mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-27 19:22:14 -05:00
Merge pull request #650 from open-keychain/v/import-log
Parcelable operation result with logging capabilities + import logging
This commit is contained in:
commit
90f9646f25
@ -0,0 +1,169 @@
|
|||||||
|
package org.sufficientlysecure.keychain.pgp;
|
||||||
|
|
||||||
|
import android.os.Parcel;
|
||||||
|
import android.os.Parcelable;
|
||||||
|
|
||||||
|
import org.sufficientlysecure.keychain.R;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
|
||||||
|
/** Represent the result of an operation.
|
||||||
|
*
|
||||||
|
* This class holds a result and the log of an operation. It can be subclassed
|
||||||
|
* to include typed additional information specific to the operation. To keep
|
||||||
|
* the class structure (somewhat) simple, this class contains an exhaustive
|
||||||
|
* list (ie, enum) of all possible log types, which should in all cases be tied
|
||||||
|
* to string resource ids.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public class OperationResultParcel implements Parcelable {
|
||||||
|
/** Holds the overall result. A value of 0 is considered a success, all
|
||||||
|
* other values may represent failure or varying degrees of success. */
|
||||||
|
final int mResult;
|
||||||
|
|
||||||
|
/// A list of log entries tied to the operation result.
|
||||||
|
final ArrayList<LogEntryParcel> mLog;
|
||||||
|
|
||||||
|
public OperationResultParcel(int result, ArrayList<LogEntryParcel> log) {
|
||||||
|
mResult = result;
|
||||||
|
mLog = log;
|
||||||
|
}
|
||||||
|
|
||||||
|
public OperationResultParcel(Parcel source) {
|
||||||
|
mResult = source.readInt();
|
||||||
|
mLog = source.createTypedArrayList(LogEntryParcel.CREATOR);
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isSuccessful() {
|
||||||
|
return mResult == 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/** One entry in the log. */
|
||||||
|
public static class LogEntryParcel implements Parcelable {
|
||||||
|
final LogLevel mLevel;
|
||||||
|
final LogType mType;
|
||||||
|
final String[] mParameters;
|
||||||
|
final int mIndent;
|
||||||
|
|
||||||
|
public LogEntryParcel(LogLevel level, LogType type, String[] parameters, int indent) {
|
||||||
|
mLevel = level;
|
||||||
|
mType = type;
|
||||||
|
mParameters = parameters;
|
||||||
|
mIndent = indent;
|
||||||
|
}
|
||||||
|
public LogEntryParcel(LogLevel level, LogType type, String[] parameters) {
|
||||||
|
this(level, type, parameters, 0);
|
||||||
|
}
|
||||||
|
|
||||||
|
public LogEntryParcel(Parcel source) {
|
||||||
|
mLevel = LogLevel.values()[source.readInt()];
|
||||||
|
mType = LogType.values()[source.readInt()];
|
||||||
|
mParameters = source.createStringArray();
|
||||||
|
mIndent = source.readInt();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int describeContents() {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void writeToParcel(Parcel dest, int flags) {
|
||||||
|
dest.writeInt(mLevel.ordinal());
|
||||||
|
dest.writeInt(mType.ordinal());
|
||||||
|
dest.writeStringArray(mParameters);
|
||||||
|
dest.writeInt(mIndent);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static final Creator<LogEntryParcel> CREATOR = new Creator<LogEntryParcel>() {
|
||||||
|
public LogEntryParcel createFromParcel(final Parcel source) {
|
||||||
|
return new LogEntryParcel(source);
|
||||||
|
}
|
||||||
|
|
||||||
|
public LogEntryParcel[] newArray(final int size) {
|
||||||
|
return new LogEntryParcel[size];
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public static enum LogType {
|
||||||
|
MSG_IP_APPLY_BATCH (R.string.msg_ip_apply_batch),
|
||||||
|
MSG_IP_BAD_TYPE_SECRET (R.string.msg_ip_bad_type_secret),
|
||||||
|
MSG_IP_DELETE_OLD_FAIL (R.string.msg_ip_delete_old_fail),
|
||||||
|
MSG_IP_DELETE_OLD_OK (R.string.msg_ip_delete_old_ok),
|
||||||
|
MSG_IP_ENCODE_FAIL (R.string.msg_ip_encode_fail),
|
||||||
|
MSG_IP_FAIL_IO_EXC (R.string.msg_ip_fail_io_exc),
|
||||||
|
