moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2025-02-07 10:30:14 -05:00
Code Issues Releases Wiki Activity

rename Wrapped*Key* to Canonicalized*Key*

Browse Source
This commit is contained in:
Vincent Breitmoser 2014-07-31 17:08:33 +02:00
parent 9475285013
commit b156a057e8
25 changed files with 213 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/KeyringTestingHelper.java
View File

@ -21,7 +21,6 @@ import android.content.Context;
import org.spongycastle.util.Arrays;
import org.sufficientlysecure.keychain.pgp.NullProgressable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.service.OperationResults;
@ -62,7 +61,7 @@ public class KeyringTestingHelper {
boolean saveSuccess = saveKeyringResult.success();
// Now re-retrieve the saved key. Should not throw an exception.
providerHelper.getWrappedPublicKeyRing(masterKeyId);
providerHelper.getCanonicalizedPublicKeyRing(masterKeyId);
// A different ID should still fail
retrieveKeyAndExpectNotFound(providerHelper, masterKeyId - 1);
@ -345,7 +344,7 @@ public class KeyringTestingHelper {
private void retrieveKeyAndExpectNotFound(ProviderHelper providerHelper, long masterKeyId) {
try {
providerHelper.getWrappedPublicKeyRing(masterKeyId);
providerHelper.getCanonicalizedPublicKeyRing(masterKeyId);
throw new AssertionError("Was expecting the previous call to fail!");
} catch (ProviderHelper.NotFoundException expectedException) {
// good

2
OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/support/ProviderHelperStub.java
View File

@ -32,7 +32,7 @@ class ProviderHelperStub extends ProviderHelper {
}
@Override
public WrappedPublicKeyRing getWrappedPublicKeyRing(Uri id) throws NotFoundException {
public WrappedPublicKeyRing getCanonicalizedPublicKeyRing(Uri id) throws NotFoundException {
byte[] data = TestDataUtil.readFully(getClass().getResourceAsStream("/public-key-for-sample.blob"));
return new WrappedPublicKeyRing(data, false, 0);
}

30
OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/PgpKeyOperationTest.java
View File

@ -19,10 +19,10 @@ import org.spongycastle.bcpg.sig.KeyFlags;
import org.spongycastle.openpgp.PGPSignature;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.Constants.choice.algorithm;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSignature;
import org.sufficientlysecure.keychain.service.OperationResultParcel;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
@ -250,7 +250,7 @@ public class PgpKeyOperationTest {
parcel.mMasterKeyId = ring.getMasterKeyId() -1;
parcel.mFingerprint = ring.getFingerprint();
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -263,7 +263,7 @@ public class PgpKeyOperationTest {
parcel.mMasterKeyId = null;
parcel.mFingerprint = ring.getFingerprint();
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -277,7 +277,7 @@ public class PgpKeyOperationTest {
// some byte, off by one
parcel.mFingerprint[5] += 1;
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -289,7 +289,7 @@ public class PgpKeyOperationTest {
parcel.mMasterKeyId = ring.getMasterKeyId();
parcel.mFingerprint = null;
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -297,7 +297,7 @@ public class PgpKeyOperationTest {
}
{
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, "bad passphrase", log, 0);
@ -355,7 +355,7 @@ public class PgpKeyOperationTest {
parcel.mAddSubKeys.add(new SubkeyAdd(
algorithm.rsa, new Random().nextInt(512), KeyFlags.SIGN_DATA, null));
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -367,7 +367,7 @@ public class PgpKeyOperationTest {
parcel.mAddSubKeys.add(new SubkeyAdd(algorithm.rsa, 1024, KeyFlags.SIGN_DATA,
new Date().getTime()/1000-10));
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -436,7 +436,7 @@ public class PgpKeyOperationTest {
parcel.reset();
parcel.mChangeSubKeys.add(new SubkeyChange(keyId, null, new Date().getTime()/1000-10));
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -447,7 +447,7 @@ public class PgpKeyOperationTest {
parcel.reset();
parcel.mChangeSubKeys.add(new SubkeyChange(123, null, null));
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -469,7 +469,7 @@ public class PgpKeyOperationTest {
parcel.reset();
parcel.mRevokeSubKeys.add(123L);
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -572,7 +572,7 @@ public class PgpKeyOperationTest {
parcel.reset();
parcel.mChangePrimaryUserId = uid;
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(modified.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(modified.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing otherModified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -621,7 +621,7 @@ public class PgpKeyOperationTest {
{
parcel.mAddUserIds.add("");
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
UncachedKeyRing modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
Assert.assertNull("adding an empty user id should fail", modified);
@ -692,7 +692,7 @@ public class PgpKeyOperationTest {
parcel.mChangePrimaryUserId += "A";
}
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();
modified = op.modifySecretKeyRing(secretRing, parcel, passphrase, log, 0);
@ -721,7 +721,7 @@ public class PgpKeyOperationTest {
try {
Assert.assertTrue("modified keyring must be secret", ring.isSecret());
WrappedSecretKeyRing secretRing = new WrappedSecretKeyRing(ring.getEncoded(), false, 0);
CanonicalizedSecretKeyRing secretRing = new CanonicalizedSecretKeyRing(ring.getEncoded(), false, 0);
PgpKeyOperation op = new PgpKeyOperation(null);
OperationResultParcel.OperationLog log = new OperationResultParcel.OperationLog();

10
OpenKeychain-Test/src/test/java/org/sufficientlysecure/keychain/tests/UncachedKeyringMergeTest.java
View File

@ -7,17 +7,14 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.robolectric.RobolectricTestRunner;
import org.robolectric.shadows.ShadowLog;
import org.spongycastle.bcpg.BCPGInputStream;
import org.spongycastle.bcpg.Packet;
import org.spongycastle.bcpg.PacketTags;
import org.spongycastle.bcpg.PublicKeyPacket;
import org.spongycastle.bcpg.sig.KeyFlags;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.service.OperationResultParcel;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
@ -25,9 +22,6 @@ import org.sufficientlysecure.keychain.support.KeyringTestingHelper;
import org.sufficientlysecure.keychain.support.KeyringTestingHelper.RawPacket;
import org.sufficientlysecure.keychain.util.ProgressScaler;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.util.ArrayList;
import java.util.Iterator;
@ -261,7 +255,7 @@ public class UncachedKeyringMergeTest {
WrappedPublicKeyRing publicRing = new WrappedPublicKeyRing(
pubRing.getEncoded(), false, 0);
WrappedSecretKey secretKey = new WrappedSecretKeyRing(
CanonicalizedSecretKey secretKey = new WrappedSecretKeyRing(
ringB.getEncoded(), false, 0).getSecretKey();
secretKey.unlock("");
// sign all user ids

