Remove advanced preferences, move compression as menu item in encrypt activites, select hash and encryption algo based on hardcoded preferred lists
This commit is contained in:
Dominik Schürmann
parent
8b7684baf7
commit
e45f000cb4
|
|
@ -64,19 +64,12 @@ public final class Constants {
|
|||
}
|
||||
|
||||
public static final class Pref {
|
||||
public static final String DEFAULT_ENCRYPTION_ALGORITHM = "defaultEncryptionAlgorithm";
|
||||
public static final String DEFAULT_HASH_ALGORITHM = "defaultHashAlgorithm";
|
||||
public static final String DEFAULT_ASCII_ARMOR = "defaultAsciiArmor";
|
||||
public static final String DEFAULT_MESSAGE_COMPRESSION = "defaultMessageCompression";
|
||||
public static final String DEFAULT_FILE_COMPRESSION = "defaultFileCompression";
|
||||
public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
|
||||
public static final String PASSPHRASE_CACHE_SUBS = "passphraseCacheSubs";
|
||||
public static final String LANGUAGE = "language";
|
||||
public static final String KEY_SERVERS = "keyServers";
|
||||
public static final String PREF_DEFAULT_VERSION = "keyServersDefaultVersion";
|
||||
public static final String WRITE_VERSION_HEADER = "writeVersionHeader";
|
||||
public static final String FIRST_TIME = "firstTime";
|
||||
public static final String SHOW_ADVANCED_TABS = "showAdvancedTabs";
|
||||
public static final String CACHED_CONSOLIDATE = "cachedConsolidate";
|
||||
public static final String SEARCH_KEYSERVER = "search_keyserver_pref";
|
||||
public static final String SEARCH_KEYBASE = "search_keybase_pref";
|
||||
|
|
@ -86,7 +79,7 @@ public final class Constants {
|
|||
|
||||
public static final class Defaults {
|
||||
public static final String KEY_SERVERS = "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu";
|
||||
public static final int PREF_VERSION = 5;
|
||||
public static final int PREF_VERSION = 4;
|
||||
}
|
||||
|
||||
public static final class key {
|
||||
|
|
@ -94,11 +87,4 @@ public final class Constants {
|
|||
public static final int symmetric = -1;
|
||||
}
|
||||
|
||||
public static interface OpenKeychainSymmetricKeyAlgorithmTags extends SymmetricKeyAlgorithmTags {
|
||||
public static final int USE_PREFERRED = -1;
|
||||
}
|
||||
|
||||
public static interface OpenKeychainHashAlgorithmTags extends HashAlgorithmTags {
|
||||
public static final int USE_PREFERRED = -1;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -505,10 +505,6 @@ public class ImportExportOperation extends BaseOperation {
|
|||
// Create an output stream
|
||||
try {
|
||||
arOutStream = new ArmoredOutputStream(outStream);
|
||||
String version = PgpHelper.getVersionForHeader(mContext);
|
||||
if (version != null) {
|
||||
arOutStream.setHeader("Version", version);
|
||||
}
|
||||
|
||||
log.add(LogType.MSG_EXPORT_PUBLIC, 1, KeyFormattingUtils.beautifyKeyId(keyId));
|
||||
|
||||
|
|
@ -533,10 +529,6 @@ public class ImportExportOperation extends BaseOperation {
|
|||
if (exportSecret && cursor.getInt(3) > 0) {
|
||||
try {
|
||||
arOutStream = new ArmoredOutputStream(outStream);
|
||||
String version = PgpHelper.getVersionForHeader(mContext);
|
||||
if (version != null) {
|
||||
arOutStream.setHeader("Version", version);
|
||||
}
|
||||
|
||||
// export secret key part
|
||||
log.add(LogType.MSG_EXPORT_SECRET, 2, KeyFormattingUtils.beautifyKeyId(keyId));
|
||||
|
|
|
|||
|
|
@ -177,52 +177,20 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
|||
}
|
||||
|
||||
/**
|
||||
* Returns a list of all supported hash algorithms. This list is currently hardcoded to return
|
||||
* a limited set of algorithms supported by Yubikeys.
|
||||
*
|
||||
* TODO: look into preferred algos of this key?
|
||||
* Returns a list of all supported hash algorithms.
