKey key, int type,
+ PGPSignatureSubpacketGenerator subpackets,
+ String userId, PGPPublicKey publicKey)
+ throws Exception {
+
+ PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
+ Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
+ PGPPrivateKey privateKey = key.extractPrivateKey(keyDecryptor);
+
+ PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
+ publicKey.getAlgorithm(), PGPUtil.SHA1)
+ .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
+
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
+ sGen.setHashedSubpackets(subpackets.generate());
+ sGen.init(type, privateKey);
+ return sGen.generateCertification(userId, publicKey);
+
+ }
+
+ private static PGPSignature forgeSignature(PGPSecretKey key, int type,
+ PGPSignatureSubpacketGenerator subpackets,
+ PGPPublicKey publicKey, PGPPublicKey signedKey)
+ throws Exception {
+
+ PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
+ Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
+ PGPPrivateKey privateKey = key.extractPrivateKey(keyDecryptor);
+
+ PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
+ publicKey.getAlgorithm(), PGPUtil.SHA1)
+ .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
+
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
+ sGen.setHashedSubpackets(subpackets.generate());
+ sGen.init(type, privateKey);
+ return sGen.generateCertification(publicKey, signedKey);
+
+ }
+
+ private static PGPSignature forgeSignature(PGPSecretKey key, int type,
+ PGPSignatureSubpacketGenerator hashedSubs,
+ PGPSignatureSubpacketGenerator unhashedSubs,
+ PGPPublicKey publicKey, PGPPublicKey signedKey)
+ throws Exception {
+
+ PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
+ Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
+ PGPPrivateKey privateKey = key.extractPrivateKey(keyDecryptor);
+
+ PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
+ publicKey.getAlgorithm(), PGPUtil.SHA1)
+ .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
+
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
+ sGen.setHashedSubpackets(hashedSubs.generate());
+ sGen.setUnhashedSubpackets(unhashedSubs.generate());
+ sGen.init(type, privateKey);
+ return sGen.generateCertification(publicKey, signedKey);
+
+ }
+
+}
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringMergeTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringMergeTest.java
new file mode 100644
index 000000000..af60085ce
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringMergeTest.java
@@ -0,0 +1,397 @@
+package org.sufficientlysecure.keychain.tests;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.shadows.ShadowLog;
+import org.spongycastle.bcpg.BCPGInputStream;
+import org.spongycastle.bcpg.Packet;
+import org.spongycastle.bcpg.PacketTags;
+import org.spongycastle.bcpg.PublicKeyPacket;
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
+import org.sufficientlysecure.keychain.pgp.WrappedSecretKey;
+import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
+import org.sufficientlysecure.keychain.service.OperationResultParcel;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
+import org.sufficientlysecure.keychain.util.ProgressScaler;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+/** Tests for the UncachedKeyring.merge method.
+ *
+ * This is another complex, crypto-related method. It merges information from one keyring into
+ * another, keeping information from the base (ie, called object) keyring in case of conflicts.
+ * The types of keys may be Public or Secret and can be mixed, For mixed types the result type
+ * will be the same as the base keyring.
+ *
+ * Test cases:
+ * - Merging keyrings with different masterKeyIds should fail
+ * - Merging a key with itself should be a no-operation
+ * - Merging a key with an extra revocation certificate, it should have that certificate
+ * - Merging a key with an extra user id, it should have that extra user id and its certificates
+ * - Merging a key with an extra user id certificate, it should have that certificate
+ * - Merging a key with an extra subkey, it should have that subkey
+ * - Merging a key with an extra subkey certificate, it should have that certificate
+ * - All of the above operations should work regardless of the key types. This means in particular
+ * that for new subkeys, an equivalent subkey of the proper type must be generated.
+ * - In case of two secret keys with the same id but different S2K, the key of the base keyring
+ * should be preferred (TODO or should it?)
+ *
+ * Note that the merge operation does not care about certificate validity, a bad certificate or
+ * packet will be copied regardless. Filtering out bad packets is done with canonicalization.
+ *
+ */
+@RunWith(RobolectricTestRunner.class)
+@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
+public class UncachedKeyringMergeTest {
+
+ static UncachedKeyRing staticRingA, staticRingB;
+ UncachedKeyRing ringA, ringB;
+ ArrayList onlyA = new ArrayList();
+ ArrayList onlyB = new ArrayList();
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ PgpKeyOperation op;
+ SaveKeyringParcel parcel;
+
+ @BeforeClass
+ public static void setUpOnce() throws Exception {
+ ShadowLog.stream = System.out;
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+
+ parcel.mAddUserIds.add("twi");
+ parcel.mAddUserIds.add("pink");
+ // passphrase is tested in PgpKeyOperationTest, just use empty here
+ parcel.mNewPassphrase = "";
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ staticRingA = op.createSecretKeyRing(parcel, log, 0);
+ }
+
+ {
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+
+ parcel.mAddUserIds.add("shy");
+ // passphrase is tested in PgpKeyOperationTest, just use empty here
+ parcel.mNewPassphrase = "";
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ staticRingB = op.createSecretKeyRing(parcel, log, 0);
+ }
+
+ Assert.assertNotNull("initial test key creation must succeed", staticRingA);
+ Assert.assertNotNull("initial test key creation must succeed", staticRingB);
+
+ // we sleep here for a second, to make sure all new certificates have different timestamps
+ Thread.sleep(1000);
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ // show Log.x messages in system.out
+ ShadowLog.stream = System.out;
+ ringA = staticRingA;
+ ringB = staticRingB;
+
+ // setting up some parameters just to reduce code duplication
+ op = new PgpKeyOperation(new ProgressScaler(null, 0, 100, 100));
+
+ // set this up, gonna need it more than once
+ parcel = new SaveKeyringParcel();
+ parcel.mMasterKeyId = ringA.getMasterKeyId();
+ parcel.mFingerprint = ringA.getFingerprint();
+ }
+
+ public void testSelfNoOp() throws Exception {
+
+ UncachedKeyRing merged = mergeWithChecks(ringA, ringA, null);
+ Assert.assertArrayEquals("keyring merged with itself must be identical",
+ ringA.getEncoded(), merged.getEncoded()
+ );
+
+ }
+
+ @Test
+ public void testDifferentMasterKeyIds() throws Exception {
+
+ Assert.assertNotEquals("generated key ids must be different",
+ ringA.getMasterKeyId(), ringB.getMasterKeyId());
+
+ Assert.assertNull("merging keys with differing key ids must fail",
+ ringA.merge(ringB, log, 0));
+ Assert.assertNull("merging keys with differing key ids must fail",
+ ringB.merge(ringA, log, 0));
+
+ }
+
+ @Test
+ public void testAddedUserId() throws Exception {
+
+ UncachedKeyRing modifiedA, modifiedB; {
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ringA.getEncoded(), false, 0);
+
+ parcel.reset();
+ parcel.mAddUserIds.add("flim");
+ modifiedA = op.modifySecretKeyRing(secretRing, parcel, "", log, 0);
+
+ parcel.reset();
+ parcel.mAddUserIds.add("flam");
+ modifiedB = op.modifySecretKeyRing(secretRing, parcel, "", log, 0);
+ }
+
+ { // merge A into base
+ UncachedKeyRing merged = mergeWithChecks(ringA, modifiedA);
+
+ Assert.assertEquals("merged keyring must have lost no packets", 0, onlyA.size());
+ Assert.assertEquals("merged keyring must have gained two packets", 2, onlyB.size());
+ Assert.assertTrue("merged keyring must contain new user id",
+ merged.getPublicKey().getUnorderedUserIds().contains("flim"));
+ }
+
+ { // merge A into B
+ UncachedKeyRing merged = mergeWithChecks(modifiedA, modifiedB, ringA);
+
+ Assert.assertEquals("merged keyring must have lost no packets", 0, onlyA.size());
+ Assert.assertEquals("merged keyring must have gained four packets", 4, onlyB.size());
+ Assert.assertTrue("merged keyring must contain first new user id",
+ merged.getPublicKey().getUnorderedUserIds().contains("flim"));
+ Assert.assertTrue("merged keyring must contain second new user id",
+ merged.getPublicKey().getUnorderedUserIds().contains("flam"));
+
+ }
+
+ }
+
+ @Test
+ public void testAddedSubkeyId() throws Exception {
+
+ UncachedKeyRing modifiedA, modifiedB;
+ long subKeyIdA, subKeyIdB;
+ {
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ringA.getEncoded(), false, 0);
+
+ parcel.reset();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+ modifiedA = op.modifySecretKeyRing(secretRing, parcel, "", log, 0);
+ modifiedB = op.modifySecretKeyRing(secretRing, parcel, "", log, 0);
+
+ subKeyIdA = KeyringTestingHelper.getSubkeyId(modifiedA, 2);
+ subKeyIdB = KeyringTestingHelper.getSubkeyId(modifiedB, 2);
+
+ }
+
+ {
+ UncachedKeyRing merged = mergeWithChecks(ringA, modifiedA);
+
+ Assert.assertEquals("merged keyring must have lost no packets", 0, onlyA.size());
+ Assert.assertEquals("merged keyring must have gained two packets", 2, onlyB.size());
+
+ long mergedKeyId = KeyringTestingHelper.getSubkeyId(merged, 2);
+ Assert.assertEquals("merged keyring must contain the new subkey", subKeyIdA, mergedKeyId);
+ }
+
+ {
+ UncachedKeyRing merged = mergeWithChecks(modifiedA, modifiedB, ringA);
+
+ Assert.assertEquals("merged keyring must have lost no packets", 0, onlyA.size());
+ Assert.assertEquals("merged keyring must have gained four packets", 4, onlyB.size());
+
+ Iterator it = merged.getPublicKeys();
+ it.next(); it.next();
+ Assert.assertEquals("merged keyring must contain the new subkey",
+ subKeyIdA, it.next().getKeyId());
+ Assert.assertEquals("merged keyring must contain both new subkeys",
+ subKeyIdB, it.next().getKeyId());
+ }
+
+ }
+
+ @Test
+ public void testAddedKeySignature() throws Exception {
+
+ final UncachedKeyRing modified; {
+ parcel.reset();
+ parcel.mRevokeSubKeys.add(KeyringTestingHelper.getSubkeyId(ringA, 1));
+ WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(
+ ringA.getEncoded(), false, 0);
+ modified = op.modifySecretKeyRing(secretRing, parcel, "", log, 0);
+ }
+
+ {
+ UncachedKeyRing merged = ringA.merge(modified, log, 0);
+ Assert.assertNotNull("merge must succeed", merged);
+ Assert.assertFalse(
+ "merging keyring with extra signatures into its base should yield that same keyring",
+ KeyringTestingHelper.diffKeyrings(merged.getEncoded(), modified.getEncoded(), onlyA, onlyB)
+ );
+ }
+
+ }
+
+ @Test
+ public void testAddedUserIdSignature() throws Exception {
+
+ final UncachedKeyRing pubRing = ringA.extractPublicKeyRing();
+
+ final UncachedKeyRing modified; {
+ WrappedPublicKeyRing publicRing = new WrappedPublicKeyRing(
+ pubRing.getEncoded(), false, 0);
+
+ WrappedSecretKey secretKey = new WrappedSecretKeyRing(
+ ringB.getEncoded(), false, 0).getSecretKey();
+ secretKey.unlock("");
+ // sign all user ids
+ modified = secretKey.certifyUserIds(publicRing, publicRing.getPublicKey().getUnorderedUserIds());
+ }
+
+ {
+ UncachedKeyRing merged = ringA.merge(modified, log, 0);
+ Assert.assertNotNull("merge must succeed", merged);
+ Assert.assertArrayEquals("foreign signatures should not be merged into secret key",
+ ringA.getEncoded(), merged.getEncoded()
+ );
+ }
+
+ {
+ byte[] sig = KeyringTestingHelper.getNth(
+ modified.getPublicKey().getSignaturesForId("twi"), 1).getEncoded();
+
+ // inject the (foreign!) signature into subkey signature position
+ UncachedKeyRing moreModified = KeyringTestingHelper.injectPacket(modified, sig, 1);
+
+ UncachedKeyRing merged = ringA.merge(moreModified, log, 0);
+ Assert.assertNotNull("merge must succeed", merged);
+ Assert.assertArrayEquals("foreign signatures should not be merged into secret key",
+ ringA.getEncoded(), merged.getEncoded()
+ );
+
+ merged = pubRing.merge(moreModified, log, 0);
+ Assert.assertNotNull("merge must succeed", merged);
+ Assert.assertTrue(
+ "merged keyring should contain new signature",
+ KeyringTestingHelper.diffKeyrings(pubRing.getEncoded(), merged.getEncoded(), onlyA, onlyB)
+ );
+ Assert.assertEquals("merged keyring should be missing no packets", 0, onlyA.size());
+ Assert.assertEquals("merged keyring should contain exactly two more packets", 2, onlyB.size());
+ Assert.assertEquals("first added packet should be a signature",
+ PacketTags.SIGNATURE, onlyB.get(0).tag);
+ Assert.assertEquals("first added packet should be in the position we injected it at",
+ 1, onlyB.get(0).position);
+ Assert.assertEquals("second added packet should be a signature",
+ PacketTags.SIGNATURE, onlyB.get(1).tag);
+
+ }
+
+ {
+ UncachedKeyRing merged = pubRing.merge(modified, log, 0);
+ Assert.assertNotNull("merge must succeed", merged);
+ Assert.assertFalse(
+ "merging keyring with extra signatures into its base should yield that same keyring",
+ KeyringTestingHelper.diffKeyrings(merged.getEncoded(), modified.getEncoded(), onlyA, onlyB)
+ );
+ }
+ }
+
+ private UncachedKeyRing mergeWithChecks(UncachedKeyRing a, UncachedKeyRing b)
+ throws Exception {
+ return mergeWithChecks(a, b, a);
+ }
+
+ private UncachedKeyRing mergeWithChecks(UncachedKeyRing a, UncachedKeyRing b,
+ UncachedKeyRing base)
+ throws Exception {
+
+ Assert.assertTrue("merging keyring must be secret type", a.isSecret());
+ Assert.assertTrue("merged keyring must be secret type", b.isSecret());
+
+ final UncachedKeyRing resultA;
+ UncachedKeyRing resultB;
+
+ { // sec + sec
+ resultA = a.merge(b, log, 0);
+ Assert.assertNotNull("merge must succeed as sec(a)+sec(b)", resultA);
+
+ resultB = b.merge(a, log, 0);
+ Assert.assertNotNull("merge must succeed as sec(b)+sec(a)", resultB);
+
+ // check commutativity, if requested
+ Assert.assertFalse("result of merge must be commutative",
+ KeyringTestingHelper.diffKeyrings(
+ resultA.getEncoded(), resultB.getEncoded(), onlyA, onlyB)
+ );
+ }
+
+ final UncachedKeyRing pubA = a.extractPublicKeyRing();
+ final UncachedKeyRing pubB = b.extractPublicKeyRing();
+
+ { // sec + pub, pub + sec, and pub + pub
+
+ try {
+ resultB = a.merge(pubB, log, 0);
+ Assert.assertNotNull("merge must succeed as sec(a)+pub(b)", resultA);
+
+ Assert.assertFalse("result of sec(a)+pub(b) must be same as sec(a)+sec(b)",
+ KeyringTestingHelper.diffKeyrings(
+ resultA.getEncoded(), resultB.getEncoded(), onlyA, onlyB)
+ );
+ } catch (RuntimeException e) {
+ System.out.println("special case, dummy key generation not in yet");
+ }
+
+ final UncachedKeyRing pubResult = resultA.extractPublicKeyRing();
+
+ resultB = pubA.merge(b, log, 0);
+ Assert.assertNotNull("merge must succeed as pub(a)+sec(b)", resultA);
+
+ Assert.assertFalse("result of pub(a)+sec(b) must be same as pub(sec(a)+sec(b))",
+ KeyringTestingHelper.diffKeyrings(
+ pubResult.getEncoded(), resultB.getEncoded(), onlyA, onlyB)
+ );
+
+ resultB = pubA.merge(pubB, log, 0);
+ Assert.assertNotNull("merge must succeed as pub(a)+pub(b)", resultA);
+
+ Assert.assertFalse("result of pub(a)+pub(b) must be same as pub(sec(a)+sec(b))",
+ KeyringTestingHelper.diffKeyrings(
+ pubResult.getEncoded(), resultB.getEncoded(), onlyA, onlyB)
+ );
+
+ }
+
+ if (base != null) {
+ // set up onlyA and onlyB to be a diff to the base
+ Assert.assertTrue("merged keyring must differ from base",
+ KeyringTestingHelper.diffKeyrings(
+ base.getEncoded(), resultA.getEncoded(), onlyA, onlyB)
+ );
+ }
+
+ return resultA;
+
+ }
+
+}
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringTest.java b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringTest.java
new file mode 100644
index 000000000..23ae177d0
--- /dev/null
+++ b/OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringTest.java
@@ -0,0 +1,129 @@
+package org.sufficientlysecure.keychain.tests;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.robolectric.RobolectricTestRunner;
+import org.robolectric.shadows.ShadowLog;
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
+import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
+import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
+import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
+import org.sufficientlysecure.keychain.service.OperationResultParcel;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
+import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
+import org.sufficientlysecure.keychain.util.ProgressScaler;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+@RunWith(RobolectricTestRunner.class)
+@org.robolectric.annotation.Config(emulateSdk = 18) // Robolectric doesn't yet support 19
+public class UncachedKeyringTest {
+
+ static UncachedKeyRing staticRing, staticPubRing;
+ UncachedKeyRing ring, pubRing;
+ ArrayList onlyA = new ArrayList();
+ ArrayList onlyB = new ArrayList();
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ PgpKeyOperation op;
+ SaveKeyringParcel parcel;
+
+ @BeforeClass
+ public static void setUpOnce() throws Exception {
+ ShadowLog.stream = System.out;
+
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
+ Constants.choice.algorithm.rsa, 1024, KeyFlags.ENCRYPT_COMMS, null));
+
+ parcel.mAddUserIds.add("twi");
+ parcel.mAddUserIds.add("pink");
+ // passphrase is tested in PgpKeyOperationTest, just use empty here
+ parcel.mNewPassphrase = "";
+ PgpKeyOperation op = new PgpKeyOperation(null);
+
+ OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
+ staticRing = op.createSecretKeyRing(parcel, log, 0);
+ staticPubRing = staticRing.extractPublicKeyRing();
+
+ Assert.assertNotNull("initial test key creation must succeed", staticRing);
+
+ // we sleep here for a second, to make sure all new certificates have different timestamps
+ Thread.sleep(1000);
+ }
+
+
+ @Before
+ public void setUp() throws Exception {
+ // show Log.x messages in system.out
+ ShadowLog.stream = System.out;
+ ring = staticRing;
+ pubRing = staticPubRing;
+ }
+
+ @Test(expected = UnsupportedOperationException.class)
+ public void testPublicKeyItRemove() throws Exception {
+ Iterator it = ring.getPublicKeys();
+ it.remove();
+ }
+
+ @Test(expected = PgpGeneralException.class)
+ public void testDecodeFromEmpty() throws Exception {
+ UncachedKeyRing.decodeFromData(new byte[0]);
+ }
+
+ @Test
+ public void testArmorIdentity() throws Exception {
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ ring.encodeArmored(out, "OpenKeychain");
+
+ Assert.assertArrayEquals("armor encoded and decoded ring should be identical to original",
+ ring.getEncoded(),
+ UncachedKeyRing.decodeFromData(out.toByteArray()).getEncoded());
+ }
+
+ @Test(expected = PgpGeneralException.class)
+ public void testDecodeEncodeMulti() throws Exception {
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+
+ // encode secret and public ring in here
+ ring.encodeArmored(out, "OpenKeychain");
+ pubRing.encodeArmored(out, "OpenKeychain");
+
+ List rings =
+ UncachedKeyRing.fromStream(new ByteArrayInputStream(out.toByteArray()));
+ Assert.assertEquals("there should be two rings in the stream", 2, rings.size());
+ Assert.assertArrayEquals("first ring should be the first we put in",
+ ring.getEncoded(), rings.get(0).getEncoded());
+ Assert.assertArrayEquals("second ring should be the second we put in",
+ pubRing.getEncoded(), rings.get(1).getEncoded());
+
+ // this should fail with PgpGeneralException, since it expects exactly one ring
+ UncachedKeyRing.decodeFromData(out.toByteArray());
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void testPublicAvailableSubkeys() throws Exception {
+ // can't do this!
+ pubRing.getAvailableSubkeys();
+ }
+
+ @Test(expected = RuntimeException.class)
+ public void testPublicExtractPublic() throws Exception {
+ // can't do this, either!
+ pubRing.extractPublicKeyRing();
+ }
+
+}
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/COPYING b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/COPYING
new file mode 100644
index 000000000..55234e7a0
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/COPYING
@@ -0,0 +1,13 @@
+Copyright © 2011, Stephen Paul Weber
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/README b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/README
new file mode 100644
index 000000000..cff696c83
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/README
@@ -0,0 +1,26 @@
+These test files were copied from the OpenPGP Haskell project.
+
+
+
+Original README
+===============
+
+This is an OpenPGP library inspired by my work on OpenPGP libraries in
+Ruby ,
+PHP ,
+and Python .
+
+It defines types to represent OpenPGP messages as a series of packets
+and then defines instances of Data.Binary for each to facilitate
+encoding/decoding.
+
+For performing cryptography, see
+ or
+
+
+For dealing with ASCII armor, see
+
+
+It is intended that you use qualified imports with this library.