24
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedKeyRing.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedKeyRing.java
View File

@ -16,13 +16,11 @@ import java.io.OutputStream;
* getter method.
*
*/
public abstract class WrappedKeyRing extends KeyRing {
public abstract class CanonicalizedKeyRing extends KeyRing {
private final boolean mHasAnySecret;
private final int mVerified;
WrappedKeyRing(boolean hasAnySecret, int verified) {
mHasAnySecret = hasAnySecret;
CanonicalizedKeyRing(int verified) {
mVerified = verified;
}
@ -30,10 +28,6 @@ public abstract class WrappedKeyRing extends KeyRing {
return getRing().getPublicKey().getKeyID();
}
public boolean hasAnySecret() {
return mHasAnySecret;
}
public int getVerified() {
return mVerified;
}
@ -56,7 +50,7 @@ public abstract class WrappedKeyRing extends KeyRing {
}
public long getEncryptId() throws PgpGeneralException {
for(WrappedPublicKey key : publicKeyIterator()) {
for(CanonicalizedPublicKey key : publicKeyIterator()) {
if(key.canEncrypt()) {
return key.getKeyId();
}
@ -74,7 +68,7 @@ public abstract class WrappedKeyRing extends KeyRing {
}
public long getSignId() throws PgpGeneralException {
for(WrappedPublicKey key : publicKeyIterator()) {
for(CanonicalizedPublicKey key : publicKeyIterator()) {
if(key.canSign()) {
return key.getKeyId();
}
@ -103,14 +97,14 @@ public abstract class WrappedKeyRing extends KeyRing {
abstract PGPKeyRing getRing();
abstract public IterableIterator<WrappedPublicKey> publicKeyIterator();
abstract public IterableIterator<CanonicalizedPublicKey> publicKeyIterator();
public WrappedPublicKey getPublicKey() {
return new WrappedPublicKey(this, getRing().getPublicKey());
public CanonicalizedPublicKey getPublicKey() {
return new CanonicalizedPublicKey(this, getRing().getPublicKey());
}
public WrappedPublicKey getPublicKey(long id) {
return new WrappedPublicKey(this, getRing().getPublicKey(id));
public CanonicalizedPublicKey getPublicKey(long id) {
return new CanonicalizedPublicKey(this, getRing().getPublicKey(id));
}
public byte[] getEncoded() throws IOException {

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKey.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java
View File

@ -14,12 +14,12 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
* stored in the database.
*
*/
public class WrappedPublicKey extends UncachedPublicKey {
public class CanonicalizedPublicKey extends UncachedPublicKey {
// this is the parent key ring
final KeyRing mRing;
WrappedPublicKey(KeyRing ring, PGPPublicKey key) {
CanonicalizedPublicKey(KeyRing ring, PGPPublicKey key) {
super(key);
mRing = ring;
}

33
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedPublicKeyRing.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKeyRing.java
View File

@ -10,33 +10,36 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
import java.io.IOException;
import java.util.Iterator;
public class WrappedPublicKeyRing extends WrappedKeyRing {
public class CanonicalizedPublicKeyRing extends CanonicalizedKeyRing {
private PGPPublicKeyRing mRing;
private final byte[] mPubKey;
public WrappedPublicKeyRing(byte[] blob, boolean hasAnySecret, int verified) {
super(hasAnySecret, verified);
mPubKey = blob;
CanonicalizedPublicKeyRing(PGPPublicKeyRing ring, int verified) {
super(verified);
mRing = ring;
}
PGPPublicKeyRing getRing() {
public CanonicalizedPublicKeyRing(byte[] blob, int verified) {
super(verified);
if(mRing == null) {
// get first object in block
PGPObjectFactory factory = new PGPObjectFactory(mPubKey);
PGPObjectFactory factory = new PGPObjectFactory(blob);
try {
Object obj = factory.nextObject();
if (! (obj instanceof PGPPublicKeyRing)) {
throw new RuntimeException("Error constructing WrappedPublicKeyRing, should never happen!");
throw new RuntimeException("Error constructing CanonicalizedPublicKeyRing, should never happen!");
}
mRing = (PGPPublicKeyRing) obj;
if (factory.nextObject() != null) {
throw new RuntimeException("Encountered trailing data after keyring, should never happen!");
}
} catch (IOException e) {
throw new RuntimeException("IO Error constructing WrappedPublicKeyRing, should never happen!");
throw new RuntimeException("IO Error constructing CanonicalizedPublicKeyRing, should never happen!");
}
}
}
PGPPublicKeyRing getRing() {
return mRing;
}
@ -45,10 +48,10 @@ public class WrappedPublicKeyRing extends WrappedKeyRing {
}
/** Getter that returns the subkey that should be used for signing. */
WrappedPublicKey getEncryptionSubKey() throws PgpGeneralException {
CanonicalizedPublicKey getEncryptionSubKey() throws PgpGeneralException {
PGPPublicKey key = getRing().getPublicKey(getEncryptId());
if(key != null) {
WrappedPublicKey cKey = new WrappedPublicKey(this, key);
CanonicalizedPublicKey cKey = new CanonicalizedPublicKey(this, key);
if(!cKey.canEncrypt()) {
throw new PgpGeneralException("key error");
}
@ -57,18 +60,18 @@ public class WrappedPublicKeyRing extends WrappedKeyRing {
throw new PgpGeneralException("no encryption key available");
}
public IterableIterator<WrappedPublicKey> publicKeyIterator() {
public IterableIterator<CanonicalizedPublicKey> publicKeyIterator() {
@SuppressWarnings("unchecked")
final Iterator<PGPPublicKey> it = getRing().getPublicKeys();
return new IterableIterator<WrappedPublicKey>(new Iterator<WrappedPublicKey>() {
return new IterableIterator<CanonicalizedPublicKey>(new Iterator<CanonicalizedPublicKey>() {
@Override
public boolean hasNext() {
return it.hasNext();
}
@Override
public WrappedPublicKey next() {
return new WrappedPublicKey(WrappedPublicKeyRing.this, it.next());
public CanonicalizedPublicKey next() {
return new CanonicalizedPublicKey(CanonicalizedPublicKeyRing.this, it.next());
}
@Override

