mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-23 17:22:16 -05:00
Remove support for V3 signatures
This commit is contained in:
parent
e4e8bc5e07
commit
bf10eb91b7
@ -65,7 +65,6 @@ public final class Constants {
|
||||
public static final String DEFAULT_FILE_COMPRESSION = "defaultFileCompression";
|
||||
public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
|
||||
public static final String LANGUAGE = "language";
|
||||
public static final String FORCE_V3_SIGNATURES = "forceV3Signatures";
|
||||
public static final String KEY_SERVERS = "keyServers";
|
||||
public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
|
||||
public static final String CONCEAL_PGP_APPLICATION = "concealPgpApplication";
|
||||
|
@ -129,16 +129,6 @@ public class Preferences {
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public boolean getForceV3Signatures() {
|
||||
return mSharedPreferences.getBoolean(Constants.Pref.FORCE_V3_SIGNATURES, false);
|
||||
}
|
||||
|
||||
public void setForceV3Signatures(boolean value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putBoolean(Constants.Pref.FORCE_V3_SIGNATURES, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public boolean getFirstTime() {
|
||||
return mSharedPreferences.getBoolean(Constants.Pref.FIRST_TIME, true);
|
||||
}
|
||||
|
@ -26,7 +26,6 @@ import org.spongycastle.openpgp.PGPException;
|
||||
import org.spongycastle.openpgp.PGPLiteralData;
|
||||
import org.spongycastle.openpgp.PGPLiteralDataGenerator;
|
||||
import org.spongycastle.openpgp.PGPSignatureGenerator;
|
||||
import org.spongycastle.openpgp.PGPV3SignatureGenerator;
|
||||
import org.spongycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
|
||||
import org.spongycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
|
||||
import org.spongycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
|
||||
@ -68,7 +67,6 @@ public class PgpSignEncrypt {
|
||||
private int mSymmetricEncryptionAlgorithm;
|
||||
private long mSignatureMasterKeyId;
|
||||
private int mSignatureHashAlgorithm;
|
||||
private boolean mSignatureForceV3;
|
||||
private String mSignaturePassphrase;
|
||||
private boolean mEncryptToSigner;
|
||||
private boolean mCleartextInput;
|
||||
@ -101,7 +99,6 @@ public class PgpSignEncrypt {
|
||||
this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm;
|
||||
this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId;
|
||||
this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm;
|
||||
this.mSignatureForceV3 = builder.mSignatureForceV3;
|
||||
this.mSignaturePassphrase = builder.mSignaturePassphrase;
|
||||
this.mEncryptToSigner = builder.mEncryptToSigner;
|
||||
this.mCleartextInput = builder.mCleartextInput;
|
||||
@ -125,7 +122,6 @@ public class PgpSignEncrypt {
|
||||
private int mSymmetricEncryptionAlgorithm = 0;
|
||||
private long mSignatureMasterKeyId = Constants.key.none;
|
||||
private int mSignatureHashAlgorithm = 0;
|
||||
private boolean mSignatureForceV3 = false;
|
||||
private String mSignaturePassphrase = null;
|
||||
private boolean mEncryptToSigner = false;
|
||||
private boolean mCleartextInput = false;
|
||||
@ -180,17 +176,6 @@ public class PgpSignEncrypt {
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate old V3 signatures
|
||||
*
|
||||
* @param signatureForceV3
|
||||
* @return
|
||||
*/
|
||||
public Builder setSignatureForceV3(boolean signatureForceV3) {
|
||||
mSignatureForceV3 = signatureForceV3;
|
||||
return this;
|
||||
}
|
||||
|
||||
public Builder setSignaturePassphrase(String signaturePassphrase) {
|
||||
mSignaturePassphrase = signaturePassphrase;
|
||||
return this;
|
||||
@ -367,19 +352,13 @@ public class PgpSignEncrypt {
|
||||
|
||||
/* Initialize signature generator object for later usage */
|
||||
PGPSignatureGenerator signatureGenerator = null;
|
||||
PGPV3SignatureGenerator signatureV3Generator = null;
|
||||
if (enableSignature) {
