mirror of
https://github.com/moparisthebest/open-keychain
synced 2025-02-17 07:30:14 -05:00
Remove queries from PgpKeyHelper, introduce encrypt to signer mode (not tested)
This commit is contained in:
Dominik Schürmann
parent
a9281b129c
commit
bbd97cf800
@ -594,7 +594,7 @@ public class PgpDecryptVerify {
|
||||
// any luck? otherwise, try next.
|
||||
if (data.get(KeyRings.MASTER_KEY_ID) == null) {
|
||||
signature = null;
|
||||
// do NOT reset signatureKeyId, that one is shown when no known one is found!
|
||||
// do NOT reset signatureMasterKeyId, that one is shown when no known one is found!
|
||||
continue;
|
||||
}
|
||||
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (C) 2012-2013 Dominik Schürmann <dominik@dominikschuermann.de>
|
||||
* Copyright (C) 2012-2014 Dominik Schürmann <dominik@dominikschuermann.de>
|
||||
* Copyright (C) 2010-2014 Thialfihar <thi@thialfihar.org>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
@ -34,7 +34,6 @@ import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
|
||||
import org.spongycastle.util.encoders.Hex;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.provider.ProviderHelper;
|
||||
import org.sufficientlysecure.keychain.util.IterableIterator;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
||||
@ -200,15 +199,7 @@ public class PgpKeyHelper {
|
||||
return getExpiryDate(key.getPublicKey());
|
||||
}
|
||||
|
||||
public static PGPPublicKey getEncryptPublicKey(Context context, long masterKeyId) {
|
||||
PGPPublicKeyRing keyRing = null;
|
||||
try {
|
||||
keyRing = ProviderHelper.getPGPPublicKeyRing(context, masterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.e(Constants.TAG, "key not found!", e);
|
||||
// TODO: throw exception here!
|
||||
return null;
|
||||
}
|
||||
public static PGPPublicKey getEncryptPublicKey(PGPPublicKeyRing keyRing) {
|
||||
Vector<PGPPublicKey> encryptKeys = getUsableEncryptKeys(keyRing);
|
||||
if (encryptKeys.size() == 0) {
|
||||
Log.e(Constants.TAG, "encryptKeys is null!");
|
||||
@ -217,15 +208,7 @@ public class PgpKeyHelper {
|
||||
return encryptKeys.get(0);
|
||||
}
|
||||
|
||||
public static PGPSecretKey getCertificationKey(Context context, long masterKeyId) {
|
||||
PGPSecretKeyRing keyRing = null;
|
||||
try {
|
||||
keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.e(Constants.TAG, "key not found!", e);
|
||||
// TODO: throw exception here!
|
||||
return null;
|
||||
}
|
||||
public static PGPSecretKey getCertificationKey(PGPSecretKeyRing keyRing) {
|
||||
Vector<PGPSecretKey> signingKeys = getUsableCertificationKeys(keyRing);
|
||||
if (signingKeys.size() == 0) {
|
||||
return null;
|
||||
@ -233,15 +216,7 @@ public class PgpKeyHelper {
|
||||
return signingKeys.get(0);
|
||||
}
|
||||
|
||||
public static PGPSecretKey getSigningKey(Context context, long masterKeyId) {
|
||||
PGPSecretKeyRing keyRing = null;
|
||||
try {
|
||||
keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.e(Constants.TAG, "key not found!", e);
|
||||
// TODO: throw exception here!
