mirror of
https://github.com/moparisthebest/open-keychain
synced 2024-11-27 19:22:14 -05:00
introduce WrappedSignature for the ViewCert* ui code
This commit is contained in:
parent
91a8a6c2d1
commit
c107fc668f
@ -0,0 +1,124 @@
|
|||||||
|
package org.sufficientlysecure.keychain.pgp;
|
||||||
|
|
||||||
|
import org.spongycastle.bcpg.SignatureSubpacket;
|
||||||
|
import org.spongycastle.bcpg.SignatureSubpacketTags;
|
||||||
|
import org.spongycastle.bcpg.sig.RevocationReason;
|
||||||
|
import org.spongycastle.openpgp.PGPException;
|
||||||
|
import org.spongycastle.openpgp.PGPObjectFactory;
|
||||||
|
import org.spongycastle.openpgp.PGPSignature;
|
||||||
|
import org.spongycastle.openpgp.PGPSignatureList;
|
||||||
|
import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
|
||||||
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||||
|
import org.sufficientlysecure.keychain.util.Log;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.security.SignatureException;
|
||||||
|
|
||||||
|
public class WrappedSignature {
|
||||||
|
|
||||||
|
public static final int DEFAULT_CERTIFICATION = PGPSignature.DEFAULT_CERTIFICATION;
|
||||||
|
public static final int NO_CERTIFICATION = PGPSignature.NO_CERTIFICATION;
|
||||||
|
public static final int CASUAL_CERTIFICATION = PGPSignature.CASUAL_CERTIFICATION;
|
||||||
|
public static final int POSITIVE_CERTIFICATION = PGPSignature.POSITIVE_CERTIFICATION;
|
||||||
|
public static final int CERTIFICATION_REVOCATION = PGPSignature.CERTIFICATION_REVOCATION;
|
||||||
|
|
||||||
|
final PGPSignature mSig;
|
||||||
|
|
||||||
|
protected WrappedSignature(PGPSignature sig) {
|
||||||
|
mSig = sig;
|
||||||
|
}
|
||||||
|
|
||||||
|
public long getKeyId() {
|
||||||
|
return mSig.getKeyID();
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getKeyAlgorithm() {
|
||||||
|
return mSig.getKeyAlgorithm();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void init(WrappedPublicKey key) throws PgpGeneralException {
|
||||||
|
try {
|
||||||
|
JcaPGPContentVerifierBuilderProvider contentVerifierBuilderProvider =
|
||||||
|
new JcaPGPContentVerifierBuilderProvider()
|
||||||
|
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||||
|
mSig.init(contentVerifierBuilderProvider, key.getPublicKey());
|
||||||
|
} catch(PGPException e) {
|
||||||
|
throw new PgpGeneralException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void update(byte[] data, int offset, int length) throws PgpGeneralException {
|
||||||
|
try {
|
||||||
|
mSig.update(data, offset, length);
|
||||||
|
} catch(SignatureException e) {
|
||||||
|
throw new PgpGeneralException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public void update(byte data) throws PgpGeneralException {
|
||||||
|
try {
|
||||||
|
mSig.update(data);
|
||||||
|
} catch(SignatureException e) {
|
||||||
|
throw new PgpGeneralException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean verify() throws PgpGeneralException {
|
||||||
|
try {
|
||||||
|
return mSig.verify();
|
||||||
|
} catch(SignatureException e) {
|
||||||
|
throw new PgpGeneralException(e);
|
||||||
|
} catch(PGPException e) {
|
||||||
|
throw new PgpGeneralException(e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public boolean isRevocation() {
|
||||||
|
return mSig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.REVOCATION_REASON);
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getRevocationReason() throws PgpGeneralException {
|
||||||
|
if(!isRevocation()) {
|
||||||
|
throw new PgpGeneralException("Not a revocation signature.");
|
||||||
|
}
|
||||||
|
SignatureSubpacket p = mSig.getHashedSubPackets().getSubpacket(
|
||||||
|
SignatureSubpacketTags.REVOCATION_REASON);
|
||||||
|
// For some reason, this is missing in SignatureSubpacketInputStream:146
|
||||||
|
if (!(p instanceof RevocationReason)) {
|
||||||
|
p = new RevocationReason(false, p.getData());
|
||||||
|
}
|
||||||
|
return ((RevocationReason) p).getRevocationDescription();
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Verify a signature for this pubkey, after it has been initialized by the signer using
|
||||||
|
* initSignature(). This method should probably move into a wrapped PGPSignature class
|
||||||
|
* at some point.