+
+> import qualified Data.OpenPGP as OpenPGP
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000001-006.public_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000001-006.public_key
new file mode 100644
index 000000000..7cbab1782
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000001-006.public_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000002-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000002-013.user_id
new file mode 100644
index 000000000..759449bb4
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000002-013.user_id
@@ -0,0 +1 @@
+´$Test Key (RSA)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000003-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000003-002.sig
new file mode 100644
index 000000000..1e0656d27
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000003-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000004-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000004-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000004-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000005-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000005-002.sig
new file mode 100644
index 000000000..108b99842
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000005-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000006-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000006-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000006-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000007-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000007-002.sig
new file mode 100644
index 000000000..14276d0a5
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000007-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000008-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000008-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000008-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000009-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000009-002.sig
new file mode 100644
index 000000000..4a282dd68
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000009-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000010-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000010-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000010-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000011-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000011-002.sig
new file mode 100644
index 000000000..cae1b7391
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000011-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000012-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000012-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000012-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000013-014.public_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000013-014.public_subkey
new file mode 100644
index 000000000..08676d067
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000013-014.public_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000014-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000014-002.sig
new file mode 100644
index 000000000..dd601807f
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000014-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000015-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000015-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000015-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000016-006.public_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000016-006.public_key
new file mode 100644
index 000000000..c9dccbf1e
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000016-006.public_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000017-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000017-002.sig
new file mode 100644
index 000000000..e734505a7
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000017-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000018-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000018-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000018-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000019-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000019-013.user_id
new file mode 100644
index 000000000..ab3f51d91
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000019-013.user_id
@@ -0,0 +1 @@
+´$Test Key (DSA)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000020-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000020-002.sig
new file mode 100644
index 000000000..8588489a7
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000020-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000021-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000021-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000021-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000022-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000022-002.sig
new file mode 100644
index 000000000..fefcb5fea
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000022-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000023-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000023-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000023-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000024-014.public_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000024-014.public_subkey
new file mode 100644
index 000000000..2e8deea28
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000024-014.public_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000025-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000025-002.sig
new file mode 100644
index 000000000..a3eea0a20
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000025-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000026-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000026-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000026-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000027-006.public_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000027-006.public_key
new file mode 100644
index 000000000..5817e0037
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000027-006.public_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000028-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000028-002.sig
new file mode 100644
index 000000000..5194b7840
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000028-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000029-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000029-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000029-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000030-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000030-013.user_id
new file mode 100644
index 000000000..fb3f49e0d
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000030-013.user_id
@@ -0,0 +1 @@
+´+Test Key (DSA sign-only)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000031-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000031-002.sig
new file mode 100644
index 000000000..f69f6875b
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000031-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000032-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000032-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000032-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000033-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000033-002.sig
new file mode 100644
index 000000000..2bb55d4fe
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000033-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000034-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000034-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000034-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000035-006.public_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000035-006.public_key
new file mode 100644
index 000000000..5980638c4
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000035-006.public_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000036-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000036-013.user_id
new file mode 100644
index 000000000..5d0d46e5d
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000036-013.user_id
@@ -0,0 +1 @@
+´.Test Key (RSA sign-only)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000037-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000037-002.sig
new file mode 100644
index 000000000..833b563b2
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000037-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000038-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000038-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000038-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000039-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000039-002.sig
new file mode 100644
index 000000000..89c34fa5d
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000039-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000040-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000040-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000040-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000041-017.attribute b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000041-017.attribute
new file mode 100644
index 000000000..a21a82fb1
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000041-017.attribute differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000042-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000042-002.sig
new file mode 100644
index 000000000..fc6267fd0
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000042-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000043-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000043-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000043-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000044-014.public_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000044-014.public_subkey
new file mode 100644
index 000000000..06bf50e4f
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000044-014.public_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000045-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000045-002.sig
new file mode 100644
index 000000000..336eb0f24
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000045-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000046-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000046-012.ring_trust
new file mode 100644
index 000000000..ffa57e57a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000046-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000047-005.secret_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000047-005.secret_key
new file mode 100644
index 000000000..77b5d428a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000047-005.secret_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000048-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000048-013.user_id
new file mode 100644
index 000000000..759449bb4
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000048-013.user_id
@@ -0,0 +1 @@
+´$Test Key (RSA)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000049-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000049-002.sig
new file mode 100644
index 000000000..14276d0a5
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000049-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000050-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000050-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000050-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000051-007.secret_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000051-007.secret_subkey
new file mode 100644
index 000000000..b4e65c92f
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000051-007.secret_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000052-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000052-002.sig
new file mode 100644
index 000000000..dd601807f
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000052-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000053-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000053-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000053-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000054-005.secret_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000054-005.secret_key
new file mode 100644
index 000000000..f153e5932
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000054-005.secret_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000055-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000055-002.sig
new file mode 100644
index 000000000..e734505a7
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000055-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000056-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000056-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000056-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000057-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000057-013.user_id
new file mode 100644
index 000000000..ab3f51d91
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000057-013.user_id
@@ -0,0 +1 @@
+´$Test Key (DSA)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000058-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000058-002.sig
new file mode 100644
index 000000000..8588489a7
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000058-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000059-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000059-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000059-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000060-007.secret_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000060-007.secret_subkey
new file mode 100644
index 000000000..9df45f395
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000060-007.secret_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000061-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000061-002.sig
new file mode 100644
index 000000000..639494223
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000061-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000062-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000062-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000062-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000063-005.secret_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000063-005.secret_key
new file mode 100644
index 000000000..2f4268ee1
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000063-005.secret_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000064-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000064-002.sig
new file mode 100644
index 000000000..5194b7840
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000064-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000065-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000065-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000065-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000066-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000066-013.user_id
new file mode 100644
index 000000000..fb3f49e0d
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000066-013.user_id
@@ -0,0 +1 @@
+´+Test Key (DSA sign-only)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000067-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000067-002.sig
new file mode 100644
index 000000000..d354e79df
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000067-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000068-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000068-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000068-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000069-005.secret_key b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000069-005.secret_key
new file mode 100644
index 000000000..17a2c354d
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000069-005.secret_key differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000070-013.user_id b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000070-013.user_id
new file mode 100644
index 000000000..5d0d46e5d
--- /dev/null
+++ b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000070-013.user_id
@@ -0,0 +1 @@
+´.Test Key (RSA sign-only)
\ No newline at end of file
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000071-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000071-002.sig
new file mode 100644
index 000000000..833b563b2
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000071-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000072-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000072-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000072-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000073-017.attribute b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000073-017.attribute
new file mode 100644
index 000000000..a21a82fb1
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000073-017.attribute differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000074-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000074-002.sig
new file mode 100644
index 000000000..fc6267fd0
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000074-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000075-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000075-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000075-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000076-007.secret_subkey b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000076-007.secret_subkey
new file mode 100644
index 000000000..b380339a4
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000076-007.secret_subkey differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000077-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000077-002.sig
new file mode 100644
index 000000000..336eb0f24
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000077-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000078-012.ring_trust b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000078-012.ring_trust
new file mode 100644
index 000000000..b1eeabb95
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/000078-012.ring_trust differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/002182-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/002182-002.sig
new file mode 100644
index 000000000..2bc6679f4
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/002182-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000005-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000005-002.sig
new file mode 100644
index 000000000..94055af66
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000005-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000017-002.sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000017-002.sig
new file mode 100644
index 000000000..b22f23b91
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/3F5BBA0B0694BEB6000017-002.sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-bzip2.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-bzip2.gpg
new file mode 100644
index 000000000..87539dbe8
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-bzip2.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-zlib.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-zlib.gpg
new file mode 100644
index 000000000..4da4dfa99
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig-zlib.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig.gpg
new file mode 100644
index 000000000..dd617de13
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/compressedsig.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/onepass_sig b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/onepass_sig
new file mode 100644
index 000000000..87b2895ea
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/onepass_sig differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/pubring.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/pubring.gpg
new file mode 100644
index 000000000..a1519ee74
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/pubring.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/secring.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/secring.gpg
new file mode 100644
index 000000000..13598756a
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/secring.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/symmetrically_encrypted b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/symmetrically_encrypted
new file mode 100644
index 000000000..129155aa2
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/symmetrically_encrypted differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa-sha384.txt.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa-sha384.txt.gpg
new file mode 100644
index 000000000..39828fcae
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa-sha384.txt.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa.gpg
new file mode 100644
index 000000000..97e7a267b
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-dsa.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-rsa.gpg b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-rsa.gpg
new file mode 100644
index 000000000..7ae453da6
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/OpenPGP-Haskell/tests/data/uncompressed-ops-rsa.gpg differ
diff --git a/OpenKeychain-Test/src/test/resources/public-key-canonicalize.blob b/OpenKeychain-Test/src/test/resources/public-key-canonicalize.blob
new file mode 100644
index 000000000..3450824c1
Binary files /dev/null and b/OpenKeychain-Test/src/test/resources/public-key-canonicalize.blob differ
diff --git a/OpenKeychain/src/test/resources/public-key-for-sample.blob b/OpenKeychain-Test/src/test/resources/public-key-for-sample.blob
similarity index 100%
rename from OpenKeychain/src/test/resources/public-key-for-sample.blob
rename to OpenKeychain-Test/src/test/resources/public-key-for-sample.blob
diff --git a/OpenKeychain/src/test/resources/sample-altered.txt b/OpenKeychain-Test/src/test/resources/sample-altered.txt
similarity index 100%
rename from OpenKeychain/src/test/resources/sample-altered.txt
rename to OpenKeychain-Test/src/test/resources/sample-altered.txt
diff --git a/OpenKeychain/src/test/resources/sample.txt b/OpenKeychain-Test/src/test/resources/sample.txt
similarity index 100%
rename from OpenKeychain/src/test/resources/sample.txt
rename to OpenKeychain-Test/src/test/resources/sample.txt
diff --git a/OpenKeychain/build.gradle b/OpenKeychain/build.gradle
index 1136f669b..f42787806 100644
--- a/OpenKeychain/build.gradle
+++ b/OpenKeychain/build.gradle
@@ -1,5 +1,4 @@
apply plugin: 'android'
-apply plugin: 'robolectric'
dependencies {
// NOTE: Always use fixed version codes not dynamic ones, e.g. 0.7.3 instead of 0.7.+, see README for more information
@@ -20,13 +19,6 @@ dependencies {
compile project(':extern:minidns')
compile project(':extern:KeybaseLib:Lib')
-
- // Unit tests are run with Robolectric
- testCompile 'junit:junit:4.11'
- testCompile 'org.robolectric:robolectric:2.3'
- testCompile 'com.squareup:fest-android:1.0.8'
- testCompile 'com.google.android:android:4.1.1.4'
- // compile dependencies are automatically also included in testCompile
}
android {
@@ -85,7 +77,7 @@ android {
// NOTE: This disables Lint!
tasks.whenTaskAdded { task ->
- if (task.name.equals("lint")) {
+ if (task.name.contains("lint")) {
task.enabled = false
}
}
diff --git a/OpenKeychain/src/main/AndroidManifest.xml b/OpenKeychain/src/main/AndroidManifest.xml
index abc57e1cd..484c826f5 100644
--- a/OpenKeychain/src/main/AndroidManifest.xml
+++ b/OpenKeychain/src/main/AndroidManifest.xml
@@ -81,9 +81,14 @@
+
it = modifiedPublicKey.getSignaturesForID(userId);
if (it != null) {
for (PGPSignature cert : new IterableIterator(it)) {
- // if it's not a self cert, never mind
if (cert.getKeyID() != masterPublicKey.getKeyID()) {
- continue;
+ // foreign certificate?! error error error
+ log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
+ return null;
}
if (cert.getSignatureType() == PGPSignature.CERTIFICATION_REVOCATION
|| cert.getSignatureType() == PGPSignature.NO_CERTIFICATION
@@ -314,27 +341,31 @@ public class PgpKeyOperation {
}
// if it's supposed to be primary, we can do that here as well
- boolean isPrimary = saveParcel.changePrimaryUserId != null
- && userId.equals(saveParcel.changePrimaryUserId);
+ boolean isPrimary = saveParcel.mChangePrimaryUserId != null
+ && userId.equals(saveParcel.mChangePrimaryUserId);
// generate and add new certificate
PGPSignature cert = generateUserIdSignature(masterPrivateKey,
- masterPublicKey, userId, isPrimary);
- modifiedPublicKey = PGPPublicKey.addCertification(masterPublicKey, userId, cert);
+ masterPublicKey, userId, isPrimary, masterKeyFlags);
+ modifiedPublicKey = PGPPublicKey.addCertification(modifiedPublicKey, userId, cert);
}
// 2b. Add revocations for revoked user ids
- for (String userId : saveParcel.revokeUserIds) {
+ for (String userId : saveParcel.mRevokeUserIds) {
log.add(LogLevel.INFO, LogType.MSG_MF_UID_REVOKE, indent);
- // a duplicate revocatin will be removed during canonicalization, so no need to
+ // a duplicate revocation will be removed during canonicalization, so no need to
// take care of that here.
PGPSignature cert = generateRevocationSignature(masterPrivateKey,
masterPublicKey, userId);
- modifiedPublicKey = PGPPublicKey.addCertification(masterPublicKey, userId, cert);
+ modifiedPublicKey = PGPPublicKey.addCertification(modifiedPublicKey, userId, cert);
}
// 3. If primary user id changed, generate new certificates for both old and new
- if (saveParcel.changePrimaryUserId != null) {
+ if (saveParcel.mChangePrimaryUserId != null) {
+
+ // keep track if we actually changed one
+ boolean ok = false;
log.add(LogLevel.INFO, LogType.MSG_MF_UID_PRIMARY, indent);
+ indent += 1;
// we work on the modifiedPublicKey here, to respect new or newly revoked uids
// noinspection unchecked
@@ -343,10 +374,11 @@ public class PgpKeyOperation {
PGPSignature currentCert = null;
// noinspection unchecked
for (PGPSignature cert : new IterableIterator(
- masterPublicKey.getSignaturesForID(userId))) {
- // if it's not a self cert, never mind
+ modifiedPublicKey.getSignaturesForID(userId))) {
if (cert.getKeyID() != masterPublicKey.getKeyID()) {
- continue;
+ // foreign certificate?! error error error
+ log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_INTEGRITY, indent);
+ return null;
}
// we know from canonicalization that if there is any revocation here, it
// is valid and not superseded by a newer certification.
@@ -373,7 +405,7 @@ public class PgpKeyOperation {
// we definitely should not update certifications of revoked keys, so just leave it.
if (isRevoked) {
// revoked user ids cannot be primary!
- if (userId.equals(saveParcel.changePrimaryUserId)) {
+ if (userId.equals(saveParcel.mChangePrimaryUserId)) {
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_REVOKED_PRIMARY, indent);
return null;
}
@@ -383,14 +415,16 @@ public class PgpKeyOperation {
// if this is~ the/a primary user id
if (currentCert.hasSubpackets() && currentCert.getHashedSubPackets().isPrimaryUserID()) {
// if it's the one we want, just leave it as is
- if (userId.equals(saveParcel.changePrimaryUserId)) {
+ if (userId.equals(saveParcel.mChangePrimaryUserId)) {
+ ok = true;
continue;
}
// otherwise, generate new non-primary certification
+ log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_REPLACE_OLD, indent);
modifiedPublicKey = PGPPublicKey.removeCertification(
modifiedPublicKey, userId, currentCert);
PGPSignature newCert = generateUserIdSignature(
- masterPrivateKey, masterPublicKey, userId, false);
+ masterPrivateKey, masterPublicKey, userId, false, masterKeyFlags);
modifiedPublicKey = PGPPublicKey.addCertification(
modifiedPublicKey, userId, newCert);
continue;
@@ -399,20 +433,28 @@ public class PgpKeyOperation {
// if we are here, this is not currently a primary user id
// if it should be
- if (userId.equals(saveParcel.changePrimaryUserId)) {
+ if (userId.equals(saveParcel.mChangePrimaryUserId)) {
// add shiny new primary user id certificate
+ log.add(LogLevel.DEBUG, LogType.MSG_MF_PRIMARY_NEW, indent);
modifiedPublicKey = PGPPublicKey.removeCertification(
modifiedPublicKey, userId, currentCert);
PGPSignature newCert = generateUserIdSignature(
- masterPrivateKey, masterPublicKey, userId, true);
+ masterPrivateKey, masterPublicKey, userId, true, masterKeyFlags);
modifiedPublicKey = PGPPublicKey.addCertification(
modifiedPublicKey, userId, newCert);
+ ok = true;
}
// user id is not primary and is not supposed to be - nothing to do here.
}
+ indent -= 1;
+
+ if (!ok) {
+ log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_NOEXIST_PRIMARY, indent);
+ return null;
+ }
}
// Update the secret key ring
@@ -423,9 +465,16 @@ public class PgpKeyOperation {
}
// 4a. For each subkey change, generate new subkey binding certificate
- for (SaveKeyringParcel.SubkeyChange change : saveParcel.changeSubKeys) {
+ for (SaveKeyringParcel.SubkeyChange change : saveParcel.mChangeSubKeys) {
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_CHANGE,
indent, PgpKeyHelper.convertKeyIdToHex(change.mKeyId));
+
+ // TODO allow changes in master key? this implies generating new user id certs...
+ if (change.mKeyId == masterPublicKey.getKeyID()) {
+ Log.e(Constants.TAG, "changing the master key not supported");
+ return null;
+ }
+
PGPSecretKey sKey = sKR.getSecretKey(change.mKeyId);
if (sKey == null) {
log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_MISSING,
@@ -434,22 +483,45 @@ public class PgpKeyOperation {
}
PGPPublicKey pKey = sKey.getPublicKey();
- if (change.mExpiry != null && new Date(change.mExpiry).before(new Date())) {
+ // expiry must not be in the past
+ if (change.mExpiry != null && new Date(change.mExpiry*1000).before(new Date())) {
log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_PAST_EXPIRY,
indent + 1, PgpKeyHelper.convertKeyIdToHex(change.mKeyId));
return null;
}
- // generate and add new signature. we can be sloppy here and just leave the old one,
- // it will be removed during canonicalization
+ // keep old flags, or replace with new ones
+ int flags = change.mFlags == null ? readKeyFlags(pKey) : change.mFlags;
+ long expiry;
+ if (change.mExpiry == null) {
+ long valid = pKey.getValidSeconds();
+ expiry = valid == 0
+ ? 0
+ : pKey.getCreationTime().getTime() / 1000 + pKey.getValidSeconds();
+ } else {
+ expiry = change.mExpiry;
+ }
+
+ // drop all old signatures, they will be superseded by the new one
+ //noinspection unchecked
+ for (PGPSignature sig : new IterableIterator(pKey.getSignatures())) {
+ // special case: if there is a revocation, don't use expiry from before
+ if (change.mExpiry == null
+ && sig.getSignatureType() == PGPSignature.SUBKEY_REVOCATION) {
+ expiry = 0;
+ }
+ pKey = PGPPublicKey.removeCertification(pKey, sig);
+ }
+
+ // generate and add new signature
PGPSignature sig = generateSubkeyBindingSignature(masterPublicKey, masterPrivateKey,
- sKey, pKey, change.mFlags, change.mExpiry, passphrase);
+ sKey, pKey, flags, expiry, passphrase);
pKey = PGPPublicKey.addCertification(pKey, sig);
sKR = PGPSecretKeyRing.insertSecretKey(sKR, PGPSecretKey.replacePublicKey(sKey, pKey));
}
// 4b. For each subkey revocation, generate new subkey revocation certificate
- for (long revocation : saveParcel.revokeSubKeys) {
+ for (long revocation : saveParcel.mRevokeSubKeys) {
log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_REVOKE,
indent, PgpKeyHelper.convertKeyIdToHex(revocation));
PGPSecretKey sKey = sKR.getSecretKey(revocation);
@@ -468,52 +540,51 @@ public class PgpKeyOperation {
}
// 5. Generate and add new subkeys
- for (SaveKeyringParcel.SubkeyAdd add : saveParcel.addSubKeys) {
- try {
+ for (SaveKeyringParcel.SubkeyAdd add : saveParcel.mAddSubKeys) {
- if (add.mExpiry != null && new Date(add.mExpiry).before(new Date())) {
- log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_PAST_EXPIRY, indent +1);
- return null;
- }
-
- log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_NEW, indent);
-
- // generate a new secret key (privkey only for now)
- PGPKeyPair keyPair = createKey(add.mAlgorithm, add.mKeysize);
-
- // add subkey binding signature (making this a sub rather than master key)
- PGPPublicKey pKey = keyPair.getPublicKey();
- PGPSignature cert = generateSubkeyBindingSignature(
- masterPublicKey, masterPrivateKey, keyPair.getPrivateKey(), pKey,
- add.mFlags, add.mExpiry);
- pKey = PGPPublicKey.addSubkeyBindingCertification(pKey, cert);
-
- PGPSecretKey sKey; {
- // define hashing and signing algos
- PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
- .build().get(HashAlgorithmTags.SHA1);
-
- // Build key encrypter and decrypter based on passphrase
- PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
- PGPEncryptedData.CAST5, sha1Calc)
- .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
-
- sKey = new PGPSecretKey(keyPair.getPrivateKey(), pKey,
- sha1Calc, false, keyEncryptor);
- }
-
- log.add(LogLevel.DEBUG, LogType.MSG_MF_SUBKEY_NEW_ID,
- indent+1, PgpKeyHelper.convertKeyIdToHex(sKey.getKeyID()));
-
- sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
-
- } catch (PgpGeneralMsgIdException e) {
+ if (add.mExpiry != null && new Date(add.mExpiry*1000).before(new Date())) {
+ log.add(LogLevel.ERROR, LogType.MSG_MF_SUBKEY_PAST_EXPIRY, indent +1);
return null;
}
+
+ log.add(LogLevel.INFO, LogType.MSG_MF_SUBKEY_NEW, indent);
+
+ // generate a new secret key (privkey only for now)
+ PGPKeyPair keyPair = createKey(add.mAlgorithm, add.mKeysize, log, indent);
+ if(keyPair == null) {
+ return null;
+ }
+
+ // add subkey binding signature (making this a sub rather than master key)
+ PGPPublicKey pKey = keyPair.getPublicKey();
+ PGPSignature cert = generateSubkeyBindingSignature(
+ masterPublicKey, masterPrivateKey, keyPair.getPrivateKey(), pKey,
+ add.mFlags, add.mExpiry == null ? 0 : add.mExpiry);
+ pKey = PGPPublicKey.addSubkeyBindingCertification(pKey, cert);
+
+ PGPSecretKey sKey; {
+ // define hashing and signing algos
+ PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
+ .build().get(HashAlgorithmTags.SHA1);
+
+ // Build key encrypter and decrypter based on passphrase
+ PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
+ PGPEncryptedData.CAST5, sha1Calc)
+ .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
+
+ sKey = new PGPSecretKey(keyPair.getPrivateKey(), pKey,
+ sha1Calc, false, keyEncryptor);
+ }
+
+ log.add(LogLevel.DEBUG, LogType.MSG_MF_SUBKEY_NEW_ID,
+ indent+1, PgpKeyHelper.convertKeyIdToHex(sKey.getKeyID()));
+
+ sKR = PGPSecretKeyRing.insertSecretKey(sKR, sKey);
+
}
// 6. If requested, change passphrase
- if (saveParcel.newPassphrase != null) {
+ if (saveParcel.mNewPassphrase != null) {
log.add(LogLevel.INFO, LogType.MSG_MF_PASSPHRASE, indent);
PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build()
.get(HashAlgorithmTags.SHA1);
@@ -523,7 +594,7 @@ public class PgpKeyOperation {
PBESecretKeyEncryptor keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
PGPEncryptedData.CAST5, sha1Calc)
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
- saveParcel.newPassphrase.toCharArray());
+ saveParcel.mNewPassphrase.toCharArray());
sKR = PGPSecretKeyRing.copyWithNewPassword(sKR, keyDecryptor, keyEncryptorNew);
}
@@ -533,6 +604,7 @@ public class PgpKeyOperation {
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_ENCODE, indent+1);
return null;
} catch (PGPException e) {
+ Log.e(Constants.TAG, "encountered pgp error while modifying key", e);
log.add(LogLevel.ERROR, LogType.MSG_MF_ERROR_PGP, indent+1);
return null;
} catch (SignatureException e) {
@@ -546,7 +618,7 @@ public class PgpKeyOperation {
}
private static PGPSignature generateUserIdSignature(
- PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary)
+ PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId, boolean primary, int flags)
throws IOException, PGPException, SignatureException {
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
pKey.getAlgorithm(), PGPUtil.SHA1)
@@ -558,6 +630,7 @@ public class PgpKeyOperation {
subHashedPacketsGen.setPreferredHashAlgorithms(true, PREFERRED_HASH_ALGORITHMS);
subHashedPacketsGen.setPreferredCompressionAlgorithms(true, PREFERRED_COMPRESSION_ALGORITHMS);
subHashedPacketsGen.setPrimaryUserID(false, primary);
+ subHashedPacketsGen.setKeyFlags(false, flags);
sGen.setHashedSubpackets(subHashedPacketsGen.generate());
sGen.init(PGPSignature.POSITIVE_CERTIFICATION, masterPrivateKey);
return sGen.generateCertification(userId, pKey);
@@ -599,7 +672,7 @@ public class PgpKeyOperation {
private static PGPSignature generateSubkeyBindingSignature(
PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey,
- PGPSecretKey sKey, PGPPublicKey pKey, int flags, Long expiry, String passphrase)
+ PGPSecretKey sKey, PGPPublicKey pKey, int flags, long expiry, String passphrase)
throws IOException, PGPException, SignatureException {
PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
@@ -611,7 +684,7 @@ public class PgpKeyOperation {
private static PGPSignature generateSubkeyBindingSignature(
PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey,
- PGPPrivateKey subPrivateKey, PGPPublicKey pKey, int flags, Long expiry)
+ PGPPrivateKey subPrivateKey, PGPPublicKey pKey, int flags, long expiry)
throws IOException, PGPException, SignatureException {
// date for signing
@@ -640,17 +713,9 @@ public class PgpKeyOperation {
hashedPacketsGen.setKeyFlags(false, flags);
}
- if (expiry != null) {
- Calendar creationDate = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
- creationDate.setTime(pKey.getCreationTime());
-
- // (Just making sure there's no programming error here, this MUST have been checked above!)