10
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
View File

@ -37,18 +37,18 @@ import java.util.List;
* properly imported secret keys only.
*
*/
public class WrappedSecretKey extends WrappedPublicKey {
public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
private final PGPSecretKey mSecretKey;
private PGPPrivateKey mPrivateKey = null;
WrappedSecretKey(WrappedSecretKeyRing ring, PGPSecretKey key) {
CanonicalizedSecretKey(CanonicalizedSecretKeyRing ring, PGPSecretKey key) {
super(ring, key.getPublicKey());
mSecretKey = key;
}
public WrappedSecretKeyRing getRing() {
return (WrappedSecretKeyRing) mRing;
public CanonicalizedSecretKeyRing getRing() {
return (CanonicalizedSecretKeyRing) mRing;
}
public boolean unlock(String passphrase) throws PgpGeneralException {
@ -140,7 +140,7 @@ public class WrappedSecretKey extends WrappedPublicKey {
* @param userIds User IDs to certify, must not be null or empty
* @return A keyring with added certifications
*/
public UncachedKeyRing certifyUserIds(WrappedPublicKeyRing publicKeyRing, List<String> userIds)
public UncachedKeyRing certifyUserIds(CanonicalizedPublicKeyRing publicKeyRing, List<String> userIds)
throws PgpGeneralMsgIdException, NoSuchAlgorithmException, NoSuchProviderException,
PGPException, SignatureException {

55
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKeyRing.java → OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKeyRing.java
View File

@ -1,10 +1,12 @@
package org.sufficientlysecure.keychain.pgp;
import org.spongycastle.bcpg.S2K;
import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPKeyRing;
import org.spongycastle.openpgp.PGPObjectFactory;
import org.spongycastle.openpgp.PGPPrivateKey;
import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPPublicKeyRing;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
@ -15,15 +17,21 @@ import org.sufficientlysecure.keychain.util.IterableIterator;
import org.sufficientlysecure.keychain.util.Log;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
public class WrappedSecretKeyRing extends WrappedKeyRing {
public class CanonicalizedSecretKeyRing extends CanonicalizedKeyRing {
private PGPSecretKeyRing mRing;
public WrappedSecretKeyRing(byte[] blob, boolean isRevoked, int verified)
CanonicalizedSecretKeyRing(PGPSecretKeyRing ring, int verified) {
super(verified);
mRing = ring;
}
public CanonicalizedSecretKeyRing(byte[] blob, boolean isRevoked, int verified)
{
super(isRevoked, verified);
super(verified);
PGPObjectFactory factory = new PGPObjectFactory(blob);
PGPKeyRing keyRing = null;
try {
@ -41,19 +49,32 @@ public class WrappedSecretKeyRing extends WrappedKeyRing {
return mRing;
}
public WrappedSecretKey getSecretKey() {
return new WrappedSecretKey(this, mRing.getSecretKey());
public CanonicalizedSecretKey getSecretKey() {
return new CanonicalizedSecretKey(this, mRing.getSecretKey());
}
public WrappedSecretKey getSecretKey(long id) {
return new WrappedSecretKey(this, mRing.getSecretKey(id));
public CanonicalizedSecretKey getSecretKey(long id) {
return new CanonicalizedSecretKey(this, mRing.getSecretKey(id));
}
public HashSet<Long> getAvailableSubkeys() {
HashSet<Long> result = new HashSet<Long>();
// then, mark exactly the keys we have available
for (PGPSecretKey sub : new IterableIterator<PGPSecretKey>(getRing().getSecretKeys())) {
S2K s2k = sub.getS2K();
// Set to 1, except if the encryption type is GNU_DUMMY_S2K
if(s2k == null || s2k.getType() != S2K.GNU_DUMMY_S2K) {
result.add(sub.getKeyID());
}
}
return result;
}
/** Getter that returns the subkey that should be used for signing. */
WrappedSecretKey getSigningSubKey() throws PgpGeneralException {
CanonicalizedSecretKey getSigningSubKey() throws PgpGeneralException {
PGPSecretKey key = mRing.getSecretKey(getSignId());
if(key != null) {
WrappedSecretKey cKey = new WrappedSecretKey(this, key);
CanonicalizedSecretKey cKey = new CanonicalizedSecretKey(this, key);
if(!cKey.canSign()) {
throw new PgpGeneralException("key error");
}
@ -88,17 +109,17 @@ public class WrappedSecretKeyRing extends WrappedKeyRing {
}
}
public IterableIterator<WrappedSecretKey> secretKeyIterator() {
public IterableIterator<CanonicalizedSecretKey> secretKeyIterator() {
final Iterator<PGPSecretKey> it = mRing.getSecretKeys();
return new IterableIterator<WrappedSecretKey>(new Iterator<WrappedSecretKey>() {
return new IterableIterator<CanonicalizedSecretKey>(new Iterator<CanonicalizedSecretKey>() {
@Override
public boolean hasNext() {
return it.hasNext();
}
@Override
public WrappedSecretKey next() {
return new WrappedSecretKey(WrappedSecretKeyRing.this, it.next());
public CanonicalizedSecretKey next() {
return new CanonicalizedSecretKey(CanonicalizedSecretKeyRing.this, it.next());
}
@Override
@ -108,17 +129,17 @@ public class WrappedSecretKeyRing extends WrappedKeyRing {
});
}
public IterableIterator<WrappedPublicKey> publicKeyIterator() {
public IterableIterator<CanonicalizedPublicKey> publicKeyIterator() {
final Iterator<PGPPublicKey> it = getRing().getPublicKeys();
return new IterableIterator<WrappedPublicKey>(new Iterator<WrappedPublicKey>() {
return new IterableIterator<CanonicalizedPublicKey>(new Iterator<CanonicalizedPublicKey>() {
@Override
public boolean hasNext() {
return it.hasNext();
}
@Override
public WrappedPublicKey next() {
return new WrappedPublicKey(WrappedSecretKeyRing.this, it.next());
public CanonicalizedPublicKey next() {
return new CanonicalizedPublicKey(CanonicalizedSecretKeyRing.this, it.next());
}
@Override

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/KeyRing.java
View File

@ -12,7 +12,7 @@ import java.util.regex.Pattern;
* keyring should in all cases agree on the output of all methods described
* here.
*
* @see org.sufficientlysecure.keychain.pgp.WrappedKeyRing
* @see CanonicalizedKeyRing
* @see org.sufficientlysecure.keychain.provider.CachedPublicKeyRing
*
*/

