Due to compatiblity switch from SHA512 to SHA256

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java

@@ -71,7 +71,7 @@ public final class Constants {
         public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
         public static final String LANGUAGE = "language";
         public static final String KEY_SERVERS = "keyServers";
-        public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
+        public static final String PREF_DEFAULT_VERSION = "keyServersDefaultVersion";
         public static final String WRITE_VERSION_HEADER = "writeVersionHeader";
         public static final String FIRST_TIME = "firstTime";
         public static final String SHOW_ADVANCED_TABS = "showAdvancedTabs";
@@ -83,7 +83,7 @@ public final class Constants {
 
     public static final class Defaults {
         public static final String KEY_SERVERS = "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu";
-        public static final int KEY_SERVERS_VERSION = 3;
+        public static final int PREF_VERSION = 4;
     }
 
     public static final class DrawerItems {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java

@@ -29,7 +29,6 @@ import org.sufficientlysecure.keychain.Constants.Pref;
 
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Iterator;
 import java.util.ListIterator;
 import java.util.Vector;
 
@@ -94,7 +93,7 @@ public class Preferences {
 
     public int getDefaultHashAlgorithm() {
         return mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM,
-                HashAlgorithmTags.SHA512);
+                HashAlgorithmTags.SHA256);
     }
 
     public void setDefaultHashAlgorithm(int value) {
@@ -237,43 +236,63 @@ public class Preferences {
     }
 
     public void updatePreferences() {
-        // migrate keyserver to hkps
+        if (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0) !=
-        if (mSharedPreferences.getInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, 0) !=
+                Constants.Defaults.PREF_VERSION) {
-                Constants.Defaults.KEY_SERVERS_VERSION) {
+            switch (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0)) {
-            String[] serversArray = getKeyServers();
+                case 1:
-            ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
+                    // fall through
-            ListIterator<String> it = servers.listIterator();
+                case 2:
-            while (it.hasNext()) {
+                    // fall through
-                String server = it.next();
+                case 3: {
-                if (server == null) {
+                    // migrate keyserver to hkps
-                    continue;
+                    String[] serversArray = getKeyServers();
-                }
+                    ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
-                if (server.equals("pool.sks-keyservers.net")) {
+                    ListIterator<String> it = servers.listIterator();
-                    // use HKPS!
+                    while (it.hasNext()) {
-                    it.set("hkps://hkps.pool.sks-keyservers.net");
+                        String server = it.next();
-                } else if (server.equals("pgp.mit.edu")) {
+                        if (server == null) {
-                    // use HKPS!
+                            continue;
-                    it.set("hkps://pgp.mit.edu");
+                        }
-                } else if (server.equals("subkeys.pgp.net")) {
+                        if (server.equals("pool.sks-keyservers.net")) {
-                    // remove, because often down and no HKPS!
+                            // use HKPS!
-                    it.remove();
+                            it.set("hkps://hkps.pool.sks-keyservers.net");
-                }
+                        } else if (server.equals("pgp.mit.edu")) {
+                            // use HKPS!
+                            it.set("hkps://pgp.mit.edu");
+                        } else if (server.equals("subkeys.pgp.net")) {
+                            // remove, because often down and no HKPS!
+                            it.remove();
+                        }
 
+                    }
+                    setKeyServers(servers.toArray(new String[servers.size()]));
+
+                    // migrate old uncompressed constant to new one
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0)
+                            == 0x21070001) {
+                        setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
+                    }
+
+                    // migrate away from MD5
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
+                            == HashAlgorithmTags.MD5) {
+                        setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
+                    }
+                }
+                // fall through
+                case 4: {
+                    // for compatibility: change from SHA512 to SHA256
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
+                            == HashAlgorithmTags.SHA512) {
+                        setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
+                    }
+                }
             }
-            setKeyServers(servers.toArray(new String[servers.size()]));
+
+            // write new preference version
             mSharedPreferences.edit()
-                    .putInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, Constants.Defaults.KEY_SERVERS_VERSION)
+                    .putInt(Constants.Pref.PREF_DEFAULT_VERSION, Constants.Defaults.PREF_VERSION)
                     .commit();
         }
-
-        // migrate old uncompressed constant to new one
-        if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0) == 0x21070001) {
-            setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
-        }
-
-        // migrate away from MD5
-        if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) == HashAlgorithmTags.MD5) {
-            setDefaultHashAlgorithm(HashAlgorithmTags.SHA512);
-        }
     }
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java

@@ -125,7 +125,7 @@ public class PgpKeyOperation {
      * http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html
      */
     private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x60;
-    private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA512;
+    private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
     private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
 
     public PgpKeyOperation(Progressable progress) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java

@@ -39,7 +39,7 @@ public class AccountSettings {
 
         // defaults:
         this.mEncryptionAlgorithm = PGPEncryptedData.AES_256;
-        this.mHashAlgorithm = HashAlgorithmTags.SHA512;
+        this.mHashAlgorithm = HashAlgorithmTags.SHA256;
         this.mCompression = CompressionAlgorithmTags.ZLIB;
     }