- if (new Date(expiry).before(todayDate)) {
- throw new RuntimeException("Bad subkey creation date, this is a bug!");
- }
- hashedPacketsGen.setKeyExpirationTime(false, expiry - creationDate.getTimeInMillis());
- } else {
- hashedPacketsGen.setKeyExpirationTime(false, 0);
+ if (expiry > 0) {
+ long creationTime = pKey.getCreationTime().getTime() / 1000;
+ hashedPacketsGen.setKeyExpirationTime(false, expiry - creationTime);
}
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
@@ -665,4 +730,22 @@ public class PgpKeyOperation {
}
+ /** Returns all flags valid for this key.
+ *
+ * This method does not do any validity checks on the signature, so it should not be used on
+ * a non-canonicalized key!
+ *
+ */
+ private static int readKeyFlags(PGPPublicKey key) {
+ int flags = 0;
+ //noinspection unchecked
+ for(PGPSignature sig : new IterableIterator(key.getSignatures())) {
+ if (!sig.hasSubpackets()) {
+ continue;
+ }
+ flags |= sig.getHashedSubPackets().getKeyFlags();
+ }
+ return flags;
+ }
+
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
index 441e2762a..8838075cd 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -14,6 +14,7 @@ import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.spongycastle.openpgp.PGPSignature;
import org.spongycastle.openpgp.PGPSignatureList;
import org.spongycastle.openpgp.PGPUtil;
+import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
@@ -22,12 +23,11 @@ import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
-import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.util.ArrayList;
import java.util.Comparator;
import java.util.Date;
import java.util.HashSet;
@@ -81,11 +81,15 @@ public class UncachedKeyRing {
return new UncachedPublicKey(mRing.getPublicKey());
}
+ public UncachedPublicKey getPublicKey(long keyId) {
+ return new UncachedPublicKey(mRing.getPublicKey(keyId));
+ }
+
public Iterator getPublicKeys() {
final Iterator it = mRing.getPublicKeys();
return new Iterator() {
public void remove() {
- it.remove();
+ throw new UnsupportedOperationException();
}
public UncachedPublicKey next() {
return new UncachedPublicKey(it.next());
@@ -115,42 +119,41 @@ public class UncachedKeyRing {
public static UncachedKeyRing decodeFromData(byte[] data)
throws PgpGeneralException, IOException {
- BufferedInputStream bufferedInput =
- new BufferedInputStream(new ByteArrayInputStream(data));
- if (bufferedInput.available() > 0) {
- InputStream in = PGPUtil.getDecoderStream(bufferedInput);
- PGPObjectFactory objectFactory = new PGPObjectFactory(in);
- // get first object in block
- Object obj;
- if ((obj = objectFactory.nextObject()) != null && obj instanceof PGPKeyRing) {
- return new UncachedKeyRing((PGPKeyRing) obj);
- } else {
- throw new PgpGeneralException("Object not recognized as PGPKeyRing!");
- }
- } else {
+ List parsed = fromStream(new ByteArrayInputStream(data));
+
+ if (parsed.isEmpty()) {
throw new PgpGeneralException("Object not recognized as PGPKeyRing!");
}
+ if (parsed.size() > 1) {
+ throw new PgpGeneralException(
+ "Expected single keyring in stream, found " + parsed.size());
+ }
+
+ return parsed.get(0);
+
}
public static List fromStream(InputStream stream)
throws PgpGeneralException, IOException {
- PGPObjectFactory objectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(stream));
-
List result = new Vector();
- // go through all objects in this block
- Object obj;
- while ((obj = objectFactory.nextObject()) != null) {
- Log.d(Constants.TAG, "Found class: " + obj.getClass());
+ while(stream.available() > 0) {
+ PGPObjectFactory objectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(stream));
- if (obj instanceof PGPKeyRing) {
+ // go through all objects in this block
+ Object obj;
+ while ((obj = objectFactory.nextObject()) != null) {
+ Log.d(Constants.TAG, "Found class: " + obj.getClass());
+ if (!(obj instanceof PGPKeyRing)) {
+ throw new PgpGeneralException(
+ "Bad object of type " + obj.getClass().getName() + " in stream!");
+ }
result.add(new UncachedKeyRing((PGPKeyRing) obj));
- } else {
- Log.e(Constants.TAG, "Object not recognized as PGPKeyRing!");
}
}
+
return result;
}
@@ -189,7 +192,7 @@ public class UncachedKeyRing {
* - Remove all certificates flagged as "local"
* - Remove all certificates which are superseded by a newer one on the same target,
* including revocations with later re-certifications.
- * - Remove all certificates of unknown type:
+ * - Remove all certificates in other positions if not of known type:
* - key revocation signatures on the master key
* - subkey binding signatures for subkeys
* - certifications and certification revocations for user ids
@@ -225,7 +228,7 @@ public class UncachedKeyRing {
PGPPublicKey modified = masterKey;
PGPSignature revocation = null;
- for (PGPSignature zert : new IterableIterator(masterKey.getSignatures())) {
+ for (PGPSignature zert : new IterableIterator(masterKey.getKeySignatures())) {
int type = zert.getSignatureType();
// Disregard certifications on user ids, we will deal with those later
@@ -234,6 +237,10 @@ public class UncachedKeyRing {
|| type == PGPSignature.CASUAL_CERTIFICATION
|| type == PGPSignature.POSITIVE_CERTIFICATION
|| type == PGPSignature.CERTIFICATION_REVOCATION) {
+ // These should not be here...
+ log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TYPE_UID, indent);
+ modified = PGPPublicKey.removeCertification(modified, zert);
+ badCerts += 1;
continue;
}
WrappedSignature cert = new WrappedSignature(zert);
@@ -317,7 +324,7 @@ public class UncachedKeyRing {
if (cert.getCreationTime().after(now)) {
// Creation date in the future? No way!
- log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_TIME, indent);
+ log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_TIME, indent);
modified = PGPPublicKey.removeCertification(modified, zert);
badCerts += 1;
continue;
@@ -325,7 +332,7 @@ public class UncachedKeyRing {
if (cert.isLocal()) {
// Creation date in the future? No way!
- log.add(LogLevel.WARN, LogType.MSG_KC_REVOKE_BAD_LOCAL, indent);
+ log.add(LogLevel.WARN, LogType.MSG_KC_UID_BAD_LOCAL, indent);
modified = PGPPublicKey.removeCertification(modified, zert);
badCerts += 1;
continue;
@@ -425,7 +432,7 @@ public class UncachedKeyRing {
// If no valid certificate (if only a revocation) remains, drop it
if (selfCert == null && revocation == null) {
modified = PGPPublicKey.removeCertification(modified, userId);
- log.add(LogLevel.ERROR, LogType.MSG_KC_UID_REVOKE_DUP,
+ log.add(LogLevel.ERROR, LogType.MSG_KC_UID_REMOVE,
indent, userId);
}
}
@@ -505,14 +512,16 @@ public class UncachedKeyRing {
continue;
}
+ // if this certificate says it allows signing for the key
if (zert.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.KEY_FLAGS)) {
+
int flags = ((KeyFlags) zert.getHashedSubPackets()
.getSubpacket(SignatureSubpacketTags.KEY_FLAGS)).getFlags();
- // If this subkey is allowed to sign data,
if ((flags & PGPKeyFlags.CAN_SIGN) == PGPKeyFlags.CAN_SIGN) {
+ boolean ok = false;
+ // it MUST have an embedded primary key binding signature
try {
PGPSignatureList list = zert.getUnhashedSubPackets().getEmbeddedSignatures();
- boolean ok = false;
for (int i = 0; i < list.size(); i++) {
WrappedSignature subsig = new WrappedSignature(list.get(i));
if (subsig.getSignatureType() == PGPSignature.PRIMARYKEY_BINDING) {
@@ -526,17 +535,19 @@ public class UncachedKeyRing {
}
}
}
- if (!ok) {
- log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, indent);
- badCerts += 1;
- continue;
- }
} catch (Exception e) {
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_BAD_ERR, indent);
badCerts += 1;
continue;
}
+ // if it doesn't, get rid of this!
+ if (!ok) {
+ log.add(LogLevel.WARN, LogType.MSG_KC_SUB_PRIMARY_NONE, indent);
+ badCerts += 1;
+ continue;
+ }
}
+
}
// if we already have a cert, and this one is not newer: skip it
@@ -549,6 +560,8 @@ public class UncachedKeyRing {
selfCert = zert;
// if this is newer than a possibly existing revocation, drop that one
if (revocation != null && selfCert.getCreationTime().after(revocation.getCreationTime())) {
+ log.add(LogLevel.DEBUG, LogType.MSG_KC_SUB_REVOKE_DUP, indent);
+ redundantCerts += 1;
revocation = null;
}
@@ -558,7 +571,7 @@ public class UncachedKeyRing {
// make sure the certificate checks out
try {
cert.init(masterKey);
- if (!cert.verifySignature(key)) {
+ if (!cert.verifySignature(masterKey, key)) {
log.add(LogLevel.WARN, LogType.MSG_KC_SUB_REVOKE_BAD, indent);
badCerts += 1;
continue;
@@ -582,7 +595,7 @@ public class UncachedKeyRing {
// it is not properly bound? error!
if (selfCert == null) {
- ring = replacePublicKey(ring, modified);
+ ring = removeSubKey(ring, key);
log.add(LogLevel.ERROR, LogType.MSG_KC_SUB_NO_CERT,
indent, PgpKeyHelper.convertKeyIdToHex(key.getKeyID()));
@@ -650,7 +663,7 @@ public class UncachedKeyRing {
return left.length - right.length;
}
// compare byte-by-byte
- for (int i = 0; i < left.length && i < right.length; i++) {
+ for (int i = 0; i < left.length; i++) {
if (left[i] != right[i]) {
return (left[i] & 0xff) - (right[i] & 0xff);
}
@@ -678,7 +691,14 @@ public class UncachedKeyRing {
final PGPPublicKey resultKey = result.getPublicKey(key.getKeyID());
if (resultKey == null) {
log.add(LogLevel.DEBUG, LogType.MSG_MG_NEW_SUBKEY, indent);
- result = replacePublicKey(result, key);
+ // special case: if both rings are secret, copy over the secret key
+ if (isSecret() && other.isSecret()) {
+ PGPSecretKey sKey = ((PGPSecretKeyRing) candidate).getSecretKey(key.getKeyID());
+ result = PGPSecretKeyRing.insertSecretKey((PGPSecretKeyRing) result, sKey);
+ } else {
+ // otherwise, just insert the public key
+ result = replacePublicKey(result, key);
+ }
continue;
}
@@ -686,17 +706,7 @@ public class UncachedKeyRing {
PGPPublicKey modified = resultKey;
// Iterate certifications
- for (PGPSignature cert : new IterableIterator(key.getSignatures())) {
- int type = cert.getSignatureType();
- // Disregard certifications on user ids, we will deal with those later
- if (type == PGPSignature.NO_CERTIFICATION
- || type == PGPSignature.DEFAULT_CERTIFICATION
- || type == PGPSignature.CASUAL_CERTIFICATION
- || type == PGPSignature.POSITIVE_CERTIFICATION
- || type == PGPSignature.CERTIFICATION_REVOCATION) {
- continue;
- }
-
+ for (PGPSignature cert : new IterableIterator(key.getKeySignatures())) {
// Don't merge foreign stuff into secret keys
if (cert.getKeyID() != masterKeyId && isSecret()) {
continue;
@@ -744,8 +754,12 @@ public class UncachedKeyRing {
}
- log.add(LogLevel.DEBUG, LogType.MSG_MG_FOUND_NEW,
- indent, Integer.toString(newCerts));
+ if (newCerts > 0) {
+ log.add(LogLevel.DEBUG, LogType.MSG_MG_FOUND_NEW, indent,
+ Integer.toString(newCerts));
+ } else {
+ log.add(LogLevel.DEBUG, LogType.MSG_MG_UNCHANGED, indent);
+ }
return new UncachedKeyRing(result);
@@ -756,19 +770,20 @@ public class UncachedKeyRing {
}
- public UncachedKeyRing extractPublicKeyRing() {
+ public UncachedKeyRing extractPublicKeyRing() throws IOException {
if(!isSecret()) {
throw new RuntimeException("Tried to extract public keyring from non-secret keyring. " +
"This is a programming error and should never happen!");
}
- ArrayList keys = new ArrayList();
Iterator it = mRing.getPublicKeys();
+ ByteArrayOutputStream stream = new ByteArrayOutputStream(2048);
while (it.hasNext()) {
- keys.add(it.next());
+ stream.write(it.next().getEncoded());
}
- return new UncachedKeyRing(new PGPPublicKeyRing(keys));
+ return new UncachedKeyRing(
+ new PGPPublicKeyRing(stream.toByteArray(), new JcaKeyFingerprintCalculator()));
}
/** This method replaces a public key in a keyring.
@@ -792,4 +807,20 @@ public class UncachedKeyRing {
return PGPSecretKeyRing.insertSecretKey(secRing, sKey);
}
+ /** This method removes a subkey in a keyring.
+ *
+ * This method essentially wraps PGP*KeyRing.remove*Key, where the keyring may be of either
+ * the secret or public subclass.
+ *
+ * @return the resulting PGPKeyRing of the same type as the input
+ */
+ private static PGPKeyRing removeSubKey(PGPKeyRing ring, PGPPublicKey key) {
+ if (ring instanceof PGPPublicKeyRing) {
+ return PGPPublicKeyRing.removePublicKey((PGPPublicKeyRing) ring, key);
+ } else {
+ PGPSecretKey sKey = ((PGPSecretKeyRing) ring).getSecretKey(key.getKeyID());
+ return PGPSecretKeyRing.removeSecretKey((PGPSecretKeyRing) ring, sKey);
+ }
+ }
+
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java
index 33db7771b..358b1c552 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedPublicKey.java
@@ -1,16 +1,14 @@
package org.sufficientlysecure.keychain.pgp;
-import org.spongycastle.bcpg.SignatureSubpacketTags;
import org.spongycastle.bcpg.sig.KeyFlags;
-import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPSignature;
import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.util.IterableIterator;
+import org.sufficientlysecure.keychain.util.Log;
-import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
@@ -44,14 +42,19 @@ public class UncachedPublicKey {
}
public Date getExpiryTime() {
- Date creationDate = getCreationTime();
- if (mPublicKey.getValidDays() == 0) {
+ long seconds = mPublicKey.getValidSeconds();
+ if (seconds > Integer.MAX_VALUE) {
+ Log.e(Constants.TAG, "error, expiry time too large");
+ return null;
+ }
+ if (seconds == 0) {
// no expiry
return null;
}
+ Date creationDate = getCreationTime();
Calendar calendar = GregorianCalendar.getInstance();
calendar.setTime(creationDate);
- calendar.add(Calendar.DATE, mPublicKey.getValidDays());
+ calendar.add(Calendar.SECOND, (int) seconds);
return calendar.getTime();
}
@@ -77,26 +80,76 @@ public class UncachedPublicKey {
return mPublicKey.getBitStrength();
}
+ /** Returns the primary user id, as indicated by the public key's self certificates.
+ *
+ * This is an expensive operation, since potentially a lot of certificates (and revocations)
+ * have to be checked, and even then the result is NOT guaranteed to be constant through a
+ * canonicalization operation.
+ *
+ * Returns null if there is no primary user id (as indicated by certificates)
+ *
+ */
public String getPrimaryUserId() {
+ String found = null;
+ PGPSignature foundSig = null;
for (String userId : new IterableIterator(mPublicKey.getUserIDs())) {
+ PGPSignature revocation = null;
+
for (PGPSignature sig : new IterableIterator(mPublicKey.getSignaturesForID(userId))) {
- if (sig.getHashedSubPackets() != null
- && sig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.PRIMARY_USER_ID)) {
- try {
+ try {
+
+ // if this is a revocation, this is not the user id
+ if (sig.getSignatureType() == PGPSignature.CERTIFICATION_REVOCATION) {
+ // make sure it's actually valid
+ sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider(
+ Constants.BOUNCY_CASTLE_PROVIDER_NAME), mPublicKey);
+ if (!sig.verifyCertification(userId, mPublicKey)) {
+ continue;
+ }
+ if (found != null && found.equals(userId)) {
+ found = null;
+ }
+ revocation = sig;
+ // this revocation may still be overridden by a newer cert
+ continue;
+ }
+
+ if (sig.getHashedSubPackets() != null && sig.getHashedSubPackets().isPrimaryUserID()) {
+ if (foundSig != null && sig.getCreationTime().before(foundSig.getCreationTime())) {
+ continue;
+ }
+ // ignore if there is a newer revocation for this user id
+ if (revocation != null && sig.getCreationTime().before(revocation.getCreationTime())) {
+ continue;
+ }
// make sure it's actually valid
sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider(
Constants.BOUNCY_CASTLE_PROVIDER_NAME), mPublicKey);
if (sig.verifyCertification(userId, mPublicKey)) {
- return userId;
+ found = userId;
+ foundSig = sig;
+ // this one can't be relevant anymore at this point
+ revocation = null;
}
- } catch (Exception e) {
- // nothing bad happens, the key is just not considered the primary key id
}
- }
+ } catch (Exception e) {
+ // nothing bad happens, the key is just not considered the primary key id
+ }
}
}
- return null;
+ return found;
+ }
+
+ /**
+ * Returns primary user id if existing. If not, return first encountered user id.
+ */
+ public String getPrimaryUserIdWithFallback() {
+ String userId = getPrimaryUserId();
+ if (userId == null) {
+ userId = (String) mPublicKey.getUserIDs().next();
+ }
+ return userId;
}
public ArrayList getUnorderedUserIds() {
@@ -186,6 +239,21 @@ public class UncachedPublicKey {
return mPublicKey;
}
+ public Iterator getSignatures() {
+ final Iterator it = mPublicKey.getSignatures();
+ return new Iterator() {
+ public void remove() {
+ it.remove();
+ }
+ public WrappedSignature next() {
+ return new WrappedSignature(it.next());
+ }
+ public boolean hasNext() {
+ return it.hasNext();
+ }
+ };
+ }
+
public Iterator getSignaturesForId(String userId) {
final Iterator it = mPublicKey.getSignaturesForID(userId);
return new Iterator() {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java
index 6f3068261..a054255dc 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java
@@ -39,8 +39,12 @@ public abstract class WrappedKeyRing extends KeyRing {
}
public String getPrimaryUserId() throws PgpGeneralException {
- return (String) getRing().getPublicKey().getUserIDs().next();
- };
+ return getPublicKey().getPrimaryUserId();
+ }
+
+ public String getPrimaryUserIdWithFallback() throws PgpGeneralException {
+ return getPublicKey().getPrimaryUserIdWithFallback();
+ }
public boolean isRevoked() throws PgpGeneralException {
// Is the master key revoked?