MSG_IP_FAIL_OP_EX (R.string.msg_ip_fail_op_ex),
|
||||||
|
MSG_IP_FAIL_REMOTE_EX (R.string.msg_ip_fail_remote_ex),
|
||||||
|
MSG_IP_IMPORTING (R.string.msg_ip_importing),
|
||||||
|
MSG_IP_INSERT_KEYRING (R.string.msg_ip_insert_keyring),
|
||||||
|
MSG_IP_INSERT_SUBKEY (R.string.msg_ip_insert_subkey),
|
||||||
|
MSG_IP_INSERT_SUBKEYS (R.string.msg_ip_insert_subkeys),
|
||||||
|
MSG_IP_PRESERVING_SECRET (R.string.msg_ip_preserving_secret),
|
||||||
|
MSG_IP_REINSERT_SECRET (R.string.msg_ip_reinsert_secret),
|
||||||
|
MSG_IP_SUCCESS (R.string.msg_ip_success),
|
||||||
|
MSG_IP_TRUST_RETRIEVE (R.string.msg_ip_trust_retrieve),
|
||||||
|
MSG_IP_TRUST_USING (R.string.msg_ip_trust_using),
|
||||||
|
MSG_IP_TRUST_USING_SEC (R.string.msg_ip_trust_using_sec),
|
||||||
|
MSG_IP_UID_CERT_BAD (R.string.msg_ip_uid_cert_bad),
|
||||||
|
MSG_IP_UID_CERT_ERROR (R.string.msg_ip_uid_cert_error),
|
||||||
|
MSG_IP_UID_CERT_GOOD (R.string.msg_ip_uid_cert_good),
|
||||||
|
MSG_IP_UID_CERTS_UNKNOWN (R.string.msg_ip_uid_certs_unknown),
|
||||||
|
MSG_IP_UID_CLASSIFYING (R.string.msg_ip_uid_classifying),
|
||||||
|
MSG_IP_UID_INSERT (R.string.msg_ip_uid_insert),
|
||||||
|
MSG_IP_UID_PROCESSING (R.string.msg_ip_uid_processing),
|
||||||
|
MSG_IP_UID_SELF_BAD (R.string.msg_ip_uid_self_bad),
|
||||||
|
MSG_IP_UID_SELF_GOOD (R.string.msg_ip_uid_self_good),
|
||||||
|
MSG_IP_UID_SELF_IGNORING_OLD (R.string.msg_ip_uid_self_ignoring_old),
|
||||||
|
MSG_IP_UID_SELF_NEWER (R.string.msg_ip_uid_self_newer),
|
||||||
|
MSG_IS_BAD_TYPE_PUBLIC (R.string.msg_is_bad_type_public),
|
||||||
|
MSG_IS_IMPORTING (R.string.msg_is_importing),
|
||||||
|
MSG_IS_IMPORTING_SUBKEYS (R.string.msg_is_importing_subkeys),
|
||||||
|
MSG_IS_IO_EXCPTION (R.string.msg_is_io_excption),
|
||||||
|
MSG_IS_SUBKEY_NONEXISTENT (R.string.msg_is_subkey_nonexistent),
|
||||||
|
MSG_IS_SUBKEY_OK (R.string.msg_is_subkey_ok),
|
||||||
|
MSG_IS_SUBKEY_STRIPPED (R.string.msg_is_subkey_stripped),
|
||||||
|
MSG_IS_SUCCESS (R.string.msg_is_success),
|
||||||
|
;
|
||||||
|
|
||||||
|
private final int mMsgId;
|
||||||
|
LogType(int msgId) {
|
||||||
|
mMsgId = msgId;
|
||||||
|
}
|
||||||
|
public int getMsgId() {
|
||||||
|
return mMsgId;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Enumeration of possible log levels. */
|
||||||
|
public static enum LogLevel {
|
||||||
|
DEBUG,
|
||||||
|
INFO,
|
||||||
|
WARN,
|
||||||
|
/** If any ERROR log entry is included in the result, the overall operation should have failed. */
|
||||||
|
ERROR,
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int describeContents() {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void writeToParcel(Parcel dest, int flags) {
|
||||||
|
dest.writeInt(mResult);
|
||||||
|
dest.writeTypedList(mLog);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static final Creator<OperationResultParcel> CREATOR = new Creator<OperationResultParcel>() {
|
||||||
|
public OperationResultParcel createFromParcel(final Parcel source) {
|
||||||
|
return new OperationResultParcel(source);
|
||||||
|
}
|
||||||
|
|
||||||
|
public OperationResultParcel[] newArray(final int size) {
|
||||||
|
return new OperationResultParcel[size];
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
@ -152,13 +152,14 @@ public class PgpImportExport {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
mProviderHelper.savePublicKeyRing(key);
|
mProviderHelper.resetLog();
|
||||||
/*switch(status) {
|
OperationResultParcel result = mProviderHelper.savePublicKeyRing(key);
|
||||||
case RETURN_UPDATED: oldKeys++; break;
|
for(OperationResultParcel.LogEntryParcel loge : result.mLog) {
|
||||||
case RETURN_OK: newKeys++; break;
|
Log.d(Constants.TAG,
|
||||||
case RETURN_BAD: badKeys++; break;
|
loge.mIndent
|
||||||
}*/
|
+ new String(new char[loge.mIndent]).replace("\0", " ")
|
||||||
// TODO proper import feedback
|
+ mContext.getString(loge.mType.getMsgId(), (Object[]) loge.mParameters));
|
||||||
|
}
|
||||||
newKeys += 1;
|
newKeys += 1;
|
||||||
|
|
||||||