|
||||
*/
|
||||
public LinkedList<Integer> getSupportedHashAlgorithms() {
|
||||
LinkedList<Integer> supported = new LinkedList<>();
|
||||
|
||||
if (mPrivateKeyState == PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
|
||||
// No support for MD5
|
||||
supported.add(HashAlgorithmTags.RIPEMD160);
|
||||
// don't allow SHA1
|
||||
supported.add(HashAlgorithmTags.SHA224);
|
||||
supported.add(HashAlgorithmTags.SHA384);
|
||||
supported.add(HashAlgorithmTags.SHA512);
|
||||
supported.add(HashAlgorithmTags.SHA256); // preferred is latest
|
||||
} else {
|
||||
// NOTE: List of hash algorithms OpenKeychain wants to support!
|
||||
|
||||
// don't allow MD5
|
||||
supported.add(HashAlgorithmTags.RIPEMD160);
|
||||
// don't allow SHA1
|
||||
supported.add(HashAlgorithmTags.SHA224);
|
||||
supported.add(HashAlgorithmTags.SHA384);
|
||||
supported.add(HashAlgorithmTags.SHA512);
|
||||
supported.add(HashAlgorithmTags.SHA256); // preferred is latest
|
||||
// some application don't support SHA512, thus preferred is SHA-256 (Mailvelope?)
|
||||
// TODO: intersection between preferred hash algos of this key and PgpConstants.PREFERRED_HASH_ALGORITHMS
|
||||
// choose best algo
|
||||
for (int currentInt : PgpConstants.PREFERRED_HASH_ALGORITHMS) {
|
||||
supported.add(currentInt);
|
||||
}
|
||||
|
||||
return supported;
|
||||
}
|
||||
|
||||
/**
|
||||
* TODO: look into preferred algos of this key?
|
||||
*/
|
||||
public static LinkedList<Integer> getSupportedEncryptionAlgorithms() {
|
||||
LinkedList<Integer> supported = new LinkedList<>();
|
||||
|
||||
supported.add(SymmetricKeyAlgorithmTags.TWOFISH);
|
||||
supported.add(SymmetricKeyAlgorithmTags.AES_128);
|
||||
supported.add(SymmetricKeyAlgorithmTags.AES_192);
|
||||
supported.add(SymmetricKeyAlgorithmTags.AES_256); // preferred is latest
|
||||
|
||||
return supported;
|
||||
}
|
||||
|
||||
private PGPContentSignerBuilder getContentSignerBuilder(int hashAlgo, byte[] nfcSignedHash,
|
||||
Date nfcCreationTimestamp) {
|
||||
if (mPrivateKeyState == PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
|
||||
|
|
|
|||
|
|
@ -47,26 +47,6 @@ public class PgpHelper {
|
|||
".*?(-----BEGIN PGP PUBLIC KEY BLOCK-----.*?-----END PGP PUBLIC KEY BLOCK-----).*",
|
||||
Pattern.DOTALL);
|
||||
|
||||
public static String getVersion(Context context) {
|
||||
String version;
|
||||
try {
|
||||
PackageInfo pi = context.getPackageManager().getPackageInfo(Constants.PACKAGE_NAME, 0);
|
||||
version = pi.versionName;
|
||||
return version;
|
||||
} catch (NameNotFoundException e) {
|
||||
Log.e(Constants.TAG, "Version could not be retrieved!", e);
|
||||
return "0.0";
|
||||
}
|
||||
}
|
||||
|
||||
public static String getVersionForHeader(Context context) {
|
||||
if(Preferences.getPreferences(context).getWriteVersionHeader()){
|
||||
return "OpenKeychain v" + getVersion(context);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes file securely by overwriting it with random data before deleting it.