@@ -101,8 +105,16 @@ public abstract class WrappedKeyRing extends KeyRing {
abstract public IterableIterator publicKeyIterator();
- public UncachedKeyRing getUncached() {
- return new UncachedKeyRing(getRing());
+ public WrappedPublicKey getPublicKey() {
+ return new WrappedPublicKey(this, getRing().getPublicKey());
+ }
+
+ public WrappedPublicKey getPublicKey(long id) {
+ return new WrappedPublicKey(this, getRing().getPublicKey(id));
+ }
+
+ public byte[] getEncoded() throws IOException {
+ return getRing().getEncoded();
}
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKeyRing.java
index b2abf15a4..bb1f7d778 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKeyRing.java
@@ -1,14 +1,11 @@
package org.sufficientlysecure.keychain.pgp;
import org.spongycastle.bcpg.ArmoredOutputStream;
-import org.spongycastle.openpgp.PGPKeyRing;
import org.spongycastle.openpgp.PGPObjectFactory;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPPublicKeyRing;
-import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.util.IterableIterator;
-import org.sufficientlysecure.keychain.util.Log;
import java.io.IOException;
import java.util.Iterator;
@@ -25,17 +22,20 @@ public class WrappedPublicKeyRing extends WrappedKeyRing {
PGPPublicKeyRing getRing() {
if(mRing == null) {
+ // get first object in block
PGPObjectFactory factory = new PGPObjectFactory(mPubKey);
- PGPKeyRing keyRing = null;
try {
- if ((keyRing = (PGPKeyRing) factory.nextObject()) == null) {
- Log.e(Constants.TAG, "No keys given!");
+ Object obj = factory.nextObject();
+ if (! (obj instanceof PGPPublicKeyRing)) {
+ throw new RuntimeException("Error constructing WrappedPublicKeyRing, should never happen!");
+ }
+ mRing = (PGPPublicKeyRing) obj;
+ if (factory.nextObject() != null) {
+ throw new RuntimeException("Encountered trailing data after keyring, should never happen!");
}
} catch (IOException e) {
- Log.e(Constants.TAG, "Error while converting to PGPKeyRing!", e);
+ throw new RuntimeException("IO Error constructing WrappedPublicKeyRing, should never happen!");
}
-
- mRing = (PGPPublicKeyRing) keyRing;
}
return mRing;
}
@@ -44,14 +44,6 @@ public class WrappedPublicKeyRing extends WrappedKeyRing {
getRing().encode(stream);
}
- public WrappedPublicKey getSubkey() {
- return new WrappedPublicKey(this, getRing().getPublicKey());
- }
-
- public WrappedPublicKey getSubkey(long id) {
- return new WrappedPublicKey(this, getRing().getPublicKey(id));
- }
-
/** Getter that returns the subkey that should be used for signing. */
WrappedPublicKey getEncryptionSubKey() throws PgpGeneralException {
PGPPublicKey key = getRing().getPublicKey(getEncryptId());
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java
index ef8044a9b..f0485d801 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java
@@ -51,14 +51,6 @@ public class WrappedSecretKey extends WrappedPublicKey {
return (WrappedSecretKeyRing) mRing;
}
- /** Returns the wrapped PGPSecretKeyRing.
- * This function is for compatibility only, should not be used anymore and will be removed
- */
- @Deprecated
- public PGPSecretKey getKeyExternal() {
- return mSecretKey;
- }
-
public boolean unlock(String passphrase) throws PgpGeneralException {
try {
PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
@@ -97,7 +89,7 @@ public class WrappedSecretKey extends WrappedPublicKey {
signatureGenerator.init(signatureType, mPrivateKey);
PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
- spGen.setSignerUserID(false, mRing.getPrimaryUserId());
+ spGen.setSignerUserID(false, mRing.getPrimaryUserIdWithFallback());
signatureGenerator.setHashedSubpackets(spGen.generate());
return signatureGenerator;
} catch(PGPException e) {
@@ -175,7 +167,7 @@ public class WrappedSecretKey extends WrappedPublicKey {
}
// get the master subkey (which we certify for)
- PGPPublicKey publicKey = publicKeyRing.getSubkey().getPublicKey();
+ PGPPublicKey publicKey = publicKeyRing.getPublicKey().getPublicKey();
// fetch public key ring, add the certification and return it
for (String userId : new IterableIterator(userIds.iterator())) {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKeyRing.java
index c737b7c46..5cb24cf88 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKeyRing.java
@@ -41,11 +41,11 @@ public class WrappedSecretKeyRing extends WrappedKeyRing {
return mRing;
}
- public WrappedSecretKey getSubKey() {
+ public WrappedSecretKey getSecretKey() {
return new WrappedSecretKey(this, mRing.getSecretKey());
}
- public WrappedSecretKey getSubKey(long id) {
+ public WrappedSecretKey getSecretKey(long id) {
return new WrappedSecretKey(this, mRing.getSecretKey(id));
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java
index 196ac1dee..df19930c4 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java
@@ -15,6 +15,7 @@ import org.sufficientlysecure.keychain.util.Log;
import java.io.IOException;
import java.security.SignatureException;
+import java.util.ArrayList;
import java.util.Date;
/** OpenKeychain wrapper around PGPSignature objects.
@@ -55,12 +56,37 @@ public class WrappedSignature {
return mSig.getCreationTime();
}
+ public ArrayList getEmbeddedSignatures() {
+ ArrayList sigs = new ArrayList();
+ if (!mSig.hasSubpackets()) {
+ return sigs;
+ }
+ try {
+ PGPSignatureList list;
+ list = mSig.getHashedSubPackets().getEmbeddedSignatures();
+ for(int i = 0; i < list.size(); i++) {
+ sigs.add(new WrappedSignature(list.get(i)));
+ }
+ list = mSig.getUnhashedSubPackets().getEmbeddedSignatures();
+ for(int i = 0; i < list.size(); i++) {
+ sigs.add(new WrappedSignature(list.get(i)));
+ }
+ } catch (PGPException e) {
+ // no matter
+ Log.e(Constants.TAG, "exception reading embedded signatures", e);
+ } catch (IOException e) {
+ // no matter
+ Log.e(Constants.TAG, "exception reading embedded signatures", e);
+ }
+ return sigs;
+ }
+
public byte[] getEncoded() throws IOException {
return mSig.getEncoded();
}
public boolean isRevocation() {
- return mSig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.REVOCATION_REASON);
+ return mSig.getSignatureType() == PGPSignature.CERTIFICATION_REVOCATION;
}
public boolean isPrimaryUserId() {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java
index 48d40430a..34de0024d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/CachedPublicKeyRing.java
@@ -70,6 +70,10 @@ public class CachedPublicKeyRing extends KeyRing {
}
}
+ public String getPrimaryUserIdWithFallback() throws PgpGeneralException {
+ return getPrimaryUserId();
+ }
+
public boolean isRevoked() throws PgpGeneralException {
try {
Object data = mProviderHelper.getGenericData(mUri,
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
index b5609a327..2d524f5b0 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
@@ -199,7 +199,7 @@ public class ProviderHelper {
byte[] blob = cursor.getBlob(3);
if (blob != null) {
result.put(masterKeyId,
- new WrappedPublicKeyRing(blob, hasAnySecret, verified).getSubkey());
+ new WrappedPublicKeyRing(blob, hasAnySecret, verified).getPublicKey());
}
} while (cursor.moveToNext());
@@ -450,8 +450,7 @@ public class ProviderHelper {
if (cert.verifySignature(masterKey, userId)) {
item.trustedCerts.add(cert);
log(LogLevel.INFO, LogType.MSG_IP_UID_CERT_GOOD,
- PgpKeyHelper.convertKeyIdToHexShort(trustedKey.getKeyId()),
- trustedKey.getPrimaryUserId()
+ PgpKeyHelper.convertKeyIdToHexShort(trustedKey.getKeyId())
);
} else {
log(LogLevel.WARN, LogType.MSG_IP_UID_CERT_BAD);
@@ -670,7 +669,7 @@ public class ProviderHelper {
// If there is an old keyring, merge it
try {
- UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncached();
+ UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing();
// Merge data from new public ring into the old one
publicRing = oldPublicRing.merge(publicRing, mLog, mIndent);
@@ -706,7 +705,7 @@ public class ProviderHelper {
// If there is a secret key, merge new data (if any) and save the key for later
UncachedKeyRing secretRing;
try {
- secretRing = getWrappedSecretKeyRing(publicRing.getMasterKeyId()).getUncached();
+ secretRing = getWrappedSecretKeyRing(publicRing.getMasterKeyId()).getUncachedKeyRing();
// Merge data from new public ring into secret one
secretRing = secretRing.merge(publicRing, mLog, mIndent);
@@ -754,10 +753,10 @@ public class ProviderHelper {
// If there is an old secret key, merge it.
try {
- UncachedKeyRing oldSecretRing = getWrappedSecretKeyRing(masterKeyId).getUncached();
+ UncachedKeyRing oldSecretRing = getWrappedSecretKeyRing(masterKeyId).getUncachedKeyRing();
// Merge data from new secret ring into old one
- secretRing = oldSecretRing.merge(secretRing, mLog, mIndent);
+ secretRing = secretRing.merge(oldSecretRing, mLog, mIndent);
// If this is null, there is an error in the log so we can just return
if (secretRing == null) {
@@ -791,9 +790,9 @@ public class ProviderHelper {
// Merge new data into public keyring as well, if there is any
UncachedKeyRing publicRing;
try {
- UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncached();
+ UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing();
- // Merge data from new public ring into secret one
+ // Merge data from new secret ring into public one
publicRing = oldPublicRing.merge(secretRing, mLog, mIndent);
if (publicRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
index 17c277026..62d6b5ad6 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@@ -53,6 +53,12 @@ import java.util.Set;
public class OpenPgpService extends RemoteService {
+ static final String[] KEYRING_PROJECTION =
+ new String[]{
+ KeyRings._ID,
+ KeyRings.MASTER_KEY_ID,
+ };
+
/**
* Search database for key ids based on emails.
*
@@ -70,7 +76,7 @@ public class OpenPgpService extends RemoteService {
for (String email : encryptionUserIds) {
Uri uri = KeyRings.buildUnifiedKeyRingsFindByEmailUri(email);
- Cursor cursor = getContentResolver().query(uri, null, null, null, null);
+ Cursor cursor = getContentResolver().query(uri, KEYRING_PROJECTION, null, null, null);
try {
if (cursor != null && cursor.moveToFirst()) {
long id = cursor.getLong(cursor.getColumnIndex(KeyRings.MASTER_KEY_ID));
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
index c4c31bdad..9a4cef2f1 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
@@ -349,9 +349,9 @@ public class KeychainIntentService extends IntentService
providerHelper.saveSecretKeyRing(ring, new ProgressScaler(this, 10, 95, 100));
// cache new passphrase
- if (saveParcel.newPassphrase != null) {
+ if (saveParcel.mNewPassphrase != null) {
PassphraseCacheService.addCachedPassphrase(this, ring.getMasterKeyId(),
- saveParcel.newPassphrase);
+ saveParcel.mNewPassphrase, ring.getPublicKey().getPrimaryUserIdWithFallback());
}
} catch (ProviderHelper.NotFoundException e) {
sendErrorToHandler(e);
@@ -545,7 +545,7 @@ public class KeychainIntentService extends IntentService
ProviderHelper providerHelper = new ProviderHelper(this);
WrappedPublicKeyRing publicRing = providerHelper.getWrappedPublicKeyRing(pubKeyId);
WrappedSecretKeyRing secretKeyRing = providerHelper.getWrappedSecretKeyRing(masterKeyId);
- WrappedSecretKey certificationKey = secretKeyRing.getSubKey();
+ WrappedSecretKey certificationKey = secretKeyRing.getSecretKey();
if(!certificationKey.unlock(signaturePassphrase)) {
throw new PgpGeneralException("Error extracting key (bad passphrase?)");
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
index 1df2a38f1..d80c508c3 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
@@ -19,6 +19,9 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Iterator;
+import java.util.List;
/** Represent the result of an operation.
*
@@ -81,9 +84,6 @@ public class OperationResultParcel implements Parcelable {
mParameters = parameters;
mIndent = indent;
}
- public LogEntryParcel(LogLevel level, LogType type, Object... parameters) {
- this(level, type, 0, parameters);
- }
public LogEntryParcel(Parcel source) {
mLevel = LogLevel.values()[source.readInt()];
@@ -115,6 +115,15 @@ public class OperationResultParcel implements Parcelable {
}
};
+ @Override
+ public String toString() {
+ return "LogEntryParcel{" +
+ "mLevel=" + mLevel +
+ ", mType=" + mType +
+ ", mParameters=" + Arrays.toString(mParameters) +
+ ", mIndent=" + mIndent +
+ '}';
+ }
}
public SuperCardToast createNotify(final Activity activity) {
@@ -245,6 +254,7 @@ public class OperationResultParcel implements Parcelable {
MSG_KC_REVOKE_BAD_LOCAL (R.string.msg_kc_revoke_bad_local),
MSG_KC_REVOKE_BAD_TIME (R.string.msg_kc_revoke_bad_time),
MSG_KC_REVOKE_BAD_TYPE (R.string.msg_kc_revoke_bad_type),
+ MSG_KC_REVOKE_BAD_TYPE_UID (R.string.msg_kc_revoke_bad_type_uid),
MSG_KC_REVOKE_BAD (R.string.msg_kc_revoke_bad),
MSG_KC_REVOKE_DUP (R.string.msg_kc_revoke_dup),
MSG_KC_SUB (R.string.msg_kc_sub),
@@ -276,6 +286,7 @@ public class OperationResultParcel implements Parcelable {
MSG_KC_UID_NO_CERT (R.string.msg_kc_uid_no_cert),
MSG_KC_UID_REVOKE_DUP (R.string.msg_kc_uid_revoke_dup),
MSG_KC_UID_REVOKE_OLD (R.string.msg_kc_uid_revoke_old),
+ MSG_KC_UID_REMOVE (R.string.msg_kc_uid_remove),
// keyring consolidation
@@ -285,9 +296,17 @@ public class OperationResultParcel implements Parcelable {
MSG_MG_HETEROGENEOUS (R.string.msg_mg_heterogeneous),
MSG_MG_NEW_SUBKEY (R.string.msg_mg_new_subkey),
MSG_MG_FOUND_NEW (R.string.msg_mg_found_new),
+ MSG_MG_UNCHANGED (R.string.msg_mg_unchanged),
// secret key create
- MSG_CR_ERROR_NO_MASTER (R.string.msg_mr),
+ MSG_CR (R.string.msg_cr),
+ MSG_CR_ERROR_NO_MASTER (R.string.msg_cr_error_no_master),
+ MSG_CR_ERROR_NO_USER_ID (R.string.msg_cr_error_no_user_id),
+ MSG_CR_ERROR_NO_CERTIFY (R.string.msg_cr_error_no_certify),
+ MSG_CR_ERROR_KEYSIZE_512 (R.string.msg_cr_error_keysize_512),
+ MSG_CR_ERROR_UNKNOWN_ALGO (R.string.msg_cr_error_unknown_algo),
+ MSG_CR_ERROR_INTERNAL_PGP (R.string.msg_cr_error_internal_pgp),
+ MSG_CR_ERROR_MASTER_ELGAMAL (R.string.msg_cr_error_master_elgamal),
// secret key modify
MSG_MF (R.string.msg_mr),
@@ -295,10 +314,13 @@ public class OperationResultParcel implements Parcelable {
MSG_MF_ERROR_FINGERPRINT (R.string.msg_mf_error_fingerprint),
MSG_MF_ERROR_KEYID (R.string.msg_mf_error_keyid),
MSG_MF_ERROR_INTEGRITY (R.string.msg_mf_error_integrity),
+ MSG_MF_ERROR_NOEXIST_PRIMARY (R.string.msg_mf_error_noexist_primary),
MSG_MF_ERROR_REVOKED_PRIMARY (R.string.msg_mf_error_revoked_primary),
MSG_MF_ERROR_PGP (R.string.msg_mf_error_pgp),
MSG_MF_ERROR_SIG (R.string.msg_mf_error_sig),
MSG_MF_PASSPHRASE (R.string.msg_mf_passphrase),
+ MSG_MF_PRIMARY_REPLACE_OLD (R.string.msg_mf_primary_replace_old),
+ MSG_MF_PRIMARY_NEW (R.string.msg_mf_primary_new),
MSG_MF_SUBKEY_CHANGE (R.string.msg_mf_subkey_change),
MSG_MF_SUBKEY_MISSING (R.string.msg_mf_subkey_missing),
MSG_MF_SUBKEY_NEW_ID (R.string.msg_mf_subkey_new_id),
@@ -309,6 +331,7 @@ public class OperationResultParcel implements Parcelable {
MSG_MF_UID_ADD (R.string.msg_mf_uid_add),
MSG_MF_UID_PRIMARY (R.string.msg_mf_uid_primary),
MSG_MF_UID_REVOKE (R.string.msg_mf_uid_revoke),
+ MSG_MF_UID_ERROR_EMPTY (R.string.msg_mf_uid_error_empty),
MSG_MF_UNLOCK_ERROR (R.string.msg_mf_unlock_error),
MSG_MF_UNLOCK (R.string.msg_mf_unlock),
;
@@ -340,7 +363,7 @@ public class OperationResultParcel implements Parcelable {
@Override
public void writeToParcel(Parcel dest, int flags) {
dest.writeInt(mResult);
- dest.writeTypedList(mLog);
+ dest.writeTypedList(mLog.toList());
}
public static final Creator CREATOR = new Creator() {
@@ -353,16 +376,19 @@ public class OperationResultParcel implements Parcelable {
}
};
- public static class OperationLog extends ArrayList {
+ public static class OperationLog implements Iterable {
+
+ private final List mParcels = new ArrayList();
/// Simple convenience method
public void add(LogLevel level, LogType type, int indent, Object... parameters) {
Log.d(Constants.TAG, type.toString());
- add(new OperationResultParcel.LogEntryParcel(level, type, indent, parameters));
+ mParcels.add(new OperationResultParcel.LogEntryParcel(level, type, indent, parameters));
}
public void add(LogLevel level, LogType type, int indent) {
- add(new OperationResultParcel.LogEntryParcel(level, type, indent, (Object[]) null));
+ Log.d(Constants.TAG, type.toString());
+ mParcels.add(new OperationResultParcel.LogEntryParcel(level, type, indent, (Object[]) null));
}
public LogEntryParcel getResultId() {
@@ -374,7 +400,7 @@ public class OperationResultParcel implements Parcelable {
}
public boolean containsWarnings() {
- for(LogEntryParcel entry : new IterableIterator(iterator())) {
+ for(LogEntryParcel entry : new IterableIterator(mParcels.iterator())) {
if (entry.mLevel == LogLevel.WARN || entry.mLevel == LogLevel.ERROR) {
return true;
}
@@ -382,6 +408,22 @@ public class OperationResultParcel implements Parcelable {
return false;
}
+ public void addAll(List parcels) {
+ mParcels.addAll(parcels);
+ }
+
+ public List toList() {
+ return mParcels;
+ }
+
+ public boolean isEmpty() {
+ return mParcels.isEmpty();
+ }
+
+ @Override
+ public Iterator iterator() {
+ return mParcels.iterator();
+ }
}
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
index 28f230f71..13d9b497f 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
@@ -20,11 +20,13 @@ package org.sufficientlysecure.keychain.service;
import android.app.AlarmManager;
import android.app.PendingIntent;
import android.app.Service;
+import android.app.NotificationManager;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Binder;
+import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.HandlerThread;
@@ -32,11 +34,15 @@ import android.os.IBinder;
import android.os.Message;
import android.os.Messenger;
import android.os.RemoteException;
+
import android.support.v4.util.LongSparseArray;
+import android.support.v4.app.NotificationCompat;
import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.helper.Preferences;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
+import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.util.Log;
@@ -54,6 +60,8 @@ public class PassphraseCacheService extends Service {
+ "PASSPHRASE_CACHE_ADD";
public static final String ACTION_PASSPHRASE_CACHE_GET = Constants.INTENT_PREFIX
+ "PASSPHRASE_CACHE_GET";
+ public static final String ACTION_PASSPHRASE_CACHE_CLEAR = Constants.INTENT_PREFIX
+ + "PASSPHRASE_CACHE_CLEAR";
public static final String BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE = Constants.INTENT_PREFIX
+ "PASSPHRASE_CACHE_BROADCAST";
@@ -62,13 +70,16 @@ public class PassphraseCacheService extends Service {
public static final String EXTRA_KEY_ID = "key_id";
public static final String EXTRA_PASSPHRASE = "passphrase";
public static final String EXTRA_MESSENGER = "messenger";
+ public static final String EXTRA_USERID = "userid";
private static final int REQUEST_ID = 0;
private static final long DEFAULT_TTL = 15;
+ private static final int NOTIFICATION_ID = 1;
+
private BroadcastReceiver mIntentReceiver;
- private LongSparseArray mPassphraseCache = new LongSparseArray();
+ private LongSparseArray mPassphraseCache = new LongSparseArray();
Context mContext;
@@ -81,14 +92,17 @@ public class PassphraseCacheService extends Service {
* @param keyId
* @param passphrase
*/
- public static void addCachedPassphrase(Context context, long keyId, String passphrase) {
+ public static void addCachedPassphrase(Context context, long keyId, String passphrase,
+ String primaryUserId) {
Log.d(Constants.TAG, "PassphraseCacheService.cacheNewPassphrase() for " + keyId);
Intent intent = new Intent(context, PassphraseCacheService.class);
intent.setAction(ACTION_PASSPHRASE_CACHE_ADD);
+
intent.putExtra(EXTRA_TTL, Preferences.getPreferences(context).getPassphraseCacheTtl());
intent.putExtra(EXTRA_PASSPHRASE, passphrase);
intent.putExtra(EXTRA_KEY_ID, keyId);
+ intent.putExtra(EXTRA_USERID, primaryUserId);
context.startService(intent);
}
@@ -159,11 +173,11 @@ public class PassphraseCacheService extends Service {
// passphrase for symmetric encryption?