} catch (PgpGeneralException e) {
|
} catch (PgpGeneralException e) {
|
||||||
|
@ -19,6 +19,7 @@ import java.io.IOException;
|
|||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashSet;
|
||||||
import java.util.Iterator;
|
import java.util.Iterator;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Vector;
|
import java.util.Vector;
|
||||||
@ -149,13 +150,13 @@ public class UncachedKeyRing {
|
|||||||
aos.close();
|
aos.close();
|
||||||
}
|
}
|
||||||
|
|
||||||
public ArrayList<Long> getAvailableSubkeys() {
|
public HashSet<Long> getAvailableSubkeys() {
|
||||||
if(!isSecret()) {
|
if(!isSecret()) {
|
||||||
throw new RuntimeException("Tried to find available subkeys from non-secret keys. " +
|
throw new RuntimeException("Tried to find available subkeys from non-secret keys. " +
|
||||||
"This is a programming error and should never happen!");
|
"This is a programming error and should never happen!");
|
||||||
}
|
}
|
||||||
|
|
||||||
ArrayList<Long> result = new ArrayList<Long>();
|
HashSet<Long> result = new HashSet<Long>();
|
||||||
// then, mark exactly the keys we have available
|
// then, mark exactly the keys we have available
|
||||||
for (PGPSecretKey sub : new IterableIterator<PGPSecretKey>(
|
for (PGPSecretKey sub : new IterableIterator<PGPSecretKey>(
|
||||||
((PGPSecretKeyRing) mRing).getSecretKeys())) {
|
((PGPSecretKeyRing) mRing).getSecretKeys())) {
|
||||||
|
@ -29,6 +29,9 @@ import android.support.v4.util.LongSparseArray;
|
|||||||
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.OperationResultParcel;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.OperationResultParcel.LogType;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.OperationResultParcel.LogLevel;
|
||||||
import org.sufficientlysecure.keychain.pgp.PgpHelper;
|
import org.sufficientlysecure.keychain.pgp.PgpHelper;
|
||||||
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
||||||
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
|
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
|
||||||
@ -59,12 +62,28 @@ import java.util.List;
|
|||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
|
||||||
public class ProviderHelper {
|
public class ProviderHelper {
|
||||||
private Context mContext;
|
private final Context mContext;
|
||||||
private ContentResolver mContentResolver;
|
private final ContentResolver mContentResolver;
|
||||||
|
private final ArrayList<OperationResultParcel.LogEntryParcel> mLog;
|
||||||
|
private int mIndent;
|
||||||
|
|
||||||
public ProviderHelper(Context context) {
|
public ProviderHelper(Context context) {
|
||||||
this.mContext = context;
|
this(context, new ArrayList<OperationResultParcel.LogEntryParcel>(), 0);
|
||||||
this.mContentResolver = context.getContentResolver();
|
}
|
||||||
|
|
||||||
|
public ProviderHelper(Context context, ArrayList<OperationResultParcel.LogEntryParcel> log,
|
||||||
|
int indent) {
|
||||||
|
mContext = context;
|
||||||
|
mContentResolver = context.getContentResolver();
|
||||||
|
mLog = log;
|
||||||
|
mIndent = indent;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void resetLog() {
|
||||||
|
if(mLog != null) {
|
||||||
|
mLog.clear();
|
||||||
|
mIndent = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static class NotFoundException extends Exception {
|
public static class NotFoundException extends Exception {
|
||||||
@ -76,6 +95,17 @@ public class ProviderHelper {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void log(LogLevel level, LogType type) {
|
||||||
|
if(mLog != null) {
|
||||||
|
mLog.add(new OperationResultParcel.LogEntryParcel(level, type, null, mIndent));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
public void log(LogLevel level, LogType type, String[] parameters) {
|
||||||
|
if(mLog != null) {
|
||||||
|
mLog.add(new OperationResultParcel.LogEntryParcel(level, type, parameters, mIndent));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// If we ever switch to api level 11, we can ditch this whole mess!
