CertifyOperation is not a Pgp- operation
This commit is contained in:
Vincent Breitmoser
parent
93aefaca8e
commit
b47412eb1e
|
|
@ -2,12 +2,15 @@ package org.sufficientlysecure.keychain.operations;
|
||||||
|
|
||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
|
|
||||||
|
import org.sufficientlysecure.keychain.pgp.PassphraseCacheInterface;
|
||||||
import org.sufficientlysecure.keychain.pgp.Progressable;
|
import org.sufficientlysecure.keychain.pgp.Progressable;
|
||||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||||
|
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
|
||||||
|
import org.sufficientlysecure.keychain.service.PassphraseCacheService;
|
||||||
|
|
||||||
import java.util.concurrent.atomic.AtomicBoolean;
|
import java.util.concurrent.atomic.AtomicBoolean;
|
||||||
|
|
||||||
public class BaseOperation {
|
public class BaseOperation implements PassphraseCacheInterface {
|
||||||
|
|
||||||
final public Context mContext;
|
final public Context mContext;
|
||||||
final public Progressable mProgressable;
|
final public Progressable mProgressable;
|
||||||
|
|
@ -52,4 +55,24 @@ public class BaseOperation {
|
||||||
return mCancelled != null && mCancelled.get();
|
return mCancelled != null && mCancelled.get();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getCachedPassphrase(long subKeyId) throws NoSecretKeyException {
|
||||||
|
try {
|
||||||
|
long masterKeyId = mProviderHelper.getMasterKeyId(subKeyId);
|
||||||
|
return getCachedPassphrase(masterKeyId, subKeyId);
|
||||||
|
} catch (NotFoundException e) {
|
||||||
|
throw new PassphraseCacheInterface.NoSecretKeyException();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getCachedPassphrase(long masterKeyId, long subKeyId) throws NoSecretKeyException {
|
||||||
|
try {
|
||||||
|
return PassphraseCacheService.getCachedPassphrase(
|
||||||
|
mContext, masterKeyId, subKeyId);
|
||||||
|
} catch (PassphraseCacheService.KeyNotFoundException e) {
|
||||||
|
throw new PassphraseCacheInterface.NoSecretKeyException();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,8 +2,6 @@ package org.sufficientlysecure.keychain.operations;
|
||||||
|
|
||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
|
|
||||||
import org.spongycastle.openpgp.PGPException;
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
|
||||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
|
import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
|
||||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
|
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
|
||||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
|
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
|
||||||
|
|
@ -19,18 +17,17 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.LogTyp
|
||||||
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
|
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
|
||||||
import org.sufficientlysecure.keychain.operations.results.SaveKeyringResult;
|
import org.sufficientlysecure.keychain.operations.results.SaveKeyringResult;
|
||||||
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
|
||||||
import org.sufficientlysecure.keychain.util.Log;
|
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.concurrent.atomic.AtomicBoolean;
|
import java.util.concurrent.atomic.AtomicBoolean;
|
||||||
|
|
||||||
public class PgpCertifyOperation extends BaseOperation {
|
public class CertifyOperation extends BaseOperation {
|
||||||
|
|
||||||
public PgpCertifyOperation(Context context, ProviderHelper providerHelper, Progressable progressable, AtomicBoolean cancelled) {
|
public CertifyOperation(Context context, ProviderHelper providerHelper, Progressable progressable, AtomicBoolean cancelled) {
|
||||||
super(context, providerHelper, progressable, cancelled);
|
super(context, providerHelper, progressable, cancelled);