|
||||
* <p/>
|
||||
|
|
|
|||
|
|
@ -18,9 +18,7 @@
|
|||
|
||||
package org.sufficientlysecure.keychain.pgp;
|
||||
|
||||
import org.spongycastle.bcpg.CompressionAlgorithmTags;
|
||||
import org.spongycastle.bcpg.HashAlgorithmTags;
|
||||
import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
|
||||
import org.spongycastle.bcpg.sig.Features;
|
||||
import org.spongycastle.bcpg.sig.KeyFlags;
|
||||
import org.spongycastle.jce.spec.ElGamalParameterSpec;
|
||||
|
|
@ -90,49 +88,6 @@ public class PgpKeyOperation {
|
|||
private Stack<Progressable> mProgress;
|
||||
private AtomicBoolean mCancelled;
|
||||
|
||||
// most preferred is first
|
||||
private static final int[] PREFERRED_SYMMETRIC_ALGORITHMS = new int[]{
|
||||
SymmetricKeyAlgorithmTags.AES_256,
|
||||
SymmetricKeyAlgorithmTags.AES_192,
|
||||
SymmetricKeyAlgorithmTags.AES_128,
|
||||
SymmetricKeyAlgorithmTags.TWOFISH
|
||||
};
|
||||
private static final int[] PREFERRED_HASH_ALGORITHMS = new int[]{
|
||||
HashAlgorithmTags.SHA512,
|
||||
HashAlgorithmTags.SHA384,
|
||||
HashAlgorithmTags.SHA256,
|
||||
HashAlgorithmTags.SHA224,
|
||||
HashAlgorithmTags.RIPEMD160
|
||||
};
|
||||
private static final int[] PREFERRED_COMPRESSION_ALGORITHMS = new int[]{
|
||||
CompressionAlgorithmTags.ZLIB,
|
||||
CompressionAlgorithmTags.BZIP2,
|
||||
CompressionAlgorithmTags.ZIP
|
||||
};
|
||||
|
||||
/*
|
||||
* Note: s2kcount is a number between 0 and 0xff that controls the
|
||||
* number of times to iterate the password hash before use. More
|
||||
* iterations are useful against offline attacks, as it takes more
|
||||
* time to check each password. The actual number of iterations is
|
||||
* rather complex, and also depends on the hash function in use.
|
||||
* Refer to Section 3.7.1.3 in rfc4880.txt. Bigger numbers give
|
||||
* you more iterations. As a rough rule of thumb, when using
|
||||
* SHA256 as the hashing function, 0x10 gives you about 64
|
||||
* iterations, 0x20 about 128, 0x30 about 256 and so on till 0xf0,
|
||||
* or about 1 million iterations. The maximum you can go to is
|
||||
* 0xff, or about 2 million iterations.
|
||||
* from http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html
|
||||
*
|
||||
* Bouncy Castle default: 0x60
|
||||
* kbsriram proposes 0xc0
|
||||
* we use 0x90, a good trade-off between usability and security against offline attacks
|
||||
*/
|
||||
private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x90;
|
||||
private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
|
||||
private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
|
||||
private static final int SECRET_KEY_SIGNATURE_HASH_ALGO = HashAlgorithmTags.SHA256;
|
||||
|
||||
public PgpKeyOperation(Progressable progress) {
|
||||
super();
|
||||
if (progress != null) {
|
||||
|
|
@ -346,14 +301,14 @@ public class PgpKeyOperation {
|
|||
|
||||
// Build key encrypter and decrypter based on passphrase
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
.build().get(PgpConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
|
||||
SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc, SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
PgpConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO,
|
||||
encryptorHashCalc, PgpConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
|
||||
|
||||
// NOTE: only SHA1 is supported for key checksum calculations.
|
||||
PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(HashAlgorithmTags.SHA1);
|
||||
.build().get(PgpConstants.SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO);
|
||||
PGPSecretKey masterSecretKey = new PGPSecretKey(keyPair.getPrivateKey(), keyPair.getPublicKey(),
|
||||
sha1Calc, true, keyEncryptor);
|
||||
|
||||
|
|
@ -880,14 +835,14 @@ public class PgpKeyOperation {
|
|||
PGPSecretKey sKey; {
|
||||
// Build key encrypter and decrypter based on passphrase
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
.build().get(PgpConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
|
||||
SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc, SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
PgpConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
|
||||
PgpConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
|
||||
|
||||
// NOTE: only SHA1 is supported for key checksum calculations.
|
||||
PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(HashAlgorithmTags.SHA1);
|
||||
.build().get(PgpConstants.SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO);
|
||||
sKey = new PGPSecretKey(keyPair.getPrivateKey(), pKey, sha1Calc, false, keyEncryptor);
|
||||
}
|
||||
|
||||
|
|
@ -1026,7 +981,8 @@ public class PgpKeyOperation {
|
|||
|
||||
// add packet with EMPTY notation data (updates old one, but will be stripped later)
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(),
|
||||
PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
{ // set subpackets
|
||||
|
|
@ -1052,7 +1008,8 @@ public class PgpKeyOperation {
|
|||
|
||||
// add packet with "pin" notation data
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(),
|
||||
PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
{ // set subpackets
|
||||
|
|
@ -1099,12 +1056,13 @@ public class PgpKeyOperation {
|
|||
OperationLog log, int indent) throws PGPException {
|
||||
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder().build()
|
||||
.get(SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
.get(PgpConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
|
||||
Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
|
||||
// Build key encryptor based on new passphrase
|
||||
PBESecretKeyEncryptor keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
|
||||
SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc, SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
PgpConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
|
||||
PgpConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
|
||||
newPassphrase.toCharArray());
|
||||
|
||||
|
|
@ -1237,7 +1195,8 @@ public class PgpKeyOperation {
|
|||
int flags, long expiry)
|
||||
throws IOException, PGPException, SignatureException {
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(),
|
||||
PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
|
||||
|
|
@ -1254,9 +1213,9 @@ public class PgpKeyOperation {
|
|||
* error than be ignored.