18
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
View File

@ -231,7 +231,7 @@ public class PgpDecryptVerify {
PGPPublicKeyEncryptedData encryptedDataAsymmetric = null;
PGPPBEEncryptedData encryptedDataSymmetric = null;
WrappedSecretKey secretEncryptionKey = null;
CanonicalizedSecretKey secretEncryptionKey = null;
Iterator<?> it = enc.getEncryptedDataObjects();
boolean asymmetricPacketFound = false;
boolean symmetricPacketFound = false;
@ -243,10 +243,10 @@ public class PgpDecryptVerify {
PGPPublicKeyEncryptedData encData = (PGPPublicKeyEncryptedData) obj;
WrappedSecretKeyRing secretKeyRing;
CanonicalizedSecretKeyRing secretKeyRing;
try {
// get actual keyring object based on master key id
secretKeyRing = mProviderHelper.getWrappedSecretKeyRing(
secretKeyRing = mProviderHelper.getCanonicalizedSecretKeyRing(
KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(encData.getKeyID())
);
} catch (ProviderHelper.NotFoundException e) {
@ -365,8 +365,8 @@ public class PgpDecryptVerify {
Object dataChunk = plainFact.nextObject();
OpenPgpSignatureResultBuilder signatureResultBuilder = new OpenPgpSignatureResultBuilder();
int signatureIndex = -1;
WrappedPublicKeyRing signingRing = null;
WrappedPublicKey signingKey = null;
CanonicalizedPublicKeyRing signingRing = null;
CanonicalizedPublicKey signingKey = null;
if (dataChunk instanceof PGPCompressedData) {
updateProgress(R.string.progress_decompressing_data, currentProgress, 100);
@ -390,7 +390,7 @@ public class PgpDecryptVerify {
for (int i = 0; i < sigList.size(); ++i) {
try {
long sigKeyId = sigList.get(i).getKeyID();
signingRing = mProviderHelper.getWrappedPublicKeyRing(
signingRing = mProviderHelper.getCanonicalizedPublicKeyRing(
KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(sigKeyId)
);
signingKey = signingRing.getPublicKey(sigKeyId);
@ -566,8 +566,8 @@ public class PgpDecryptVerify {
throw new InvalidDataException();
}
WrappedPublicKeyRing signingRing = null;
WrappedPublicKey signingKey = null;
CanonicalizedPublicKeyRing signingRing = null;
CanonicalizedPublicKey signingKey = null;
int signatureIndex = -1;
// go through all signatures
@ -575,7 +575,7 @@ public class PgpDecryptVerify {
for (int i = 0; i < sigList.size(); ++i) {
try {
long sigKeyId = sigList.get(i).getKeyID();
signingRing = mProviderHelper.getWrappedPublicKeyRing(
signingRing = mProviderHelper.getCanonicalizedPublicKeyRing(
KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(sigKeyId)
);
signingKey = signingRing.getPublicKey(sigKeyId);

8
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpImportExport.java
View File

@ -93,7 +93,7 @@ public class PgpImportExport {
}
}
public boolean uploadKeyRingToServer(HkpKeyserver server, WrappedPublicKeyRing keyring) {
public boolean uploadKeyRingToServer(HkpKeyserver server, CanonicalizedPublicKeyRing keyring) {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
ArmoredOutputStream aos = null;
try {
@ -235,7 +235,7 @@ public class PgpImportExport {
updateProgress(progress * 100 / masterKeyIdsSize, 100);
try {
WrappedPublicKeyRing ring = mProviderHelper.getWrappedPublicKeyRing(
CanonicalizedPublicKeyRing ring = mProviderHelper.getCanonicalizedPublicKeyRing(
KeychainContract.KeyRings.buildUnifiedKeyRingUri(pubKeyMasterId)
);
@ -263,8 +263,8 @@ public class PgpImportExport {
updateProgress(progress * 100 / masterKeyIdsSize, 100);
try {
WrappedSecretKeyRing secretKeyRing =
mProviderHelper.getWrappedSecretKeyRing(secretKeyMasterId);
CanonicalizedSecretKeyRing secretKeyRing =
mProviderHelper.getCanonicalizedSecretKeyRing(secretKeyMasterId);
secretKeyRing.encode(arOutStream);
} catch (ProviderHelper.NotFoundException e) {
Log.e(Constants.TAG, "key not found!", e);

3
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
View File

@ -46,7 +46,6 @@ import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralMsgIdException;
import org.sufficientlysecure.keychain.service.OperationResultParcel;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
@ -241,7 +240,7 @@ public class PgpKeyOperation {
* are changed by adding new certificates, which implicitly override older certificates.
*
*/
public EditKeyResult modifySecretKeyRing(WrappedSecretKeyRing wsKR, SaveKeyringParcel saveParcel,
public EditKeyResult modifySecretKeyRing(CanonicalizedSecretKeyRing wsKR, SaveKeyringParcel saveParcel,
String passphrase) {
OperationLog log = new OperationLog();

10
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
View File

@ -266,11 +266,11 @@ public class PgpSignEncrypt {
}
/* Get keys for signature generation for later usage */
WrappedSecretKey signingKey = null;
CanonicalizedSecretKey signingKey = null;
if (enableSignature) {
WrappedSecretKeyRing signingKeyRing;
CanonicalizedSecretKeyRing signingKeyRing;
try {
signingKeyRing = mProviderHelper.getWrappedSecretKeyRing(mSignatureMasterKeyId);
signingKeyRing = mProviderHelper.getCanonicalizedSecretKeyRing(mSignatureMasterKeyId);
} catch (ProviderHelper.NotFoundException e) {
throw new NoSigningKeyException();
}
@ -316,9 +316,9 @@ public class PgpSignEncrypt {
// Asymmetric encryption
for (long id : mEncryptionMasterKeyIds) {
try {
WrappedPublicKeyRing keyRing = mProviderHelper.getWrappedPublicKeyRing(
CanonicalizedPublicKeyRing keyRing = mProviderHelper.getCanonicalizedPublicKeyRing(
KeyRings.buildUnifiedKeyRingUri(id));
WrappedPublicKey key = keyRing.getEncryptionSubKey();
CanonicalizedPublicKey key = keyRing.getEncryptionSubKey();
cPk.addMethod(key.getPubKeyEncryptionGenerator());
} catch (PgpGeneralException e) {
Log.e(Constants.TAG, "key not found!", e);