|
// If we ever switch to api level 11, we can ditch this whole mess!
|
||||||
public static final int FIELD_TYPE_NULL = 1;
|
public static final int FIELD_TYPE_NULL = 1;
|
||||||
// this is called integer to stay coherent with the constants in Cursor (api level 11)
|
// this is called integer to stay coherent with the constants in Cursor (api level 11)
|
||||||
@ -222,64 +252,98 @@ public class ProviderHelper {
|
|||||||
* Saves PGPPublicKeyRing with its keys and userIds in DB
|
* Saves PGPPublicKeyRing with its keys and userIds in DB
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings("unchecked")
|
@SuppressWarnings("unchecked")
|
||||||
public void savePublicKeyRing(UncachedKeyRing keyRing) throws IOException {
|
public OperationResultParcel savePublicKeyRing(UncachedKeyRing keyRing) {
|
||||||
if (keyRing.isSecret()) {
|
if (keyRing.isSecret()) {
|
||||||
throw new RuntimeException("Tried to save secret keyring as public! " +
|
log(LogLevel.ERROR, LogType.MSG_IP_BAD_TYPE_SECRET);
|
||||||
"This is a bug, please file a bug report.");
|
return new OperationResultParcel(1, mLog);
|
||||||
}
|
}
|
||||||
|
|
||||||
UncachedPublicKey masterKey = keyRing.getPublicKey();
|
UncachedPublicKey masterKey = keyRing.getPublicKey();
|
||||||
long masterKeyId = masterKey.getKeyId();
|
long masterKeyId = masterKey.getKeyId();
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_IMPORTING,
|
||||||
|
new String[]{Long.toString(masterKeyId)});
|
||||||
|
mIndent += 1;
|
||||||
|
|
||||||
// IF there is a secret key, preserve it!
|
// IF there is a secret key, preserve it!
|
||||||
UncachedKeyRing secretRing = null;
|
UncachedKeyRing secretRing;
|
||||||
try {
|
try {
|
||||||
secretRing = getWrappedSecretKeyRing(masterKeyId).getUncached();
|
secretRing = getWrappedSecretKeyRing(masterKeyId).getUncached();
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_PRESERVING_SECRET);
|
||||||
} catch (NotFoundException e) {
|
} catch (NotFoundException e) {
|
||||||
Log.e(Constants.TAG, "key not found!");
|
secretRing = null;
|
||||||
}
|
}
|
||||||
|
|
||||||
// delete old version of this keyRing, which also deletes all keys and userIds on cascade
|
// delete old version of this keyRing, which also deletes all keys and userIds on cascade
|
||||||
try {
|
try {
|
||||||
mContentResolver.delete(KeyRingData.buildPublicKeyRingUri(Long.toString(masterKeyId)), null, null);
|
mContentResolver.delete(KeyRingData.buildPublicKeyRingUri(Long.toString(masterKeyId)), null, null);
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_DELETE_OLD_OK);
|
||||||
} catch (UnsupportedOperationException e) {
|
} catch (UnsupportedOperationException e) {
|
||||||
Log.e(Constants.TAG, "Key could not be deleted! Maybe we are creating a new one!", e);
|
Log.e(Constants.TAG, "Key could not be deleted! Maybe we are creating a new one!", e);
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_DELETE_OLD_FAIL);
|
||||||
}
|
}
|
||||||
|
|
||||||
// insert new version of this keyRing
|
// insert new version of this keyRing
|
||||||
ContentValues values = new ContentValues();
|
ContentValues values = new ContentValues();
|
||||||
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
||||||
|
try {
|
||||||
values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
|
values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
|
||||||
Uri uri = KeyRingData.buildPublicKeyRingUri(Long.toString(masterKeyId));
|
} catch (IOException e) {
|
||||||
mContentResolver.insert(uri, values);
|
log(LogLevel.ERROR, LogType.MSG_IP_ENCODE_FAIL);
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
|
}
|
||||||
|
|
||||||
// save all keys and userIds included in keyRing object in database
|
// save all keys and userIds included in keyRing object in database
|
||||||
ArrayList<ContentProviderOperation> operations = new ArrayList<ContentProviderOperation>();
|
ArrayList<ContentProviderOperation> operations = new ArrayList<ContentProviderOperation>();
|
||||||
|
|
||||||
|
try {
|
||||||
|
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_INSERT_KEYRING);
|
||||||
|
Uri uri = KeyRingData.buildPublicKeyRingUri(Long.toString(masterKeyId));
|
||||||
|
operations.add(ContentProviderOperation.newInsert(uri).withValues(values).build());
|
||||||
|
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_INSERT_SUBKEYS);
|
||||||
|
mIndent += 1;
|
||||||
int rank = 0;
|
int rank = 0;
|
||||||
for (UncachedPublicKey key : new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
|
for (UncachedPublicKey key : new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_INSERT_SUBKEY, new String[] {
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(key.getKeyId())
|
||||||
|
});
|
||||||
operations.add(buildPublicKeyOperations(masterKeyId, key, rank));
|
operations.add(buildPublicKeyOperations(masterKeyId, key, rank));
|
||||||
++rank;
|
++rank;
|
||||||
}
|
}
|
||||||
|
mIndent -= 1;
|
||||||
|
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_TRUST_RETRIEVE);
|
||||||
// get a list of owned secret keys, for verification filtering
|
// get a list of owned secret keys, for verification filtering
|
||||||
LongSparseArray<UncachedPublicKey> allKeyRings =
|
LongSparseArray<UncachedPublicKey> trustedKeys =
|
||||||
getUncachedMasterKeys(KeyRingData.buildSecretKeyRingUri());
|
getUncachedMasterKeys(KeyRingData.buildSecretKeyRingUri());
|
||||||
// special case: available secret keys verify themselves!