|
||||
*/
|
||||
/* non-critical subpackets: */
|
||||
hashedPacketsGen.setPreferredSymmetricAlgorithms(false, PREFERRED_SYMMETRIC_ALGORITHMS);
|
||||
hashedPacketsGen.setPreferredHashAlgorithms(false, PREFERRED_HASH_ALGORITHMS);
|
||||
hashedPacketsGen.setPreferredCompressionAlgorithms(false, PREFERRED_COMPRESSION_ALGORITHMS);
|
||||
hashedPacketsGen.setPreferredSymmetricAlgorithms(false, PgpConstants.PREFERRED_SYMMETRIC_ALGORITHMS);
|
||||
hashedPacketsGen.setPreferredHashAlgorithms(false, PgpConstants.PREFERRED_HASH_ALGORITHMS);
|
||||
hashedPacketsGen.setPreferredCompressionAlgorithms(false, PgpConstants.PREFERRED_COMPRESSION_ALGORITHMS);
|
||||
hashedPacketsGen.setPrimaryUserID(false, primary);
|
||||
|
||||
/* critical subpackets: we consider those important for a modern pgp implementation */
|
||||
|
|
@ -1280,7 +1239,8 @@ public class PgpKeyOperation {
|
|||
PGPUserAttributeSubpacketVector vector)
|
||||
throws IOException, PGPException, SignatureException {
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(),
|
||||
PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
|
||||
|
|
@ -1299,7 +1259,8 @@ public class PgpKeyOperation {
|
|||
PGPPrivateKey masterPrivateKey, PGPPublicKey pKey, String userId)
|
||||
throws IOException, PGPException, SignatureException {
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPrivateKey.getPublicKeyPacket().getAlgorithm(),
|
||||
PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
|
||||
|
|
@ -1313,7 +1274,7 @@ public class PgpKeyOperation {
|
|||
PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey, PGPPublicKey pKey)
|
||||
throws IOException, PGPException, SignatureException {
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPublicKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPublicKey.getAlgorithm(), PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
|
||||
|
|
@ -1357,7 +1318,7 @@ public class PgpKeyOperation {
|
|||
PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
|
||||
subHashedPacketsGen.setSignatureCreationTime(false, creationTime);
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
pKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
pKey.getAlgorithm(), PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
sGen.init(PGPSignature.PRIMARYKEY_BINDING, subPrivateKey);
|
||||
|
|
@ -1378,7 +1339,7 @@ public class PgpKeyOperation {
|
|||
}
|
||||
|
||||
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
|
||||
masterPublicKey.getAlgorithm(), SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
masterPublicKey.getAlgorithm(), PgpConstants.SECRET_KEY_SIGNATURE_HASH_ALGO)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
PGPSignatureGenerator sGen = new PGPSignatureGenerator(signerBuilder);
|
||||
sGen.init(PGPSignature.SUBKEY_BINDING, masterPrivateKey);
|
||||
|
|
|
|||
|
|
@ -12,10 +12,10 @@ public class PgpSignEncryptInput {
|
|||
protected int mCompressionId = CompressionAlgorithmTags.UNCOMPRESSED;
|
||||
protected long[] mEncryptionMasterKeyIds = null;
|
||||
protected String mSymmetricPassphrase = null;
|
||||
protected int mSymmetricEncryptionAlgorithm = Constants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED;
|
||||
protected int mSymmetricEncryptionAlgorithm = PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED;
|
||||
protected long mSignatureMasterKeyId = Constants.key.none;
|
||||
protected Long mSignatureSubKeyId = null;
|
||||
protected int mSignatureHashAlgorithm = Constants.OpenKeychainHashAlgorithmTags.USE_PREFERRED;
|
||||
protected int mSignatureHashAlgorithm = PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED;
|
||||
protected String mSignaturePassphrase = null;
|
||||
protected long mAdditionalEncryptId = Constants.key.none;
|
||||
protected byte[] mNfcSignedHash = null;
