Due to compatiblity switch from SHA512 to SHA256

This commit is contained in:
Dominik Schürmann 2014-09-07 17:58:28 +02:00
parent c026dac8fc
commit d172058150
4 changed files with 58 additions and 39 deletions

View File

@ -71,7 +71,7 @@ public final class Constants {
public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
public static final String LANGUAGE = "language";
public static final String KEY_SERVERS = "keyServers";
public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
public static final String PREF_DEFAULT_VERSION = "keyServersDefaultVersion";
public static final String WRITE_VERSION_HEADER = "writeVersionHeader";
public static final String FIRST_TIME = "firstTime";
public static final String SHOW_ADVANCED_TABS = "showAdvancedTabs";
@ -83,7 +83,7 @@ public final class Constants {
public static final class Defaults {
public static final String KEY_SERVERS = "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu";
public static final int KEY_SERVERS_VERSION = 3;
public static final int PREF_VERSION = 4;
}
public static final class DrawerItems {

View File

@ -29,7 +29,6 @@ import org.sufficientlysecure.keychain.Constants.Pref;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.ListIterator;
import java.util.Vector;
@ -94,7 +93,7 @@ public class Preferences {
public int getDefaultHashAlgorithm() {
return mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM,
HashAlgorithmTags.SHA512);
HashAlgorithmTags.SHA256);
}
public void setDefaultHashAlgorithm(int value) {
@ -237,43 +236,63 @@ public class Preferences {
}
public void updatePreferences() {
// migrate keyserver to hkps
if (mSharedPreferences.getInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, 0) !=
Constants.Defaults.KEY_SERVERS_VERSION) {
String[] serversArray = getKeyServers();
ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
ListIterator<String> it = servers.listIterator();
while (it.hasNext()) {
String server = it.next();
if (server == null) {
continue;
}
if (server.equals("pool.sks-keyservers.net")) {
// use HKPS!
it.set("hkps://hkps.pool.sks-keyservers.net");
} else if (server.equals("pgp.mit.edu")) {
// use HKPS!
it.set("hkps://pgp.mit.edu");
} else if (server.equals("subkeys.pgp.net")) {
// remove, because often down and no HKPS!
it.remove();
}
if (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0) !=
Constants.Defaults.PREF_VERSION) {
switch (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0)) {
case 1:
// fall through
case 2:
// fall through
case 3: {
// migrate keyserver to hkps
String[] serversArray = getKeyServers();
ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
ListIterator<String> it = servers.listIterator();
while (it.hasNext()) {
String server = it.next();
if (server == null) {
continue;
}
if (server.equals("pool.sks-keyservers.net")) {
// use HKPS!
it.set("hkps://hkps.pool.sks-keyservers.net");
} else if (server.equals("pgp.mit.edu")) {
// use HKPS!
it.set("hkps://pgp.mit.edu");
} else if (server.equals("subkeys.pgp.net")) {
// remove, because often down and no HKPS!
it.remove();
}
}
setKeyServers(servers.toArray(new String[servers.size()]));
// migrate old uncompressed constant to new one
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0)
== 0x21070001) {
setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
}
// migrate away from MD5
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
== HashAlgorithmTags.MD5) {
setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
}
}
// fall through
case 4: {
// for compatibility: change from SHA512 to SHA256
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
== HashAlgorithmTags.SHA512) {
setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
}
}
}
setKeyServers(servers.toArray(new String[servers.size()]));
// write new preference version
mSharedPreferences.edit()
.putInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, Constants.Defaults.KEY_SERVERS_VERSION)
.putInt(Constants.Pref.PREF_DEFAULT_VERSION, Constants.Defaults.PREF_VERSION)
.commit();
}
// migrate old uncompressed constant to new one
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0) == 0x21070001) {
setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
}
// migrate away from MD5
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) == HashAlgorithmTags.MD5) {
setDefaultHashAlgorithm(HashAlgorithmTags.SHA512);
}
}
}

View File

@ -125,7 +125,7 @@ public class PgpKeyOperation {
* http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html
*/
private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x60;
private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA512;
private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
public PgpKeyOperation(Progressable progress) {

View File

@ -39,7 +39,7 @@ public class AccountSettings {
// defaults:
this.mEncryptionAlgorithm = PGPEncryptedData.AES_256;
this.mHashAlgorithm = HashAlgorithmTags.SHA512;
this.mHashAlgorithm = HashAlgorithmTags.SHA256;
this.mCompression = CompressionAlgorithmTags.ZLIB;
}