if (keyId == Constants.key.symmetric) {
Log.d(Constants.TAG, "PassphraseCacheService.getCachedPassphraseImpl() for symmetric encryption");
- String cachedPassphrase = mPassphraseCache.get(Constants.key.symmetric);
+ String cachedPassphrase = mPassphraseCache.get(Constants.key.symmetric).getPassphrase();
if (cachedPassphrase == null) {
return null;
}
- addCachedPassphrase(this, Constants.key.symmetric, cachedPassphrase);
+ addCachedPassphrase(this, Constants.key.symmetric, cachedPassphrase, getString(R.string.passp_cache_notif_pwd));
return cachedPassphrase;
}
@@ -176,12 +190,16 @@ public class PassphraseCacheService extends Service {
if (!key.hasPassphrase()) {
Log.d(Constants.TAG, "Key has no passphrase! Caches and returns empty passphrase!");
- addCachedPassphrase(this, keyId, "");
+ try {
+ addCachedPassphrase(this, keyId, "", key.getPrimaryUserIdWithFallback());
+ } catch (PgpGeneralException e) {
+ Log.d(Constants.TAG, "PgpGeneralException occured");
+ }
return "";
}
// get cached passphrase
- String cachedPassphrase = mPassphraseCache.get(keyId);
+ CachedPassphrase cachedPassphrase = mPassphraseCache.get(keyId);
if (cachedPassphrase == null) {
Log.d(Constants.TAG, "PassphraseCacheService Passphrase not (yet) cached, returning null");
// not really an error, just means the passphrase is not cached but not empty either
@@ -190,8 +208,8 @@ public class PassphraseCacheService extends Service {
// set it again to reset the cache life cycle
Log.d(Constants.TAG, "PassphraseCacheService Cache passphrase again when getting it!");
- addCachedPassphrase(this, keyId, cachedPassphrase);
- return cachedPassphrase;
+ addCachedPassphrase(this, keyId, cachedPassphrase.getPassphrase(), cachedPassphrase.getPrimaryUserID());
+ return cachedPassphrase.getPassphrase();
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "PassphraseCacheService Passphrase for unknown key was requested!");
@@ -256,14 +274,16 @@ public class PassphraseCacheService extends Service {
if (ACTION_PASSPHRASE_CACHE_ADD.equals(intent.getAction())) {
long ttl = intent.getLongExtra(EXTRA_TTL, DEFAULT_TTL);
long keyId = intent.getLongExtra(EXTRA_KEY_ID, -1);
+
String passphrase = intent.getStringExtra(EXTRA_PASSPHRASE);
+ String primaryUserID = intent.getStringExtra(EXTRA_USERID);
Log.d(Constants.TAG,
"PassphraseCacheService Received ACTION_PASSPHRASE_CACHE_ADD intent in onStartCommand() with keyId: "
- + keyId + ", ttl: " + ttl);
+ + keyId + ", ttl: " + ttl + ", usrId: " + primaryUserID);
- // add keyId and passphrase to memory
- mPassphraseCache.put(keyId, passphrase);
+ // add keyId, passphrase and primary user id to memory
+ mPassphraseCache.put(keyId, new CachedPassphrase(passphrase, primaryUserID));
if (ttl > 0) {
// register new alarm with keyId for this passphrase
@@ -271,6 +291,9 @@ public class PassphraseCacheService extends Service {
AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE);
am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, keyId));
}
+
+ updateNotifications();
+
} else if (ACTION_PASSPHRASE_CACHE_GET.equals(intent.getAction())) {
long keyId = intent.getLongExtra(EXTRA_KEY_ID, -1);
Messenger messenger = intent.getParcelableExtra(EXTRA_MESSENGER);
@@ -286,6 +309,17 @@ public class PassphraseCacheService extends Service {
} catch (RemoteException e) {
Log.e(Constants.TAG, "PassphraseCacheService Sending message failed", e);
}
+ } else if (ACTION_PASSPHRASE_CACHE_CLEAR.equals(intent.getAction())) {
+ AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE);
+
+ // Stop all ttl alarms
+ for(int i = 0; i < mPassphraseCache.size(); i++) {
+ am.cancel(buildIntent(this, mPassphraseCache.keyAt(i)));
+ }
+
+ mPassphraseCache.clear();
+
+ updateNotifications();
} else {
Log.e(Constants.TAG, "PassphraseCacheService Intent or Intent Action not supported!");
}
@@ -311,6 +345,74 @@ public class PassphraseCacheService extends Service {
Log.d(Constants.TAG, "PassphraseCacheServic No passphrases remaining in memory, stopping service!");
stopSelf();
}
+
+ updateNotifications();
+ }
+
+ private void updateNotifications() {
+ NotificationManager notificationManager =
+ (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
+
+ if(mPassphraseCache.size() > 0) {
+ if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
+ NotificationCompat.Builder builder = new NotificationCompat.Builder(this);
+
+ builder.setSmallIcon(R.drawable.ic_launcher)
+ .setContentTitle(getString(R.string.app_name))
+ .setContentText(String.format(getString(R.string.passp_cache_notif_n_keys), mPassphraseCache.size()));
+
+ NotificationCompat.InboxStyle inboxStyle = new NotificationCompat.InboxStyle();
+
+ inboxStyle.setBigContentTitle(getString(R.string.passp_cache_notif_keys));
+
+ // Moves events into the big view
+ for (int i = 0; i < mPassphraseCache.size(); i++) {
+ inboxStyle.addLine(mPassphraseCache.valueAt(i).getPrimaryUserID());
+ }
+
+ // Moves the big view style object into the notification object.
+ builder.setStyle(inboxStyle);
+
+ // Add purging action
+ Intent intent = new Intent(getApplicationContext(), PassphraseCacheService.class);
+ intent.setAction(ACTION_PASSPHRASE_CACHE_CLEAR);
+ builder.addAction(
+ R.drawable.abc_ic_clear_normal,
+ getString(R.string.passp_cache_notif_clear),
+ PendingIntent.getService(
+ getApplicationContext(),
+ 0,
+ intent,
+ PendingIntent.FLAG_UPDATE_CURRENT
+ )
+ );
+
+ notificationManager.notify(NOTIFICATION_ID, builder.build());
+ } else { // Fallback, since expandable notifications weren't available back then
+ NotificationCompat.Builder builder = new NotificationCompat.Builder(this);
+
+ builder.setSmallIcon(R.drawable.ic_launcher)
+ .setContentTitle(String.format(getString(R.string.passp_cache_notif_n_keys, mPassphraseCache.size())))
+ .setContentText(getString(R.string.passp_cache_notif_click_to_clear));
+
+ Intent intent = new Intent(getApplicationContext(), PassphraseCacheService.class);
+ intent.setAction(ACTION_PASSPHRASE_CACHE_CLEAR);
+
+ builder.setContentIntent(
+ PendingIntent.getService(
+ getApplicationContext(),
+ 0,
+ intent,
+ PendingIntent.FLAG_UPDATE_CURRENT
+ )
+ );
+
+ notificationManager.notify(NOTIFICATION_ID, builder.build());
+ }
+
+ } else {
+ notificationManager.cancel(NOTIFICATION_ID);
+ }
}
@Override
@@ -341,4 +443,27 @@ public class PassphraseCacheService extends Service {
private final IBinder mBinder = new PassphraseCacheBinder();
-}
+ public class CachedPassphrase {
+ private String primaryUserID;
+ private String passphrase;
+
+ public CachedPassphrase(String passphrase, String primaryUserID) {
+ setPassphrase(passphrase);
+ setPrimaryUserID(primaryUserID);
+ }
+
+ public String getPrimaryUserID() {
+ return primaryUserID;
+ }
+ public String getPassphrase() {
+ return passphrase;
+ }
+
+ public void setPrimaryUserID(String primaryUserID) {
+ this.primaryUserID = primaryUserID;
+ }
+ public void setPassphrase(String passphrase) {
+ this.passphrase = passphrase;
+ }
+ }
+}
\ No newline at end of file
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java
index a56095767..5e90b396e 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java
@@ -27,23 +27,19 @@ public class SaveKeyringParcel implements Parcelable {
// the key fingerprint, for safety. MUST be null for a new key.
public byte[] mFingerprint;
- public String newPassphrase;
+ public String mNewPassphrase;
- public ArrayList addUserIds;
- public ArrayList addSubKeys;
+ public ArrayList mAddUserIds;
+ public ArrayList mAddSubKeys;
- public ArrayList changeSubKeys;
- public String changePrimaryUserId;
+ public ArrayList mChangeSubKeys;
+ public String mChangePrimaryUserId;
- public ArrayList revokeUserIds;
- public ArrayList revokeSubKeys;
+ public ArrayList mRevokeUserIds;
+ public ArrayList mRevokeSubKeys;
public SaveKeyringParcel() {
- addUserIds = new ArrayList();
- addSubKeys = new ArrayList();
- changeSubKeys = new ArrayList();
- revokeUserIds = new ArrayList();
- revokeSubKeys = new ArrayList();
+ reset();
}
public SaveKeyringParcel(long masterKeyId, byte[] fingerprint) {
@@ -52,6 +48,16 @@ public class SaveKeyringParcel implements Parcelable {
mFingerprint = fingerprint;
}
+ public void reset() {
+ mNewPassphrase = null;
+ mAddUserIds = new ArrayList();
+ mAddSubKeys = new ArrayList();
+ mChangePrimaryUserId = null;
+ mChangeSubKeys = new ArrayList();
+ mRevokeUserIds = new ArrayList();
+ mRevokeSubKeys = new ArrayList();
+ }
+
// performance gain for using Parcelable here would probably be negligible,
// use Serializable instead.
public static class SubkeyAdd implements Serializable {
@@ -70,6 +76,7 @@ public class SaveKeyringParcel implements Parcelable {
public static class SubkeyChange implements Serializable {
public long mKeyId;
public Integer mFlags;
+ // this is a long unix timestamp, in seconds (NOT MILLISECONDS!)
public Long mExpiry;
public SubkeyChange(long keyId, Integer flags, Long expiry) {
mKeyId = keyId;
@@ -82,16 +89,16 @@ public class SaveKeyringParcel implements Parcelable {
mMasterKeyId = source.readInt() != 0 ? source.readLong() : null;
mFingerprint = source.createByteArray();
- newPassphrase = source.readString();
+ mNewPassphrase = source.readString();
- addUserIds = source.createStringArrayList();
- addSubKeys = (ArrayList) source.readSerializable();
+ mAddUserIds = source.createStringArrayList();
+ mAddSubKeys = (ArrayList) source.readSerializable();
- changeSubKeys = (ArrayList) source.readSerializable();
- changePrimaryUserId = source.readString();
+ mChangeSubKeys = (ArrayList) source.readSerializable();
+ mChangePrimaryUserId = source.readString();
- revokeUserIds = source.createStringArrayList();
- revokeSubKeys = (ArrayList) source.readSerializable();
+ mRevokeUserIds = source.createStringArrayList();
+ mRevokeSubKeys = (ArrayList) source.readSerializable();
}
@Override
@@ -102,16 +109,16 @@ public class SaveKeyringParcel implements Parcelable {
}
destination.writeByteArray(mFingerprint);
- destination.writeString(newPassphrase);
+ destination.writeString(mNewPassphrase);
- destination.writeStringList(addUserIds);
- destination.writeSerializable(addSubKeys);
+ destination.writeStringList(mAddUserIds);
+ destination.writeSerializable(mAddSubKeys);
- destination.writeSerializable(changeSubKeys);
- destination.writeString(changePrimaryUserId);
+ destination.writeSerializable(mChangeSubKeys);
+ destination.writeString(mChangePrimaryUserId);
- destination.writeStringList(revokeUserIds);
- destination.writeSerializable(revokeSubKeys);
+ destination.writeStringList(mRevokeUserIds);
+ destination.writeSerializable(mRevokeSubKeys);
}
public static final Creator CREATOR = new Creator() {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java
deleted file mode 100644
index a565f0707..000000000
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/KeyringTestingHelper.java
+++ /dev/null
@@ -1,56 +0,0 @@
-package org.sufficientlysecure.keychain.testsupport;
-
-import android.content.Context;
-
-import org.sufficientlysecure.keychain.pgp.NullProgressable;
-import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.service.OperationResults;
-
-import java.util.Collection;
-
-/**
- * Helper for tests of the Keyring import in ProviderHelper.
- */
-public class KeyringTestingHelper {
-
- private final Context context;
-
- public KeyringTestingHelper(Context robolectricContext) {
- this.context = robolectricContext;
- }
-
- public boolean addKeyring(Collection blobFiles) throws Exception {
-
- ProviderHelper providerHelper = new ProviderHelper(context);
-
- byte[] data = TestDataUtil.readAllFully(blobFiles);
- UncachedKeyRing ring = UncachedKeyRing.decodeFromData(data);
- long masterKeyId = ring.getMasterKeyId();
-
- // Should throw an exception; key is not yet saved
- retrieveKeyAndExpectNotFound(providerHelper, masterKeyId);
-
- OperationResults.SaveKeyringResult saveKeyringResult = providerHelper.savePublicKeyRing(ring, new NullProgressable());
-
- boolean saveSuccess = saveKeyringResult.success();
-
- // Now re-retrieve the saved key. Should not throw an exception.
- providerHelper.getWrappedPublicKeyRing(masterKeyId);
-
- // A different ID should still fail
- retrieveKeyAndExpectNotFound(providerHelper, masterKeyId - 1);
-
- return saveSuccess;
- }
-
-
- private void retrieveKeyAndExpectNotFound(ProviderHelper providerHelper, long masterKeyId) {
- try {
- providerHelper.getWrappedPublicKeyRing(masterKeyId);
- throw new AssertionError("Was expecting the previous call to fail!");
- } catch (ProviderHelper.NotFoundException expectedException) {
- // good
- }
- }
-}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java
deleted file mode 100644
index c6d834bf9..000000000
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/ProviderHelperStub.java
+++ /dev/null
@@ -1,22 +0,0 @@
-package org.sufficientlysecure.keychain.testsupport;
-
-import android.content.Context;
-import android.net.Uri;
-
-import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
-import org.sufficientlysecure.keychain.provider.ProviderHelper;
-
-/**
- * Created by art on 21/06/14.
- */
-class ProviderHelperStub extends ProviderHelper {
- public ProviderHelperStub(Context context) {
- super(context);
- }
-
- @Override
- public WrappedPublicKeyRing getWrappedPublicKeyRing(Uri id) throws NotFoundException {
- byte[] data = TestDataUtil.readFully(getClass().getResourceAsStream("/public-key-for-sample.blob"));
- return new WrappedPublicKeyRing(data, false, 0);
- }
-}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java
deleted file mode 100644
index 9e6ede761..000000000
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/TestDataUtil.java
+++ /dev/null
@@ -1,44 +0,0 @@
-package org.sufficientlysecure.keychain.testsupport;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Collection;
-
-/**
- * Misc support functions. Would just use Guava / Apache Commons but
- * avoiding extra dependencies.
- */
-public class TestDataUtil {
- public static byte[] readFully(InputStream input) {
- ByteArrayOutputStream output = new ByteArrayOutputStream();
- appendToOutput(input, output);
- return output.toByteArray();
- }
-
- private static void appendToOutput(InputStream input, ByteArrayOutputStream output) {
- byte[] buffer = new byte[8192];
- int bytesRead;
- try {
- while ((bytesRead = input.read(buffer)) != -1) {
- output.write(buffer, 0, bytesRead);
- }
- } catch (IOException e) {
- throw new RuntimeException(e);
- }
- }
-
- public static byte[] readAllFully(Collection inputResources) {
- ByteArrayOutputStream output = new ByteArrayOutputStream();
-
- for (String inputResource : inputResources) {
- appendToOutput(getResourceAsStream(inputResource), output);
- }
- return output.toByteArray();
- }
-
-
- public static InputStream getResourceAsStream(String resourceName) {
- return TestDataUtil.class.getResourceAsStream(resourceName);
- }
-}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java
deleted file mode 100644
index 1cc0f9a95..000000000
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/testsupport/package-info.java
+++ /dev/null
@@ -1,7 +0,0 @@
-/**
- * Test support classes.
- * This is only in main code because of gradle-Android Studio-robolectric issues. Having
- * classes in main code means IDE autocomplete, class detection, etc., all works.
- * TODO Move into test package when possible
- */
-package org.sufficientlysecure.keychain.testsupport;
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyActivity.java
new file mode 100644
index 000000000..fe1b7e688
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyActivity.java
@@ -0,0 +1,189 @@
+/*
+ * Copyright (C) 2014 Dominik Schürmann
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.ui;
+
+import android.app.ProgressDialog;
+import android.content.Context;
+import android.content.Intent;
+import android.os.Bundle;
+import android.os.Message;
+import android.os.Messenger;
+import android.support.v7.app.ActionBarActivity;
+import android.text.Editable;
+import android.text.TextWatcher;
+import android.util.Patterns;
+import android.view.View;
+import android.widget.ArrayAdapter;
+import android.widget.AutoCompleteTextView;
+import android.widget.Button;
+import android.widget.EditText;
+
+import org.spongycastle.bcpg.sig.KeyFlags;
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.helper.ContactHelper;
+import org.sufficientlysecure.keychain.service.KeychainIntentService;
+import org.sufficientlysecure.keychain.service.KeychainIntentServiceHandler;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
+
+import java.util.regex.Matcher;
+
+public class CreateKeyActivity extends ActionBarActivity {
+
+ AutoCompleteTextView mNameEdit;
+ AutoCompleteTextView mEmailEdit;
+ EditText mPassphraseEdit;
+ Button mCreateButton;
+
+ @Override
+ protected void onCreate(Bundle savedInstanceState) {
+ super.onCreate(savedInstanceState);
+
+ setContentView(R.layout.create_key_activity);
+
+ mNameEdit = (AutoCompleteTextView) findViewById(R.id.name);
+ mEmailEdit = (AutoCompleteTextView) findViewById(R.id.email);
+ mPassphraseEdit = (EditText) findViewById(R.id.passphrase);
+ mCreateButton = (Button) findViewById(R.id.create_key_button);
+
+ mEmailEdit.setThreshold(1); // Start working from first character
+ mEmailEdit.setAdapter(
+ new ArrayAdapter
+ (this, android.R.layout.simple_spinner_dropdown_item,
+ ContactHelper.getPossibleUserEmails(this)
+ )
+ );
+ mEmailEdit.addTextChangedListener(new TextWatcher() {
+ @Override
+ public void beforeTextChanged(CharSequence charSequence, int i, int i2, int i3) {
+ }
+
+ @Override
+ public void onTextChanged(CharSequence charSequence, int i, int i2, int i3) {
+ }
+
+ @Override
+ public void afterTextChanged(Editable editable) {
+ String email = editable.toString();
+ if (email.length() > 0) {
+ Matcher emailMatcher = Patterns.EMAIL_ADDRESS.matcher(email);
+ if (emailMatcher.matches()) {
+ mEmailEdit.setCompoundDrawablesWithIntrinsicBounds(0, 0,
+ R.drawable.uid_mail_ok, 0);
+ } else {
+ mEmailEdit.setCompoundDrawablesWithIntrinsicBounds(0, 0,
+ R.drawable.uid_mail_bad, 0);
+ }
+ } else {
+ // remove drawable if email is empty
+ mEmailEdit.setCompoundDrawablesWithIntrinsicBounds(0, 0, 0, 0);
+ }
+ }
+ });
+
+ mNameEdit.setThreshold(1); // Start working from first character
+ mNameEdit.setAdapter(
+ new ArrayAdapter
+ (this, android.R.layout.simple_spinner_dropdown_item,
+ ContactHelper.getPossibleUserNames(this)
+ )
+ );
+
+ mCreateButton.setOnClickListener(new View.OnClickListener() {
+ @Override
+ public void onClick(View v) {
+ createKeyCheck();
+ }
+ });
+
+ }
+
+ private void createKeyCheck() {
+ if (isEditTextNotEmpty(this, mNameEdit)
+ && isEditTextNotEmpty(this, mEmailEdit)
+ && isEditTextNotEmpty(this, mPassphraseEdit)) {
+ createKey();
+ }
+ }
+
+ private void createKey() {
+ Intent intent = new Intent(this, KeychainIntentService.class);
+ intent.setAction(KeychainIntentService.ACTION_SAVE_KEYRING);
+
+ // Message is received after importing is done in KeychainIntentService
+ KeychainIntentServiceHandler saveHandler = new KeychainIntentServiceHandler(
+ this,
+ getString(R.string.progress_importing),
+ ProgressDialog.STYLE_HORIZONTAL) {
+ public void handleMessage(Message message) {
+ // handle messages by standard KeychainIntentServiceHandler first
+ super.handleMessage(message);
+
+ if (message.arg1 == KeychainIntentServiceHandler.MESSAGE_OKAY) {
+ CreateKeyActivity.this.setResult(RESULT_OK);
+ CreateKeyActivity.this.finish();
+ }
+ }
+ };
+
+ // fill values for this action
+ Bundle data = new Bundle();
+
+ SaveKeyringParcel parcel = new SaveKeyringParcel();
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(Constants.choice.algorithm.rsa, 4096, KeyFlags.CERTIFY_OTHER, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(Constants.choice.algorithm.rsa, 4096, KeyFlags.SIGN_DATA, null));
+ parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(Constants.choice.algorithm.rsa, 4096, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, null));
+ String userId = mNameEdit.getText().toString() + " <" + mEmailEdit.getText().toString() + ">";
+ parcel.mAddUserIds.add(userId);
+ parcel.mNewPassphrase = mPassphraseEdit.getText().toString();
+
+ // get selected key entries
+ data.putParcelable(KeychainIntentService.SAVE_KEYRING_PARCEL, parcel);
+
+ intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
+
+ // Create a new Messenger for the communication back
+ Messenger messenger = new Messenger(saveHandler);
+ intent.putExtra(KeychainIntentService.EXTRA_MESSENGER, messenger);
+
+ saveHandler.showProgressDialog(this);
+
+ startService(intent);
+ }
+
+ /**
+ * Checks if text of given EditText is not empty. If it is empty an error is
+ * set and the EditText gets the focus.
+ *
+ * @param context
+ * @param editText
+ * @return true if EditText is not empty
+ */
+ private static boolean isEditTextNotEmpty(Context context, EditText editText) {
+ boolean output = true;
+ if (editText.getText().toString().length() == 0) {
+ editText.setError("empty!");
+ editText.requestFocus();
+ output = false;
+ } else {
+ editText.setError(null);
+ }
+
+ return output;
+ }
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java
index c76dc0164..b41871a39 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java
@@ -54,12 +54,15 @@ import org.sufficientlysecure.keychain.ui.adapter.SubkeysAdapter;
import org.sufficientlysecure.keychain.ui.adapter.SubkeysAddedAdapter;
import org.sufficientlysecure.keychain.ui.adapter.UserIdsAdapter;
import org.sufficientlysecure.keychain.ui.adapter.UserIdsAddedAdapter;
+import org.sufficientlysecure.keychain.ui.dialog.ChangeExpiryDialogFragment;
+import org.sufficientlysecure.keychain.ui.dialog.EditSubkeyDialogFragment;
import org.sufficientlysecure.keychain.ui.dialog.EditUserIdDialogFragment;
import org.sufficientlysecure.keychain.ui.dialog.PassphraseDialogFragment;
import org.sufficientlysecure.keychain.ui.dialog.SetPassphraseDialogFragment;
import org.sufficientlysecure.keychain.util.Log;
import java.util.ArrayList;
+import java.util.Date;
public class EditKeyFragment extends LoaderFragment implements
LoaderManager.LoaderCallbacks {
@@ -214,10 +217,18 @@ public class EditKeyFragment extends LoaderFragment implements
mUserIdsAddedAdapter = new UserIdsAddedAdapter(getActivity(), mUserIdsAddedData);
mUserIdsAddedList.setAdapter(mUserIdsAddedAdapter);
- mSubkeysAdapter = new SubkeysAdapter(getActivity(), null, 0);
+ mSubkeysAdapter = new SubkeysAdapter(getActivity(), null, 0, mSaveKeyringParcel);
mSubkeysList.setAdapter(mSubkeysAdapter);
- mSubkeysAddedAdapter = new SubkeysAddedAdapter(getActivity(), mSaveKeyringParcel.addSubKeys);
+ mSubkeysList.setOnItemClickListener(new AdapterView.OnItemClickListener() {
+ @Override
+ public void onItemClick(AdapterView parent, View view, int position, long id) {
+ long keyId = mSubkeysAdapter.getKeyId(position);
+ editSubkey(keyId);
+ }
+ });
+
+ mSubkeysAddedAdapter = new SubkeysAddedAdapter(getActivity(), mSaveKeyringParcel.mAddSubKeys);
mSubkeysAddedList.setAdapter(mSubkeysAddedAdapter);
// Prepare the loaders. Either re-connect with an existing ones,
@@ -287,7 +298,7 @@ public class EditKeyFragment extends LoaderFragment implements
Bundle data = message.getData();
// cache new returned passphrase!
