moparisthebest/open-keychain
1
0
Fork 0
mirror of https://github.com/moparisthebest/open-keychain synced 2024-11-27 19:22:14 -05:00
Code Issues Releases Wiki Activity

add integrity check

Browse Source
This commit is contained in:
Dominik Schürmann 2014-02-18 22:59:00 +01:00
parent 9b4245739e
commit d23950f799
2 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpOperation.java
View File

@ -118,7 +118,7 @@ public class PgpOperation {
}
}
public void signAndEncrypt(boolean enableAsciiArmor, int compressionId, long[] encryptionKeyIds,
public void signAndEncrypt(boolean enableAsciiArmorOutput, int compressionId, long[] encryptionKeyIds,
String encryptionPassphrase, int symmetricEncryptionAlgorithm,
long signatureKeyId, int signatureHashAlgorithm,
boolean signatureForceV3, String signaturePassphrase)
@ -135,7 +135,7 @@ public class PgpOperation {
int signatureType;
// TODO: disable when encrypting???
if (enableAsciiArmor && enableSignature && !enableEncryption) {
if (enableAsciiArmorOutput && enableSignature && !enableEncryption) {
signatureType = PGPSignature.CANONICAL_TEXT_DOCUMENT;
} else {
signatureType = PGPSignature.BINARY_DOCUMENT;
@ -144,7 +144,7 @@ public class PgpOperation {
ArmoredOutputStream armorOut = null;
OutputStream out;
OutputStream encryptionOut = null;
if (enableAsciiArmor) {
if (enableAsciiArmorOutput) {
armorOut = new ArmoredOutputStream(mOutStream);
armorOut.setHeader("Version", PgpHelper.getFullVersion(mContext));
out = armorOut;
@ -182,9 +182,11 @@ public class PgpOperation {
// encrypt and compress input file content
if (enableEncryption) {
JcePGPDataEncryptorBuilder encryptorBuilder = new JcePGPDataEncryptorBuilder(
symmetricEncryptionAlgorithm).setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME)
.setWithIntegrityPacket(true);
// has Integrity packet enabled!
JcePGPDataEncryptorBuilder encryptorBuilder =
new JcePGPDataEncryptorBuilder(symmetricEncryptionAlgorithm)
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME)
.setWithIntegrityPacket(true);
PGPEncryptedDataGenerator cPk = new PGPEncryptedDataGenerator(encryptorBuilder);
@ -192,8 +194,8 @@ public class PgpOperation {
// Symmetric encryption
Log.d(Constants.TAG, "encryptionKeyIds length is 0 -> symmetric encryption");
JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator = new JcePBEKeyEncryptionMethodGenerator(
encryptionPassphrase.toCharArray());
JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator =
new JcePBEKeyEncryptionMethodGenerator(encryptionPassphrase.toCharArray());
cPk.addMethod(symmetricEncryptionGenerator);
} else {
// Asymmetric encryption
@ -201,8 +203,8 @@ public class PgpOperation {
PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(mContext, id);
if (key != null) {
JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator = new JcePublicKeyKeyEncryptionMethodGenerator(
key);
JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator =
new JcePublicKeyKeyEncryptionMethodGenerator(key);
cPk.addMethod(pubKeyEncryptionGenerator);
}
}
@ -227,8 +229,7 @@ public class PgpOperation {
signatureGenerator = new PGPSignatureGenerator(contentSignerBuilder);
signatureGenerator.init(signatureType, signaturePrivateKey);
String userId = PgpKeyHelper.getMainUserId(PgpKeyHelper
.getMasterKey(signingKeyRing));
String userId = PgpKeyHelper.getMainUserId(PgpKeyHelper.getMasterKey(signingKeyRing));
PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
spGen.setSignerUserID(false, userId);
signatureGenerator.setHashedSubpackets(spGen.generate());
@ -283,7 +284,7 @@ public class PgpOperation {
}
literalGen.close();
} else if (enableAsciiArmor && enableSignature && !enableEncryption && !enableCompression) {
} else if (enableAsciiArmorOutput && enableSignature && !enableEncryption && !enableCompression) {
/* sign-only of ascii text */
updateProgress(R.string.progress_signing, 40, 100);
@ -346,7 +347,7 @@ public class PgpOperation {
compressGen.close();
}
}
if (enableAsciiArmor) {
if (enableAsciiArmorOutput) {
armorOut.close();
}
@ -365,6 +366,7 @@ public class PgpOperation {
}
}
// TODO: merge this into signAndEncrypt method!
public void generateSignature(boolean armored, boolean binary, long signatureKeyId,
String signaturePassPhrase, int hashAlgorithm, boolean forceV3Signature)
throws PgpGeneralException, PGPException, IOException, NoSuchAlgorithmException,
@ -732,7 +734,7 @@ public class PgpOperation {
}
}
// TODO: add integrity somewhere
// TODO: test if this integrity really check works!
if (encryptedData.isIntegrityProtected()) {
updateProgress(R.string.progress_verifying_integrity, 95, 100);
@ -740,9 +742,11 @@ public class PgpOperation {
// passed
} else {
// failed
throw new PgpGeneralException(mContext.getString(R.string.error_integrity_check_failed));
}
} else {
// no integrity check
Log.e(Constants.TAG, "No integrity check!");
}
updateProgress(R.string.progress_done, 100, 100);

1
OpenPGP-Keychain/src/main/res/values/strings.xml
View File

@ -274,6 +274,7 @@
<string name="error_no_signature_key">no signature key given</string>
<string name="error_invalid_data">not valid encryption data</string>
<string name="error_corrupt_data">corrupt data</string>
<string name="error_integrity_check_failed">integrity check failed! Data has been modified!</string>
<string name="error_no_symmetric_encryption_packet">couldn\'t find a packet with symmetric encryption</string>
<string name="error_wrong_passphrase">wrong passphrase</string>
<string name="error_saving_keys">error saving some keys</string>