From a81474b7a5b179d29776f2c652609d13dec74536 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 15 May 2015 01:04:25 +0200 Subject: [PATCH] yubikey: don't assume signing key is masterKeyId in ViewKeyActivity Conflicts: OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java --- .../ui/CreateKeyYubiKeyImportFragment.java | 10 ++- .../keychain/ui/ViewKeyActivity.java | 80 ++++++++++--------- 2 files changed, 51 insertions(+), 39 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java index 4c7d1dfbd..f8d79d33b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java @@ -193,13 +193,19 @@ public class CreateKeyYubiKeyImportFragment extends Fragment implements NfcListe ImportKeyResult result = returnData.getParcelable(DecryptVerifyResult.EXTRA_RESULT); - if (!result.success()) { + long[] masterKeyIds = result.getImportedMasterKeyIds(); + + // TODO handle masterKeyIds.length != 1...? sorta outlandish scenario + + if (!result.success() || masterKeyIds.length == 0) { result.createNotify(getActivity()).show(); return; } Intent intent = new Intent(getActivity(), ViewKeyActivity.class); - intent.setData(KeyRings.buildGenericKeyRingUri(mNfcMasterKeyId)); + // use the imported masterKeyId, not the one from the yubikey, because + // that one might* just have been a subkey of the imported key + intent.setData(KeyRings.buildGenericKeyRingUri(masterKeyIds[0])); intent.putExtra(ViewKeyActivity.EXTRA_DISPLAY_RESULT, result); intent.putExtra(ViewKeyActivity.EXTRA_NFC_AID, mNfcAid); intent.putExtra(ViewKeyActivity.EXTRA_NFC_USER_ID, mNfcUserId); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java index 7d57538b6..8c1d23d68 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java @@ -535,49 +535,54 @@ public class ViewKeyActivity extends BaseNfcActivity implements final String nfcUserId = nfcGetUserId(); final byte[] nfcAid = nfcGetAid(); - String fp = KeyFormattingUtils.convertFingerprintToHex(nfcFingerprints); - final long masterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(nfcFingerprints); + long yubiKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(nfcFingerprints); - if (!mFingerprint.equals(fp)) { - try { - CachedPublicKeyRing ring = mProviderHelper.getCachedPublicKeyRing(masterKeyId); - ring.getMasterKeyId(); + try { - Notify.create(this, R.string.snack_yubi_other, Notify.LENGTH_LONG, - Style.WARN, new ActionListener() { - @Override - public void onAction() { - Intent intent = new Intent( - ViewKeyActivity.this, ViewKeyActivity.class); - intent.setData(KeyRings.buildGenericKeyRingUri(masterKeyId)); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_AID, nfcAid); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_USER_ID, nfcUserId); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_FINGERPRINTS, nfcFingerprints); - startActivity(intent); - finish(); - } - }, R.string.snack_yubikey_view).show(); - return; + // if the yubikey matches a subkey in any key + CachedPublicKeyRing ring = mProviderHelper.getCachedPublicKeyRing( + KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(yubiKeyId)); + byte[] candidateFp = ring.getFingerprint(); - } catch (PgpKeyNotFoundException e) { - Notify.create(this, R.string.snack_yubi_other, Notify.LENGTH_LONG, - Style.WARN, new ActionListener() { - @Override - public void onAction() { - Intent intent = new Intent( - ViewKeyActivity.this, CreateKeyActivity.class); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_AID, nfcAid); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_USER_ID, nfcUserId); - intent.putExtra(ViewKeyActivity.EXTRA_NFC_FINGERPRINTS, nfcFingerprints); - startActivity(intent); - finish(); - } - }, R.string.snack_yubikey_import).show(); + // if the master key of that key matches this one, just show the yubikey dialog + if (KeyFormattingUtils.convertFingerprintToHex(candidateFp).equals(mFingerprint)) { + showYubiKeyFragment(nfcFingerprints, nfcUserId, nfcAid); return; } - } - showYubiKeyFragment(nfcFingerprints, nfcUserId, nfcAid); + // otherwise, offer to go to that key + final long masterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(candidateFp); + Notify.create(this, R.string.snack_yubi_other, Notify.LENGTH_LONG, + Style.WARN, new ActionListener() { + @Override + public void onAction() { + Intent intent = new Intent( + ViewKeyActivity.this, ViewKeyActivity.class); + intent.setData(KeyRings.buildGenericKeyRingUri(masterKeyId)); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_AID, nfcAid); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_USER_ID, nfcUserId); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_FINGERPRINTS, nfcFingerprints); + startActivity(intent); + finish(); + } + }, R.string.snack_yubikey_view).show(); + + // and if it's not found, offer import + } catch (PgpKeyNotFoundException e) { + Notify.create(this, R.string.snack_yubi_other, Notify.LENGTH_LONG, + Style.WARN, new ActionListener() { + @Override + public void onAction() { + Intent intent = new Intent( + ViewKeyActivity.this, CreateKeyActivity.class); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_AID, nfcAid); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_USER_ID, nfcUserId); + intent.putExtra(ViewKeyActivity.EXTRA_NFC_FINGERPRINTS, nfcFingerprints); + startActivity(intent); + finish(); + } + }, R.string.snack_yubikey_import).show(); + } } @@ -794,6 +799,7 @@ public class ViewKeyActivity extends BaseNfcActivity implements // old cursor once we return.) switch (loader.getId()) { case LOADER_ID_UNIFIED: { + if (data.moveToFirst()) { // get name, email, and comment from USER_ID KeyRing.UserId mainUserId = KeyRing.splitUserId(data.getString(INDEX_USER_ID));