Use static linked lists instead of arrays

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java

@@ -180,15 +180,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
      * Returns a list of all supported hash algorithms.
      */
     public LinkedList<Integer> getSupportedHashAlgorithms() {
-        LinkedList<Integer> supported = new LinkedList<>();
-
         // TODO: intersection between preferred hash algos of this key and PgpConstants.PREFERRED_HASH_ALGORITHMS
         // choose best algo
-        for (int currentInt : PgpConstants.PREFERRED_HASH_ALGORITHMS) {
-            supported.add(currentInt);
-        }
 
-        return supported;
+        return PgpConstants.sPreferredHashAlgorithms;
     }
 
     private PGPContentSignerBuilder getContentSignerBuilder(int hashAlgo, byte[] nfcSignedHash,

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpConstants.java

@@ -4,6 +4,8 @@ import org.spongycastle.bcpg.CompressionAlgorithmTags;
 import org.spongycastle.bcpg.HashAlgorithmTags;
 import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
 
+import java.util.LinkedList;
+
 public class PgpConstants {
 
     public static interface OpenKeychainSymmetricKeyAlgorithmTags extends SymmetricKeyAlgorithmTags {
@@ -18,27 +20,45 @@ public class PgpConstants {
         public static final int USE_PREFERRED = -1;
     }
 
-    // most preferred is first
+    /*
-    public static final int[] PREFERRED_SYMMETRIC_ALGORITHMS = new int[]{
+     * Most preferred is first
-            SymmetricKeyAlgorithmTags.AES_256,
+     * These arrays are written as preferred algorithms into the keys on creation.
-            SymmetricKeyAlgorithmTags.AES_192,
+     * Other implementations may choose to honor this selection.
-            SymmetricKeyAlgorithmTags.AES_128,
+     *
-            SymmetricKeyAlgorithmTags.TWOFISH
+     * These lists also define the only algorithms which are used in OpenKeychain.
-    };
+     * We do not support algorithms such as MD5
+     */
 
-    public static final int[] PREFERRED_HASH_ALGORITHMS = new int[]{
+    public static LinkedList<Integer> sPreferredSymmetricAlgorithms = new LinkedList<>();
-            HashAlgorithmTags.SHA256,
+    public static LinkedList<Integer> sPreferredHashAlgorithms = new LinkedList<>();
-            HashAlgorithmTags.SHA512,
+    public static LinkedList<Integer> sPreferredCompressionAlgorithms = new LinkedList<>();
-            HashAlgorithmTags.SHA384,
-            HashAlgorithmTags.SHA224,
-            HashAlgorithmTags.RIPEMD160
-    };
 
-    public static final int[] PREFERRED_COMPRESSION_ALGORITHMS = new int[]{
+    static {
-            CompressionAlgorithmTags.ZLIB,
+        sPreferredSymmetricAlgorithms.add(SymmetricKeyAlgorithmTags.AES_256);
-            CompressionAlgorithmTags.BZIP2,
+        sPreferredSymmetricAlgorithms.add(SymmetricKeyAlgorithmTags.AES_192);
-            CompressionAlgorithmTags.ZIP
+        sPreferredSymmetricAlgorithms.add(SymmetricKeyAlgorithmTags.AES_128);
-    };
+        sPreferredSymmetricAlgorithms.add(SymmetricKeyAlgorithmTags.TWOFISH);
+
+        // NOTE: some implementations do not support SHA512, thus we choose SHA256 as default (Mailvelope?)
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.SHA256);
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.SHA512);
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.SHA384);
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.SHA224);
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.SHA1);
+        sPreferredHashAlgorithms.add(HashAlgorithmTags.RIPEMD160);
+
+        sPreferredCompressionAlgorithms.add(CompressionAlgorithmTags.ZLIB);
+        sPreferredCompressionAlgorithms.add(CompressionAlgorithmTags.BZIP2);
+        sPreferredCompressionAlgorithms.add(CompressionAlgorithmTags.ZIP);
+    }
+
+    public static int[] getAsArray(LinkedList<Integer> list) {
+        int[] array = new int[list.size()];
+        for (int i = 0; i < list.size(); i++) {
+            array[i] = list.get(i); // Watch out for NullPointerExceptions!
+        }
+        return array;
+    }
 
     /*
      * Note: s2kcount is a number between 0 and 0xff that controls the
@@ -55,15 +75,15 @@ public class PgpConstants {
      * from http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html
      *
      * Bouncy Castle default: 0x60
-     * kbsriram proposes 0xc0
+     * kbsriram proposes: 0xc0
-     * we use 0x90, a good trade-off between usability and security against offline attacks
+     * OpenKeychain: 0x90
      */
     public static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x90;
     public static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
     public static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
     public static final int SECRET_KEY_SIGNATURE_HASH_ALGO = HashAlgorithmTags.SHA256;
-    // NOTE: only SHA1 is supported for key checksum calculations.
+    // NOTE: only SHA1 is supported for key checksum calculations in OpenPGP,
+    // see http://tools.ietf.org/html/rfc488 0#section-5.5.3
     public static final int SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO = HashAlgorithmTags.SHA1;
 
-
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java

@@ -1213,9 +1213,12 @@ public class PgpKeyOperation {
              * error than be ignored.
              */
             /* non-critical subpackets: */
-            hashedPacketsGen.setPreferredSymmetricAlgorithms(false, PgpConstants.PREFERRED_SYMMETRIC_ALGORITHMS);
+            hashedPacketsGen.setPreferredSymmetricAlgorithms(false,
-            hashedPacketsGen.setPreferredHashAlgorithms(false, PgpConstants.PREFERRED_HASH_ALGORITHMS);
+                    PgpConstants.getAsArray(PgpConstants.sPreferredSymmetricAlgorithms));
-            hashedPacketsGen.setPreferredCompressionAlgorithms(false, PgpConstants.PREFERRED_COMPRESSION_ALGORITHMS);
+            hashedPacketsGen.setPreferredHashAlgorithms(false,
+                    PgpConstants.getAsArray(PgpConstants.sPreferredHashAlgorithms));
+            hashedPacketsGen.setPreferredCompressionAlgorithms(false,
+                    PgpConstants.getAsArray(PgpConstants.sPreferredCompressionAlgorithms));
             hashedPacketsGen.setPrimaryUserID(false, primary);
 
             /* critical subpackets: we consider those important for a modern pgp implementation */

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java

@@ -227,7 +227,7 @@ public class PgpSignEncryptOperation extends BaseOperation {
             if (algo == PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED) {
                 // get most preferred
                 // TODO: get from recipients
-                algo = PgpConstants.PREFERRED_SYMMETRIC_ALGORITHMS[0];
+                algo = PgpConstants.sPreferredSymmetricAlgorithms.getFirst();
             }
             // has Integrity packet enabled!
             JcePGPDataEncryptorBuilder encryptorBuilder =

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesActivity.java

@@ -205,7 +205,7 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
         data.addOutputUris(mOutputUris);
 
         if (mUseCompression) {
-            data.setCompressionId(CompressionAlgorithmTags.ZLIB);
+            data.setCompressionId(PgpConstants.sPreferredCompressionAlgorithms.getFirst());
         } else {
             data.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED);
         }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptTextActivity.java

@@ -198,7 +198,7 @@ public class EncryptTextActivity extends EncryptActivity implements EncryptActiv
         data.setCleartextSignature(true);
 
         if (mUseCompression) {
-            data.setCompressionId(CompressionAlgorithmTags.ZLIB);
+            data.setCompressionId(PgpConstants.sPreferredCompressionAlgorithms.getFirst());
         } else {
             data.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED);
         }