|
// special case: available secret keys verify themselves!
|
||||||
if (secretRing != null) {
|
if (secretRing != null) {
|
||||||
allKeyRings.put(secretRing.getMasterKeyId(), secretRing.getPublicKey());
|
trustedKeys.put(secretRing.getMasterKeyId(), secretRing.getPublicKey());
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING_SEC, new String[]{
|
||||||
|
Integer.toString(trustedKeys.size())
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_TRUST_USING, new String[] {
|
||||||
|
Integer.toString(trustedKeys.size())
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
// classify and order user ids. primary are moved to the front, revoked to the back,
|
// classify and order user ids. primary are moved to the front, revoked to the back,
|
||||||
// otherwise the order in the keyfile is preserved.
|
// otherwise the order in the keyfile is preserved.
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_UID_CLASSIFYING);
|
||||||
|
mIndent += 1;
|
||||||
List<UserIdItem> uids = new ArrayList<UserIdItem>();
|
List<UserIdItem> uids = new ArrayList<UserIdItem>();
|
||||||
|
|
||||||
for (String userId : new IterableIterator<String>(
|
for (String userId : new IterableIterator<String>(
|
||||||
masterKey.getUnorderedUserIds().iterator())) {
|
masterKey.getUnorderedUserIds().iterator())) {
|
||||||
UserIdItem item = new UserIdItem();
|
UserIdItem item = new UserIdItem();
|
||||||
uids.add(item);
|
uids.add(item);
|
||||||
item.userId = userId;
|
item.userId = userId;
|
||||||
|
|
||||||
|
int unknownCerts = 0;
|
||||||
|
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_UID_PROCESSING, new String[] { userId });
|
||||||
|
mIndent += 1;
|
||||||
// look through signatures for this specific key
|
// look through signatures for this specific key
|
||||||
for (WrappedSignature cert : new IterableIterator<WrappedSignature>(
|
for (WrappedSignature cert : new IterableIterator<WrappedSignature>(
|
||||||
masterKey.getSignaturesForId(userId))) {
|
masterKey.getSignaturesForId(userId))) {
|
||||||
@ -289,34 +353,65 @@ public class ProviderHelper {
|
|||||||
if (certId == masterKeyId) {
|
if (certId == masterKeyId) {
|
||||||
cert.init(masterKey);
|
cert.init(masterKey);
|
||||||
if (!cert.verifySignature(masterKey, userId)) {
|
if (!cert.verifySignature(masterKey, userId)) {
|
||||||
// not verified?! dang! TODO notify user? this is kinda serious...
|
// Bad self certification? That's kinda bad...
|
||||||
Log.e(Constants.TAG, "Could not verify self signature for " + userId + "!");
|
log(LogLevel.ERROR, LogType.MSG_IP_UID_SELF_BAD);
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
|
}
|
||||||
|
|
||||||
|
// if we already have a cert..
|
||||||
|
if (item.selfCert != null) {
|
||||||
|
// ..is this perchance a more recent one?
|
||||||
|
if (item.selfCert.getCreationTime().before(cert.getCreationTime())) {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_UID_SELF_NEWER);
|
||||||
|
} else {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_UID_SELF_IGNORING_OLD);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
// is this the first, or a more recent certificate?