|
||||
updateProgress(R.string.progress_preparing_signature, 10, 100);
|
||||
|
||||
try {
|
||||
boolean cleartext = mCleartextInput && mEnableAsciiArmorOutput && !enableEncryption;
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator = signingKey.getV3SignatureGenerator(
|
||||
mSignatureHashAlgorithm, cleartext);
|
||||
} else {
|
||||
signatureGenerator = signingKey.getSignatureGenerator(
|
||||
mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
|
||||
}
|
||||
signatureGenerator = signingKey.getSignatureGenerator(
|
||||
mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
|
||||
} catch (PgpGeneralException e) {
|
||||
// TODO throw correct type of exception (which shouldn't be PGPException)
|
||||
throw new KeyExtractionException();
|
||||
@ -414,11 +393,7 @@ public class PgpSignEncrypt {
|
||||
}
|
||||
|
||||
if (enableSignature) {
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
} else {
|
||||
signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
}
|
||||
signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
}
|
||||
|
||||
PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
|
||||
@ -436,11 +411,7 @@ public class PgpSignEncrypt {
|
||||
|
||||
// update signature buffer if signature is requested
|
||||
if (enableSignature) {
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.update(buffer, 0, n);
|
||||
} else {
|
||||
signatureGenerator.update(buffer, 0, n);
|
||||
}
|
||||
signatureGenerator.update(buffer, 0, n);
|
||||
}
|
||||
|
||||
progress += n;
|
||||
@ -462,11 +433,7 @@ public class PgpSignEncrypt {
|
||||
final BufferedReader reader = new BufferedReader(new InputStreamReader(in));
|
||||
|
||||
// update signature buffer with first line
|
||||
if (mSignatureForceV3) {
|
||||
processLineV3(reader.readLine(), armorOut, signatureV3Generator);
|
||||
} else {
|
||||
processLine(reader.readLine(), armorOut, signatureGenerator);
|
||||
}
|
||||
processLine(reader.readLine(), armorOut, signatureGenerator);
|
||||
|
||||
while (true) {
|
||||
String line = reader.readLine();
|
||||
@ -480,13 +447,8 @@ public class PgpSignEncrypt {
|
||||
armorOut.write(NEW_LINE);
|
||||
|
||||
// update signature buffer with input line
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.update(NEW_LINE);
|
||||
processLineV3(line, armorOut, signatureV3Generator);
|
||||
} else {
|
||||
signatureGenerator.update(NEW_LINE);
|
||||
processLine(line, armorOut, signatureGenerator);
|
||||
}
|
||||
signatureGenerator.update(NEW_LINE);
|
||||
processLine(line, armorOut, signatureGenerator);
|
||||
}
|
||||
|
||||
armorOut.endClearText();
|
||||
@ -506,11 +468,7 @@ public class PgpSignEncrypt {
|
||||
bcpgOut = new BCPGOutputStream(out);
|
||||
}
|
||||
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
} else {
|
||||
signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
}
|
||||
signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
|
||||
|
||||
PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
|
||||
// file name not needed, so empty string
|
||||
@ -522,11 +480,7 @@ public class PgpSignEncrypt {
|
||||
while ((n = in.read(buffer)) > 0) {
|
||||
pOut.write(buffer, 0, n);
|
||||
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.update(buffer, 0, n);
|
||||
} else {
|
||||
signatureGenerator.update(buffer, 0, n);
|
||||
}
|
||||
signatureGenerator.update(buffer, 0, n);
|
||||
}
|
||||
|
||||
literalGen.close();
|
||||
@ -537,15 +491,11 @@ public class PgpSignEncrypt {
|
||||
|
||||
if (enableSignature) {
|
||||
updateProgress(R.string.progress_generating_signature, 95, 100);
|
||||
if (mSignatureForceV3) {
|
||||
signatureV3Generator.generate().encode(pOut);
|
||||
} else {
|
||||
try {
|
||||
signatureGenerator.generate().encode(pOut);
|
||||
} catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
|
||||
// this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