38
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
View File

@ -49,7 +49,7 @@ import java.util.Vector;
* treated equally for most purposes in UI code. It is up to the programmer to
* take care of the differences.
*
* @see org.sufficientlysecure.keychain.pgp.WrappedKeyRing
* @see CanonicalizedKeyRing
* @see org.sufficientlysecure.keychain.pgp.UncachedPublicKey
* @see org.sufficientlysecure.keychain.pgp.UncachedSecretKey
*
@ -59,18 +59,10 @@ public class UncachedKeyRing {
final PGPKeyRing mRing;
final boolean mIsSecret;
final boolean mIsCanonicalized;
UncachedKeyRing(PGPKeyRing ring) {
mRing = ring;
mIsSecret = ring instanceof PGPSecretKeyRing;
mIsCanonicalized = false;
}
private UncachedKeyRing(PGPKeyRing ring, boolean canonicalized) {
mRing = ring;
mIsSecret = ring instanceof PGPSecretKeyRing;
mIsCanonicalized = canonicalized;
}
public long getMasterKeyId() {
@ -105,10 +97,6 @@ public class UncachedKeyRing {
return mIsSecret;
}
public boolean isCanonicalized() {
return mIsCanonicalized;
}
public byte[] getEncoded() throws IOException {
return mRing.getEncoded();
}
@ -164,25 +152,6 @@ public class UncachedKeyRing {
aos.close();
}
public HashSet<Long> getAvailableSubkeys() {
if(!isSecret()) {
throw new RuntimeException("Tried to find available subkeys from non-secret keys. " +
"This is a programming error and should never happen!");
}
HashSet<Long> result = new HashSet<Long>();
// then, mark exactly the keys we have available
for (PGPSecretKey sub : new IterableIterator<PGPSecretKey>(
((PGPSecretKeyRing) mRing).getSecretKeys())) {
S2K s2k = sub.getS2K();
// Set to 1, except if the encryption type is GNU_DUMMY_S2K
if(s2k == null || s2k.getType() != S2K.GNU_DUMMY_S2K) {
result.add(sub.getKeyID());
}
}
return result;
}
/** "Canonicalizes" a public key, removing inconsistencies in the process. This variant can be
* applied to public keyrings only.
*
@ -207,7 +176,7 @@ public class UncachedKeyRing {
*
*/
@SuppressWarnings("ConstantConditions")
public UncachedKeyRing canonicalize(OperationLog log, int indent) {
public CanonicalizedKeyRing canonicalize(OperationLog log, int indent) {
log.add(LogLevel.START, isSecret() ? LogType.MSG_KC_SECRET : LogType.MSG_KC_PUBLIC,
indent, PgpKeyHelper.convertKeyIdToHex(getMasterKeyId()));
@ -629,7 +598,8 @@ public class UncachedKeyRing {
log.add(LogLevel.OK, LogType.MSG_KC_SUCCESS, indent);
}
return new UncachedKeyRing(ring, true);
return isSecret() ? new CanonicalizedSecretKeyRing((PGPSecretKeyRing) ring, 1)
: new CanonicalizedPublicKeyRing((PGPPublicKeyRing) ring, 0);
}
/** This operation merges information from a different keyring, returning a combined

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSignature.java
View File

@ -113,7 +113,7 @@ public class WrappedSignature {
return ((RevocationReason) p).getRevocationDescription();
}
public void init(WrappedPublicKey key) throws PgpGeneralException {
public void init(CanonicalizedPublicKey key) throws PgpGeneralException {
init(key.getPublicKey());
}
@ -191,7 +191,7 @@ public class WrappedSignature {
public boolean verifySignature(UncachedPublicKey key, String uid) throws PgpGeneralException {
return verifySignature(key.getPublicKey(), uid);
}
public boolean verifySignature(WrappedPublicKey key, String uid) throws PgpGeneralException {
public boolean verifySignature(CanonicalizedPublicKey key, String uid) throws PgpGeneralException {
return verifySignature(key.getPublicKey(), uid);
}