|
||||
return null;
|
||||
}
|
||||
public static PGPSecretKey getSigningKey(PGPSecretKeyRing keyRing) {
|
||||
Vector<PGPSecretKey> signingKeys = getUsableSigningKeys(keyRing);
|
||||
if (signingKeys.size() == 0) {
|
||||
return null;
|
||||
@ -482,7 +457,7 @@ public class PgpKeyHelper {
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(keySize > 0)
|
||||
if (keySize > 0)
|
||||
return algorithmStr + ", " + keySize + " bit";
|
||||
else
|
||||
return algorithmStr;
|
||||
|
||||
@ -29,6 +29,7 @@ import org.spongycastle.openpgp.PGPLiteralData;
|
||||
import org.spongycastle.openpgp.PGPLiteralDataGenerator;
|
||||
import org.spongycastle.openpgp.PGPPrivateKey;
|
||||
import org.spongycastle.openpgp.PGPPublicKey;
|
||||
import org.spongycastle.openpgp.PGPPublicKeyRing;
|
||||
import org.spongycastle.openpgp.PGPSecretKey;
|
||||
import org.spongycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.spongycastle.openpgp.PGPSignature;
|
||||
@ -58,6 +59,7 @@ import java.io.OutputStream;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.SignatureException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
@ -71,13 +73,14 @@ public class PgpSignEncrypt {
|
||||
private ProgressDialogUpdater mProgress;
|
||||
private boolean mEnableAsciiArmorOutput;
|
||||
private int mCompressionId;
|
||||
private long[] mEncryptionKeyIds;
|
||||
private long[] mEncryptionMasterKeyIds;
|
||||
private String mSymmetricPassphrase;
|
||||
private int mSymmetricEncryptionAlgorithm;
|
||||
private long mSignatureKeyId;
|
||||
private long mSignatureMasterKeyId;
|
||||
private int mSignatureHashAlgorithm;
|
||||
private boolean mSignatureForceV3;
|
||||
private String mSignaturePassphrase;
|
||||
private boolean mEncryptToSigner;
|
||||
|
||||
private PgpSignEncrypt(Builder builder) {
|
||||
// private Constructor can only be called from Builder
|
||||
@ -88,13 +91,14 @@ public class PgpSignEncrypt {
|
||||
this.mProgress = builder.mProgress;
|
||||
this.mEnableAsciiArmorOutput = builder.mEnableAsciiArmorOutput;
|
||||
this.mCompressionId = builder.mCompressionId;
|
||||
this.mEncryptionKeyIds = builder.mEncryptionKeyIds;
|
||||
this.mEncryptionMasterKeyIds = builder.mEncryptionMasterKeyIds;
|
||||
this.mSymmetricPassphrase = builder.mSymmetricPassphrase;
|
||||
this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm;
|
||||
this.mSignatureKeyId = builder.mSignatureKeyId;
|
||||
this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId;
|
||||
this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm;
|
||||
this.mSignatureForceV3 = builder.mSignatureForceV3;
|
||||
this.mSignaturePassphrase = builder.mSignaturePassphrase;
|
||||
this.mEncryptToSigner = builder.mEncryptToSigner;
|
||||
}
|
||||
|
||||
public static class Builder {
|
||||
@ -107,13 +111,14 @@ public class PgpSignEncrypt {
|
||||
private ProgressDialogUpdater mProgress = null;
|
||||
private boolean mEnableAsciiArmorOutput = false;
|
||||
private int mCompressionId = Id.choice.compression.none;
|
||||
private long[] mEncryptionKeyIds = null;
|
||||
private long[] mEncryptionMasterKeyIds = null;
|
||||
private String mSymmetricPassphrase = null;
|
||||
private int mSymmetricEncryptionAlgorithm = 0;
|
||||
private long mSignatureKeyId = Id.key.none;
|
||||
private long mSignatureMasterKeyId = Id.key.none;
|
||||
private int mSignatureHashAlgorithm = 0;
|
||||
private boolean mSignatureForceV3 = false;
|
||||
private String mSignaturePassphrase = null;
|
||||
private boolean mEncryptToSigner = false;
|
||||
|
||||
public Builder(Context context, InputData data, OutputStream outStream) {
|
||||
this.mContext = context;
|
||||
@ -136,8 +141,8 @@ public class PgpSignEncrypt {
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder encryptionKeyIds(long[] encryptionKeyIds) {
|
||||
this.mEncryptionKeyIds = encryptionKeyIds;
|
||||
public Builder encryptionMasterKeyIds(long[] encryptionMasterKeyIds) {
|
||||
this.mEncryptionMasterKeyIds = encryptionMasterKeyIds;
|
||||
return this;
|
||||
}
|
||||
|
||||
@ -151,8 +156,8 @@ public class PgpSignEncrypt {
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder signatureKeyId(long signatureKeyId) {
|
||||
this.mSignatureKeyId = signatureKeyId;
|
||||
public Builder signatureMasterKeyId(long signatureMasterKeyId) {
|
||||
this.mSignatureMasterKeyId = signatureMasterKeyId;
|
||||
return this;
|
||||
}
|
||||
|
||||
@ -171,6 +176,11 @@ public class PgpSignEncrypt {
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder encryptToSigner(boolean encryptToSigner) {
|
||||
this.mEncryptToSigner = encryptToSigner;
|
||||
return this;
|
||||
}
|
||||
|
||||
public PgpSignEncrypt build() {
|
||||
return new PgpSignEncrypt(this);
|
||||
}
|
||||
@ -202,8 +212,8 @@ public class PgpSignEncrypt {
|
||||
throws IOException, PgpGeneralException, PGPException, NoSuchProviderException,
|
||||
NoSuchAlgorithmException, SignatureException {
|
||||
|
||||
boolean enableSignature = mSignatureKeyId != Id.key.none;
|
||||
boolean enableEncryption = ((mEncryptionKeyIds != null && mEncryptionKeyIds.length > 0)