- mSaveKeyringParcel.newPassphrase = data
+ mSaveKeyringParcel.mNewPassphrase = data
.getString(SetPassphraseDialogFragment.MESSAGE_NEW_PASSPHRASE);
}
}
@@ -309,19 +320,19 @@ public class EditKeyFragment extends LoaderFragment implements
switch (message.what) {
case EditUserIdDialogFragment.MESSAGE_CHANGE_PRIMARY_USER_ID:
// toggle
- if (mSaveKeyringParcel.changePrimaryUserId != null
- && mSaveKeyringParcel.changePrimaryUserId.equals(userId)) {
- mSaveKeyringParcel.changePrimaryUserId = null;
+ if (mSaveKeyringParcel.mChangePrimaryUserId != null
+ && mSaveKeyringParcel.mChangePrimaryUserId.equals(userId)) {
+ mSaveKeyringParcel.mChangePrimaryUserId = null;
} else {
- mSaveKeyringParcel.changePrimaryUserId = userId;
+ mSaveKeyringParcel.mChangePrimaryUserId = userId;
}
break;
case EditUserIdDialogFragment.MESSAGE_REVOKE:
// toggle
- if (mSaveKeyringParcel.revokeUserIds.contains(userId)) {
- mSaveKeyringParcel.revokeUserIds.remove(userId);
+ if (mSaveKeyringParcel.mRevokeUserIds.contains(userId)) {
+ mSaveKeyringParcel.mRevokeUserIds.remove(userId);
} else {
- mSaveKeyringParcel.revokeUserIds.add(userId);
+ mSaveKeyringParcel.mRevokeUserIds.add(userId);
}
break;
}
@@ -342,6 +353,72 @@ public class EditKeyFragment extends LoaderFragment implements
});
}
+ private void editSubkey(final long keyId) {
+ Handler returnHandler = new Handler() {
+ @Override
+ public void handleMessage(Message message) {
+ switch (message.what) {
+ case EditSubkeyDialogFragment.MESSAGE_CHANGE_EXPIRY:
+ editSubkeyExpiry(keyId);
+ break;
+ case EditSubkeyDialogFragment.MESSAGE_REVOKE:
+ // toggle
+ if (mSaveKeyringParcel.mRevokeSubKeys.contains(keyId)) {
+ mSaveKeyringParcel.mRevokeSubKeys.remove(keyId);
+ } else {
+ mSaveKeyringParcel.mRevokeSubKeys.add(keyId);
+ }
+ break;
+ }
+ getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
+ }
+ };
+
+ // Create a new Messenger for the communication back
+ final Messenger messenger = new Messenger(returnHandler);
+
+ DialogFragmentWorkaround.INTERFACE.runnableRunDelayed(new Runnable() {
+ public void run() {
+ EditSubkeyDialogFragment dialogFragment =
+ EditSubkeyDialogFragment.newInstance(messenger);
+
+ dialogFragment.show(getActivity().getSupportFragmentManager(), "editSubkeyDialog");
+ }
+ });
+ }
+
+ private void editSubkeyExpiry(final long keyId) {
+ Handler returnHandler = new Handler() {
+ @Override
+ public void handleMessage(Message message) {
+ switch (message.what) {
+ case ChangeExpiryDialogFragment.MESSAGE_NEW_EXPIRY_DATE:
+ // toggle
+// if (mSaveKeyringParcel.changePrimaryUserId != null
+// && mSaveKeyringParcel.changePrimaryUserId.equals(userId)) {
+// mSaveKeyringParcel.changePrimaryUserId = null;
+// } else {
+// mSaveKeyringParcel.changePrimaryUserId = userId;
+// }
+ break;
+ }
+ getLoaderManager().getLoader(LOADER_ID_SUBKEYS).forceLoad();
+ }
+ };
+
+ // Create a new Messenger for the communication back
+ final Messenger messenger = new Messenger(returnHandler);
+
+ DialogFragmentWorkaround.INTERFACE.runnableRunDelayed(new Runnable() {
+ public void run() {
+ ChangeExpiryDialogFragment dialogFragment =
+ ChangeExpiryDialogFragment.newInstance(messenger, new Date(), new Date());
+
+ dialogFragment.show(getActivity().getSupportFragmentManager(), "editSubkeyExpiryDialog");
+ }
+ });
+ }
+
private void addUserId() {
mUserIdsAddedAdapter.add(new UserIdsAddedAdapter.UserIdModel());
}
@@ -373,10 +450,11 @@ public class EditKeyFragment extends LoaderFragment implements
}
private void save(String passphrase) {
- Log.d(Constants.TAG, "add userids to parcel: " + mUserIdsAddedAdapter.getDataAsStringList());
- Log.d(Constants.TAG, "mSaveKeyringParcel.newPassphrase: " + mSaveKeyringParcel.newPassphrase);
+ mSaveKeyringParcel.mAddUserIds = mUserIdsAddedAdapter.getDataAsStringList();
- mSaveKeyringParcel.addUserIds = mUserIdsAddedAdapter.getDataAsStringList();
+ Log.d(Constants.TAG, "mSaveKeyringParcel.mAddUserIds: " + mSaveKeyringParcel.mAddUserIds);
+ Log.d(Constants.TAG, "mSaveKeyringParcel.mNewPassphrase: " + mSaveKeyringParcel.mNewPassphrase);
+ Log.d(Constants.TAG, "mSaveKeyringParcel.mRevokeUserIds: " + mSaveKeyringParcel.mRevokeUserIds);
// Message is received after importing is done in KeychainIntentService
KeychainIntentServiceHandler saveHandler = new KeychainIntentServiceHandler(
@@ -432,4 +510,4 @@ public class EditKeyFragment extends LoaderFragment implements
// start service with intent
getActivity().startService(intent);
}
-}
\ No newline at end of file
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java
index 51963e963..dc0510189 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java
@@ -198,7 +198,7 @@ public class EncryptAsymmetricFragment extends Fragment {
String[] userId;
try {
userId = mProviderHelper.getCachedPublicKeyRing(
- KeyRings.buildUnifiedKeyRingUri(mSecretKeyId)).getSplitPrimaryUserId();
+ KeyRings.buildUnifiedKeyRingUri(mSecretKeyId)).getSplitPrimaryUserIdWithFallback();
} catch (PgpGeneralException e) {
userId = null;
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/FirstTimeActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/FirstTimeActivity.java
new file mode 100644
index 000000000..4271b2d5a
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/FirstTimeActivity.java
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2014 Dominik Schürmann
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.ui;
+
+import android.content.Intent;
+import android.os.Bundle;
+import android.support.v7.app.ActionBarActivity;
+import android.view.View;
+import android.view.Window;
+import android.widget.Button;
+
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.helper.Preferences;
+
+public class FirstTimeActivity extends ActionBarActivity {
+
+ Button mCreateKey;
+ Button mImportKey;
+ Button mSkipSetup;
+
+ @Override
+ protected void onCreate(Bundle savedInstanceState) {
+ super.onCreate(savedInstanceState);
+
+ supportRequestWindowFeature(Window.FEATURE_NO_TITLE);
+
+ setContentView(R.layout.first_time_activity);
+
+ mCreateKey = (Button) findViewById(R.id.first_time_create_key);
+ mImportKey = (Button) findViewById(R.id.first_time_import_key);
+ mSkipSetup = (Button) findViewById(R.id.first_time_cancel);
+
+ mSkipSetup.setOnClickListener(new View.OnClickListener() {
+ @Override
+ public void onClick(View v) {
+ finishSetup();
+ }
+ });
+
+ mImportKey.setOnClickListener(new View.OnClickListener() {
+ @Override
+ public void onClick(View v) {
+ Intent intent = new Intent(FirstTimeActivity.this, ImportKeysActivity.class);
+ intent.setAction(ImportKeysActivity.ACTION_IMPORT_KEY_FROM_FILE_AND_RETURN);
+ startActivityForResult(intent, 1);
+ }
+ });
+
+ mCreateKey.setOnClickListener(new View.OnClickListener() {
+ @Override
+ public void onClick(View v) {
+ Intent intent = new Intent(FirstTimeActivity.this, CreateKeyActivity.class);
+ startActivityForResult(intent, 1);
+ }
+ });
+
+ }
+
+ @Override
+ protected void onActivityResult(int requestCode, int resultCode, Intent data) {
+ super.onActivityResult(requestCode, resultCode, data);
+
+ if (resultCode == RESULT_OK) {
+ finishSetup();
+ }
+ }
+
+ private void finishSetup() {
+ Preferences prefs = Preferences.getPreferences(this);
+ prefs.setFirstTime(false);
+ Intent intent = new Intent(FirstTimeActivity.this, KeyListActivity.class);
+ startActivity(intent);
+ finish();
+ }
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java
index c219fb98c..aaf9f7cbf 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/KeyListActivity.java
@@ -17,25 +17,17 @@
package org.sufficientlysecure.keychain.ui;
-import android.app.ProgressDialog;
import android.content.Intent;
import android.os.Bundle;
-import android.os.Message;
-import android.os.Messenger;
import android.view.Menu;
import android.view.MenuItem;
-import org.spongycastle.bcpg.sig.KeyFlags;
import org.sufficientlysecure.keychain.Constants;
-import org.sufficientlysecure.keychain.Constants.choice.algorithm;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.helper.ExportHelper;
+import org.sufficientlysecure.keychain.helper.Preferences;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.KeychainDatabase;
-import org.sufficientlysecure.keychain.service.KeychainIntentService;
-import org.sufficientlysecure.keychain.service.KeychainIntentServiceHandler;
-import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
-import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
import org.sufficientlysecure.keychain.util.Log;
import org.sufficientlysecure.keychain.util.Notify;
@@ -49,6 +41,14 @@ public class KeyListActivity extends DrawerActivity {
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
+ // if this is the first time show first time activity
+ Preferences prefs = Preferences.getPreferences(this);
+ if (prefs.isFirstTime()) {
+ startActivity(new Intent(this, FirstTimeActivity.class));
+ finish();
+ return;
+ }
+
mExportHelper = new ExportHelper(this);
setContentView(R.layout.key_list_activity);
@@ -62,9 +62,10 @@ public class KeyListActivity extends DrawerActivity {
super.onCreateOptionsMenu(menu);
getMenuInflater().inflate(R.menu.key_list, menu);
- if(Constants.DEBUG) {
+ if (Constants.DEBUG) {
menu.findItem(R.id.menu_key_list_debug_read).setVisible(true);
menu.findItem(R.id.menu_key_list_debug_write).setVisible(true);
+ menu.findItem(R.id.menu_key_list_debug_first_time).setVisible(true);
}
return true;
@@ -81,10 +82,6 @@ public class KeyListActivity extends DrawerActivity {
createKey();
return true;
- case R.id.menu_key_list_create_expert:
- createKeyExpert();
- return true;
-
case R.id.menu_key_list_export:
mExportHelper.showExportKeysDialog(null, Constants.Path.APP_DIR_FILE, true);
return true;
@@ -94,7 +91,7 @@ public class KeyListActivity extends DrawerActivity {
KeychainDatabase.debugRead(this);
Notify.showNotify(this, "Restored Notify.Style backup", Notify.Style.INFO);
getContentResolver().notifyChange(KeychainContract.KeyRings.CONTENT_URI, null);
- } catch(IOException e) {
+ } catch (IOException e) {
Log.e(Constants.TAG, "IO Error", e);
Notify.showNotify(this, "IO Notify.Style: " + e.getMessage(), Notify.Style.ERROR);
}
@@ -110,6 +107,12 @@ public class KeyListActivity extends DrawerActivity {
}
return true;
+ case R.id.menu_key_list_debug_first_time:
+ Intent intent = new Intent(this, FirstTimeActivity.class);
+ startActivity(intent);
+ finish();
+ return true;
+
default:
return super.onOptionsItemSelected(item);
}
@@ -121,50 +124,8 @@ public class KeyListActivity extends DrawerActivity {
}
private void createKey() {
- Intent intent = new Intent(this, WizardActivity.class);
-// intent.setAction(EditKeyActivity.ACTION_CREATE_KEY);
-// intent.putExtra(EditKeyActivity.EXTRA_GENERATE_DEFAULT_KEYS, true);
-// intent.putExtra(EditKeyActivity.EXTRA_USER_IDS, ""); // show user id view
- startActivityForResult(intent, 0);
+ Intent intent = new Intent(this, CreateKeyActivity.class);
+ startActivity(intent);
}
- private void createKeyExpert() {
- Intent intent = new Intent(this, KeychainIntentService.class);
- intent.setAction(KeychainIntentService.ACTION_SAVE_KEYRING);
-
- // Message is received after importing is done in KeychainIntentService
- KeychainIntentServiceHandler saveHandler = new KeychainIntentServiceHandler(
- this,
- getString(R.string.progress_importing),
- ProgressDialog.STYLE_HORIZONTAL) {
- public void handleMessage(Message message) {
- // handle messages by standard KeychainIntentServiceHandler first
- super.handleMessage(message);
- Bundle data = message.getData();
- // OtherHelper.logDebugBundle(data, "message reply");
- }
- };
-
- // fill values for this action
- Bundle data = new Bundle();
-
- SaveKeyringParcel parcel = new SaveKeyringParcel();
- parcel.addSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.CERTIFY_OTHER, null));
- parcel.addSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA, null));
- parcel.addUserIds.add("swagerinho");
- parcel.newPassphrase = "swag";
-
- // get selected key entries
- data.putParcelable(KeychainIntentService.SAVE_KEYRING_PARCEL, parcel);
-
- intent.putExtra(KeychainIntentService.EXTRA_DATA, data);
-
- // Create a new Messenger for the communication back
- Messenger messenger = new Messenger(saveHandler);
- intent.putExtra(KeychainIntentService.EXTRA_MESSENGER, messenger);
-
- saveHandler.showProgressDialog(this);
-
- startService(intent);
- }
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java
index 67317de6e..75c967c60 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java
@@ -43,6 +43,7 @@ import org.sufficientlysecure.keychain.util.Log;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.List;
public class LogDisplayFragment extends ListFragment implements OnTouchListener {
@@ -135,7 +136,7 @@ public class LogDisplayFragment extends ListFragment implements OnTouchListener
private LayoutInflater mInflater;
private int dipFactor;
- public LogAdapter(Context context, ArrayList log, LogLevel level) {
+ public LogAdapter(Context context, OperationResultParcel.OperationLog log, LogLevel level) {
super(context, R.layout.log_display_item);
mInflater = LayoutInflater.from(getContext());
dipFactor = (int) TypedValue.applyDimension(TypedValue.COMPLEX_UNIT_DIP,
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java
index 448d29156..dcacdbc9d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java
@@ -121,6 +121,9 @@ public class PreferencesActivity extends PreferenceActivity {
initializeForceV3Signatures(
(CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
+ initializeConcealPgpApplication(
+ (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
+
} else if (Build.VERSION.SDK_INT < Build.VERSION_CODES.HONEYCOMB) {
// Load the legacy preferences headers
addPreferencesFromResource(R.xml.preference_headers_legacy);
@@ -264,6 +267,9 @@ public class PreferencesActivity extends PreferenceActivity {
initializeForceV3Signatures(
(CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
+
+ initializeConcealPgpApplication(
+ (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
}
}
@@ -396,4 +402,15 @@ public class PreferencesActivity extends PreferenceActivity {
}
});
}
+
+ private static void initializeConcealPgpApplication(final CheckBoxPreference mConcealPgpApplication) {
+ mConcealPgpApplication.setChecked(sPreferences.getConcealPgpApplication());
+ mConcealPgpApplication.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
+ public boolean onPreferenceChange(Preference preference, Object newValue) {
+ mConcealPgpApplication.setChecked((Boolean) newValue);
+ sPreferences.setConcealPgpApplication((Boolean) newValue);
+ return false;
+ }
+ });
+ }
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java
index c7fffe263..cfdea0611 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java
@@ -149,8 +149,8 @@ public class ViewCertActivity extends ActionBarActivity
providerHelper.getWrappedPublicKeyRing(sig.getKeyId());
try {
- sig.init(signerRing.getSubkey());
- if (sig.verifySignature(signeeRing.getSubkey(), signeeUid)) {
+ sig.init(signerRing.getPublicKey());
+ if (sig.verifySignature(signeeRing.getPublicKey(), signeeUid)) {
mStatus.setText(R.string.cert_verify_ok);
mStatus.setTextColor(getResources().getColor(R.color.result_green));
} else {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java
deleted file mode 100644
index 601fc09f9..000000000
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/WizardActivity.java
+++ /dev/null
@@ -1,466 +0,0 @@
-/*
- * Copyright (C) 2014 Dominik Schürmann
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see .
- */
-
-package org.sufficientlysecure.keychain.ui;
-
-import android.app.Activity;
-import android.content.ActivityNotFoundException;
-import android.content.Context;
-import android.content.Intent;
-import android.net.Uri;
-import android.os.AsyncTask;
-import android.os.Bundle;
-import android.support.v4.app.Fragment;
-import android.support.v4.app.FragmentManager;
-import android.support.v4.app.FragmentTransaction;
-import android.support.v7.app.ActionBarActivity;
-import android.text.Editable;
-import android.text.TextWatcher;
-import android.util.Patterns;
-import android.view.LayoutInflater;
-import android.view.View;
-import android.view.ViewGroup;
-import android.view.inputmethod.InputMethodManager;
-import android.widget.ArrayAdapter;
-import android.widget.AutoCompleteTextView;
-import android.widget.Button;
-import android.widget.EditText;
-import android.widget.ImageView;
-import android.widget.LinearLayout;
-import android.widget.ProgressBar;
-import android.widget.RadioGroup;
-import android.widget.TextView;
-
-import org.sufficientlysecure.htmltextview.HtmlTextView;
-import org.sufficientlysecure.keychain.Constants;
-import org.sufficientlysecure.keychain.R;
-import org.sufficientlysecure.keychain.helper.ContactHelper;
-import org.sufficientlysecure.keychain.util.Log;
-
-import java.util.regex.Matcher;
-
-
-public class WizardActivity extends ActionBarActivity {
-
- private State mCurrentState;
-
- // values for mCurrentScreen
- private enum State {
- START, CREATE_KEY, IMPORT_KEY, K9
- }
-
- public static final int REQUEST_CODE_IMPORT = 0x00007703;
-
- Button mBackButton;
- Button mNextButton;
- StartFragment mStartFragment;
- CreateKeyFragment mCreateKeyFragment;
- K9Fragment mK9Fragment;
-
- private static final String K9_PACKAGE = "com.fsck.k9";
- // private static final String K9_MARKET_INTENT_URI_BASE = "market://details?id=%s";
-// private static final Intent K9_MARKET_INTENT = new Intent(Intent.ACTION_VIEW, Uri.parse(
-// String.format(K9_MARKET_INTENT_URI_BASE, K9_PACKAGE)));
- private static final Intent K9_MARKET_INTENT = new Intent(Intent.ACTION_VIEW, Uri.parse("https://github.com/k9mail/k-9/releases/tag/4.904"));
-
- LinearLayout mProgressLayout;
- View mProgressLine;
- ProgressBar mProgressBar;
- ImageView mProgressImage;
- TextView mProgressText;
-
- /**
- * Checks if text of given EditText is not empty. If it is empty an error is
- * set and the EditText gets the focus.