131
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java
View File

@ -28,10 +28,12 @@ import android.os.RemoteException;
import android.support.v4.util.LongSparseArray;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.pgp.NullProgressable;
import org.sufficientlysecure.keychain.pgp.Progressable;
import org.sufficientlysecure.keychain.pgp.WrappedPublicKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKey;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogType;
import org.sufficientlysecure.keychain.service.OperationResultParcel.LogLevel;
import org.sufficientlysecure.keychain.service.OperationResultParcel.OperationLog;
@ -39,8 +41,6 @@ import org.sufficientlysecure.keychain.pgp.PgpHelper;
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSignature;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.KeychainContract.ApiApps;
@ -180,7 +180,7 @@ public class ProviderHelper {
return getGenericData(KeyRings.buildUnifiedKeyRingUri(masterKeyId), proj, types);
}
private LongSparseArray<WrappedPublicKey> getTrustedMasterKeys() {
private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() {
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] {
KeyRings.MASTER_KEY_ID,
// we pick from cache only information that is not easily available from keyrings
@ -190,16 +190,15 @@ public class ProviderHelper {
}, KeyRings.HAS_ANY_SECRET + " = 1", null, null);
try {
LongSparseArray<WrappedPublicKey> result = new LongSparseArray<WrappedPublicKey>();
LongSparseArray<CanonicalizedPublicKey> result = new LongSparseArray<CanonicalizedPublicKey>();
if (cursor != null && cursor.moveToFirst()) do {
long masterKeyId = cursor.getLong(0);
boolean hasAnySecret = cursor.getInt(1) > 0;
int verified = cursor.getInt(2);
byte[] blob = cursor.getBlob(3);
if (blob != null) {
result.put(masterKeyId,
new WrappedPublicKeyRing(blob, hasAnySecret, verified).getPublicKey());
new CanonicalizedPublicKeyRing(blob, verified).getPublicKey());
}
} while (cursor.moveToNext());
@ -217,23 +216,23 @@ public class ProviderHelper {
return new CachedPublicKeyRing(this, queryUri);
}
public WrappedPublicKeyRing getWrappedPublicKeyRing(long id) throws NotFoundException {
return (WrappedPublicKeyRing) getWrappedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), false);
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(long id) throws NotFoundException {
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), false);
}
public WrappedPublicKeyRing getWrappedPublicKeyRing(Uri queryUri) throws NotFoundException {
return (WrappedPublicKeyRing) getWrappedKeyRing(queryUri, false);
public CanonicalizedPublicKeyRing getCanonicalizedPublicKeyRing(Uri queryUri) throws NotFoundException {
return (CanonicalizedPublicKeyRing) getCanonicalizedKeyRing(queryUri, false);
}
public WrappedSecretKeyRing getWrappedSecretKeyRing(long id) throws NotFoundException {
return (WrappedSecretKeyRing) getWrappedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), true);
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(long id) throws NotFoundException {
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(KeyRings.buildUnifiedKeyRingUri(id), true);
}
public WrappedSecretKeyRing getWrappedSecretKeyRing(Uri queryUri) throws NotFoundException {
return (WrappedSecretKeyRing) getWrappedKeyRing(queryUri, true);
public CanonicalizedSecretKeyRing getCanonicalizedSecretKeyRing(Uri queryUri) throws NotFoundException {
return (CanonicalizedSecretKeyRing) getCanonicalizedKeyRing(queryUri, true);
}
private KeyRing getWrappedKeyRing(Uri queryUri, boolean secret) throws NotFoundException {
private KeyRing getCanonicalizedKeyRing(Uri queryUri, boolean secret) throws NotFoundException {
Cursor cursor = mContentResolver.query(queryUri,
new String[]{
// we pick from cache only information that is not easily available from keyrings
@ -252,8 +251,8 @@ public class ProviderHelper {
throw new NotFoundException("Secret key not available!");
}
return secret
? new WrappedSecretKeyRing(blob, true, verified)
: new WrappedPublicKeyRing(blob, hasAnySecret, verified);
? new CanonicalizedSecretKeyRing(blob, true, verified)
: new CanonicalizedPublicKeyRing(blob, verified);
} else {
throw new NotFoundException("Key not found!");
}
@ -271,16 +270,8 @@ public class ProviderHelper {
* and need to be saved externally to be preserved past the operation.
*/
@SuppressWarnings("unchecked")
private int internalSavePublicKeyRing(UncachedKeyRing keyRing,
Progressable progress, boolean selfCertsAreTrusted) {
if (keyRing.isSecret()) {
log(LogLevel.ERROR, LogType.MSG_IP_BAD_TYPE_SECRET);
return SaveKeyringResult.RESULT_ERROR;
}
if (!keyRing.isCanonicalized()) {
log(LogLevel.ERROR, LogType.MSG_IP_BAD_TYPE_SECRET);
return SaveKeyringResult.RESULT_ERROR;
}
private int saveCanonicalizedPublicKeyRing(CanonicalizedPublicKeyRing keyRing,
Progressable progress, boolean selfCertsAreTrusted) {
// start with ok result
int result = SaveKeyringResult.SAVED_PUBLIC;
@ -318,7 +309,7 @@ public class ProviderHelper {
{ // insert subkeys
Uri uri = Keys.buildKeysUri(Long.toString(masterKeyId));
int rank = 0;
for (UncachedPublicKey key : new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
for (CanonicalizedPublicKey key : keyRing.publicKeyIterator()) {
long keyId = key.getKeyId();
log(LogLevel.DEBUG, keyId == masterKeyId ? LogType.MSG_IP_MASTER : LogType.MSG_IP_SUBKEY,
PgpKeyHelper.convertKeyIdToHex(keyId)
@ -401,7 +392,7 @@ public class ProviderHelper {
mIndent -= 1;
// get a list of owned secret keys, for verification filtering
LongSparseArray<WrappedPublicKey> trustedKeys = getTrustedMasterKeys();
LongSparseArray<CanonicalizedPublicKey> trustedKeys = getTrustedMasterKeys();
// classify and order user ids. primary are moved to the front, revoked to the back,
// otherwise the order in the keyfile is preserved.
@ -445,7 +436,7 @@ public class ProviderHelper {
// verify signatures from known private keys
if (trustedKeys.indexOfKey(certId) >= 0) {
WrappedPublicKey trustedKey = trustedKeys.get(certId);
CanonicalizedPublicKey trustedKey = trustedKeys.get(certId);
cert.init(trustedKey);
if (cert.verifySignature(masterKey, userId)) {
item.trustedCerts.add(cert);
@ -559,17 +550,7 @@ public class ProviderHelper {
/** Saves an UncachedKeyRing of the secret variant into the db.
* This method will fail if no corresponding public keyring is in the database!
*/
private int internalSaveSecretKeyRing(UncachedKeyRing keyRing) {
if (!keyRing.isSecret()) {
log(LogLevel.ERROR, LogType.MSG_IS_BAD_TYPE_PUBLIC);
return SaveKeyringResult.RESULT_ERROR;
}
if (!keyRing.isCanonicalized()) {
log(LogLevel.ERROR, LogType.MSG_IS_BAD_TYPE_UNCANON);
return SaveKeyringResult.RESULT_ERROR;
}
private int saveCanonicalizedSecretKeyRing(CanonicalizedSecretKeyRing keyRing) {
long masterKeyId = keyRing.getMasterKeyId();
log(LogLevel.START, LogType.MSG_IS, PgpKeyHelper.convertKeyIdToHex(masterKeyId));
@ -610,8 +591,7 @@ public class ProviderHelper {
log(LogLevel.INFO, LogType.MSG_IS_IMPORTING_SUBKEYS);
mIndent += 1;
Set<Long> available = keyRing.getAvailableSubkeys();
for (UncachedPublicKey sub :
new IterableIterator<UncachedPublicKey>(keyRing.getPublicKeys())) {
for (UncachedPublicKey sub : keyRing.publicKeyIterator()) {
long id = sub.getKeyId();
if (available.contains(id)) {
int upd = mContentResolver.update(uri, values, Keys.KEY_ID + " = ?",
@ -662,9 +642,16 @@ public class ProviderHelper {
log(LogLevel.START, LogType.MSG_IP, PgpKeyHelper.convertKeyIdToHex(masterKeyId));
mIndent += 1;
if (publicRing.isSecret()) {
log(LogLevel.ERROR, LogType.MSG_IP_BAD_TYPE_SECRET);
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
CanonicalizedPublicKeyRing canPublicRing;
// If there is an old keyring, merge it
try {
UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing();
UncachedKeyRing oldPublicRing = getCanonicalizedPublicKeyRing(masterKeyId).getUncachedKeyRing();
// Merge data from new public ring into the old one
publicRing = oldPublicRing.merge(publicRing, mLog, mIndent);
@ -675,8 +662,8 @@ public class ProviderHelper {
}
// Canonicalize this keyring, to assert a number of assumptions made about it.
publicRing = publicRing.canonicalize(mLog, mIndent);
if (publicRing == null) {
canPublicRing = (CanonicalizedPublicKeyRing) publicRing.canonicalize(mLog, mIndent);
if (canPublicRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
@ -690,39 +677,40 @@ public class ProviderHelper {
// Not an issue, just means we are dealing with a new keyring.
// Canonicalize this keyring, to assert a number of assumptions made about it.
publicRing = publicRing.canonicalize(mLog, mIndent);
if (publicRing == null) {
canPublicRing = (CanonicalizedPublicKeyRing) publicRing.canonicalize(mLog, mIndent);
if (canPublicRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
}
// If there is a secret key, merge new data (if any) and save the key for later
UncachedKeyRing secretRing;
CanonicalizedSecretKeyRing canSecretRing;
try {
secretRing = getWrappedSecretKeyRing(publicRing.getMasterKeyId()).getUncachedKeyRing();
UncachedKeyRing secretRing = getCanonicalizedSecretKeyRing(publicRing.getMasterKeyId()).getUncachedKeyRing();
// Merge data from new public ring into secret one
secretRing = secretRing.merge(publicRing, mLog, mIndent);
if (secretRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
secretRing = secretRing.canonicalize(mLog, mIndent);
if (secretRing == null) {
// This has always been a secret key ring, this is a safe cast
canSecretRing = (CanonicalizedSecretKeyRing) secretRing.canonicalize(mLog, mIndent);
if (canSecretRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
} catch (NotFoundException e) {
// No secret key available (this is what happens most of the time)
secretRing = null;
canSecretRing = null;
}
int result = internalSavePublicKeyRing(publicRing, progress, secretRing != null);
int result = saveCanonicalizedPublicKeyRing(canPublicRing, progress, canSecretRing != null);
// Save the saved keyring (if any)
if (secretRing != null) {
if (canSecretRing != null) {
progress.setProgress(LogType.MSG_IP_REINSERT_SECRET.getMsgId(), 90, 100);
int secretResult = internalSaveSecretKeyRing(secretRing);
int secretResult = saveCanonicalizedSecretKeyRing(canSecretRing);
if ((secretResult & SaveKeyringResult.RESULT_ERROR) != SaveKeyringResult.RESULT_ERROR) {
result |= SaveKeyringResult.SAVED_SECRET;
}
@ -746,9 +734,16 @@ public class ProviderHelper {
log(LogLevel.START, LogType.MSG_IS, PgpKeyHelper.convertKeyIdToHex(masterKeyId));
mIndent += 1;
if ( ! secretRing.isSecret()) {
log(LogLevel.ERROR, LogType.MSG_IS_BAD_TYPE_PUBLIC);
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
CanonicalizedSecretKeyRing canSecretRing;
// If there is an old secret key, merge it.
try {
UncachedKeyRing oldSecretRing = getWrappedSecretKeyRing(masterKeyId).getUncachedKeyRing();
UncachedKeyRing oldSecretRing = getCanonicalizedSecretKeyRing(masterKeyId).getUncachedKeyRing();
// Merge data from new secret ring into old one
secretRing = secretRing.merge(oldSecretRing, mLog, mIndent);
@ -759,8 +754,9 @@ public class ProviderHelper {
}
// Canonicalize this keyring, to assert a number of assumptions made about it.
secretRing = secretRing.canonicalize(mLog, mIndent);
if (secretRing == null) {
// This is a safe cast, because we made sure this is a secret ring above
canSecretRing = (CanonicalizedSecretKeyRing) secretRing.canonicalize(mLog, mIndent);
if (canSecretRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
@ -775,8 +771,9 @@ public class ProviderHelper {
// Not an issue, just means we are dealing with a new keyring
// Canonicalize this keyring, to assert a number of assumptions made about it.
secretRing = secretRing.canonicalize(mLog, mIndent);
if (secretRing == null) {
// This is a safe cast, because we made sure this is a secret ring above
canSecretRing = (CanonicalizedSecretKeyRing) secretRing.canonicalize(mLog, mIndent);
if (canSecretRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
@ -785,7 +782,7 @@ public class ProviderHelper {
// Merge new data into public keyring as well, if there is any
UncachedKeyRing publicRing;
try {
UncachedKeyRing oldPublicRing = getWrappedPublicKeyRing(masterKeyId).getUncachedKeyRing();
UncachedKeyRing oldPublicRing = getCanonicalizedPublicKeyRing(masterKeyId).getUncachedKeyRing();
// Merge data from new secret ring into public one
publicRing = oldPublicRing.merge(secretRing, mLog, mIndent);
@ -798,20 +795,20 @@ public class ProviderHelper {
publicRing = secretRing.extractPublicKeyRing();
}
publicRing = publicRing.canonicalize(mLog, mIndent);
if (publicRing == null) {
CanonicalizedPublicKeyRing canPublicRing = (CanonicalizedPublicKeyRing) publicRing.canonicalize(mLog, mIndent);
if (canPublicRing == null) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
int result;
result = internalSavePublicKeyRing(publicRing, progress, true);
result = saveCanonicalizedPublicKeyRing(canPublicRing, progress, true);
if ((result & SaveKeyringResult.RESULT_ERROR) == SaveKeyringResult.RESULT_ERROR) {
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog);
}
progress.setProgress(LogType.MSG_IP_REINSERT_SECRET.getMsgId(), 90, 100);
result = internalSaveSecretKeyRing(secretRing);
result = saveCanonicalizedSecretKeyRing(canSecretRing);
return new SaveKeyringResult(result, mLog);

