Remove support for V3 signatures

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java

@@ -65,7 +65,6 @@ public final class Constants {
         public static final String DEFAULT_FILE_COMPRESSION = "defaultFileCompression";
         public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
         public static final String LANGUAGE = "language";
-        public static final String FORCE_V3_SIGNATURES = "forceV3Signatures";
         public static final String KEY_SERVERS = "keyServers";
         public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
         public static final String CONCEAL_PGP_APPLICATION = "concealPgpApplication";

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java

@@ -129,16 +129,6 @@ public class Preferences {
         editor.commit();
     }
 
-    public boolean getForceV3Signatures() {
-        return mSharedPreferences.getBoolean(Constants.Pref.FORCE_V3_SIGNATURES, false);
-    }
-
-    public void setForceV3Signatures(boolean value) {
-        SharedPreferences.Editor editor = mSharedPreferences.edit();
-        editor.putBoolean(Constants.Pref.FORCE_V3_SIGNATURES, value);
-        editor.commit();
-    }
-
     public boolean getFirstTime() {
         return mSharedPreferences.getBoolean(Constants.Pref.FIRST_TIME, true);
     }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java

@@ -26,7 +26,6 @@ import org.spongycastle.openpgp.PGPException;
 import org.spongycastle.openpgp.PGPLiteralData;
 import org.spongycastle.openpgp.PGPLiteralDataGenerator;
 import org.spongycastle.openpgp.PGPSignatureGenerator;
-import org.spongycastle.openpgp.PGPV3SignatureGenerator;
 import org.spongycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
 import org.spongycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
 import org.spongycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
@@ -68,7 +67,6 @@ public class PgpSignEncrypt {
     private int mSymmetricEncryptionAlgorithm;
     private long mSignatureMasterKeyId;
     private int mSignatureHashAlgorithm;
-    private boolean mSignatureForceV3;
     private String mSignaturePassphrase;
     private boolean mEncryptToSigner;
     private boolean mCleartextInput;
@@ -101,7 +99,6 @@ public class PgpSignEncrypt {
         this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm;
         this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId;
         this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm;
-        this.mSignatureForceV3 = builder.mSignatureForceV3;
         this.mSignaturePassphrase = builder.mSignaturePassphrase;
         this.mEncryptToSigner = builder.mEncryptToSigner;
         this.mCleartextInput = builder.mCleartextInput;
@@ -125,7 +122,6 @@ public class PgpSignEncrypt {
         private int mSymmetricEncryptionAlgorithm = 0;
         private long mSignatureMasterKeyId = Constants.key.none;
         private int mSignatureHashAlgorithm = 0;
-        private boolean mSignatureForceV3 = false;
         private String mSignaturePassphrase = null;
         private boolean mEncryptToSigner = false;
         private boolean mCleartextInput = false;
@@ -180,17 +176,6 @@ public class PgpSignEncrypt {
             return this;
         }
 
-        /**
-         * Generate old V3 signatures
-         *
-         * @param signatureForceV3
-         * @return
-         */
-        public Builder setSignatureForceV3(boolean signatureForceV3) {
-            mSignatureForceV3 = signatureForceV3;
-            return this;
-        }
-
         public Builder setSignaturePassphrase(String signaturePassphrase) {
             mSignaturePassphrase = signaturePassphrase;
             return this;
@@ -367,19 +352,13 @@ public class PgpSignEncrypt {
 
         /* Initialize signature generator object for later usage */
         PGPSignatureGenerator signatureGenerator = null;
-        PGPV3SignatureGenerator signatureV3Generator = null;
         if (enableSignature) {
             updateProgress(R.string.progress_preparing_signature, 10, 100);
 
             try {
                 boolean cleartext = mCleartextInput && mEnableAsciiArmorOutput && !enableEncryption;
-                if (mSignatureForceV3) {
-                    signatureV3Generator = signingKey.getV3SignatureGenerator(
-                            mSignatureHashAlgorithm, cleartext);
-                } else {
-                    signatureGenerator = signingKey.getSignatureGenerator(
-                            mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
-                }
+                signatureGenerator = signingKey.getSignatureGenerator(
+                        mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
             } catch (PgpGeneralException e) {
                 // TODO throw correct type of exception (which shouldn't be PGPException)
                 throw new KeyExtractionException();
@@ -414,11 +393,7 @@ public class PgpSignEncrypt {
             }
 
             if (enableSignature) {
-                if (mSignatureForceV3) {
-                    signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
-                } else {
-                    signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
-                }
+                signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
             }
 
             PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
@@ -436,11 +411,7 @@ public class PgpSignEncrypt {
 
                 // update signature buffer if signature is requested
                 if (enableSignature) {
-                    if (mSignatureForceV3) {
-                        signatureV3Generator.update(buffer, 0, n);
-                    } else {
-                        signatureGenerator.update(buffer, 0, n);
-                    }
+                    signatureGenerator.update(buffer, 0, n);
                 }
 
                 progress += n;
@@ -462,11 +433,7 @@ public class PgpSignEncrypt {
             final BufferedReader reader = new BufferedReader(new InputStreamReader(in));
 
