don't show allowed key list if no key exists, and some minor PgpDecryptVerify changes

This commit is contained in:
Vincent Breitmoser 2015-05-28 02:27:44 +02:00
parent 426d17bd0a
commit a8e95f676e
13 changed files with 75 additions and 39 deletions

View File

@ -29,6 +29,7 @@ import org.robolectric.shadows.ShadowLog;
import org.spongycastle.bcpg.sig.KeyFlags;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.openpgp.PGPEncryptedData;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogType;
import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRingData;
@ -214,7 +215,7 @@ public class PgpEncryptDecryptTest {
String plaintext = "dies ist ein plaintext ☭" + TestingUtils.genPassphrase(true);
byte[] ciphertext;
{ // encrypt data with a given passphrase
{ // encrypt data with key
ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(plaintext.getBytes());
@ -334,7 +335,7 @@ public class PgpEncryptDecryptTest {
out.toByteArray().length, metadata.getOriginalSize());
}
{ // decryption with passphrase cached should succeed for the first key
{ // decryption should succeed if key is allowed
ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(ciphertext);
@ -350,12 +351,32 @@ public class PgpEncryptDecryptTest {
b.setAllowedKeyIds(allowed);
DecryptVerifyResult result = b.build().execute(new CryptoInputParcel());
Assert.assertTrue("decryption with cached passphrase must succeed for the first key", result.success());
Assert.assertTrue("decryption with cached passphrase must succeed for allowed key", result.success());
Assert.assertArrayEquals("decrypted ciphertext with cached passphrase should equal plaintext",
out.toByteArray(), plaintext.getBytes());
Assert.assertTrue("other key was skipped", result.getLog().containsType(LogType.MSG_DC_ASKIP_NOT_ALLOWED));
Assert.assertNull("signature should be empty", result.getSignatureResult());
}
{ // decryption should fail if no key is allowed
ByteArrayOutputStream out = new ByteArrayOutputStream();
ByteArrayInputStream in = new ByteArrayInputStream(ciphertext);
InputData data = new InputData(in, in.available());
// provide passphrase for the second, and check that the first is never asked for!
PgpDecryptVerify.Builder b = builderWithFakePassphraseCache(data, out,
mKeyPhrase2, mStaticRing2.getMasterKeyId(), null);
// no keys allowed!
b.setAllowedKeyIds(new HashSet<Long>());
DecryptVerifyResult result = b.build().execute(new CryptoInputParcel());
Assert.assertFalse("decryption must fail if no key allowed", result.success());
Assert.assertEquals("decryption must fail with key disllowed status",
DecryptVerifyResult.RESULT_KEY_DISALLOWED, result.getResult());
}
{ // decryption with passphrase cached should succeed for the other key if first is gone
// delete first key from database

View File

@ -27,12 +27,19 @@ import org.sufficientlysecure.keychain.util.Passphrase;
public class DecryptVerifyResult extends InputPendingResult {
public static final int RESULT_NO_DATA = RESULT_ERROR + 16;
public static final int RESULT_KEY_DISALLOWED = RESULT_ERROR + 32;
OpenPgpSignatureResult mSignatureResult;
OpenPgpMetadata mDecryptMetadata;
// This holds the charset which was specified in the ascii armor, if specified
// https://tools.ietf.org/html/rfc4880#page56
String mCharset;
public boolean isKeysDisallowed () {
return (mResult & RESULT_KEY_DISALLOWED) == RESULT_KEY_DISALLOWED;
}
public OpenPgpSignatureResult getSignatureResult() {
return mSignatureResult;
}
@ -57,10 +64,6 @@ public class DecryptVerifyResult extends InputPendingResult {
mCharset = charset;
}
public boolean isPending() {
return (mResult & RESULT_PENDING) == RESULT_PENDING;
}
public DecryptVerifyResult(int result, OperationLog log) {
super(result, log);
}