|
||||||
}
|
}
|
||||||
|
|
||||||
public CertifyResult certify(CertifyActionsParcel parcel, String passphrase) {
|
public CertifyResult certify(CertifyActionsParcel parcel) {
|
||||||
|
|
||||||
OperationLog log = new OperationLog();
|
OperationLog log = new OperationLog();
|
||||||
log.add(LogType.MSG_CRT, 0);
|
log.add(LogType.MSG_CRT, 0);
|
||||||
|
|
@ -38,6 +35,10 @@ public class PgpCertifyOperation extends BaseOperation {
|
||||||
// Retrieve and unlock secret key
|
// Retrieve and unlock secret key
|
||||||
CanonicalizedSecretKey certificationKey;
|
CanonicalizedSecretKey certificationKey;
|
||||||
try {
|
try {
|
||||||
|
|
||||||
|
// certification is always with the master key id, so use that one
|
||||||
|
String passphrase = getCachedPassphrase(parcel.mMasterKeyId, parcel.mMasterKeyId);
|
||||||
|
|
||||||
log.add(LogType.MSG_CRT_MASTER_FETCH, 1);
|
log.add(LogType.MSG_CRT_MASTER_FETCH, 1);
|
||||||
CanonicalizedSecretKeyRing secretKeyRing =
|
CanonicalizedSecretKeyRing secretKeyRing =
|
||||||
mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
|
mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId);
|
||||||
|
|
@ -53,6 +54,9 @@ public class PgpCertifyOperation extends BaseOperation {
|
||||||
} catch (NotFoundException e) {
|
} catch (NotFoundException e) {
|
||||||
log.add(LogType.MSG_CRT_ERROR_MASTER_NOT_FOUND, 2);
|
log.add(LogType.MSG_CRT_ERROR_MASTER_NOT_FOUND, 2);
|
||||||
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
|
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
|
||||||
|
} catch (NoSecretKeyException e) {
|
||||||
|
log.add(LogType.MSG_CRT_ERROR_MASTER_NOT_FOUND, 2);
|
||||||
|
return new CertifyResult(CertifyResult.RESULT_ERROR, log);
|
||||||
}
|
}
|
||||||
|
|
||||||
ArrayList<UncachedKeyRing> certifiedKeys = new ArrayList<UncachedKeyRing>();
|
ArrayList<UncachedKeyRing> certifiedKeys = new ArrayList<UncachedKeyRing>();
|
||||||
|
|
@ -84,15 +88,15 @@ public class PgpCertifyOperation extends BaseOperation {
|
||||||
mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
|
mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId);
|
||||||
|
|
||||||
UncachedKeyRing certifiedKey = certificationKey.certifyUserIds(publicRing, action.mUserIds, null, null);
|
UncachedKeyRing certifiedKey = certificationKey.certifyUserIds(publicRing, action.mUserIds, null, null);
|
||||||
|
if (certifiedKey == null) {
|
||||||
|
certifyError += 1;
|
||||||
|
log.add(LogType.MSG_CRT_WARN_CERT_FAILED, 3);
|
||||||
|
}
|
||||||
certifiedKeys.add(certifiedKey);
|
certifiedKeys.add(certifiedKey);
|
||||||
|
|
||||||
} catch (NotFoundException e) {
|
} catch (NotFoundException e) {
|
||||||
certifyError += 1;
|
certifyError += 1;
|
||||||
log.add(LogType.MSG_CRT_WARN_NOT_FOUND, 3);
|
log.add(LogType.MSG_CRT_WARN_NOT_FOUND, 3);
|
||||||
} catch (PGPException e) {
|
|
||||||
certifyError += 1;
|
|
||||||
log.add(LogType.MSG_CRT_WARN_CERT_FAILED, 3);
|
|
||||||
Log.e(Constants.TAG, "Encountered PGPException during certification", e);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -128,8 +132,6 @@ public class PgpCertifyOperation extends BaseOperation {
|
||||||
|
|
||||||
log.add(result, 2);
|
log.add(result, 2);
|
||||||
|
|
||||||
// TODO do something with import results
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (certifyOk == 0) {
|
if (certifyOk == 0) {
|
||||||
|
|
@ -285,8 +285,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
||||||
* @return A keyring with added certifications
|
* @return A keyring with added certifications
|
||||||
*/
|
*/
|
||||||
public UncachedKeyRing certifyUserIds(CanonicalizedPublicKeyRing publicKeyRing, List<String> userIds,
|
public UncachedKeyRing certifyUserIds(CanonicalizedPublicKeyRing publicKeyRing, List<String> userIds,
|
||||||
byte[] nfcSignedHash, Date nfcCreationTimestamp)