             // update signature buffer with first line
-            if (mSignatureForceV3) {
-                processLineV3(reader.readLine(), armorOut, signatureV3Generator);
-            } else {
-                processLine(reader.readLine(), armorOut, signatureGenerator);
-            }
+            processLine(reader.readLine(), armorOut, signatureGenerator);
 
             while (true) {
                 String line = reader.readLine();
@@ -480,13 +447,8 @@ public class PgpSignEncrypt {
                 armorOut.write(NEW_LINE);
 
                 // update signature buffer with input line
-                if (mSignatureForceV3) {
-                    signatureV3Generator.update(NEW_LINE);
-                    processLineV3(line, armorOut, signatureV3Generator);
-                } else {
-                    signatureGenerator.update(NEW_LINE);
-                    processLine(line, armorOut, signatureGenerator);
-                }
+                signatureGenerator.update(NEW_LINE);
+                processLine(line, armorOut, signatureGenerator);
             }
 
             armorOut.endClearText();
@@ -506,11 +468,7 @@ public class PgpSignEncrypt {
                 bcpgOut = new BCPGOutputStream(out);
             }
 
-            if (mSignatureForceV3) {
-                signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
-            } else {
-                signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
-            }
+            signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
 
             PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
             // file name not needed, so empty string
@@ -522,11 +480,7 @@ public class PgpSignEncrypt {
             while ((n = in.read(buffer)) > 0) {
                 pOut.write(buffer, 0, n);
 
-                if (mSignatureForceV3) {
-                    signatureV3Generator.update(buffer, 0, n);
-                } else {
-                    signatureGenerator.update(buffer, 0, n);
-                }
+                signatureGenerator.update(buffer, 0, n);
             }
 
             literalGen.close();
@@ -537,15 +491,11 @@ public class PgpSignEncrypt {
 
         if (enableSignature) {
             updateProgress(R.string.progress_generating_signature, 95, 100);
-            if (mSignatureForceV3) {
-                signatureV3Generator.generate().encode(pOut);
-            } else {
-                try {
-                    signatureGenerator.generate().encode(pOut);
-                } catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
-                    // this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
-                    throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp);
-                }
+            try {
+                signatureGenerator.generate().encode(pOut);
+            } catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
+                // this secret key diverts to a OpenPGP card, throw exception with hash that will be signed
+                throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp);
             }
         }
 
@@ -595,30 +545,4 @@ public class PgpSignEncrypt {
         pSignatureGenerator.update(data);
     }
 
-    private static void processLineV3(final String pLine, final ArmoredOutputStream pArmoredOutput,
-                                      final PGPV3SignatureGenerator pSignatureGenerator)
-            throws IOException, SignatureException {
-
-        if (pLine == null) {
-            return;
-        }
-
-        final char[] chars = pLine.toCharArray();
-        int len = chars.length;
-
-        while (len > 0) {
-            if (!Character.isWhitespace(chars[len - 1])) {
-                break;
-            }
-            len--;
-        }
-
-        final byte[] data = pLine.substring(0, len).getBytes("UTF-8");
-
-        if (pArmoredOutput != null) {
-            pArmoredOutput.write(data);
-        }
-        pSignatureGenerator.update(data);
-    }
-
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java

@@ -12,7 +12,6 @@ import org.spongycastle.openpgp.PGPSignatureGenerator;
 import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator;
 import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
 import org.spongycastle.openpgp.PGPUtil;
-import org.spongycastle.openpgp.PGPV3SignatureGenerator;
 import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
 import org.spongycastle.openpgp.operator.PGPContentSignerBuilder;
 import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
@@ -174,35 +173,6 @@ public class WrappedSecretKey extends WrappedPublicKey {
         }
     }
 
-    public PGPV3SignatureGenerator getV3SignatureGenerator(int hashAlgo, boolean cleartext)
-            throws PgpGeneralException {
-        // TODO: divert to card missing
-        if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {
-            throw new PrivateKeyNotUnlockedException();
-        }
-
-        // content signer based on signing key algorithm and chosen hash algorithm
-        JcaPGPContentSignerBuilder contentSignerBuilder = new JcaPGPContentSignerBuilder(
-                mSecretKey.getPublicKey().getAlgorithm(), hashAlgo)
-                .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
-
-        int signatureType;
-        if (cleartext) {
-            // for sign-only ascii text
-            signatureType = PGPSignature.CANONICAL_TEXT_DOCUMENT;
-        } else {
-            signatureType = PGPSignature.BINARY_DOCUMENT;
-        }
-
-        try {
-            PGPV3SignatureGenerator signatureV3Generator = new PGPV3SignatureGenerator(contentSignerBuilder);
-            signatureV3Generator.init(signatureType, mPrivateKey);
-            return signatureV3Generator;
-        } catch(PGPException e) {
-            throw new PgpGeneralException("Error initializing signature!", e);
-        }
-    }
-
     public PublicKeyDataDecryptorFactory getDecryptorFactory() {
         // TODO: divert to card missing
         if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java