View File

@ -598,7 +598,7 @@ public abstract class OperationResult implements Parcelable {
MSG_DC_ERROR_EXTRACT_KEY (LogLevel.ERROR, R.string.msg_dc_error_extract_key),
MSG_DC_ERROR_INTEGRITY_CHECK (LogLevel.ERROR, R.string.msg_dc_error_integrity_check),
MSG_DC_ERROR_INTEGRITY_MISSING (LogLevel.ERROR, R.string.msg_dc_error_integrity_missing),
MSG_DC_ERROR_INVALID_SIGLIST(LogLevel.ERROR, R.string.msg_dc_error_invalid_siglist),
MSG_DC_ERROR_INVALID_DATA (LogLevel.ERROR, R.string.msg_dc_error_invalid_data),
MSG_DC_ERROR_IO (LogLevel.ERROR, R.string.msg_dc_error_io),
MSG_DC_ERROR_NO_DATA (LogLevel.ERROR, R.string.msg_dc_error_no_data),
MSG_DC_ERROR_NO_KEY (LogLevel.ERROR, R.string.msg_dc_error_no_key),

View File

@ -384,7 +384,7 @@ public class PgpDecryptVerify extends BaseOperation {
}
if (enc == null) {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, indent);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@ -419,6 +419,7 @@ public class PgpDecryptVerify extends BaseOperation {
}
Passphrase passphrase = null;
boolean skippedDisallowedKey = false;
// go through all objects and find one we can decrypt
while (it.hasNext()) {
@ -451,13 +452,6 @@ public class PgpDecryptVerify extends BaseOperation {
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
// get subkey which has been used for this encryption packet
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
if (secretEncryptionKey == null) {
// should actually never happen, so no need to be more specific.
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
// allow only specific keys for decryption?
if (mAllowedKeyIds != null) {
@ -469,11 +463,20 @@ public class PgpDecryptVerify extends BaseOperation {
if (!mAllowedKeyIds.contains(masterKeyId)) {
// this key is in our db, but NOT allowed!
// continue with the next packet in the while loop
skippedDisallowedKey = true;
log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent + 1);
continue;
}
}
// get subkey which has been used for this encryption packet
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
if (secretEncryptionKey == null) {
// should actually never happen, so no need to be more specific.
log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
continue;
}
/* secret key exists in database and is allowed! */
asymmetricPacketFound = true;
@ -604,10 +607,18 @@ public class PgpDecryptVerify extends BaseOperation {
}
encryptedData = encryptedDataAsymmetric;
} else {
// If we didn't find any useful data, error out
// there wasn't even any useful data
if (!anyPacketFound) {
log.add(LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_NO_DATA, log);
}
// there was data but key wasn't allowed
if (skippedDisallowedKey) {
log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_KEY_DISALLOWED, log);
}
// no packet has been found where we have the corresponding secret key in our db
log.add(
anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@ -910,7 +921,7 @@ public class PgpDecryptVerify extends BaseOperation {
PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
if (sigList == null) {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}
@ -993,7 +1004,7 @@ public class PgpDecryptVerify extends BaseOperation {
} else if (o instanceof PGPSignatureList) {
sigList = (PGPSignatureList) o;
} else {
log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
}

View File

@ -34,7 +34,6 @@ import org.openintents.openpgp.util.OpenPgpApi;
import org.spongycastle.bcpg.CompressionAlgorithmTags;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult;
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
import org.sufficientlysecure.keychain.pgp.PgpConstants;
@ -602,9 +601,8 @@ public class OpenPgpService extends RemoteService {
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
return result;
} else {
LogEntryParcel errorMsg = pgpResult.getLog().getLast();
if (errorMsg.mType == OperationResult.LogType.MSG_DC_ERROR_NO_KEY) {
//
if (pgpResult.isKeysDisallowed()) {
// allow user to select allowed keys
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_INTENT, getSelectAllowedKeysIntent(data));
@ -612,14 +610,17 @@ public class OpenPgpService extends RemoteService {
return result;
}
throw new Exception(getString(errorMsg.mType.getMsgId()));
String errorMsg = getString(pgpResult.getLog().getLast().mType.getMsgId());
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, errorMsg));
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
return result;
}
} catch (Exception e) {
Log.d(Constants.TAG, "decryptAndVerifyImpl", e);
} catch (IOException e) {
Log.e(Constants.TAG, "decryptAndVerifyImpl", e);
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_ERROR,
new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
return result;
} finally {

View File

@ -930,7 +930,7 @@
<string name="msg_dc_error_extract_key">Unbekannter Fehler bei Schlüsselentsperrung!</string>
<string name="msg_dc_error_integrity_check">Integritätsprüfungsfehler!</string>
<string name="msg_dc_error_integrity_missing">Fehlende Integritätsprüfung Dies kann passieren, wenn die Verschlüsselungsanwendung veraltet ist oder durch einen Downgrade-Angriff.</string>
<string name="msg_dc_error_invalid_siglist">Keine gültigen Signaturdaten gefunden!</string>
<string name="msg_dc_error_invalid_data">Keine gültigen Signaturdaten gefunden!</string>
<string name="msg_dc_error_io">Ein-/Ausgabefehler während Vorgang aufgetreten!</string>
<string name="msg_dc_error_no_data">Keine verschlüsselten Daten in Datenstrom gefunden!</string>
<string name="msg_dc_error_no_key">Keine verschlüsselten Daten mit bekanntem geheimen Schlüssel in Datenstrom gefunden!</string>

View File

@ -929,7 +929,7 @@
<string name="msg_dc_error_extract_key">¡Error desconocido al desbloquear clave!</string>
<string name="msg_dc_error_integrity_check">¡Error de comprobación de integridad!</string>
<string name="msg_dc_error_integrity_missing">¡Verificación de integridad ausente! Esto puede ocurrir porque la aplicación de cifrado no está actualizada, o debido a un ataque desactualización.</string>
<string name="msg_dc_error_invalid_siglist">¡No se encontraron datos de firma válidos!</string>
<string name="msg_dc_error_invalid_data">¡No se encontraron datos de firma válidos!</string>
<string name="msg_dc_error_io">¡Se encontró Excepción de E/S durante la operación!</string>
<string name="msg_dc_error_no_data">¡No se encontraron datos cifrados en el flujo de datos (`stream`)!</string>
<string name="msg_dc_error_no_key">¡No se encontraron datos cifrados con clave secreta (privada) conocida en el flujo de datos (`stream`)!</string>

View File

@ -929,7 +929,7 @@
<string name="msg_dc_error_extract_key">Erreur inconnue de déverrouillage de la clef !</string>
<string name="msg_dc_error_integrity_check">Erreur de vérification de l\'intégrité !</string>
<string name="msg_dc_error_integrity_missing">Vérification de l\'intégrité absente ! Ceci peut arriver car l\'application n\'est pas à jour, ou à cause d\'une attaque par mise à niveau inférieur.</string>
<string name="msg_dc_error_invalid_siglist">Aucune donnée de signature valide trouvée !</string>
<string name="msg_dc_error_invalid_data">Aucune donnée de signature valide trouvée !</string>
<string name="msg_dc_error_io">Une exception E/S a été rencontrée durant l\'opération !</string>
<string name="msg_dc_error_no_data">Aucune donnée chiffrée n\'a été trouvée dans le flux !</string>
<string name="msg_dc_error_no_key">Aucune donnée chiffrée avec une clef secrète connue n\'a été trouvée dans le flux !</string>