|
||||
throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp);
|
||||
}
|
||||
try {
|
||||
signatureGenerator.generate().encode(pOut);
|
||||
} catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
|
||||
// this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
|
||||
throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp);
|
||||
}
|
||||
}
|
||||
|
||||
@ -595,30 +545,4 @@ public class PgpSignEncrypt {
|
||||
pSignatureGenerator.update(data);
|
||||
}
|
||||
|
||||
private static void processLineV3(final String pLine, final ArmoredOutputStream pArmoredOutput,
|
||||
final PGPV3SignatureGenerator pSignatureGenerator)
|
||||
throws IOException, SignatureException {
|
||||
|
||||
if (pLine == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
final char[] chars = pLine.toCharArray();
|
||||
int len = chars.length;
|
||||
|
||||
while (len > 0) {
|
||||
if (!Character.isWhitespace(chars[len - 1])) {
|
||||
break;
|
||||
}
|
||||
len--;
|
||||
}
|
||||
|
||||
final byte[] data = pLine.substring(0, len).getBytes("UTF-8");
|
||||
|
||||
if (pArmoredOutput != null) {
|
||||
pArmoredOutput.write(data);
|
||||
}
|
||||
pSignatureGenerator.update(data);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -12,7 +12,6 @@ import org.spongycastle.openpgp.PGPSignatureGenerator;
|
||||
import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator;
|
||||
import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
|
||||
import org.spongycastle.openpgp.PGPUtil;
|
||||
import org.spongycastle.openpgp.PGPV3SignatureGenerator;
|
||||
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
|
||||
import org.spongycastle.openpgp.operator.PGPContentSignerBuilder;
|
||||
import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
|
||||
@ -174,35 +173,6 @@ public class WrappedSecretKey extends WrappedPublicKey {
|
||||
}
|
||||
}
|
||||
|
||||
public PGPV3SignatureGenerator getV3SignatureGenerator(int hashAlgo, boolean cleartext)
|
||||
throws PgpGeneralException {
|
||||
// TODO: divert to card missing
|
||||
if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {
|
||||
throw new PrivateKeyNotUnlockedException();
|
||||
}
|
||||
|
||||
// content signer based on signing key algorithm and chosen hash algorithm
|
||||
JcaPGPContentSignerBuilder contentSignerBuilder = new JcaPGPContentSignerBuilder(
|
||||
mSecretKey.getPublicKey().getAlgorithm(), hashAlgo)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
|
||||
int signatureType;
|
||||
if (cleartext) {
|
||||
// for sign-only ascii text
|
||||
signatureType = PGPSignature.CANONICAL_TEXT_DOCUMENT;
|
||||
} else {
|
||||
signatureType = PGPSignature.BINARY_DOCUMENT;
|
||||
}
|
||||
|
||||
try {
|
||||
PGPV3SignatureGenerator signatureV3Generator = new PGPV3SignatureGenerator(contentSignerBuilder);
|
||||
signatureV3Generator.init(signatureType, mPrivateKey);
|
||||
return signatureV3Generator;
|
||||
} catch(PGPException e) {
|
||||
throw new PgpGeneralException("Error initializing signature!", e);
|
||||
}
|
||||
}
|
||||
|
||||
public PublicKeyDataDecryptorFactory getDecryptorFactory() {
|
||||
// TODO: divert to card missing
|
||||
if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {
|
||||
|
@ -208,7 +208,6 @@ public class OpenPgpService extends RemoteService {
|
||||
inputData, os);
|
||||
builder.setEnableAsciiArmorOutput(asciiArmor)
|
||||
.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
|
||||
.setSignatureForceV3(false)
|
||||
.setSignatureMasterKeyId(accSettings.getKeyId())
|
||||
.setSignaturePassphrase(passphrase)
|
||||
.setNfcState(nfcSignedHash, nfcCreationTimestamp);
|
||||
@ -320,7 +319,6 @@ public class OpenPgpService extends RemoteService {
|
||||
|
||||
// sign and encrypt
|
||||
builder.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
|
||||
.setSignatureForceV3(false)
|
||||
.setSignatureMasterKeyId(accSettings.getKeyId())
|
||||