|
} else {
|
||||||
if (item.selfCert == null ||
|
log(LogLevel.DEBUG, LogType.MSG_IP_UID_SELF_GOOD);
|
||||||
item.selfCert.getCreationTime().before(cert.getCreationTime())) {
|
}
|
||||||
|
|
||||||
|
// save certificate as primary self-cert
|
||||||
item.selfCert = cert;
|
item.selfCert = cert;
|
||||||
item.isPrimary = cert.isPrimaryUserId();
|
item.isPrimary = cert.isPrimaryUserId();
|
||||||
item.isRevoked = cert.isRevocation();
|
item.isRevoked = cert.isRevocation();
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
|
||||||
// verify signatures from known private keys
|
// verify signatures from known private keys
|
||||||
if (allKeyRings.indexOfKey(certId) >= 0) {
|
if (trustedKeys.indexOfKey(certId) >= 0) {
|
||||||
cert.init(allKeyRings.get(certId));
|
UncachedPublicKey trustedKey = trustedKeys.get(certId);
|
||||||
|
cert.init(trustedKey);
|
||||||
if (cert.verifySignature(masterKey, userId)) {
|
if (cert.verifySignature(masterKey, userId)) {
|
||||||
item.trustedCerts.add(cert);
|
item.trustedCerts.add(cert);
|
||||||
}
|
log(LogLevel.INFO, LogType.MSG_IP_UID_CERT_GOOD, new String[] {
|
||||||
}
|
PgpKeyHelper.convertKeyIdToHex(trustedKey.getKeyId())
|
||||||
} catch (PgpGeneralException e) {
|
});
|
||||||
Log.e(Constants.TAG, "Signature verification failed! "
|
} else {
|
||||||
+ PgpKeyHelper.convertKeyIdToHex(masterKey.getKeyId())
|
log(LogLevel.WARN, LogType.MSG_IP_UID_CERT_BAD);
|
||||||
+ " from "
|
|
||||||
+ PgpKeyHelper.convertKeyIdToHex(cert.getKeyId()), e);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
unknownCerts += 1;
|
||||||
|
|
||||||
|
} catch (PgpGeneralException e) {
|
||||||
|
log(LogLevel.WARN, LogType.MSG_IP_UID_CERT_ERROR, new String[]{
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(cert.getKeyId())
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
mIndent -= 1;
|
||||||
|
|
||||||
|
if (unknownCerts > 0) {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_UID_CERTS_UNKNOWN, new String[] {
|
||||||
|
Integer.toString(unknownCerts)
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
mIndent -= 1;
|
||||||
|
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_UID_INSERT);
|
||||||
// primary before regular before revoked (see UserIdItem.compareTo)
|
// primary before regular before revoked (see UserIdItem.compareTo)
|
||||||
// this is a stable sort, so the order of keys is otherwise preserved.
|
// this is a stable sort, so the order of keys is otherwise preserved.
|
||||||
Collections.sort(uids);
|
Collections.sort(uids);
|
||||||
@ -339,19 +434,37 @@ public class ProviderHelper {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
log(LogLevel.DEBUG, LogType.MSG_IP_APPLY_BATCH);
|
||||||
mContentResolver.applyBatch(KeychainContract.CONTENT_AUTHORITY, operations);
|
mContentResolver.applyBatch(KeychainContract.CONTENT_AUTHORITY, operations);
|
||||||
|
} catch (IOException e) {
|
||||||
|
log(LogLevel.ERROR, LogType.MSG_IP_FAIL_IO_EXC);
|
||||||
|
Log.e(Constants.TAG, "IOException during import", e);
|
||||||
|
mIndent -= 1;
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
} catch (RemoteException e) {
|
} catch (RemoteException e) {
|
||||||
Log.e(Constants.TAG, "applyBatch failed!", e);
|
log(LogLevel.ERROR, LogType.MSG_IP_FAIL_REMOTE_EX);
|
||||||
|
Log.e(Constants.TAG, "RemoteException during import", e);
|
||||||
|
mIndent -= 1;
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
} catch (OperationApplicationException e) {
|
} catch (OperationApplicationException e) {
|
||||||
Log.e(Constants.TAG, "applyBatch failed!", e);
|
log(LogLevel.ERROR, LogType.MSG_IP_FAIL_OP_EX);
|
||||||
|
Log.e(Constants.TAG, "OperationApplicationException during import", e);
|
||||||
|
mIndent -= 1;
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Save the saved keyring (if any)
|
// Save the saved keyring (if any)
|
||||||
if (secretRing != null) {
|
if (secretRing != null) {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IP_REINSERT_SECRET);
|
||||||
|
mIndent += 1;
|
||||||
saveSecretKeyRing(secretRing);
|
saveSecretKeyRing(secretRing);
|
||||||
|
mIndent -= 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IP_SUCCESS);
|
||||||
|
mIndent -= 1;
|
||||||
|
return new OperationResultParcel(0, mLog);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static class UserIdItem implements Comparable<UserIdItem> {
|
private static class UserIdItem implements Comparable<UserIdItem> {
|
||||||
@ -379,13 +492,29 @@ public class ProviderHelper {
|
|||||||
* Saves a PGPSecretKeyRing in the DB. This will only work if a corresponding public keyring
|
* Saves a PGPSecretKeyRing in the DB. This will only work if a corresponding public keyring
|
||||||
* is already in the database!