|
||||||
|
*/
|
||||||
|
public boolean verifySignature(WrappedPublicKey key, String uid) throws PgpGeneralException {
|
||||||
|
try {
|
||||||
|
return mSig.verifyCertification(uid, key.getPublicKey());
|
||||||
|
} catch (SignatureException e) {
|
||||||
|
throw new PgpGeneralException("Error!", e);
|
||||||
|
} catch (PGPException e) {
|
||||||
|
throw new PgpGeneralException("Error!", e);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public static WrappedSignature fromBytes(byte[] data) {
|
||||||
|
PGPObjectFactory factory = new PGPObjectFactory(data);
|
||||||
|
PGPSignatureList signatures = null;
|
||||||
|
try {
|
||||||
|
if ((signatures = (PGPSignatureList) factory.nextObject()) == null || signatures.isEmpty()) {
|
||||||
|
Log.e(Constants.TAG, "No signatures given!");
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
} catch (IOException e) {
|
||||||
|
Log.e(Constants.TAG, "Error while converting to PGPSignature!", e);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
return new WrappedSignature(signatures.get(0));
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
@ -32,16 +32,11 @@ import android.view.MenuItem;
|
|||||||
import android.view.View;
|
import android.view.View;
|
||||||
import android.widget.TextView;
|
import android.widget.TextView;
|
||||||
|
|
||||||
import org.spongycastle.bcpg.SignatureSubpacket;
|
|
||||||
import org.spongycastle.bcpg.SignatureSubpacketTags;
|
|
||||||
import org.spongycastle.bcpg.sig.RevocationReason;
|
|
||||||
import org.spongycastle.openpgp.PGPException;
|
|
||||||
import org.spongycastle.openpgp.PGPSignature;
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
import org.sufficientlysecure.keychain.R;
|
import org.sufficientlysecure.keychain.R;
|
||||||
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
|
import org.sufficientlysecure.keychain.pgp.WrappedPublicKeyRing;
|
||||||
import org.sufficientlysecure.keychain.pgp.PgpConversionHelper;
|
|
||||||
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.WrappedSignature;
|
||||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||||
import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
|
import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
|
||||||
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
|
||||||
@ -144,23 +139,25 @@ public class ViewCertActivity extends ActionBarActivity
|
|||||||
mCertifierUid.setText(R.string.unknown_uid);
|
mCertifierUid.setText(R.string.unknown_uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
PGPSignature sig = PgpConversionHelper.BytesToPGPSignature(data.getBlob(INDEX_DATA));
|
WrappedSignature sig = WrappedSignature.fromBytes(data.getBlob(INDEX_DATA));
|
||||||
try {
|
try {
|
||||||
ProviderHelper providerHelper = new ProviderHelper(this);
|
ProviderHelper providerHelper = new ProviderHelper(this);
|
||||||
|
|
||||||
WrappedPublicKeyRing signeeRing = providerHelper.getWrappedPublicKeyRing(data.getLong(INDEX_MASTER_KEY_ID));
|
WrappedPublicKeyRing signeeRing =
|
||||||
WrappedPublicKeyRing signerRing = providerHelper.getWrappedPublicKeyRing(sig.getKeyID());
|
providerHelper.getWrappedPublicKeyRing(data.getLong(INDEX_MASTER_KEY_ID));
|
||||||
|
WrappedPublicKeyRing signerRing =
|
||||||
|
providerHelper.getWrappedPublicKeyRing(sig.getKeyId());
|
||||||
|
|
||||||
try {
|
try {
|
||||||
signerRing.getSubkey().initSignature(sig);
|
sig.init(signerRing.getSubkey());
|
||||||
if (signeeRing.getSubkey().verifySignature(sig, signeeUid)) {
|
if (sig.verifySignature(signeeRing.getSubkey(), signeeUid)) {
|
||||||
mStatus.setText(R.string.cert_verify_ok);
|
mStatus.setText(R.string.cert_verify_ok);
|
||||||
mStatus.setTextColor(getResources().getColor(R.color.bbutton_success));
|
mStatus.setTextColor(getResources().getColor(R.color.bbutton_success));
|
||||||
} else {
|
} else {
|
||||||
mStatus.setText(R.string.cert_verify_failed);
|
mStatus.setText(R.string.cert_verify_failed);
|
||||||
mStatus.setTextColor(getResources().getColor(R.color.alert));
|
mStatus.setTextColor(getResources().getColor(R.color.alert));
|
||||||
}
|
}
|
||||||
} catch (PGPException e) {
|
} catch (PgpGeneralException e) {
|
||||||
mStatus.setText(R.string.cert_verify_error);
|
mStatus.setText(R.string.cert_verify_error);
|
||||||
mStatus.setTextColor(getResources().getColor(R.color.alert));
|
mStatus.setTextColor(getResources().getColor(R.color.alert));
|
||||||
}
|
}
|
||||||
@ -174,29 +171,26 @@ public class ViewCertActivity extends ActionBarActivity
|
|||||||
|
|
||||||
