Remove support for V3 signatures

2024-11-23 17:22:16 -05:00 · 2014-07-22 18:24:12 +02:00 · 2014-07-22 18:24:12 +02:00 · bf10eb91b7
commit bf10eb91b7
parent e4e8bc5e07
9 changed files with 17 additions and 162 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
@ -65,7 +65,6 @@ public final class Constants {
        public static final String DEFAULT_FILE_COMPRESSION = "defaultFileCompression";
        public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
        public static final String LANGUAGE = "language";
        public static final String FORCE_V3_SIGNATURES = "forceV3Signatures";
        public static final String KEY_SERVERS = "keyServers";
        public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
        public static final String CONCEAL_PGP_APPLICATION = "concealPgpApplication";
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java
@ -129,16 +129,6 @@ public class Preferences {
        editor.commit();
    }
    public boolean getForceV3Signatures() {
        return mSharedPreferences.getBoolean(Constants.Pref.FORCE_V3_SIGNATURES, false);
    }
    public void setForceV3Signatures(boolean value) {
        SharedPreferences.Editor editor = mSharedPreferences.edit();
        editor.putBoolean(Constants.Pref.FORCE_V3_SIGNATURES, value);
        editor.commit();
    }
    public boolean getFirstTime() {
        return mSharedPreferences.getBoolean(Constants.Pref.FIRST_TIME, true);
    }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
@ -26,7 +26,6 @@ import org.spongycastle.openpgp.PGPException;
 import org.spongycastle.openpgp.PGPLiteralData;
 import org.spongycastle.openpgp.PGPLiteralDataGenerator;
 import org.spongycastle.openpgp.PGPSignatureGenerator;
 import org.spongycastle.openpgp.PGPV3SignatureGenerator;
 import org.spongycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
 import org.spongycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
 import org.spongycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
@ -68,7 +67,6 @@ public class PgpSignEncrypt {
    private int mSymmetricEncryptionAlgorithm;
    private long mSignatureMasterKeyId;
    private int mSignatureHashAlgorithm;
    private boolean mSignatureForceV3;
    private String mSignaturePassphrase;
    private boolean mEncryptToSigner;
    private boolean mCleartextInput;
@ -101,7 +99,6 @@ public class PgpSignEncrypt {
        this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm;
        this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId;
        this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm;
        this.mSignatureForceV3 = builder.mSignatureForceV3;
        this.mSignaturePassphrase = builder.mSignaturePassphrase;
        this.mEncryptToSigner = builder.mEncryptToSigner;
        this.mCleartextInput = builder.mCleartextInput;
@ -125,7 +122,6 @@ public class PgpSignEncrypt {
        private int mSymmetricEncryptionAlgorithm = 0;
        private long mSignatureMasterKeyId = Constants.key.none;
        private int mSignatureHashAlgorithm = 0;
        private boolean mSignatureForceV3 = false;
        private String mSignaturePassphrase = null;
        private boolean mEncryptToSigner = false;
        private boolean mCleartextInput = false;
@ -180,17 +176,6 @@ public class PgpSignEncrypt {
            return this;
        }
        /**
         * Generate old V3 signatures
         *
         * @param signatureForceV3
         * @return
         */
        public Builder setSignatureForceV3(boolean signatureForceV3) {
            mSignatureForceV3 = signatureForceV3;
            return this;
        }
        public Builder setSignaturePassphrase(String signaturePassphrase) {
            mSignaturePassphrase = signaturePassphrase;
            return this;
@ -367,19 +352,13 @@ public class PgpSignEncrypt {
        /* Initialize signature generator object for later usage */
        PGPSignatureGenerator signatureGenerator = null;
        PGPV3SignatureGenerator signatureV3Generator = null;
        if (enableSignature) {
            updateProgress(R.string.progress_preparing_signature, 10, 100);
            try {
                boolean cleartext = mCleartextInput && mEnableAsciiArmorOutput && !enableEncryption;
                if (mSignatureForceV3) {
                    signatureV3Generator = signingKey.getV3SignatureGenerator(
                            mSignatureHashAlgorithm, cleartext);
                } else {
                signatureGenerator = signingKey.getSignatureGenerator(
                        mSignatureHashAlgorithm, cleartext, mNfcSignedHash, mNfcCreationTimestamp);
                }
            } catch (PgpGeneralException e) {
                // TODO throw correct type of exception (which shouldn't be PGPException)
                throw new KeyExtractionException();
@ -414,12 +393,8 @@ public class PgpSignEncrypt {
            }
            if (enableSignature) {
                if (mSignatureForceV3) {
                    signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
                } else {
                signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
            }
            }
            PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
            // file name not needed, so empty string
@ -436,12 +411,8 @@ public class PgpSignEncrypt {
                // update signature buffer if signature is requested
                if (enableSignature) {
                    if (mSignatureForceV3) {
                        signatureV3Generator.update(buffer, 0, n);
                    } else {