|
* is already in the database!
|
||||||
*/
|
*/
|
||||||
public void saveSecretKeyRing(UncachedKeyRing keyRing) throws IOException {
|
public OperationResultParcel saveSecretKeyRing(UncachedKeyRing keyRing) {
|
||||||
if (!keyRing.isSecret()) {
|
if (!keyRing.isSecret()) {
|
||||||
throw new RuntimeException("Tried to save publkc keyring as secret! " +
|
log(LogLevel.ERROR, LogType.MSG_IS_BAD_TYPE_PUBLIC);
|
||||||
"This is a bug, please file a bug report.");
|
return new OperationResultParcel(1, mLog);
|
||||||
}
|
}
|
||||||
|
|
||||||
long masterKeyId = keyRing.getMasterKeyId();
|
long masterKeyId = keyRing.getMasterKeyId();
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IS_IMPORTING,
|
||||||
|
new String[]{ Long.toString(masterKeyId) });
|
||||||
|
|
||||||
|
// save secret keyring
|
||||||
|
try {
|
||||||
|
ContentValues values = new ContentValues();
|
||||||
|
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
||||||
|
values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
|
||||||
|
// insert new version of this keyRing
|
||||||
|
Uri uri = KeyRingData.buildSecretKeyRingUri(Long.toString(masterKeyId));
|
||||||
|
mContentResolver.insert(uri, values);
|
||||||
|
} catch (IOException e) {
|
||||||
|
Log.e(Constants.TAG, "Failed to encode key!", e);
|
||||||
|
log(LogLevel.ERROR, LogType.MSG_IS_IO_EXCPTION);
|
||||||
|
return new OperationResultParcel(1, mLog);
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId));
|
Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId));
|
||||||
@ -397,24 +526,38 @@ public class ProviderHelper {
|
|||||||
|
|
||||||
values.put(Keys.HAS_SECRET, 1);
|
values.put(Keys.HAS_SECRET, 1);
|
||||||
// then, mark exactly the keys we have available
|
// then, mark exactly the keys we have available
|
||||||
for (Long sub : new IterableIterator<Long>(keyRing.getAvailableSubkeys().iterator())) {
|
log(LogLevel.INFO, LogType.MSG_IS_IMPORTING_SUBKEYS);
|
||||||
mContentResolver.update(uri, values, Keys.KEY_ID + " = ?", new String[] {
|
mIndent += 1;
|
||||||
Long.toString(sub)
|
Set<Long> available = keyRing.getAvailableSubkeys();
|
||||||
|
for (UncachedPublicKey sub :
|
||||||
|
new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
|
||||||
|
long id = sub.getKeyId();
|
||||||
|
if(available.contains(id)) {
|
||||||
|
int upd = mContentResolver.update(uri, values, Keys.KEY_ID + " = ?",
|
||||||
|
new String[] { Long.toString(id) });
|
||||||
|
if (upd == 1) {
|
||||||
|
log(LogLevel.DEBUG, LogType.MSG_IS_SUBKEY_OK, new String[]{
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(id)
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
log(LogLevel.WARN, LogType.MSG_IS_SUBKEY_NONEXISTENT, new String[]{
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(id)
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
log(LogLevel.INFO, LogType.MSG_IS_SUBKEY_STRIPPED, new String[]{
|
||||||
|
PgpKeyHelper.convertKeyIdToHex(id)
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
|
mIndent -= 1;
|
||||||
|
|
||||||
// this implicitly leaves all keys which were not in the secret key ring
|
// this implicitly leaves all keys which were not in the secret key ring
|
||||||
// with has_secret = 0
|
// with has_secret = 0
|
||||||
}
|
}
|
||||||
|
|
||||||
// save secret keyring
|
log(LogLevel.INFO, LogType.MSG_IS_SUCCESS);
|
||||||
{
|
return new OperationResultParcel(0, mLog);
|
||||||
ContentValues values = new ContentValues();
|
|
||||||
values.put(KeyRingData.MASTER_KEY_ID, masterKeyId);
|
|
||||||
values.put(KeyRingData.KEY_RING_DATA, keyRing.getEncoded());
|
|
||||||
// insert new version of this keyRing
|
|
||||||
Uri uri = KeyRingData.buildSecretKeyRingUri(Long.toString(masterKeyId));
|
|
||||||
mContentResolver.insert(uri, values);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -523,4 +523,43 @@
|
|||||||