|
byte[] nfcSignedHash, Date nfcCreationTimestamp) {
|
||||||
throws PGPException {
|
|
||||||
if (mPrivateKeyState == PRIVATE_KEY_STATE_LOCKED) {
|
if (mPrivateKeyState == PRIVATE_KEY_STATE_LOCKED) {
|
||||||
throw new PrivateKeyNotUnlockedException();
|
throw new PrivateKeyNotUnlockedException();
|
||||||
}
|
}
|
||||||
|
|
@ -299,7 +298,12 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
||||||
nfcSignedHash, nfcCreationTimestamp);
|
nfcSignedHash, nfcCreationTimestamp);
|
||||||
|
|
||||||
signatureGenerator = new PGPSignatureGenerator(contentSignerBuilder);
|
signatureGenerator = new PGPSignatureGenerator(contentSignerBuilder);
|
||||||
signatureGenerator.init(PGPSignature.DEFAULT_CERTIFICATION, mPrivateKey);
|
try {
|
||||||
|
signatureGenerator.init(PGPSignature.DEFAULT_CERTIFICATION, mPrivateKey);
|
||||||
|
} catch (PGPException e) {
|
||||||
|
Log.e(Constants.TAG, "signing error", e);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
{ // supply signatureGenerator with a SubpacketVector
|
{ // supply signatureGenerator with a SubpacketVector
|
||||||
|
|
@ -318,9 +322,14 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
||||||
// fetch public key ring, add the certification and return it
|
// fetch public key ring, add the certification and return it
|
||||||
Iterable<String> it = userIds != null ? userIds
|
Iterable<String> it = userIds != null ? userIds
|
||||||
: new IterableIterator<String>(publicKey.getUserIDs());
|
: new IterableIterator<String>(publicKey.getUserIDs());
|
||||||
for (String userId : it) {
|
try {
|
||||||
PGPSignature sig = signatureGenerator.generateCertification(userId, publicKey);
|
for (String userId : it) {
|
||||||
publicKey = PGPPublicKey.addCertification(publicKey, userId, sig);
|
PGPSignature sig = signatureGenerator.generateCertification(userId, publicKey);
|
||||||
|
publicKey = PGPPublicKey.addCertification(publicKey, userId, sig);
|
||||||
|
}
|
||||||
|
} catch (PGPException e) {
|
||||||
|
Log.e(Constants.TAG, "signing error", e);
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
PGPPublicKeyRing ring = PGPPublicKeyRing.insertPublicKey(publicKeyRing.getRing(), publicKey);
|
PGPPublicKeyRing ring = PGPPublicKeyRing.insertPublicKey(publicKeyRing.getRing(), publicKey);
|
||||||
|
|
|
||||||
|
|
@ -29,8 +29,8 @@ import android.os.RemoteException;
|
||||||
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
import org.sufficientlysecure.keychain.R;
|
import org.sufficientlysecure.keychain.R;
|
||||||
|
import org.sufficientlysecure.keychain.operations.CertifyOperation;
|
||||||
import org.sufficientlysecure.keychain.operations.DeleteOperation;
|
import org.sufficientlysecure.keychain.operations.DeleteOperation;
|
||||||
import org.sufficientlysecure.keychain.operations.PgpCertifyOperation;
|
|
||||||
import org.sufficientlysecure.keychain.operations.results.DeleteResult;
|
import org.sufficientlysecure.keychain.operations.results.DeleteResult;
|
||||||
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
|
import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
|
||||||
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
|
import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
|
||||||
|
|
@ -250,42 +250,34 @@ public class KeychainIntentService extends IntentService implements Progressable
|
||||||
|
|
||||||
Log.logDebugBundle(data, "EXTRA_DATA");
|
Log.logDebugBundle(data, "EXTRA_DATA");
|
||||||
|
|
||||||
|
ProviderHelper providerHelper = new ProviderHelper(this);
|
||||||
|
|
||||||
String action = intent.getAction();
|
String action = intent.getAction();
|
||||||
|
|
||||||
// executeServiceMethod action from extra bundle
|
// executeServiceMethod action from extra bundle
|
||||||
if (ACTION_CERTIFY_KEYRING.equals(action)) {
|
if (ACTION_CERTIFY_KEYRING.equals(action)) {