2
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
View File

@ -425,7 +425,7 @@ public class OpenPgpService extends RemoteService {
try {
// try to find key, throws NotFoundException if not in db!
mProviderHelper.getWrappedPublicKeyRing(masterKeyId);
mProviderHelper.getCanonicalizedPublicKeyRing(masterKeyId);
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);

18
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
View File

@ -36,6 +36,8 @@ import org.sufficientlysecure.keychain.keyimport.Keyserver;
import org.sufficientlysecure.keychain.keyimport.ImportKeysListEntry;
import org.sufficientlysecure.keychain.keyimport.KeybaseKeyserver;
import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyResult;
import org.sufficientlysecure.keychain.pgp.PgpHelper;
@ -44,9 +46,7 @@ import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
import org.sufficientlysecure.keychain.pgp.PgpSignEncrypt;
import org.sufficientlysecure.keychain.pgp.Progressable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKey;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralMsgIdException;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
@ -337,8 +337,8 @@ public class KeychainIntentService extends IntentService
if (saveParcel.mMasterKeyId != null) {
String passphrase = data.getString(SAVE_KEYRING_PASSPHRASE);
WrappedSecretKeyRing secRing =
providerHelper.getWrappedSecretKeyRing(saveParcel.mMasterKeyId);
CanonicalizedSecretKeyRing secRing =
providerHelper.getCanonicalizedSecretKeyRing(saveParcel.mMasterKeyId);
result = keyOperations.modifySecretKeyRing(secRing, saveParcel, passphrase);
} else {
@ -466,7 +466,7 @@ public class KeychainIntentService extends IntentService
HkpKeyserver server = new HkpKeyserver(keyServer);
ProviderHelper providerHelper = new ProviderHelper(this);
WrappedPublicKeyRing keyring = providerHelper.getWrappedPublicKeyRing(dataUri);
CanonicalizedPublicKeyRing keyring = providerHelper.getCanonicalizedPublicKeyRing(dataUri);
PgpImportExport pgpImportExport = new PgpImportExport(this, null);
boolean uploaded = pgpImportExport.uploadKeyRingToServer(server, keyring);
@ -542,9 +542,9 @@ public class KeychainIntentService extends IntentService
}
ProviderHelper providerHelper = new ProviderHelper(this);
WrappedPublicKeyRing publicRing = providerHelper.getWrappedPublicKeyRing(pubKeyId);
WrappedSecretKeyRing secretKeyRing = providerHelper.getWrappedSecretKeyRing(masterKeyId);
WrappedSecretKey certificationKey = secretKeyRing.getSecretKey();
CanonicalizedPublicKeyRing publicRing = providerHelper.getCanonicalizedPublicKeyRing(pubKeyId);
CanonicalizedSecretKeyRing secretKeyRing = providerHelper.getCanonicalizedSecretKeyRing(masterKeyId);
CanonicalizedSecretKey certificationKey = secretKeyRing.getSecretKey();
if(!certificationKey.unlock(signaturePassphrase)) {
throw new PgpGeneralException("Error extracting key (bad passphrase?)");
}