|
||||
boolean enableSignature = mSignatureMasterKeyId != Id.key.none;
|
||||
boolean enableEncryption = ((mEncryptionMasterKeyIds != null && mEncryptionMasterKeyIds.length > 0)
|
||||
|| mSymmetricPassphrase != null);
|
||||
boolean enableCompression = (enableEncryption && mCompressionId != Id.choice.compression.none);
|
||||
|
||||
@ -212,6 +222,12 @@ public class PgpSignEncrypt {
|
||||
+ "\nenableCompression:" + enableCompression
|
||||
+ "\nenableAsciiArmorOutput:" + mEnableAsciiArmorOutput);
|
||||
|
||||
// add signature key id to encryption ids (self-encrypt)
|
||||
if (enableEncryption && enableSignature && mEncryptToSigner) {
|
||||
mEncryptionMasterKeyIds = Arrays.copyOf(mEncryptionMasterKeyIds, mEncryptionMasterKeyIds.length + 1);
|
||||
mEncryptionMasterKeyIds[mEncryptionMasterKeyIds.length - 1] = mSignatureMasterKeyId;
|
||||
}
|
||||
|
||||
int signatureType;
|
||||
if (mEnableAsciiArmorOutput && enableSignature && !enableEncryption && !enableCompression) {
|
||||
// for sign-only ascii text
|
||||
@ -236,11 +252,11 @@ public class PgpSignEncrypt {
|
||||
PGPPrivateKey signaturePrivateKey = null;
|
||||
if (enableSignature) {
|
||||
try {
|
||||
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId);
|
||||
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
|
||||
}
|
||||
signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId);
|
||||
signingKey = PgpKeyHelper.getSigningKey(signingKeyRing);
|
||||
if (signingKey == null) {
|
||||
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
|
||||
}
|
||||
@ -275,19 +291,24 @@ public class PgpSignEncrypt {
|
||||
|
||||
if (mSymmetricPassphrase != null) {
|
||||
// Symmetric encryption
|
||||
Log.d(Constants.TAG, "encryptionKeyIds length is 0 -> symmetric encryption");
|
||||
Log.d(Constants.TAG, "encryptionMasterKeyIds length is 0 -> symmetric encryption");
|
||||
|
||||
JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator =
|
||||
new JcePBEKeyEncryptionMethodGenerator(mSymmetricPassphrase.toCharArray());
|
||||
cPk.addMethod(symmetricEncryptionGenerator);
|
||||
} else {
|
||||
// Asymmetric encryption
|
||||
for (long id : mEncryptionKeyIds) {
|
||||
PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(mContext, id);
|
||||
if (key != null) {
|
||||
JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator =
|
||||
new JcePublicKeyKeyEncryptionMethodGenerator(key);
|
||||
cPk.addMethod(pubKeyEncryptionGenerator);
|
||||
for (long id : mEncryptionMasterKeyIds) {
|
||||
try {
|
||||
PGPPublicKeyRing keyRing = ProviderHelper.getPGPPublicKeyRing(mContext, id);
|
||||
PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(keyRing);
|
||||
if (key != null) {
|
||||
JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator =
|
||||
new JcePublicKeyKeyEncryptionMethodGenerator(key);
|
||||
cPk.addMethod(pubKeyEncryptionGenerator);
|
||||
}
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.e(Constants.TAG, "key not found!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -464,17 +485,17 @@ public class PgpSignEncrypt {
|
||||
out = mOutStream;
|
||||
}
|
||||
|
||||
if (mSignatureKeyId == 0) {
|
||||
if (mSignatureMasterKeyId == 0) {
|
||||
throw new PgpGeneralException(mContext.getString(R.string.error_no_signature_key));
|
||||
}
|
||||
|
||||
PGPSecretKeyRing signingKeyRing;
|
||||
try {
|
||||
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId);
|
||||
signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
|
||||
}
|
||||
PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId);
|
||||
PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(signingKeyRing);
|
||||
if (signingKey == null) {
|
||||
throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed));
|
||||
}
|
||||
|
||||
@ -169,7 +169,7 @@ public class OpenPgpService extends RemoteService {
|
||||
builder.enableAsciiArmorOutput(asciiArmor)
|
||||
.signatureHashAlgorithm(accSettings.getHashAlgorithm())
|
||||
.signatureForceV3(false)
|
||||
.signatureKeyId(accSettings.getKeyId())
|
||||
.signatureMasterKeyId(accSettings.getKeyId())
|
||||
.signaturePassphrase(passphrase);
|
||||
builder.build().execute();
|
||||
} finally {
|
||||
@ -235,7 +235,7 @@ public class OpenPgpService extends RemoteService {
|
||||
builder.enableAsciiArmorOutput(asciiArmor)
|
||||
.compressionId(accSettings.getCompression())
|
||||
.symmetricEncryptionAlgorithm(accSettings.getEncryptionAlgorithm())
|
||||
.encryptionKeyIds(keyIds);
|
||||
.encryptionMasterKeyIds(keyIds);
|
||||
|
||||
if (sign) {
|
||||
String passphrase;
|
||||
@ -254,11 +254,11 @@ public class OpenPgpService extends RemoteService {
|
||||
// sign and encrypt
|
||||
builder.signatureHashAlgorithm(accSettings.getHashAlgorithm())
|
||||
.signatureForceV3(false)
|
||||
.signatureKeyId(accSettings.getKeyId())
|
||||
.signatureMasterKeyId(accSettings.getKeyId())
|
||||
.signaturePassphrase(passphrase);
|
||||
} else {
|
||||
// encrypt only
|
||||
builder.signatureKeyId(Id.key.none);
|
||||
builder.signatureMasterKeyId(Id.key.none);
|
||||
}
|
||||
// execute PGP operation!