@@ -208,7 +208,6 @@ public class OpenPgpService extends RemoteService {
                         inputData, os);
                 builder.setEnableAsciiArmorOutput(asciiArmor)
                         .setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
-                        .setSignatureForceV3(false)
                         .setSignatureMasterKeyId(accSettings.getKeyId())
                         .setSignaturePassphrase(passphrase)
                         .setNfcState(nfcSignedHash, nfcCreationTimestamp);
@@ -320,7 +319,6 @@ public class OpenPgpService extends RemoteService {
 
                     // sign and encrypt
                     builder.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
-                            .setSignatureForceV3(false)
                             .setSignatureMasterKeyId(accSettings.getKeyId())
                             .setSignaturePassphrase(passphrase);
                 } else {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java

@@ -245,7 +245,6 @@ public class KeychainIntentService extends IntentService
                         .setCompressionId(compressionId)
                         .setSymmetricEncryptionAlgorithm(
                                 Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
-                        .setSignatureForceV3(Preferences.getPreferences(this).getForceV3Signatures())
                         .setEncryptionMasterKeyIds(encryptionKeyIds)
                         .setSymmetricPassphrase(symmetricPassphrase)
                         .setSignatureMasterKeyId(signatureKeyId)

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java

@@ -118,9 +118,6 @@ public class PreferencesActivity extends PreferenceActivity {
             initializeAsciiArmor(
                     (CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
 
-            initializeForceV3Signatures(
-                    (CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
-
             initializeConcealPgpApplication(
                     (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
 
@@ -265,9 +262,6 @@ public class PreferencesActivity extends PreferenceActivity {
             initializeAsciiArmor(
                     (CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
 
-            initializeForceV3Signatures(
-                    (CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
-
             initializeConcealPgpApplication(
                     (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
         }
@@ -391,18 +385,6 @@ public class PreferencesActivity extends PreferenceActivity {
         });
     }
 
-    private static void initializeForceV3Signatures(final CheckBoxPreference mForceV3Signatures) {
-        mForceV3Signatures.setChecked(sPreferences.getForceV3Signatures());
-        mForceV3Signatures
-                .setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
-                    public boolean onPreferenceChange(Preference preference, Object newValue) {
-                        mForceV3Signatures.setChecked((Boolean) newValue);
-                        sPreferences.setForceV3Signatures((Boolean) newValue);
-                        return false;
-                    }
-                });
-    }
-
     private static void initializeConcealPgpApplication(final CheckBoxPreference mConcealPgpApplication) {
         mConcealPgpApplication.setChecked(sPreferences.getConcealPgpApplication());
         mConcealPgpApplication.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {

OpenKeychain/src/main/res/values/strings.xml

@@ -122,7 +122,6 @@
     <string name="label_passphrase_cache_ttl">Passphrase Cache</string>
     <string name="label_message_compression">Message Compression</string>
     <string name="label_file_compression">File Compression</string>
-    <string name="label_force_v3_signature">Force old OpenPGPv3 Signatures</string>
     <string name="label_keyservers">Keyservers</string>
     <string name="label_key_id">Key ID</string>
     <string name="label_creation">Creation</string>

OpenKeychain/src/main/res/xml/adv_preferences.xml

@@ -16,7 +16,7 @@
 -->
 
 <PreferenceScreen xmlns:android="http://schemas.android.com/apk/res/android">
-    <PreferenceCategory android:title="@string/section_defaults" >
+    <PreferenceCategory android:title="@string/section_defaults">
         <org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
             android:key="defaultEncryptionAlgorithm"
             android:persistent="false"
@@ -33,22 +33,16 @@
             android:key="defaultFileCompression"
             android:persistent="false"
             android:title="@string/label_file_compression" />
-
         <CheckBoxPreference
             android:key="defaultAsciiArmor"
             android:persistent="false"
             android:title="@string/label_ascii_armor" />
-
+    </PreferenceCategory>
+    <PreferenceCategory android:title="@string/section_advanced">
         <CheckBoxPreference
             android:key="concealPgpApplication"
             android:persistent="false"
             android:title="@string/label_conceal_pgp_application"
             android:summary="@string/label_conceal_pgp_application_summary" />
     </PreferenceCategory>
-    <PreferenceCategory android:title="@string/section_advanced" >
-        <CheckBoxPreference
-            android:key="forceV3Signatures"
-            android:persistent="false"
-            android:title="@string/label_force_v3_signature"/>
-    </PreferenceCategory>
 </PreferenceScreen>