                    signatureGenerator.update(buffer, 0, n);
                }
                }
                progress += n;
                if (mData.getSize() != 0) {
@ -462,11 +433,7 @@ public class PgpSignEncrypt {
            final BufferedReader reader = new BufferedReader(new InputStreamReader(in));
            // update signature buffer with first line
            if (mSignatureForceV3) {
                processLineV3(reader.readLine(), armorOut, signatureV3Generator);
            } else {
            processLine(reader.readLine(), armorOut, signatureGenerator);
            }
            while (true) {
                String line = reader.readLine();
@ -480,14 +447,9 @@ public class PgpSignEncrypt {
                armorOut.write(NEW_LINE);
                // update signature buffer with input line
                if (mSignatureForceV3) {
                    signatureV3Generator.update(NEW_LINE);
                    processLineV3(line, armorOut, signatureV3Generator);
                } else {
                signatureGenerator.update(NEW_LINE);
                processLine(line, armorOut, signatureGenerator);
            }
            }
            armorOut.endClearText();
@ -506,11 +468,7 @@ public class PgpSignEncrypt {
                bcpgOut = new BCPGOutputStream(out);
            }
            if (mSignatureForceV3) {
                signatureV3Generator.generateOnePassVersion(false).encode(bcpgOut);
            } else {
            signatureGenerator.generateOnePassVersion(false).encode(bcpgOut);
            }
            PGPLiteralDataGenerator literalGen = new PGPLiteralDataGenerator();
            // file name not needed, so empty string
@ -522,12 +480,8 @@ public class PgpSignEncrypt {
            while ((n = in.read(buffer)) > 0) {
                pOut.write(buffer, 0, n);
                if (mSignatureForceV3) {
                    signatureV3Generator.update(buffer, 0, n);
                } else {
                signatureGenerator.update(buffer, 0, n);
            }
            }
            literalGen.close();
        } else {
@ -537,9 +491,6 @@ public class PgpSignEncrypt {
        if (enableSignature) {
            updateProgress(R.string.progress_generating_signature, 95, 100);
            if (mSignatureForceV3) {
                signatureV3Generator.generate().encode(pOut);
            } else {
            try {
                signatureGenerator.generate().encode(pOut);
            } catch (NfcSyncPGPContentSignerBuilder.NfcInteractionNeeded e) {
@ -547,7 +498,6 @@ public class PgpSignEncrypt {
                throw new NeedNfcDataException(e.hashToSign, e.creationTimestamp);
            }
        }
        }
        // closing outputs
        // NOTE: closing needs to be done in the correct order!
@ -595,30 +545,4 @@ public class PgpSignEncrypt {
        pSignatureGenerator.update(data);
    }
    private static void processLineV3(final String pLine, final ArmoredOutputStream pArmoredOutput,
                                      final PGPV3SignatureGenerator pSignatureGenerator)
            throws IOException, SignatureException {
        if (pLine == null) {
            return;
        }
        final char[] chars = pLine.toCharArray();
        int len = chars.length;
        while (len > 0) {
            if (!Character.isWhitespace(chars[len - 1])) {
                break;
            }
            len--;
        }
        final byte[] data = pLine.substring(0, len).getBytes("UTF-8");
        if (pArmoredOutput != null) {
            pArmoredOutput.write(data);
        }
        pSignatureGenerator.update(data);
    }
 }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedSecretKey.java
@ -12,7 +12,6 @@ import org.spongycastle.openpgp.PGPSignatureGenerator;
 import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator;
 import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
 import org.spongycastle.openpgp.PGPUtil;
 import org.spongycastle.openpgp.PGPV3SignatureGenerator;
 import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
 import org.spongycastle.openpgp.operator.PGPContentSignerBuilder;
 import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
@ -174,35 +173,6 @@ public class WrappedSecretKey extends WrappedPublicKey {
        }
    }
    public PGPV3SignatureGenerator getV3SignatureGenerator(int hashAlgo, boolean cleartext)
            throws PgpGeneralException {
        // TODO: divert to card missing
        if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {
            throw new PrivateKeyNotUnlockedException();
        }
        // content signer based on signing key algorithm and chosen hash algorithm
        JcaPGPContentSignerBuilder contentSignerBuilder = new JcaPGPContentSignerBuilder(
                mSecretKey.getPublicKey().getAlgorithm(), hashAlgo)
                .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
        int signatureType;
        if (cleartext) {
            // for sign-only ascii text
            signatureType = PGPSignature.CANONICAL_TEXT_DOCUMENT;
        } else {
            signatureType = PGPSignature.BINARY_DOCUMENT;
        }
        try {
            PGPV3SignatureGenerator signatureV3Generator = new PGPV3SignatureGenerator(contentSignerBuilder);
            signatureV3Generator.init(signatureType, mPrivateKey);
            return signatureV3Generator;
        } catch(PGPException e) {
            throw new PgpGeneralException("Error initializing signature!", e);
        }
    }
    public PublicKeyDataDecryptorFactory getDecryptorFactory() {
        // TODO: divert to card missing