|
||||
builder.build().execute();
|
||||
|
||||
@ -319,9 +319,9 @@ public class KeychainIntentService extends IntentService
|
||||
.symmetricEncryptionAlgorithm(
|
||||
Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
|
||||
.signatureForceV3(Preferences.getPreferences(this).getForceV3Signatures())
|
||||
.encryptionKeyIds(encryptionKeyIds)
|
||||
.encryptionMasterKeyIds(encryptionKeyIds)
|
||||
.symmetricPassphrase(symmetricPassphrase)
|
||||
.signatureKeyId(signatureKeyId)
|
||||
.signatureMasterKeyId(signatureKeyId)
|
||||
.signatureHashAlgorithm(
|
||||
Preferences.getPreferences(this).getDefaultHashAlgorithm())
|
||||
.signaturePassphrase(
|
||||
@ -811,8 +811,14 @@ public class KeychainIntentService extends IntentService
|
||||
PgpKeyOperation keyOperation = new PgpKeyOperation(new ProgressScaler(this, 0, 100, 100));
|
||||
PGPPublicKeyRing publicRing = ProviderHelper.getPGPPublicKeyRing(this, pubKeyId);
|
||||
PGPPublicKey publicKey = publicRing.getPublicKey(pubKeyId);
|
||||
PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(this,
|
||||
masterKeyId);
|
||||
PGPSecretKeyRing secretKeyRing = null;
|
||||
try {
|
||||
secretKeyRing = ProviderHelper.getPGPSecretKeyRing(this, masterKeyId);
|
||||
} catch (ProviderHelper.NotFoundException e) {
|
||||
Log.e(Constants.TAG, "key not found!", e);
|
||||
// TODO: throw exception here!
|
||||
}
|
||||
PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(secretKeyRing);
|
||||
publicKey = keyOperation.certifyKey(certificationKey, publicKey,
|
||||
userIds, signaturePassphrase);
|
||||
publicRing = PGPPublicKeyRing.insertPublicKey(publicRing, publicKey);
|
||||
|
||||
@ -138,7 +138,7 @@ public class EncryptAsymmetricFragment extends Fragment {
|
||||
}
|
||||
|
||||
/**
|
||||
* If an Intent gives a signatureKeyId and/or encryptionKeyIds, preselect those!
|
||||
* If an Intent gives a signatureMasterKeyId and/or encryptionMasterKeyIds, preselect those!
|
||||
*
|
||||
* @param preselectedSignatureKeyId
|
||||
* @param preselectedEncryptionKeyIds
|
||||
|
||||
@ -84,7 +84,6 @@ public class SelectSecretKeyLayoutFragment extends Fragment implements LoaderMan
|
||||
}
|
||||
|
||||
public void setSelectedKeyData(String userName, String email, String masterKeyHex) {
|
||||
|
||||
mNoKeySelected.setVisibility(View.GONE);
|
||||
|
||||
mKeyUserId.setText(userName);
|
||||
|
||||
@ -71,7 +71,6 @@
|
||||
android:text="@string/api_settings_no_key"
|
||||
android:layout_marginTop="15dp" />
|
||||
|
||||
|
||||
</LinearLayout>
|
||||
|
||||
</LinearLayout>
|
||||
Loading…
Reference in New Issue
Block a user