- *
- * @param context
- * @param editText
- * @return true if EditText is not empty
- */
- private static boolean isEditTextNotEmpty(Context context, EditText editText) {
- boolean output = true;
- if (editText.getText().toString().length() == 0) {
- editText.setError("empty!");
- editText.requestFocus();
- output = false;
- } else {
- editText.setError(null);
- }
-
- return output;
- }
-
- public static class StartFragment extends Fragment {
- public static StartFragment newInstance() {
- StartFragment myFragment = new StartFragment();
-
- Bundle args = new Bundle();
- myFragment.setArguments(args);
-
- return myFragment;
- }
-
- @Override
- public View onCreateView(LayoutInflater inflater, ViewGroup container,
- Bundle savedInstanceState) {
- return inflater.inflate(R.layout.wizard_start_fragment,
- container, false);
- }
- }
-
- public static class CreateKeyFragment extends Fragment {
- public static CreateKeyFragment newInstance() {
- CreateKeyFragment myFragment = new CreateKeyFragment();
-
- Bundle args = new Bundle();
- myFragment.setArguments(args);
-
- return myFragment;
- }
-
- @Override
- public View onCreateView(LayoutInflater inflater, ViewGroup container,
- Bundle savedInstanceState) {
- View view = inflater.inflate(R.layout.wizard_create_key_fragment,
- container, false);
-
- final AutoCompleteTextView emailView = (AutoCompleteTextView) view.findViewById(R.id.email);
- emailView.setThreshold(1); // Start working from first character
- emailView.setAdapter(
- new ArrayAdapter
- (getActivity(), android.R.layout.simple_spinner_dropdown_item,
- ContactHelper.getPossibleUserEmails(getActivity())
- )
- );
- emailView.addTextChangedListener(new TextWatcher() {
- @Override
- public void beforeTextChanged(CharSequence charSequence, int i, int i2, int i3) {
- }
-
- @Override
- public void onTextChanged(CharSequence charSequence, int i, int i2, int i3) {
- }
-
- @Override
- public void afterTextChanged(Editable editable) {
- String email = editable.toString();
- if (email.length() > 0) {
- Matcher emailMatcher = Patterns.EMAIL_ADDRESS.matcher(email);
- if (emailMatcher.matches()) {
- emailView.setCompoundDrawablesWithIntrinsicBounds(0, 0,
- R.drawable.uid_mail_ok, 0);
- } else {
- emailView.setCompoundDrawablesWithIntrinsicBounds(0, 0,
- R.drawable.uid_mail_bad, 0);
- }
- } else {
- // remove drawable if email is empty
- emailView.setCompoundDrawablesWithIntrinsicBounds(0, 0, 0, 0);
- }
- }
- });
- final AutoCompleteTextView nameView = (AutoCompleteTextView) view.findViewById(R.id.name);
- nameView.setThreshold(1); // Start working from first character
- nameView.setAdapter(
- new ArrayAdapter
- (getActivity(), android.R.layout.simple_spinner_dropdown_item,
- ContactHelper.getPossibleUserNames(getActivity())
- )
- );
- return view;
- }
- }
-
- public static class K9Fragment extends Fragment {
- public static K9Fragment newInstance() {
- K9Fragment myFragment = new K9Fragment();
-
- Bundle args = new Bundle();
- myFragment.setArguments(args);
-
- return myFragment;
- }
-
- @Override
- public View onCreateView(LayoutInflater inflater, ViewGroup container,
- Bundle savedInstanceState) {
- View v = inflater.inflate(R.layout.wizard_k9_fragment,
- container, false);
-
- HtmlTextView text = (HtmlTextView) v
- .findViewById(R.id.wizard_k9_text);
- text.setHtmlFromString("Install K9. It's good for you! Here is a screenhot how to enable OK in K9: (TODO)", true);
-
- return v;
- }
-
- }
-
- /**
- * Loads new fragment
- *
- * @param fragment
- */
- private void loadFragment(Fragment fragment) {
- FragmentManager fragmentManager = getSupportFragmentManager();
- FragmentTransaction fragmentTransaction = fragmentManager
- .beginTransaction();
- fragmentTransaction.replace(R.id.wizard_container,
- fragment);
- fragmentTransaction.commit();
- }
-
- /**
- * Instantiate View and initialize fragments for this Activity
- */
- @Override
- protected void onCreate(Bundle savedInstanceState) {
- super.onCreate(savedInstanceState);
-
- setContentView(R.layout.wizard_activity);
- mBackButton = (Button) findViewById(R.id.wizard_back);
- mNextButton = (Button) findViewById(R.id.wizard_next);
-
- // progress layout
- mProgressLayout = (LinearLayout) findViewById(R.id.wizard_progress);
- mProgressLine = findViewById(R.id.wizard_progress_line);
- mProgressBar = (ProgressBar) findViewById(R.id.wizard_progress_progressbar);
- mProgressImage = (ImageView) findViewById(R.id.wizard_progress_image);
- mProgressText = (TextView) findViewById(R.id.wizard_progress_text);
-
- changeToState(State.START);
- }
-
- private enum ProgressState {
- WORKING, ENABLED, DISABLED, ERROR
- }
-
- private void showProgress(ProgressState state, String text) {
- switch (state) {
- case WORKING:
- mProgressBar.setVisibility(View.VISIBLE);
- mProgressImage.setVisibility(View.GONE);
- break;
- case ENABLED:
- mProgressBar.setVisibility(View.GONE);
- mProgressImage.setVisibility(View.VISIBLE);
-// mProgressImage.setImageDrawable(getResources().getDrawable(
-// R.drawable.status_enabled));
- break;
- case DISABLED:
- mProgressBar.setVisibility(View.GONE);
- mProgressImage.setVisibility(View.VISIBLE);
-// mProgressImage.setImageDrawable(getResources().getDrawable(
-// R.drawable.status_disabled));
- break;
- case ERROR:
- mProgressBar.setVisibility(View.GONE);
- mProgressImage.setVisibility(View.VISIBLE);
-// mProgressImage.setImageDrawable(getResources().getDrawable(
-// R.drawable.status_fail));
- break;
-
- default:
- break;
- }
- mProgressText.setText(text);
-
- mProgressLine.setVisibility(View.VISIBLE);
- mProgressLayout.setVisibility(View.VISIBLE);
- }
-
- private void hideProgress() {
- mProgressLine.setVisibility(View.GONE);
- mProgressLayout.setVisibility(View.GONE);
- }
-
- public void nextOnClick(View view) {
- // close keyboard
- if (getCurrentFocus() != null) {
- InputMethodManager inputManager = (InputMethodManager) getSystemService(Context.INPUT_METHOD_SERVICE);
- inputManager.hideSoftInputFromWindow(getCurrentFocus()
- .getWindowToken(), InputMethodManager.HIDE_NOT_ALWAYS);
- }
-
- switch (mCurrentState) {
- case START: {
- RadioGroup radioGroup = (RadioGroup) findViewById(R.id.wizard_start_radio_group);
- int selectedId = radioGroup.getCheckedRadioButtonId();
- switch (selectedId) {
- case R.id.wizard_start_new_key: {
- changeToState(State.CREATE_KEY);
- break;
- }
- case R.id.wizard_start_import: {
- changeToState(State.IMPORT_KEY);
- break;
- }
- case R.id.wizard_start_skip: {
- finish();
- break;
- }
- }
-
- mBackButton.setText(R.string.btn_back);
- break;
- }
- case CREATE_KEY:
- EditText nameEdit = (EditText) findViewById(R.id.name);
- EditText emailEdit = (EditText) findViewById(R.id.email);
- EditText passphraseEdit = (EditText) findViewById(R.id.passphrase);
-
- if (isEditTextNotEmpty(this, nameEdit)
- && isEditTextNotEmpty(this, emailEdit)
- && isEditTextNotEmpty(this, passphraseEdit)) {
-
-// SaveKeyringParcel newKey = new SaveKeyringParcel();
-// newKey.addUserIds.add(nameEdit.getText().toString() + " <"
-// + emailEdit.getText().toString() + ">");
-
-
- AsyncTask generateTask = new AsyncTask() {
-
- @Override
- protected void onPreExecute() {
- super.onPreExecute();
-
- showProgress(ProgressState.WORKING, "generating key...");
- }
-
- @Override
- protected Boolean doInBackground(String... params) {
- return true;
- }
-
- @Override
- protected void onPostExecute(Boolean result) {
- super.onPostExecute(result);
-
- if (result) {
- showProgress(ProgressState.ENABLED, "key generated successfully!");
-
- changeToState(State.K9);
- } else {
- showProgress(ProgressState.ERROR, "error in key gen");
- }
- }
-
- };
-
- generateTask.execute("");
- }
- break;
- case K9: {
- RadioGroup radioGroup = (RadioGroup) findViewById(R.id.wizard_k9_radio_group);
- int selectedId = radioGroup.getCheckedRadioButtonId();
- switch (selectedId) {
- case R.id.wizard_k9_install: {
- try {
- startActivity(K9_MARKET_INTENT);
- } catch (ActivityNotFoundException e) {
- Log.e(Constants.TAG, "Activity not found for: " + K9_MARKET_INTENT);
- }
- break;
- }
- case R.id.wizard_k9_skip: {
- finish();
- break;
- }
- }
-
- finish();
- break;
- }
- default:
- break;
- }
- }
-
- @Override
- protected void onActivityResult(int requestCode, int resultCode, Intent data) {
- super.onActivityResult(requestCode, resultCode, data);
- switch (requestCode) {
- case REQUEST_CODE_IMPORT: {
- if (resultCode == Activity.RESULT_OK) {
- // imported now...
- changeToState(State.K9);
- } else {
- // back to start
- changeToState(State.START);
- }
- break;
- }
-
- default: {
- super.onActivityResult(requestCode, resultCode, data);
-
- break;
- }
- }
- }
-
- public void backOnClick(View view) {
- switch (mCurrentState) {
- case START:
- finish();
- break;
- case CREATE_KEY:
- changeToState(State.START);
- break;
- case IMPORT_KEY:
- changeToState(State.START);
- break;
- default:
- changeToState(State.START);
- break;
- }
- }
-
- private void changeToState(State state) {
- switch (state) {
- case START: {
- mCurrentState = State.START;
- mStartFragment = StartFragment.newInstance();
- loadFragment(mStartFragment);
- mBackButton.setText(android.R.string.cancel);
- mNextButton.setText(R.string.btn_next);
- break;
- }
- case CREATE_KEY: {
- mCurrentState = State.CREATE_KEY;
- mCreateKeyFragment = CreateKeyFragment.newInstance();
- loadFragment(mCreateKeyFragment);
- break;
- }
- case IMPORT_KEY: {
- mCurrentState = State.IMPORT_KEY;
- Intent intent = new Intent(this, ImportKeysActivity.class);
- intent.setAction(ImportKeysActivity.ACTION_IMPORT_KEY_FROM_FILE_AND_RETURN);
- startActivityForResult(intent, REQUEST_CODE_IMPORT);
- break;
- }
- case K9: {
- mCurrentState = State.K9;
- mBackButton.setEnabled(false); // don't go back to import/create key
- mK9Fragment = K9Fragment.newInstance();
- loadFragment(mK9Fragment);
- break;
- }
- }
- }
-
-}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java
index 02b1f31e2..e5dbebe01 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/SubkeysAdapter.java
@@ -32,14 +32,15 @@ import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.helper.OtherHelper;
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
import org.sufficientlysecure.keychain.provider.KeychainContract.Keys;
+import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
import java.util.Date;
public class SubkeysAdapter extends CursorAdapter {
private LayoutInflater mInflater;
+ private SaveKeyringParcel mSaveKeyringParcel;
private boolean hasAnySecret;
-
private ColorStateList mDefaultTextColor;
public static final String[] SUBKEYS_PROJECTION = new String[]{
@@ -71,10 +72,21 @@ public class SubkeysAdapter extends CursorAdapter {
private static final int INDEX_EXPIRY = 11;
private static final int INDEX_FINGERPRINT = 12;
- public SubkeysAdapter(Context context, Cursor c, int flags) {
+ public SubkeysAdapter(Context context, Cursor c, int flags,
+ SaveKeyringParcel saveKeyringParcel) {
super(context, c, flags);
mInflater = LayoutInflater.from(context);
+ mSaveKeyringParcel = saveKeyringParcel;
+ }
+
+ public SubkeysAdapter(Context context, Cursor c, int flags) {
+ this(context, c, flags, null);
+ }
+
+ public long getKeyId(int position) {
+ mCursor.moveToPosition(position);
+ return mCursor.getLong(INDEX_KEY_ID);
}
@Override
@@ -94,79 +106,94 @@ public class SubkeysAdapter extends CursorAdapter {
@Override
public void bindView(View view, Context context, Cursor cursor) {
- TextView keyId = (TextView) view.findViewById(R.id.keyId);
- TextView keyDetails = (TextView) view.findViewById(R.id.keyDetails);
- TextView keyExpiry = (TextView) view.findViewById(R.id.keyExpiry);
- ImageView masterKeyIcon = (ImageView) view.findViewById(R.id.ic_masterKey);
- ImageView certifyIcon = (ImageView) view.findViewById(R.id.ic_certifyKey);
- ImageView encryptIcon = (ImageView) view.findViewById(R.id.ic_encryptKey);
- ImageView signIcon = (ImageView) view.findViewById(R.id.ic_signKey);
- ImageView revokedKeyIcon = (ImageView) view.findViewById(R.id.ic_revokedKey);
+ TextView vKeyId = (TextView) view.findViewById(R.id.keyId);
+ TextView vKeyDetails = (TextView) view.findViewById(R.id.keyDetails);
+ TextView vKeyExpiry = (TextView) view.findViewById(R.id.keyExpiry);
+ ImageView vMasterKeyIcon = (ImageView) view.findViewById(R.id.ic_masterKey);
+ ImageView vCertifyIcon = (ImageView) view.findViewById(R.id.ic_certifyKey);
+ ImageView vEncryptIcon = (ImageView) view.findViewById(R.id.ic_encryptKey);
+ ImageView vSignIcon = (ImageView) view.findViewById(R.id.ic_signKey);
+ ImageView vRevokedKeyIcon = (ImageView) view.findViewById(R.id.ic_revokedKey);
+ ImageView vEditImage = (ImageView) view.findViewById(R.id.edit_image);
- String keyIdStr = PgpKeyHelper.convertKeyIdToHex(cursor.getLong(INDEX_KEY_ID));
+ long keyId = cursor.getLong(INDEX_KEY_ID);
+ String keyIdStr = PgpKeyHelper.convertKeyIdToHex(keyId);
String algorithmStr = PgpKeyHelper.getAlgorithmInfo(
context,
cursor.getInt(INDEX_ALGORITHM),
cursor.getInt(INDEX_KEY_SIZE)
);
- keyId.setText(keyIdStr);
+ vKeyId.setText(keyIdStr);
// may be set with additional "stripped" later on
if (hasAnySecret && cursor.getInt(INDEX_HAS_SECRET) == 0) {
- keyDetails.setText(algorithmStr + ", " +
+ vKeyDetails.setText(algorithmStr + ", " +
context.getString(R.string.key_stripped));
} else {
- keyDetails.setText(algorithmStr);
+ vKeyDetails.setText(algorithmStr);
}
// Set icons according to properties
- masterKeyIcon.setVisibility(cursor.getInt(INDEX_RANK) == 0 ? View.VISIBLE : View.INVISIBLE);
- certifyIcon.setVisibility(cursor.getInt(INDEX_CAN_CERTIFY) != 0 ? View.VISIBLE : View.GONE);
- encryptIcon.setVisibility(cursor.getInt(INDEX_CAN_ENCRYPT) != 0 ? View.VISIBLE : View.GONE);
- signIcon.setVisibility(cursor.getInt(INDEX_CAN_SIGN) != 0 ? View.VISIBLE : View.GONE);
+ vMasterKeyIcon.setVisibility(cursor.getInt(INDEX_RANK) == 0 ? View.VISIBLE : View.INVISIBLE);
+ vCertifyIcon.setVisibility(cursor.getInt(INDEX_CAN_CERTIFY) != 0 ? View.VISIBLE : View.GONE);
+ vEncryptIcon.setVisibility(cursor.getInt(INDEX_CAN_ENCRYPT) != 0 ? View.VISIBLE : View.GONE);
+ vSignIcon.setVisibility(cursor.getInt(INDEX_CAN_SIGN) != 0 ? View.VISIBLE : View.GONE);
- boolean valid = true;
- if (cursor.getInt(INDEX_IS_REVOKED) > 0) {
- revokedKeyIcon.setVisibility(View.VISIBLE);
+ boolean isRevoked = cursor.getInt(INDEX_IS_REVOKED) > 0;
- valid = false;
+ // for edit key
+ if (mSaveKeyringParcel != null) {
+ boolean revokeThisSubkey = (mSaveKeyringParcel.mRevokeSubKeys.contains(keyId));
+
+ if (revokeThisSubkey) {
+ if (!isRevoked) {
+ isRevoked = true;
+ }
+ }
+
+ vEditImage.setVisibility(View.VISIBLE);
} else {
- keyId.setTextColor(mDefaultTextColor);
- keyDetails.setTextColor(mDefaultTextColor);
- keyExpiry.setTextColor(mDefaultTextColor);
-
- revokedKeyIcon.setVisibility(View.GONE);
+ vEditImage.setVisibility(View.GONE);
}
+ if (isRevoked) {
+ vRevokedKeyIcon.setVisibility(View.VISIBLE);
+ } else {
+ vKeyId.setTextColor(mDefaultTextColor);
+ vKeyDetails.setTextColor(mDefaultTextColor);
+ vKeyExpiry.setTextColor(mDefaultTextColor);
+
+ vRevokedKeyIcon.setVisibility(View.GONE);
+ }
+
+ boolean isExpired;
if (!cursor.isNull(INDEX_EXPIRY)) {
Date expiryDate = new Date(cursor.getLong(INDEX_EXPIRY) * 1000);
+ isExpired = expiryDate.before(new Date());
- valid = valid && expiryDate.after(new Date());
- keyExpiry.setText(
- context.getString(R.string.label_expiry) + ": " +
- DateFormat.getDateFormat(context).format(expiryDate)
- );
+ vKeyExpiry.setText(context.getString(R.string.label_expiry) + ": "
+ + DateFormat.getDateFormat(context).format(expiryDate));
} else {
- keyExpiry.setText(
- context.getString(R.string.label_expiry) + ": " +
- context.getString(R.string.none)
- );
+ isExpired = false;
+
+ vKeyExpiry.setText(context.getString(R.string.label_expiry) + ": " + context.getString(R.string.none));
}
// if key is expired or revoked, strike through text
- if (!valid) {
- keyId.setText(OtherHelper.strikeOutText(keyId.getText()));
- keyDetails.setText(OtherHelper.strikeOutText(keyDetails.getText()));
- keyExpiry.setText(OtherHelper.strikeOutText(keyExpiry.getText()));
+ boolean isInvalid = isRevoked || isExpired;
+ if (isInvalid) {
+ vKeyId.setText(OtherHelper.strikeOutText(vKeyId.getText()));
+ vKeyDetails.setText(OtherHelper.strikeOutText(vKeyDetails.getText()));
+ vKeyExpiry.setText(OtherHelper.strikeOutText(vKeyExpiry.getText()));
}
- keyId.setEnabled(valid);
- keyDetails.setEnabled(valid);
- keyExpiry.setEnabled(valid);
+ vKeyId.setEnabled(!isInvalid);
+ vKeyDetails.setEnabled(!isInvalid);
+ vKeyExpiry.setEnabled(!isInvalid);
}
@Override
public View newView(Context context, Cursor cursor, ViewGroup parent) {
- View view = mInflater.inflate(R.layout.view_key_keys_item, null);
+ View view = mInflater.inflate(R.layout.view_key_subkey_item, null);
if (mDefaultTextColor == null) {
TextView keyId = (TextView) view.findViewById(R.id.keyId);
mDefaultTextColor = keyId.getTextColors();
@@ -177,13 +204,21 @@ public class SubkeysAdapter extends CursorAdapter {
// Disable selection of items, http://stackoverflow.com/a/4075045
@Override
public boolean areAllItemsEnabled() {
- return false;
+ if (mSaveKeyringParcel == null) {
+ return false;
+ } else {
+ return super.areAllItemsEnabled();
+ }
}
// Disable selection of items, http://stackoverflow.com/a/4075045
@Override
public boolean isEnabled(int position) {
- return false;
+ if (mSaveKeyringParcel == null) {
+ return false;
+ } else {
+ return super.isEnabled(position);
+ }
}
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java
index d729648e5..18312660a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/UserIdsAdapter.java
@@ -40,9 +40,7 @@ import java.util.ArrayList;
public class UserIdsAdapter extends CursorAdapter implements AdapterView.OnItemClickListener {
private LayoutInflater mInflater;
-
private final ArrayList mCheckStates;
-
private SaveKeyringParcel mSaveKeyringParcel;
public static final String[] USER_IDS_PROJECTION = new String[]{
@@ -60,7 +58,6 @@ public class UserIdsAdapter extends CursorAdapter implements AdapterView.OnItemC
private static final int INDEX_IS_PRIMARY = 4;
private static final int INDEX_IS_REVOKED = 5;
-
public UserIdsAdapter(Context context, Cursor c, int flags, boolean showCheckBoxes,
SaveKeyringParcel saveKeyringParcel) {
super(context, c, flags);
@@ -134,15 +131,18 @@ public class UserIdsAdapter extends CursorAdapter implements AdapterView.OnItemC
// for edit key
if (mSaveKeyringParcel != null) {
- boolean changeAnyPrimaryUserId = (mSaveKeyringParcel.changePrimaryUserId != null);
- boolean changeThisPrimaryUserId = (mSaveKeyringParcel.changePrimaryUserId != null
- && mSaveKeyringParcel.changePrimaryUserId.equals(userId));
- boolean revokeThisUserId = (mSaveKeyringParcel.revokeUserIds.contains(userId));
+ boolean changeAnyPrimaryUserId = (mSaveKeyringParcel.mChangePrimaryUserId != null);
+ boolean changeThisPrimaryUserId = (mSaveKeyringParcel.mChangePrimaryUserId != null
+ && mSaveKeyringParcel.mChangePrimaryUserId.equals(userId));
+ boolean revokeThisUserId = (mSaveKeyringParcel.mRevokeUserIds.contains(userId));
+ // only if primary user id will be changed
+ // (this is not triggered if the user id is currently the primary one)
if (changeAnyPrimaryUserId) {
- // change all user ids, only this one should be primary
+ // change _all_ primary user ids and set new one to true
isPrimary = changeThisPrimaryUserId;
}
+
if (revokeThisUserId) {
if (!isRevoked) {
isRevoked = true;
@@ -233,7 +233,7 @@ public class UserIdsAdapter extends CursorAdapter implements AdapterView.OnItemC
@Override
public View newView(Context context, Cursor cursor, ViewGroup parent) {
- View view = mInflater.inflate(R.layout.view_key_userids_item, null);
+ View view = mInflater.inflate(R.layout.view_key_user_id_item, null);
// only need to do this once ever, since mShowCheckBoxes is final
view.findViewById(R.id.checkBox).setVisibility(mCheckStates != null ? View.VISIBLE : View.GONE);
return view;
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/ChangeExpiryDialogFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/ChangeExpiryDialogFragment.java
new file mode 100644
index 000000000..d5354a9f6
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/ChangeExpiryDialogFragment.java
@@ -0,0 +1,187 @@
+/*
+ * Copyright (C) 2014 Dominik Schürmann
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.ui.dialog;
+
+import android.app.DatePickerDialog;
+import android.app.Dialog;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.os.Bundle;
+import android.os.Message;
+import android.os.Messenger;
+import android.os.RemoteException;
+import android.support.v4.app.DialogFragment;
+import android.text.format.DateUtils;
+import android.widget.DatePicker;
+
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.util.Log;
+
+import java.util.Calendar;
+import java.util.Date;
+import java.util.GregorianCalendar;
+import java.util.TimeZone;
+
+public class ChangeExpiryDialogFragment extends DialogFragment {
+ private static final String ARG_MESSENGER = "messenger";
+ private static final String ARG_CREATION_DATE = "creation_date";
+ private static final String ARG_EXPIRY_DATE = "expiry_date";
+
+ public static final int MESSAGE_NEW_EXPIRY_DATE = 1;
+ public static final String MESSAGE_DATA_EXPIRY_DATE = "expiry_date";
+
+ private Messenger mMessenger;
+ private Calendar mCreationCal;
+ private Calendar mExpiryCal;
+
+ private int mDatePickerResultCount = 0;
+ private DatePickerDialog.OnDateSetListener mExpiryDateSetListener =
+ new DatePickerDialog.OnDateSetListener() {
+ public void onDateSet(DatePicker view, int year, int monthOfYear, int dayOfMonth) {
+ // Note: Ignore results after the first one - android sends multiples.