.setSignaturePassphrase(passphrase);
|
||||
} else {
|
||||
|
@ -245,7 +245,6 @@ public class KeychainIntentService extends IntentService
|
||||
.setCompressionId(compressionId)
|
||||
.setSymmetricEncryptionAlgorithm(
|
||||
Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
|
||||
.setSignatureForceV3(Preferences.getPreferences(this).getForceV3Signatures())
|
||||
.setEncryptionMasterKeyIds(encryptionKeyIds)
|
||||
.setSymmetricPassphrase(symmetricPassphrase)
|
||||
.setSignatureMasterKeyId(signatureKeyId)
|
||||
|
@ -118,9 +118,6 @@ public class PreferencesActivity extends PreferenceActivity {
|
||||
initializeAsciiArmor(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
|
||||
|
||||
initializeForceV3Signatures(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
|
||||
|
||||
initializeConcealPgpApplication(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
|
||||
|
||||
@ -265,9 +262,6 @@ public class PreferencesActivity extends PreferenceActivity {
|
||||
initializeAsciiArmor(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
|
||||
|
||||
initializeForceV3Signatures(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
|
||||
|
||||
initializeConcealPgpApplication(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
|
||||
}
|
||||
@ -391,18 +385,6 @@ public class PreferencesActivity extends PreferenceActivity {
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeForceV3Signatures(final CheckBoxPreference mForceV3Signatures) {
|
||||
mForceV3Signatures.setChecked(sPreferences.getForceV3Signatures());
|
||||
mForceV3Signatures
|
||||
.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mForceV3Signatures.setChecked((Boolean) newValue);
|
||||
sPreferences.setForceV3Signatures((Boolean) newValue);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeConcealPgpApplication(final CheckBoxPreference mConcealPgpApplication) {
|
||||
mConcealPgpApplication.setChecked(sPreferences.getConcealPgpApplication());
|
||||
mConcealPgpApplication.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
|
@ -122,7 +122,6 @@
|
||||
<string name="label_passphrase_cache_ttl">Passphrase Cache</string>
|
||||
<string name="label_message_compression">Message Compression</string>
|
||||
<string name="label_file_compression">File Compression</string>
|
||||
<string name="label_force_v3_signature">Force old OpenPGPv3 Signatures</string>
|
||||
<string name="label_keyservers">Keyservers</string>
|
||||
<string name="label_key_id">Key ID</string>
|
||||
<string name="label_creation">Creation</string>
|
||||
|
@ -16,7 +16,7 @@
|
||||
-->
|
||||
|
||||
<PreferenceScreen xmlns:android="http://schemas.android.com/apk/res/android">
|
||||
<PreferenceCategory android:title="@string/section_defaults" >
|
||||
<PreferenceCategory android:title="@string/section_defaults">
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:key="defaultEncryptionAlgorithm"
|
||||
android:persistent="false"
|
||||
@ -33,22 +33,16 @@
|
||||
android:key="defaultFileCompression"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_file_compression" />
|
||||
|
||||
<CheckBoxPreference
|
||||
android:key="defaultAsciiArmor"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_ascii_armor" />
|
||||
|
||||
</PreferenceCategory>
|
||||
<PreferenceCategory android:title="@string/section_advanced">
|
||||
<CheckBoxPreference
|
||||
android:key="concealPgpApplication"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_conceal_pgp_application"
|
||||
android:summary="@string/label_conceal_pgp_application_summary" />
|
||||
</PreferenceCategory>
|
||||
<PreferenceCategory android:title="@string/section_advanced" >
|
||||
<CheckBoxPreference
|
||||
android:key="forceV3Signatures"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_force_v3_signature"/>
|
||||
</PreferenceCategory>
|
||||
</PreferenceScreen>
|
||||
|
Loading…
Reference in New Issue
Block a user