diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java index 5d5f0ab1a..25f031402 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java @@ -71,7 +71,7 @@ public final class Constants { public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl"; public static final String LANGUAGE = "language"; public static final String KEY_SERVERS = "keyServers"; - public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion"; + public static final String PREF_DEFAULT_VERSION = "keyServersDefaultVersion"; public static final String WRITE_VERSION_HEADER = "writeVersionHeader"; public static final String FIRST_TIME = "firstTime"; public static final String SHOW_ADVANCED_TABS = "showAdvancedTabs"; @@ -83,7 +83,7 @@ public final class Constants { public static final class Defaults { public static final String KEY_SERVERS = "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu"; - public static final int KEY_SERVERS_VERSION = 3; + public static final int PREF_VERSION = 4; } public static final class DrawerItems { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java index af7bdbdd2..6e16c8c54 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java @@ -29,7 +29,6 @@ import org.sufficientlysecure.keychain.Constants.Pref; import java.util.ArrayList; import java.util.Arrays; -import java.util.Iterator; import java.util.ListIterator; import java.util.Vector; @@ -94,7 +93,7 @@ public class Preferences { public int getDefaultHashAlgorithm() { return mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, - HashAlgorithmTags.SHA512); + HashAlgorithmTags.SHA256); } public void setDefaultHashAlgorithm(int value) { @@ -237,43 +236,63 @@ public class Preferences { } public void updatePreferences() { - // migrate keyserver to hkps - if (mSharedPreferences.getInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, 0) != - Constants.Defaults.KEY_SERVERS_VERSION) { - String[] serversArray = getKeyServers(); - ArrayList servers = new ArrayList(Arrays.asList(serversArray)); - ListIterator it = servers.listIterator(); - while (it.hasNext()) { - String server = it.next(); - if (server == null) { - continue; - } - if (server.equals("pool.sks-keyservers.net")) { - // use HKPS! - it.set("hkps://hkps.pool.sks-keyservers.net"); - } else if (server.equals("pgp.mit.edu")) { - // use HKPS! - it.set("hkps://pgp.mit.edu"); - } else if (server.equals("subkeys.pgp.net")) { - // remove, because often down and no HKPS! - it.remove(); - } + if (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0) != + Constants.Defaults.PREF_VERSION) { + switch (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0)) { + case 1: + // fall through + case 2: + // fall through + case 3: { + // migrate keyserver to hkps + String[] serversArray = getKeyServers(); + ArrayList servers = new ArrayList(Arrays.asList(serversArray)); + ListIterator it = servers.listIterator(); + while (it.hasNext()) { + String server = it.next(); + if (server == null) { + continue; + } + if (server.equals("pool.sks-keyservers.net")) { + // use HKPS! + it.set("hkps://hkps.pool.sks-keyservers.net"); + } else if (server.equals("pgp.mit.edu")) { + // use HKPS! + it.set("hkps://pgp.mit.edu"); + } else if (server.equals("subkeys.pgp.net")) { + // remove, because often down and no HKPS! + it.remove(); + } + } + setKeyServers(servers.toArray(new String[servers.size()])); + + // migrate old uncompressed constant to new one + if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0) + == 0x21070001) { + setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED); + } + + // migrate away from MD5 + if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) + == HashAlgorithmTags.MD5) { + setDefaultHashAlgorithm(HashAlgorithmTags.SHA256); + } + } + // fall through + case 4: { + // for compatibility: change from SHA512 to SHA256 + if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) + == HashAlgorithmTags.SHA512) { + setDefaultHashAlgorithm(HashAlgorithmTags.SHA256); + } + } } - setKeyServers(servers.toArray(new String[servers.size()])); + + // write new preference version mSharedPreferences.edit() - .putInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, Constants.Defaults.KEY_SERVERS_VERSION) + .putInt(Constants.Pref.PREF_DEFAULT_VERSION, Constants.Defaults.PREF_VERSION) .commit(); } - - // migrate old uncompressed constant to new one - if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0) == 0x21070001) { - setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED); - } - - // migrate away from MD5 - if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) == HashAlgorithmTags.MD5) { - setDefaultHashAlgorithm(HashAlgorithmTags.SHA512); - } } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 5b78d4a03..ddb00305a 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -125,7 +125,7 @@ public class PgpKeyOperation { * http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html */ private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x60; - private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA512; + private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256; private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256; public PgpKeyOperation(Progressable progress) { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java index d6013b49d..6cffeeb53 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java @@ -39,7 +39,7 @@ public class AccountSettings { // defaults: this.mEncryptionAlgorithm = PGPEncryptedData.AES_256; - this.mHashAlgorithm = HashAlgorithmTags.SHA512; + this.mHashAlgorithm = HashAlgorithmTags.SHA256; this.mCompression = CompressionAlgorithmTags.ZLIB; }