<string name="info_no_manual_account_creation">Do not create OpenKeychain-Accounts manually.\nFor more information, see Help.</string>
|
<string name="info_no_manual_account_creation">Do not create OpenKeychain-Accounts manually.\nFor more information, see Help.</string>
|
||||||
<string name="contact_show_key">Show key (%s)</string>
|
<string name="contact_show_key">Show key (%s)</string>
|
||||||
|
|
||||||
|
<!-- Import log entries -->
|
||||||
|
<string name="msg_ip_apply_batch">Applying insert batch operation.</string>
|
||||||
|
<string name="msg_ip_bad_type_secret">Tried to import secret keyring as public. This is a bug, please file a report!</string>
|
||||||
|
<string name="msg_ip_delete_old_fail">No old key deleted (creating a new one?)</string>
|
||||||
|
<string name="msg_ip_delete_old_ok">Deleted old key from database</string>
|
||||||
|
<string name="msg_ip_encode_fail">Operation failed due to encoding error</string>
|
||||||
|
<string name="msg_ip_fail_io_exc">Operation failed due to i/o error</string>
|
||||||
|
<string name="msg_ip_fail_op_ex">Operation failed due to database error</string>
|
||||||
|
<string name="msg_ip_fail_remote_ex">Operation failed due to internal error</string>
|
||||||
|
<string name="msg_ip_importing">Importing public keyring</string>
|
||||||
|
<string name="msg_ip_insert_keyring">Inserting keyring data</string>
|
||||||
|
<string name="msg_ip_insert_subkey">Inserting subkey %s</string>
|
||||||
|
<string name="msg_ip_insert_subkeys">Inserting subkeys</string>
|
||||||
|
<string name="msg_ip_preserving_secret">Preserving available secret key</string>
|
||||||
|
<string name="msg_ip_reinsert_secret">Re-inserting secret key</string>
|
||||||
|
<string name="msg_ip_success">Successfully inserted public keyring</string>
|
||||||
|
<string name="msg_ip_trust_retrieve">Retrieving trusted keys</string>
|
||||||
|
<string name="msg_ip_trust_using">Using %s trusted keys</string>
|
||||||
|
<string name="msg_ip_trust_using_sec">Secret key available, self certificates are trusted</string>
|
||||||
|
<string name="msg_ip_uid_cert_bad">Encountered bad certificate!</string>
|
||||||
|
<string name="msg_ip_uid_cert_error">Error processing certificate!</string>
|
||||||
|
<string name="msg_ip_uid_cert_good">Found good certificate from %s</string>
|
||||||
|
<string name="msg_ip_uid_certs_unknown">Ignored %s certificates from unknown pubkeys</string>
|
||||||
|
<string name="msg_ip_uid_classifying">Classifying user ids</string>
|
||||||
|
<string name="msg_ip_uid_insert">Inserting user ids</string>
|
||||||
|
<string name="msg_ip_uid_processing">Processing user id %s</string>
|
||||||
|
<string name="msg_ip_uid_self_bad">Bad self certificate encountered!</string>
|
||||||
|
<string name="msg_ip_uid_self_good">Found good self certificate</string>
|
||||||
|
<string name="msg_ip_uid_self_ignoring_old">Ignoring older self certificate</string>
|
||||||
|
<string name="msg_ip_uid_self_newer">Using more recent good self certificate</string>
|
||||||
|
<string name="msg_is_bad_type_public">Tried to import public keyring as secret. This is a bug, please file a report!</string>
|
||||||
|
<string name="msg_is_importing">Importing secret key %s</string>
|
||||||
|
<string name="msg_is_importing_subkeys">Processing secret subkeys</string>
|
||||||
|
<string name="msg_is_io_excption">Error encoding keyring</string>
|
||||||
|
<string name="msg_is_subkey_nonexistent">Subkey %s unavailable in public key</string>
|
||||||
|
<string name="msg_is_subkey_ok">Marked %s as available</string>
|
||||||
|
<string name="msg_is_subkey_stripped">Marked %s as stripped</string>
|
||||||
|
<string name="msg_is_success">Successfully inserted secret keyring</string>
|
||||||
|
|
||||||
</resources>
|
</resources>
|
||||||
|
Loading…
Reference in New Issue
Block a user