mRowReason.setVisibility(View.GONE);
|
mRowReason.setVisibility(View.GONE);
|
||||||
switch (data.getInt(INDEX_TYPE)) {
|
switch (data.getInt(INDEX_TYPE)) {
|
||||||
case PGPSignature.DEFAULT_CERTIFICATION:
|
case WrappedSignature.DEFAULT_CERTIFICATION:
|
||||||
mType.setText(R.string.cert_default);
|
mType.setText(R.string.cert_default);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.NO_CERTIFICATION:
|
case WrappedSignature.NO_CERTIFICATION:
|
||||||
mType.setText(R.string.cert_none);
|
mType.setText(R.string.cert_none);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.CASUAL_CERTIFICATION:
|
case WrappedSignature.CASUAL_CERTIFICATION:
|
||||||
mType.setText(R.string.cert_casual);
|
mType.setText(R.string.cert_casual);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.POSITIVE_CERTIFICATION:
|
case WrappedSignature.POSITIVE_CERTIFICATION:
|
||||||
mType.setText(R.string.cert_positive);
|
mType.setText(R.string.cert_positive);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.CERTIFICATION_REVOCATION: {
|
case WrappedSignature.CERTIFICATION_REVOCATION: {
|
||||||
mType.setText(R.string.cert_revoke);
|
mType.setText(R.string.cert_revoke);
|
||||||
if (sig.getHashedSubPackets().hasSubpacket(SignatureSubpacketTags.REVOCATION_REASON)) {
|
if (sig.isRevocation()) {
|
||||||
SignatureSubpacket p = sig.getHashedSubPackets().getSubpacket(
|
try {
|
||||||
SignatureSubpacketTags.REVOCATION_REASON);
|
mReason.setText(sig.getRevocationReason());
|
||||||
// For some reason, this is missing in SignatureSubpacketInputStream:146
|
} catch(PgpGeneralException e) {
|
||||||
if (!(p instanceof RevocationReason)) {
|
mReason.setText(R.string.none);
|
||||||
p = new RevocationReason(false, p.getData());
|
|
||||||
}
|
}
|
||||||
String reason = ((RevocationReason) p).getRevocationDescription();
|
|
||||||
mReason.setText(reason);
|
|
||||||
mRowReason.setVisibility(View.VISIBLE);
|
mRowReason.setVisibility(View.VISIBLE);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
@ -33,10 +33,10 @@ import android.view.ViewGroup;
|
|||||||
import android.widget.AdapterView;
|
import android.widget.AdapterView;
|
||||||
import android.widget.TextView;
|
import android.widget.TextView;
|
||||||
|
|
||||||
import org.spongycastle.openpgp.PGPSignature;
|
|
||||||
import org.sufficientlysecure.keychain.Constants;
|
import org.sufficientlysecure.keychain.Constants;
|
||||||
import org.sufficientlysecure.keychain.R;
|
import org.sufficientlysecure.keychain.R;
|
||||||
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
import org.sufficientlysecure.keychain.pgp.PgpKeyHelper;
|
||||||
|
import org.sufficientlysecure.keychain.pgp.WrappedSignature;
|
||||||
import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
|
import org.sufficientlysecure.keychain.provider.KeychainContract.Certs;
|
||||||
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
|
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
|
||||||
import org.sufficientlysecure.keychain.util.Log;
|
import org.sufficientlysecure.keychain.util.Log;
|
||||||
@ -227,19 +227,19 @@ public class ViewKeyCertsFragment extends LoaderFragment
|
|||||||
wSignerKeyId.setText(signerKeyId);
|
wSignerKeyId.setText(signerKeyId);
|
||||||
|
|
||||||
switch (cursor.getInt(mIndexType)) {
|
switch (cursor.getInt(mIndexType)) {
|
||||||
case PGPSignature.DEFAULT_CERTIFICATION: // 0x10
|
case WrappedSignature.DEFAULT_CERTIFICATION: // 0x10
|
||||||
wSignStatus.setText(R.string.cert_default);
|
wSignStatus.setText(R.string.cert_default);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.NO_CERTIFICATION: // 0x11
|
case WrappedSignature.NO_CERTIFICATION: // 0x11
|
||||||
wSignStatus.setText(R.string.cert_none);
|
wSignStatus.setText(R.string.cert_none);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.CASUAL_CERTIFICATION: // 0x12
|
case WrappedSignature.CASUAL_CERTIFICATION: // 0x12
|
||||||
wSignStatus.setText(R.string.cert_casual);
|
wSignStatus.setText(R.string.cert_casual);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.POSITIVE_CERTIFICATION: // 0x13
|
case WrappedSignature.POSITIVE_CERTIFICATION: // 0x13
|
||||||
wSignStatus.setText(R.string.cert_positive);
|
wSignStatus.setText(R.string.cert_positive);
|
||||||
break;
|
break;
|
||||||
case PGPSignature.CERTIFICATION_REVOCATION: // 0x30
|
case WrappedSignature.CERTIFICATION_REVOCATION: // 0x30
|
||||||
wSignStatus.setText(R.string.cert_revoke);
|
wSignStatus.setText(R.string.cert_revoke);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user