1
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/OperationResultParcel.java
View File

@ -260,7 +260,6 @@ public class OperationResultParcel implements Parcelable {
// import secret
MSG_IS(R.string.msg_is),
MSG_IS_BAD_TYPE_PUBLIC (R.string.msg_is_bad_type_public),
MSG_IS_BAD_TYPE_UNCANON (R.string.msg_is_bad_type_uncanon),
MSG_IS_DB_EXCEPTION (R.string.msg_is_db_exception),
MSG_IS_FAIL_IO_EXC (R.string.msg_is_io_exc),
MSG_IS_IMPORTING_SUBKEYS (R.string.msg_is_importing_subkeys),

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
View File

@ -41,7 +41,7 @@ import android.support.v4.app.NotificationCompat;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.helper.Preferences;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
@ -184,7 +184,7 @@ public class PassphraseCacheService extends Service {
// try to get master key id which is used as an identifier for cached passphrases
try {
Log.d(Constants.TAG, "PassphraseCacheService.getCachedPassphraseImpl() for masterKeyId " + keyId);
WrappedSecretKeyRing key = new ProviderHelper(this).getWrappedSecretKeyRing(
CanonicalizedSecretKeyRing key = new ProviderHelper(this).getCanonicalizedSecretKeyRing(
KeychainContract.KeyRings.buildUnifiedKeyRingsFindBySubkeyUri(keyId));
// no passphrase needed? just add empty string and return it, then
if (!key.hasPassphrase()) {

7
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EditKeyFragment.java
View File

@ -42,14 +42,13 @@ import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.compatibility.DialogFragmentWorkaround;
import org.sufficientlysecure.keychain.helper.ActionBarHelper;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.service.KeychainIntentService;
import org.sufficientlysecure.keychain.service.KeychainIntentServiceHandler;
import org.sufficientlysecure.keychain.service.OperationResults;
import org.sufficientlysecure.keychain.service.OperationResults.EditKeyResult;
import org.sufficientlysecure.keychain.service.OperationResults.ImportKeyResult;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
import org.sufficientlysecure.keychain.ui.adapter.SubkeysAdapter;
@ -169,8 +168,8 @@ public class EditKeyFragment extends LoaderFragment implements
try {
Uri secretUri = KeychainContract.KeyRings.buildUnifiedKeyRingUri(mDataUri);
WrappedSecretKeyRing keyRing =
new ProviderHelper(getActivity()).getWrappedSecretKeyRing(secretUri);
CanonicalizedSecretKeyRing keyRing =
new ProviderHelper(getActivity()).getCanonicalizedSecretKeyRing(secretUri);
mSaveKeyringParcel = new SaveKeyringParcel(keyRing.getMasterKeyId(),
keyRing.getUncachedKeyRing().getFingerprint());

6
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/LogDisplayFragment.java
View File

@ -178,9 +178,11 @@ public class LogDisplayFragment extends ListFragment implements OnTouchListener
if (entry.mParameters != null && entry.mParameters.length > 0
&& entry.mParameters[0] instanceof Integer) {
ih.mText.setText(getResources().getQuantityString(entry.mType.getMsgId(),
(Integer) entry.mParameters[0], entry.mParameters));
(Integer) entry.mParameters[0],
entry.mParameters));
} else {
ih.mText.setText(getResources().getString(entry.mType.getMsgId(), entry.mParameters));
ih.mText.setText(getResources().getString(entry.mType.getMsgId(),
entry.mParameters));
}
ih.mText.setTextColor(entry.mLevel == LogLevel.DEBUG ? Color.GRAY : Color.BLACK);
convertView.setPadding((entry.mIndent) * dipFactor, 0, 0, 0);

10
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewCertActivity.java
View File

@ -35,7 +35,7 @@ import android.widget.TextView;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
import org.sufficientlysecure.keychain.pgp.WrappedSignature;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
@ -143,10 +143,10 @@ public class ViewCertActivity extends ActionBarActivity
try {
ProviderHelper providerHelper = new ProviderHelper(this);
WrappedPublicKeyRing signeeRing =
providerHelper.getWrappedPublicKeyRing(data.getLong(INDEX_MASTER_KEY_ID));
WrappedPublicKeyRing signerRing =
providerHelper.getWrappedPublicKeyRing(sig.getKeyId());
CanonicalizedPublicKeyRing signeeRing =
providerHelper.getCanonicalizedPublicKeyRing(data.getLong(INDEX_MASTER_KEY_ID));
CanonicalizedPublicKeyRing signerRing =
providerHelper.getCanonicalizedPublicKeyRing(sig.getKeyId());
try {
sig.init(signerRing.getPublicKey());

14
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/PassphraseDialogFragment.java
View File

@ -46,8 +46,8 @@ import android.widget.Toast;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.compatibility.DialogFragmentWorkaround;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKey;
import org.sufficientlysecure.keychain.pgp.WrappedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
@ -103,7 +103,7 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
// check if secret key has a passphrase
if (!(secretKeyId == Constants.key.symmetric || secretKeyId == Constants.key.none)) {
try {
if (!new ProviderHelper(context).getWrappedSecretKeyRing(secretKeyId).hasPassphrase()) {
if (!new ProviderHelper(context).getCanonicalizedSecretKeyRing(secretKeyId).hasPassphrase()) {
throw new PgpGeneralException("No passphrase! No passphrase dialog needed!");
}
} catch (ProviderHelper.NotFoundException e) {
@ -134,7 +134,7 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
alert.setTitle(R.string.title_authentication);
final WrappedSecretKeyRing secretRing;
final CanonicalizedSecretKeyRing secretRing;
String userId;
if (secretKeyId == Constants.key.symmetric || secretKeyId == Constants.key.none) {
@ -143,7 +143,7 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
} else {
try {
ProviderHelper helper = new ProviderHelper(activity);
secretRing = helper.getWrappedSecretKeyRing(secretKeyId);
secretRing = helper.getCanonicalizedSecretKeyRing(secretKeyId);
// yes the inner try/catch block is necessary, otherwise the final variable
// above can't be statically verified to have been set in all cases because
// the catch clause doesn't return.
@ -193,9 +193,9 @@ public class PassphraseDialogFragment extends DialogFragment implements OnEditor
return;
}
WrappedSecretKey unlockedSecretKey = null;
CanonicalizedSecretKey unlockedSecretKey = null;
for (WrappedSecretKey clickSecretKey : secretRing.secretKeyIterator()) {
for (CanonicalizedSecretKey clickSecretKey : secretRing.secretKeyIterator()) {
try {
boolean unlocked = clickSecretKey.unlock(passphrase);
if (unlocked) {