        if (mPrivateKeyState != PRIVATE_KEY_STATE_UNLOCKED) {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@ -208,7 +208,6 @@ public class OpenPgpService extends RemoteService {
                        inputData, os);
                builder.setEnableAsciiArmorOutput(asciiArmor)
                        .setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
                        .setSignatureForceV3(false)
                        .setSignatureMasterKeyId(accSettings.getKeyId())
                        .setSignaturePassphrase(passphrase)
                        .setNfcState(nfcSignedHash, nfcCreationTimestamp);
@ -320,7 +319,6 @@ public class OpenPgpService extends RemoteService {
                    // sign and encrypt
                    builder.setSignatureHashAlgorithm(accSettings.getHashAlgorithm())
                            .setSignatureForceV3(false)
                            .setSignatureMasterKeyId(accSettings.getKeyId())
                            .setSignaturePassphrase(passphrase);
                } else {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java
@ -245,7 +245,6 @@ public class KeychainIntentService extends IntentService
                        .setCompressionId(compressionId)
                        .setSymmetricEncryptionAlgorithm(
                                Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
                        .setSignatureForceV3(Preferences.getPreferences(this).getForceV3Signatures())
                        .setEncryptionMasterKeyIds(encryptionKeyIds)
                        .setSymmetricPassphrase(symmetricPassphrase)
                        .setSignatureMasterKeyId(signatureKeyId)
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/PreferencesActivity.java
@ -118,9 +118,6 @@ public class PreferencesActivity extends PreferenceActivity {
            initializeAsciiArmor(
                    (CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
            initializeForceV3Signatures(
                    (CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
            initializeConcealPgpApplication(
                    (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
@ -265,9 +262,6 @@ public class PreferencesActivity extends PreferenceActivity {
            initializeAsciiArmor(
                    (CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
            initializeForceV3Signatures(
                    (CheckBoxPreference) findPreference(Constants.Pref.FORCE_V3_SIGNATURES));
            initializeConcealPgpApplication(
                    (CheckBoxPreference) findPreference(Constants.Pref.CONCEAL_PGP_APPLICATION));
        }
@ -391,18 +385,6 @@ public class PreferencesActivity extends PreferenceActivity {
        });
    }
    private static void initializeForceV3Signatures(final CheckBoxPreference mForceV3Signatures) {
        mForceV3Signatures.setChecked(sPreferences.getForceV3Signatures());
        mForceV3Signatures
                .setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
                    public boolean onPreferenceChange(Preference preference, Object newValue) {
                        mForceV3Signatures.setChecked((Boolean) newValue);
                        sPreferences.setForceV3Signatures((Boolean) newValue);
                        return false;
                    }
                });
    }
    private static void initializeConcealPgpApplication(final CheckBoxPreference mConcealPgpApplication) {
        mConcealPgpApplication.setChecked(sPreferences.getConcealPgpApplication());
        mConcealPgpApplication.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@ -122,7 +122,6 @@
    <string name="label_passphrase_cache_ttl">Passphrase Cache</string>
    <string name="label_message_compression">Message Compression</string>
    <string name="label_file_compression">File Compression</string>
    <string name="label_force_v3_signature">Force old OpenPGPv3 Signatures</string>
    <string name="label_keyservers">Keyservers</string>
    <string name="label_key_id">Key ID</string>
    <string name="label_creation">Creation</string>
--- a/OpenKeychain/src/main/res/xml/adv_preferences.xml
+++ b/OpenKeychain/src/main/res/xml/adv_preferences.xml
@ -16,7 +16,7 @@
 -->
 <PreferenceScreen xmlns:android="http://schemas.android.com/apk/res/android">
-    <PreferenceCategory android:title="@string/section_defaults" >
+    <PreferenceCategory android:title="@string/section_defaults">
        <org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
            android:key="defaultEncryptionAlgorithm"
            android:persistent="false"
@ -33,22 +33,16 @@
            android:key="defaultFileCompression"
            android:persistent="false"
            android:title="@string/label_file_compression" />
        <CheckBoxPreference
            android:key="defaultAsciiArmor"
            android:persistent="false"
            android:title="@string/label_ascii_armor" />
-
+    </PreferenceCategory>
    <PreferenceCategory android:title="@string/section_advanced">
        <CheckBoxPreference
            android:key="concealPgpApplication"
            android:persistent="false"
            android:title="@string/label_conceal_pgp_application"
            android:summary="@string/label_conceal_pgp_application_summary" />
    </PreferenceCategory>
    <PreferenceCategory android:title="@string/section_advanced" >
        <CheckBoxPreference
            android:key="forceV3Signatures"
            android:persistent="false"
            android:title="@string/label_force_v3_signature"/>
    </PreferenceCategory>
 </PreferenceScreen>