|
||||||
|
|
||||||
try {
|
// Input
|
||||||
|
CertifyActionsParcel parcel = data.getParcelable(CERTIFY_PARCEL);
|
||||||
|
|
||||||
/* Input */
|
// Operation
|
||||||
CertifyActionsParcel parcel = data.getParcelable(CERTIFY_PARCEL);
|
CertifyOperation op = new CertifyOperation(this, providerHelper, this, mActionCanceled);
|
||||||
|
CertifyResult result = op.certify(parcel);
|
||||||
|
|
||||||
/* Operation */
|
// Result
|
||||||
String passphrase = PassphraseCacheService.getCachedPassphrase(this,
|
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
|
||||||
// certification is always with the master key id, so use that one
|
|
||||||
parcel.mMasterKeyId, parcel.mMasterKeyId);
|
|
||||||
if (passphrase == null) {
|
|
||||||
throw new PgpGeneralException("Unable to obtain passphrase");
|
|
||||||
}
|
|
||||||
|
|
||||||
ProviderHelper providerHelper = new ProviderHelper(this);
|
|
||||||
PgpCertifyOperation op = new PgpCertifyOperation(this, providerHelper, this, mActionCanceled);
|
|
||||||
CertifyResult result = op.certify(parcel, passphrase);
|
|
||||||
|
|
||||||
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
|
|
||||||
|
|
||||||
} catch (Exception e) {
|
|
||||||
sendErrorToHandler(e);
|
|
||||||
}
|
|
||||||
|
|
||||||
} else if (ACTION_CONSOLIDATE.equals(action)) {
|
} else if (ACTION_CONSOLIDATE.equals(action)) {
|
||||||
|
|
||||||
|
// Operation
|
||||||
ConsolidateResult result;
|
ConsolidateResult result;
|
||||||
if (data.containsKey(CONSOLIDATE_RECOVERY) && data.getBoolean(CONSOLIDATE_RECOVERY)) {
|
if (data.containsKey(CONSOLIDATE_RECOVERY) && data.getBoolean(CONSOLIDATE_RECOVERY)) {
|
||||||
result = new ProviderHelper(this).consolidateDatabaseStep2(this);
|
result = new ProviderHelper(this).consolidateDatabaseStep2(this);
|
||||||
} else {
|
} else {
|
||||||
result = new ProviderHelper(this).consolidateDatabaseStep1(this);
|
result = new ProviderHelper(this).consolidateDatabaseStep1(this);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Result
|
||||||
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
|
sendMessageToHandler(KeychainIntentServiceHandler.MESSAGE_OKAY, result);
|
||||||
|
|
||||||
} else if (ACTION_DECRYPT_METADATA.equals(action)) {
|
} else if (ACTION_DECRYPT_METADATA.equals(action)) {
|
||||||
|
|
@ -617,7 +609,6 @@ public class KeychainIntentService extends IntentService implements Progressable
|
||||||
numEntries = it.getSize();
|
numEntries = it.getSize();
|
||||||
}
|
}
|
||||||
|
|
||||||
ProviderHelper providerHelper = new ProviderHelper(this);
|
|
||||||
ImportExportOperation importExportOperation = new ImportExportOperation(
|
ImportExportOperation importExportOperation = new ImportExportOperation(
|
||||||
this, providerHelper, this, mActionCanceled);
|
this, providerHelper, this, mActionCanceled);
|
||||||
ImportKeyResult result = importExportOperation.importKeyRings(entries, numEntries);
|
ImportKeyResult result = importExportOperation.importKeyRings(entries, numEntries);
|
||||||
|
|
@ -733,7 +724,6 @@ public class KeychainIntentService extends IntentService implements Progressable
|
||||||
/* Operation */
|
/* Operation */
|
||||||
HkpKeyserver server = new HkpKeyserver(keyServer);
|
HkpKeyserver server = new HkpKeyserver(keyServer);
|
||||||
|
|
||||||
ProviderHelper providerHelper = new ProviderHelper(this);
|
|
||||||
CanonicalizedPublicKeyRing keyring = providerHelper.getCanonicalizedPublicKeyRing(dataUri);
|
CanonicalizedPublicKeyRing keyring = providerHelper.getCanonicalizedPublicKeyRing(dataUri);
|
||||||
ImportExportOperation importExportOperation = new ImportExportOperation(this, new ProviderHelper(this), this);
|
ImportExportOperation importExportOperation = new ImportExportOperation(this, new ProviderHelper(this), this);
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue