moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2025-02-21 05:11:45 -05:00
Code Issues Releases Wiki Activity

Support for multiple hash algos

Browse Source
This commit is contained in:
Dominik Schürmann 2014-08-14 14:50:13 +02:00
parent 6da17ef6bb
commit ad69e47cec
4 changed files with 29 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
View File

@ -49,16 +49,16 @@ import java.util.Date;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
/** Wrapper for a PGPSecretKey. /**
* * Wrapper for a PGPSecretKey.
* <p/>
* This object can only be obtained from a WrappedSecretKeyRing, and stores a * This object can only be obtained from a WrappedSecretKeyRing, and stores a
* back reference to its parent. * back reference to its parent.
* * <p/>
* This class represents known secret keys which are stored in the database. * This class represents known secret keys which are stored in the database.
* All "crypto operations using a known secret key" should be implemented in * All "crypto operations using a known secret key" should be implemented in
* this class, to ensure on type level that these operations are performed on * this class, to ensure on type level that these operations are performed on
* properly imported secret keys only. * properly imported secret keys only.
*
*/ */
public class CanonicalizedSecretKey extends CanonicalizedPublicKey { public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
@ -105,13 +105,23 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
return true; return true;
} }
// TODO: just a hack currently /**
* Returns a list of all supported hash algorithms. This list is currently hardcoded to return
* a limited set of algorithms supported by Yubikeys.
*
* @return
*/
public LinkedList<Integer> getSupportedHashAlgorithms() { public LinkedList<Integer> getSupportedHashAlgorithms() {
LinkedList<Integer> supported = new LinkedList<Integer>(); LinkedList<Integer> supported = new LinkedList<Integer>();
if (mPrivateKeyState == PRIVATE_KEY_STATE_DIVERT_TO_CARD) { if (mPrivateKeyState == PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
// TODO: only works with SHA256 ?! // TODO: no support for MD5
supported.add(HashAlgorithmTags.RIPEMD160);
supported.add(HashAlgorithmTags.SHA1);
supported.add(HashAlgorithmTags.SHA224);
supported.add(HashAlgorithmTags.SHA256); supported.add(HashAlgorithmTags.SHA256);
supported.add(HashAlgorithmTags.SHA384);
supported.add(HashAlgorithmTags.SHA512); // preferred is latest
} else { } else {
supported.add(HashAlgorithmTags.MD5); supported.add(HashAlgorithmTags.MD5);
supported.add(HashAlgorithmTags.RIPEMD160); supported.add(HashAlgorithmTags.RIPEMD160);

6
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
View File

@ -261,10 +261,12 @@ public class PgpSignEncrypt {
public static class NeedNfcDataException extends Exception { public static class NeedNfcDataException extends Exception {
public byte[] mHashToSign; public byte[] mHashToSign;
public int mHashAlgo;
public Date mCreationTimestamp; public Date mCreationTimestamp;
public NeedNfcDataException(byte[] hashToSign, Date creationTimestamp) { public NeedNfcDataException(byte[] hashToSign, int hashAlgo, Date creationTimestamp) {
mHashToSign = hashToSign; mHashToSign = hashToSign;
mHashAlgo = hashAlgo;
mCreationTimestamp = creationTimestamp; mCreationTimestamp = creationTimestamp;
} }
} }
@ -521,7 +523,7 @@ public class PgpSignEncrypt {
signatureGenerator.generate().encode(pOut); signatureGenerator.generate().encode(pOut);
} catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) { } catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
// this secret key diverts to a OpenPGP card, throw exception with hash that will be signed // this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp); throw new NeedNfcDataException(e.hashToSign, e.hashAlgo, e.creationTimestamp);
} }
} }

5
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@ -138,11 +138,12 @@ public class OpenPgpService extends RemoteService {
return result; return result;
} }
private Intent getNfcIntent(Intent data, byte[] hashToSign) { private Intent getNfcIntent(Intent data, byte[] hashToSign, int hashAlgo) {
// build PendingIntent for Yubikey NFC operations // build PendingIntent for Yubikey NFC operations
Intent intent = new Intent(getBaseContext(), NfcActivity.class); Intent intent = new Intent(getBaseContext(), NfcActivity.class);
intent.setAction(NfcActivity.ACTION_SIGN_HASH); intent.setAction(NfcActivity.ACTION_SIGN_HASH);
intent.putExtra(NfcActivity.EXTRA_NFC_HASH_TO_SIGN, hashToSign); intent.putExtra(NfcActivity.EXTRA_NFC_HASH_TO_SIGN, hashToSign);
intent.putExtra(NfcActivity.EXTRA_NFC_HASH_ALGO, hashAlgo);
intent.addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP | Intent.FLAG_ACTIVITY_CLEAR_TOP); intent.addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP | Intent.FLAG_ACTIVITY_CLEAR_TOP);
// pass params through to activity that it can be returned again later to repeat pgp operation // pass params through to activity that it can be returned again later to repeat pgp operation
intent.putExtra(NfcActivity.EXTRA_DATA, data); intent.putExtra(NfcActivity.EXTRA_DATA, data);
@ -239,7 +240,7 @@ public class OpenPgpService extends RemoteService {
// pass through the signature creation timestamp to be used again on second execution // pass through the signature creation timestamp to be used again on second execution
// of PgpSignEncrypt when we have the signed hash! // of PgpSignEncrypt when we have the signed hash!
data.putExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, e.mCreationTimestamp.getTime()); data.putExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, e.mCreationTimestamp.getTime());
return getNfcIntent(data, e.mHashToSign); return getNfcIntent(data, e.mHashToSign, e.mHashAlgo);
} }
} finally { } finally {
is.close(); is.close();

2
extern/openpgp-card-nfc-lib vendored

@ -1 +1 @@
Subproject commit 1531e38c30a9c3e072e302c1931fef2999fe08de Subproject commit 1a0579e06691a62b54137382bca0e381eab2df91