+ if (mDatePickerResultCount++ == 0) {
+ Calendar selectedCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
+ selectedCal.set(year, monthOfYear, dayOfMonth);
+ if (mExpiryCal != null) {
+ long numDays = (selectedCal.getTimeInMillis() / 86400000)
+ - (mExpiryCal.getTimeInMillis() / 86400000);
+ if (numDays > 0) {
+ Bundle data = new Bundle();
+ data.putSerializable(MESSAGE_DATA_EXPIRY_DATE, selectedCal.getTime());
+ sendMessageToHandler(MESSAGE_NEW_EXPIRY_DATE, data);
+ }
+ } else {
+ Bundle data = new Bundle();
+ data.putSerializable(MESSAGE_DATA_EXPIRY_DATE, selectedCal.getTime());
+ sendMessageToHandler(MESSAGE_NEW_EXPIRY_DATE, data);
+ }
+ }
+ }
+ };
+
+ public class ExpiryDatePickerDialog extends DatePickerDialog {
+
+ public ExpiryDatePickerDialog(Context context, OnDateSetListener callBack,
+ int year, int monthOfYear, int dayOfMonth) {
+ super(context, callBack, year, monthOfYear, dayOfMonth);
+ }
+
+ // set permanent title
+ public void setTitle(CharSequence title) {
+ super.setTitle(getContext().getString(R.string.expiry_date_dialog_title));
+ }
+ }
+
+ /**
+ * Creates new instance of this dialog fragment
+ */
+ public static ChangeExpiryDialogFragment newInstance(Messenger messenger,
+ Date creationDate, Date expiryDate) {
+ ChangeExpiryDialogFragment frag = new ChangeExpiryDialogFragment();
+ Bundle args = new Bundle();
+ args.putParcelable(ARG_MESSENGER, messenger);
+ args.putSerializable(ARG_CREATION_DATE, creationDate);
+ args.putSerializable(ARG_EXPIRY_DATE, expiryDate);
+
+ frag.setArguments(args);
+
+ return frag;
+ }
+
+ /**
+ * Creates dialog
+ */
+ @Override
+ public Dialog onCreateDialog(Bundle savedInstanceState) {
+ mMessenger = getArguments().getParcelable(ARG_MESSENGER);
+ Date creationDate = (Date) getArguments().getSerializable(ARG_CREATION_DATE);
+ Date expiryDate = (Date) getArguments().getSerializable(ARG_EXPIRY_DATE);
+
+ mCreationCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
+ mCreationCal.setTime(creationDate);
+ mExpiryCal = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
+ mExpiryCal.setTime(expiryDate);
+
+ /*
+ * Using custom DatePickerDialog which overrides the setTitle because
+ * the DatePickerDialog title is buggy (unix warparound bug).
+ * See: https://code.google.com/p/android/issues/detail?id=49066
+ */
+ DatePickerDialog dialog = new ExpiryDatePickerDialog(getActivity(),
+ mExpiryDateSetListener, mExpiryCal.get(Calendar.YEAR), mExpiryCal.get(Calendar.MONTH),
+ mExpiryCal.get(Calendar.DAY_OF_MONTH));
+ mDatePickerResultCount = 0;
+ dialog.setCancelable(true);
+ dialog.setButton(Dialog.BUTTON_NEGATIVE,
+ getActivity().getString(R.string.btn_no_date),
+ new DialogInterface.OnClickListener() {
+ public void onClick(DialogInterface dialog, int which) {
+ // Note: Ignore results after the first one - android sends multiples.
+ if (mDatePickerResultCount++ == 0) {
+ // none expiry dates corresponds to a null message
+ Bundle data = new Bundle();
+ data.putSerializable(MESSAGE_DATA_EXPIRY_DATE, null);
+ sendMessageToHandler(MESSAGE_NEW_EXPIRY_DATE, data);
+ }
+ }
+ }
+ );
+
+ // setCalendarViewShown() is supported from API 11 onwards.
+ if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.HONEYCOMB) {
+ // Hide calendarView in tablets because of the unix warparound bug.
+ dialog.getDatePicker().setCalendarViewShown(false);
+ }
+ if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.HONEYCOMB) {
+ // will crash with IllegalArgumentException if we set a min date
+ // that is not before expiry
+ if (mCreationCal != null && mCreationCal.before(mExpiryCal)) {
+ dialog.getDatePicker().setMinDate(mCreationCal.getTime().getTime()
+ + DateUtils.DAY_IN_MILLIS);
+ } else {
+ // When created date isn't available
+ dialog.getDatePicker().setMinDate(mExpiryCal.getTime().getTime()
+ + DateUtils.DAY_IN_MILLIS);
+ }
+ }
+
+ return dialog;
+ }
+
+ /**
+ * Send message back to handler which is initialized in a activity
+ *
+ * @param what Message integer you want to send
+ */
+ private void sendMessageToHandler(Integer what, Bundle data) {
+ Message msg = Message.obtain();
+ msg.what = what;
+ if (data != null) {
+ msg.setData(data);
+ }
+
+ try {
+ mMessenger.send(msg);
+ } catch (RemoteException e) {
+ Log.w(Constants.TAG, "Exception sending message, Is handler present?", e);
+ } catch (NullPointerException e) {
+ Log.w(Constants.TAG, "Messenger is null!", e);
+ }
+ }
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/EditSubkeyDialogFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/EditSubkeyDialogFragment.java
new file mode 100644
index 000000000..9fef88a78
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/EditSubkeyDialogFragment.java
@@ -0,0 +1,110 @@
+/*
+ * Copyright (C) 2014 Dominik Schürmann
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+package org.sufficientlysecure.keychain.ui.dialog;
+
+import android.app.Dialog;
+import android.content.DialogInterface;
+import android.os.Bundle;
+import android.os.Message;
+import android.os.Messenger;
+import android.os.RemoteException;
+import android.support.v4.app.DialogFragment;
+
+import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.util.Log;
+
+public class EditSubkeyDialogFragment extends DialogFragment {
+ private static final String ARG_MESSENGER = "messenger";
+
+ public static final int MESSAGE_CHANGE_EXPIRY = 1;
+ public static final int MESSAGE_REVOKE = 2;
+
+ private Messenger mMessenger;
+
+ /**
+ * Creates new instance of this dialog fragment
+ */
+ public static EditSubkeyDialogFragment newInstance(Messenger messenger) {
+ EditSubkeyDialogFragment frag = new EditSubkeyDialogFragment();
+ Bundle args = new Bundle();
+ args.putParcelable(ARG_MESSENGER, messenger);
+
+ frag.setArguments(args);
+
+ return frag;
+ }
+
+ /**
+ * Creates dialog
+ */
+ @Override
+ public Dialog onCreateDialog(Bundle savedInstanceState) {
+ mMessenger = getArguments().getParcelable(ARG_MESSENGER);
+
+ CustomAlertDialogBuilder builder = new CustomAlertDialogBuilder(getActivity());
+ CharSequence[] array = getResources().getStringArray(R.array.edit_key_edit_subkey);
+
+ builder.setTitle(R.string.edit_key_edit_subkey_title);
+ builder.setItems(array, new DialogInterface.OnClickListener() {
+
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ switch (which) {
+ case 0:
+ sendMessageToHandler(MESSAGE_CHANGE_EXPIRY, null);
+ break;
+ case 1:
+ sendMessageToHandler(MESSAGE_REVOKE, null);
+ break;
+ default:
+ break;
+ }
+ }
+ });
+ builder.setNegativeButton(android.R.string.cancel, new DialogInterface.OnClickListener() {
+ @Override
+ public void onClick(DialogInterface dialog, int id) {
+ dismiss();
+ }
+ });
+
+ return builder.show();
+ }
+
+ /**
+ * Send message back to handler which is initialized in a activity
+ *
+ * @param what Message integer you want to send
+ */
+ private void sendMessageToHandler(Integer what, Bundle data) {
+ Message msg = Message.obtain();
+ msg.what = what;
+ if (data != null) {
+ msg.setData(data);
+ }
+
+ try {
+ mMessenger.send(msg);
+ } catch (RemoteException e) {
+ Log.w(Constants.TAG, "Exception sending message, Is handler present?", e);
+ } catch (NullPointerException e) {
+ Log.w(Constants.TAG, "Messenger is null!", e);
+ }
+ }
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/PassphraseDialogFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/PassphraseDialogFragment.java
index 59e4d8dee..d723f88af 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/PassphraseDialogFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/PassphraseDialogFragment.java
@@ -152,7 +152,7 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
// above can't be statically verified to have been set in all cases because
// the catch clause doesn't return.
try {
- userId = secretRing.getPrimaryUserId();
+ userId = secretRing.getPrimaryUserIdWithFallback();
} catch (PgpGeneralException e) {
userId = null;
}
@@ -189,7 +189,8 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
// Early breakout if we are dealing with a symmetric key
if (secretRing == null) {
- PassphraseCacheService.addCachedPassphrase(activity, Constants.key.symmetric, passphrase);
+ PassphraseCacheService.addCachedPassphrase(activity, Constants.key.symmetric,
+ passphrase, getString(R.string.passp_cache_notif_pwd));
// also return passphrase back to activity
Bundle data = new Bundle();
data.putString(MESSAGE_DATA_PASSPHRASE, passphrase);
@@ -228,10 +229,18 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
// cache the new passphrase
Log.d(Constants.TAG, "Everything okay! Caching entered passphrase");
- PassphraseCacheService.addCachedPassphrase(activity, masterKeyId, passphrase);
+
+ try {
+ PassphraseCacheService.addCachedPassphrase(activity, masterKeyId, passphrase,
+ secretRing.getPrimaryUserIdWithFallback());
+ } catch(PgpGeneralException e) {
+ Log.e(Constants.TAG, "adding of a passhrase failed", e);
+ }
+
if (unlockedSecretKey.getKeyId() != masterKeyId) {
PassphraseCacheService.addCachedPassphrase(
- activity, unlockedSecretKey.getKeyId(), passphrase);
+ activity, unlockedSecretKey.getKeyId(), passphrase,
+ unlockedSecretKey.getPrimaryUserIdWithFallback());
}
// also return passphrase back to activity
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ProgressScaler.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ProgressScaler.java
index 5553ea5d2..869eea03f 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ProgressScaler.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/ProgressScaler.java
@@ -39,15 +39,21 @@ public class ProgressScaler implements Progressable {
* Set progress of ProgressDialog by sending message to handler on UI thread
*/
public void setProgress(String message, int progress, int max) {
- mWrapped.setProgress(message, mFrom + progress * (mTo - mFrom) / max, mMax);
+ if (mWrapped != null) {
+ mWrapped.setProgress(message, mFrom + progress * (mTo - mFrom) / max, mMax);
+ }
}
public void setProgress(int resourceId, int progress, int max) {
- mWrapped.setProgress(resourceId, progress, mMax);
+ if (mWrapped != null) {
+ mWrapped.setProgress(resourceId, progress, mMax);
+ }
}
public void setProgress(int progress, int max) {
- mWrapped.setProgress(progress, max);
+ if (mWrapped != null) {
+ mWrapped.setProgress(progress, max);
+ }
}
}
diff --git a/OpenKeychain/src/main/res/drawable/first_time_1.png b/OpenKeychain/src/main/res/drawable/first_time_1.png
new file mode 100644
index 000000000..1f340df5c
Binary files /dev/null and b/OpenKeychain/src/main/res/drawable/first_time_1.png differ
diff --git a/OpenKeychain/src/main/res/layout/wizard_create_key_fragment.xml b/OpenKeychain/src/main/res/layout/create_key_activity.xml
similarity index 74%
rename from OpenKeychain/src/main/res/layout/wizard_create_key_fragment.xml
rename to OpenKeychain/src/main/res/layout/create_key_activity.xml
index 258ea7223..673f43084 100644
--- a/OpenKeychain/src/main/res/layout/wizard_create_key_fragment.xml
+++ b/OpenKeychain/src/main/res/layout/create_key_activity.xml
@@ -2,6 +2,7 @@
+
+
+
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/layout/first_time_activity.xml b/OpenKeychain/src/main/res/layout/first_time_activity.xml
new file mode 100644
index 000000000..514f34212
--- /dev/null
+++ b/OpenKeychain/src/main/res/layout/first_time_activity.xml
@@ -0,0 +1,89 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/OpenKeychain/src/main/res/layout/view_key_keys_item.xml b/OpenKeychain/src/main/res/layout/view_key_subkey_item.xml
similarity index 73%
rename from OpenKeychain/src/main/res/layout/view_key_keys_item.xml
rename to OpenKeychain/src/main/res/layout/view_key_subkey_item.xml
index 13feaf2cc..0c0a5d7e6 100644
--- a/OpenKeychain/src/main/res/layout/view_key_keys_item.xml
+++ b/OpenKeychain/src/main/res/layout/view_key_subkey_item.xml
@@ -1,10 +1,9 @@
-
+ android:padding="8dp"
+ android:layout_centerVertical="true"
+ android:layout_alignParentLeft="true"
+ android:layout_alignParentStart="true" />
+
+
+ android:layout_marginRight="8dp"
+ android:id="@+id/linearLayout">
@@ -75,8 +90,8 @@
+ android:layout_width="match_parent"
+ android:layout_height="match_parent">
+
-
+
diff --git a/OpenKeychain/src/main/res/layout/view_key_userids_item.xml b/OpenKeychain/src/main/res/layout/view_key_user_id_item.xml
similarity index 99%
rename from OpenKeychain/src/main/res/layout/view_key_userids_item.xml
rename to OpenKeychain/src/main/res/layout/view_key_user_id_item.xml
index 8f036e600..7de2f9c05 100644
--- a/OpenKeychain/src/main/res/layout/view_key_userids_item.xml
+++ b/OpenKeychain/src/main/res/layout/view_key_user_id_item.xml
@@ -63,7 +63,6 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/layout/wizard_k9_fragment.xml b/OpenKeychain/src/main/res/layout/wizard_k9_fragment.xml
deleted file mode 100644
index 342adc37e..000000000
--- a/OpenKeychain/src/main/res/layout/wizard_k9_fragment.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/layout/wizard_start_fragment.xml b/OpenKeychain/src/main/res/layout/wizard_start_fragment.xml
deleted file mode 100644
index 9e1403f74..000000000
--- a/OpenKeychain/src/main/res/layout/wizard_start_fragment.xml
+++ /dev/null
@@ -1,63 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/OpenKeychain/src/main/res/menu/key_list.xml b/OpenKeychain/src/main/res/menu/key_list.xml
index ebb7314b8..e865df182 100644
--- a/OpenKeychain/src/main/res/menu/key_list.xml
+++ b/OpenKeychain/src/main/res/menu/key_list.xml
@@ -26,11 +26,6 @@
app:showAsAction="never"
android:title="@string/menu_create_key" />
- - Change to Primary Identity
- Revoke Identity
+ Select an action!
+
+ - Change Expiry
+ - Revoke Subkey
+
Keys
@@ -505,7 +511,7 @@
casual
positive
revoked
- ok
+ OK
failed!
error!
key unavailable
@@ -550,7 +556,7 @@
Re-inserting secret key
Encountered bad certificate!
Error processing certificate!
- User id is certified by %1$s (%2$s)
+ User id is certified by %1$s
- Ignoring one certificate issued by an unknown public key
- Ignoring %s certificates issued by unknown public keys
@@ -586,6 +592,7 @@
Removing keyring revocation certificate with "local" flag
Removing keyring revocation certificate with future timestamp
Removing master key certificate of unknown type (%s)
+ Removing user id certification in bad position
Removing bad keyring revocation certificate
Removing redundant keyring revocation certificate
Processing subkey %s
@@ -623,6 +630,7 @@
Removing redundant revocation certificate for user id "%s"
Removing outdated revocation certificate for user id "%s"
No valid self-certificate found for user id %s, removing from ring
+ Removing invalid user id %s
Merging into public keyring %s
@@ -631,6 +639,17 @@
Tried to consolidate heterogeneous keyrings
Adding new subkey %s
Found %s new certificates in keyring
+ No new certificates
+
+
+ Generating new master key
+ No master key options specified!
+ Keyrings must be created with at least one user id!
+ Master key must have certify flag!
+ Key size must be greater or equal 512!
+ Internal PGP error!
+ Bad algorithm choice!
+ Master key must not be of type ElGamal!
Modifying keyring %s
@@ -638,10 +657,13 @@
Actual key fingerprint does not match the expected one!
No key ID. This is an internal error, please file a bug report!
Internal error, integrity check failed!
+ Bad primary user id specified!
Revoked user ids cannot be primary!
PGP internal exception!
Signature exception!
Changing passphrase
+ Replacing certificate of previous primary user id
+ Generating new certificate for new primary user id
Modifying subkey %s
Tried to operate on missing subkey %s!
Generating new %1$s bit %2$s subkey
@@ -652,9 +674,17 @@
Adding user id %s
Changing primary uid to %s
Revoking user id %s
+ User ID must not be empty!
Error unlocking keyring!
Unlocking keyring
+
+ Click to clear cached passphrases
+ OpenKeychain has cached %d passphrases
+ Cached Passphrases:
+ Clear Cache
+ Password
+
Internal error!
Certifier
@@ -679,4 +709,10 @@
Do not create OpenKeychain-Accounts manually.\nFor more information, see Help.
Show key (%s)
+
+ Take back your privacy with OpenKeychain!
+ Create Key
+ Import Key
+ Skip Setup
+
diff --git a/OpenKeychain/src/main/res/xml/adv_preferences.xml b/OpenKeychain/src/main/res/xml/adv_preferences.xml
index fa3974199..a07ae06bb 100644
--- a/OpenKeychain/src/main/res/xml/adv_preferences.xml
+++ b/OpenKeychain/src/main/res/xml/adv_preferences.xml
@@ -38,11 +38,17 @@
android:key="defaultAsciiArmor"
android:persistent="false"
android:title="@string/label_ascii_armor" />
+
+
+ android:title="@string/label_force_v3_signature"/>
diff --git a/OpenKeychain/src/test/resources/extern/OpenPGP-Haskell b/OpenKeychain/src/test/resources/extern/OpenPGP-Haskell
deleted file mode 160000
index eba7e4fdc..000000000
--- a/OpenKeychain/src/test/resources/extern/OpenPGP-Haskell
+++ /dev/null
@@ -1 +0,0 @@
-Subproject commit eba7e4fdce3de6622b4ec3862b405b0acd016377
diff --git a/README.md b/README.md
index 6a388e1c5..509c57e63 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,11 @@ Select everything for the newest SDK Platform (API-Level 19)
5. Execute ``./gradlew build``
6. You can install the app with ``adb install -r OpenKeychain/build/outputs/apk/OpenKeychain-debug-unaligned.apk``
+### Run Tests
+1. Use OpenJDK instead of Oracle JDK
+2. Execute ``./prepare-tests.sh``
+3. Execute ``./gradlew build``
+
### Build API Demo with Gradle
1. Follow 1-4 from above
@@ -48,13 +53,10 @@ Select everything for the newest SDK Platform (API-Level 19)
### Development with Android Studio
-I am using the newest [Android Studio](http://developer.android.com/sdk/installing/studio.html) for development. Development with Eclipse is currently not possible because I am using the new [project structure](http://developer.android.com/sdk/installing/studio-tips.html).
+We are using the newest [Android Studio](http://developer.android.com/sdk/installing/studio.html) for development. Development with Eclipse is currently not possible because we are using the new [project structure](http://developer.android.com/sdk/installing/studio-tips.html).
-1. Clone the project from github
-2. From Android Studio: File -> Import Project -> ...
- * Select the cloned top folder if you want to develop on the main project
- * Select the "OpenKeychain-API" folder if you want to develop on the API example
-3. Import project from external model -> choose Gradle
+1. Clone the project from Github
+2. From Android Studio: File -> Import Project -> Select the cloned top folder
## OpenKeychain's API
diff --git a/Resources/gnupg-infographic/first_time_1.png b/Resources/gnupg-infographic/first_time_1.png
new file mode 100644
index 000000000..1f340df5c
Binary files /dev/null and b/Resources/gnupg-infographic/first_time_1.png differ
diff --git a/Resources/gnupg-infographic/first_time_1.svg b/Resources/gnupg-infographic/first_time_1.svg
new file mode 100644
index 000000000..1f40c5ff3
--- /dev/null
+++ b/Resources/gnupg-infographic/first_time_1.svg
@@ -0,0 +1,351 @@
+
+
+
+
diff --git a/build.gradle b/build.gradle
index ceb963cd8..05e90eb17 100644
--- a/build.gradle
+++ b/build.gradle
@@ -6,7 +6,6 @@ buildscript {
dependencies {
// NOTE: Always use fixed version codes not dynamic ones, e.g. 0.7.3 instead of 0.7.+, see README for more information
classpath 'com.android.tools.build:gradle:0.12.0'
- classpath 'org.robolectric:robolectric-gradle-plugin:0.11.0'
}
}
@@ -19,3 +18,9 @@ allprojects {
task wrapper(type: Wrapper) {
gradleVersion = '1.12'
}
+
+subprojects {
+ tasks.withType(Test) {
+ maxParallelForks = 1
+ }
+}
diff --git a/extern/openpgp-api-lib b/extern/openpgp-api-lib
index aa9ecf871..869ab96e6 160000
--- a/extern/openpgp-api-lib
+++ b/extern/openpgp-api-lib
@@ -1 +1 @@
-Subproject commit aa9ecf871ce4db462034662675b258f9839d3f61
+Subproject commit 869ab96e6dcd4821fd5360248429e49dae6fbaca
diff --git a/extern/spongycastle b/extern/spongycastle
index 968405ee5..41ef8b1f5 160000
--- a/extern/spongycastle
+++ b/extern/spongycastle
@@ -1 +1 @@
-Subproject commit 968405ee5d4272330cffdf75f7eee4cd9f5c8646
+Subproject commit 41ef8b1f539dd3d8748865d68a34ed307f699eec
diff --git a/prepare-tests.sh b/prepare-tests.sh
new file mode 100755
index 000000000..027c76f84
--- /dev/null
+++ b/prepare-tests.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# This script installs a plugin which is necessary to run OpenKeychain's tests
+# into the local maven repository, then puts a line to include the -Test
+# subproject into settings.gradle
+
+echo "checking jdk runtime.."
+if ! java -version 2>&1 | grep OpenJDK; then
+ echo "tests will only run on openjdk, see readme for details!" >&2
+ return
+fi
+
+tmpdir="$(mktemp -d)"
+(
+ cd "$tmpdir";
+ git clone https://github.com/nenick/gradle-android-test-plugin.git
+ cd gradle-android-test-plugin
+ echo "rootProject.name = 'gradle-android-test-plugin-parent'" > settings.gradle
+ echo "include ':gradle-android-test-plugin'" >> settings.gradle
+ ./gradlew :gradle-android-test-plugin:install
+)
+rm -rf "$tmpdir"
+
+echo -n "ok, adding tests to include list.. "
+if grep OpenKeychain-Test settings.gradle >/dev/null ; then
+ echo " already in."
+else
+ echo "include ':OpenKeychain-Test'" >> settings.gradle
+ echo "ok"
+fi