View File

@ -914,7 +914,7 @@
<string name="msg_dc_error_extract_key">鍵のロック解除で不明なエラー!</string>
<string name="msg_dc_error_integrity_check">完全性チェックエラー!</string>
<string name="msg_dc_error_integrity_missing">完全聖チェックの欠落!これは暗号化アプリケーションが期限切れになった場合、もしくは暗号強度低下攻撃がある場合に発生します。</string>
<string name="msg_dc_error_invalid_siglist">正常な署名データが見付からなかった!</string>
<string name="msg_dc_error_invalid_data">正常な署名データが見付からなかった!</string>
<string name="msg_dc_error_io">操作中にIO例外に当たりました!</string>
<string name="msg_dc_error_no_data">ストリーム中に暗号化されたデータが見付からなかった!</string>
<string name="msg_dc_error_no_key">ストリーム中に既知の秘密鍵で暗号化されたデータが見付からなかった!</string>

View File

@ -929,7 +929,7 @@
<string name="msg_dc_error_extract_key">Onbekende fout bij ontgrendelen van sleutel!</string>
<string name="msg_dc_error_integrity_check">Fout bij integriteitscontrole!</string>
<string name="msg_dc_error_integrity_missing">Integriteitscheck ontbreekt! Dit kan gebeuren omdat de versleutelingsapplicatie verouderd is, of door een downgrade-aanval.</string>
<string name="msg_dc_error_invalid_siglist">Geen geldige ondertekeningsgegevens gevonden!</string>
<string name="msg_dc_error_invalid_data">Geen geldige ondertekeningsgegevens gevonden!</string>
<string name="msg_dc_error_io">I/O-uitzondering tegengekomen tijdens bewerking!</string>
<string name="msg_dc_error_no_data">Geen versleutelde gegevens gevonden!</string>
<string name="msg_dc_error_no_key">Geen versleutelde gegevens met bekende geheime sleutel gevonden!</string>

View File

@ -916,7 +916,7 @@
<string name="msg_dc_error_extract_key">Непозната грешка откључавања кључа!</string>
<string name="msg_dc_error_integrity_check">Грешка провере интегритета!</string>
<string name="msg_dc_error_integrity_missing">Недостаје провера интегритета! Ово може да се деси ако је апликација за шифровање застарела, или услед напада старијег издања.</string>
<string name="msg_dc_error_invalid_siglist">Нису нађени исправни подаци потписа!</string>
<string name="msg_dc_error_invalid_data">Нису нађени исправни подаци потписа!</string>
<string name="msg_dc_error_io">Наиђох на У/И изузетак током радње!</string>
<string name="msg_dc_error_no_data">Шифровани подаци нису нађени у току!</string>
<string name="msg_dc_error_no_key">Подаци шифровани познатим тајним кључем нису нађени у току!</string>

View File

@ -511,7 +511,7 @@
<!--Other messages used in OperationLogs-->
<string name="msg_ek_error_not_found">找不到金鑰!</string>
<!--Messages for DecryptVerify operation-->
<string name="msg_dc_error_invalid_siglist">找不到有效的簽名資訊!</string>
<string name="msg_dc_error_invalid_data">找不到有效的簽名資訊!</string>
<string name="msg_dc">開始解密…</string>
<!--Messages for VerifySignedLiteralData operation-->
<!--Messages for SignEncrypt operation-->

View File

@ -1039,7 +1039,7 @@
<string name="msg_dc_error_extract_key">"Unknown error unlocking key!"</string>
<string name="msg_dc_error_integrity_check">"Integrity check error!"</string>
<string name="msg_dc_error_integrity_missing">"Missing integrity check! This can happen because the encrypting application is out of date, or from a downgrade attack."</string>
<string name="msg_dc_error_invalid_siglist">"No valid signature data found!"</string>
<string name="msg_dc_error_invalid_data">"No valid OpenPGP encrypted or signed data found!"</string>
<string name="msg_dc_error_io">"Encountered IO Exception during operation!"</string>
<string name="msg_dc_error_no_data">"No encrypted data found in stream!"</string>
<string name="msg_dc_error_no_key">"No encrypted data with known secret key found in stream!"</string>