|
||||
|
|
|
|||
|
|
@ -208,9 +208,9 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
// Use preferred hash algo
|
||||
int requestedAlgorithm = input.getSignatureHashAlgorithm();
|
||||
LinkedList<Integer> supported = signingKey.getSupportedHashAlgorithms();
|
||||
if (requestedAlgorithm == Constants.OpenKeychainHashAlgorithmTags.USE_PREFERRED) {
|
||||
if (requestedAlgorithm == PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED) {
|
||||
// get most preferred
|
||||
input.setSignatureHashAlgorithm(supported.getLast());
|
||||
input.setSignatureHashAlgorithm(supported.getFirst());
|
||||
} else if (!supported.contains(requestedAlgorithm)) {
|
||||
log.add(LogType.MSG_PSE_ERROR_HASH_ALGO, indent);
|
||||
return new PgpSignEncryptResult(PgpSignEncryptResult.RESULT_ERROR, log);
|
||||
|
|
@ -224,9 +224,10 @@ public class PgpSignEncryptOperation extends BaseOperation {
|
|||
|
||||
// Use preferred encryption algo
|
||||
int algo = input.getSymmetricEncryptionAlgorithm();
|
||||
if (algo == Constants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED) {
|
||||
if (algo == PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED) {
|
||||
// get most preferred
|
||||
algo = CanonicalizedSecretKey.getSupportedEncryptionAlgorithms().getLast();
|
||||
// TODO: get from recipients
|
||||
algo = PgpConstants.PREFERRED_SYMMETRIC_ALGORITHMS[0];
|
||||
}
|
||||
// has Integrity packet enabled!
|
||||
JcePGPDataEncryptorBuilder encryptorBuilder =
|
||||
|
|
|
|||
|
|
@ -1372,8 +1372,7 @@ public class ProviderHelper {
|
|||
UncachedKeyRing keyRing = UncachedKeyRing.decodeFromData(data);
|
||||
|
||||
ByteArrayOutputStream bos = new ByteArrayOutputStream();
|
||||
String version = PgpHelper.getVersionForHeader(mContext);
|
||||
keyRing.encodeArmored(bos, version);
|
||||
keyRing.encodeArmored(bos, null);
|
||||
String armoredKey = bos.toString("UTF-8");
|
||||
|
||||
Log.d(Constants.TAG, "armoredKey:" + armoredKey);
|
||||
|
|
|
|||
|
|
@ -36,8 +36,10 @@ import org.sufficientlysecure.keychain.Constants;
|
|||
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
|
||||
import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpConstants;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpHelper;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptInput;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation;
|
||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||
|
|
@ -260,8 +262,8 @@ public class OpenPgpService extends RemoteService {
|
|||
.setEnableAsciiArmorOutput(asciiArmor)
|
||||
.setCleartextSignature(cleartextSign)
|
||||
.setDetachedSignature(!cleartextSign)
|
||||
.setVersionHeader(PgpHelper.getVersionForHeader(this))
|
||||
.setSignatureHashAlgorithm(Preferences.getPreferences(this).getDefaultHashAlgorithm())
|
||||
.setVersionHeader(null)
|
||||
.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
|
||||
.setSignatureMasterKeyId(accSettings.getKeyId())
|
||||
.setNfcState(nfcSignedHash, nfcCreationDate);
|
||||
|
||||
|
|
@ -358,9 +360,9 @@ public class OpenPgpService extends RemoteService {
|
|||
|
||||
PgpSignEncryptInput pseInput = new PgpSignEncryptInput();
|
||||
pseInput.setEnableAsciiArmorOutput(asciiArmor)
|
||||
.setVersionHeader(PgpHelper.getVersionForHeader(this))
|
||||
.setVersionHeader(null)
|
||||
.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED)
|
||||
.setSymmetricEncryptionAlgorithm(Preferences.getPreferences(this).getDefaultEncryptionAlgorithm())
|
||||
.setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED)
|
||||
.setEncryptionMasterKeyIds(keyIds)
|
||||
.setFailOnMissingEncryptionKeyIds(true)
|
||||
.setAdditionalEncryptId(accSettings.getKeyId()); // add acc key for encryption
|
||||
|
|
@ -376,7 +378,7 @@ public class OpenPgpService extends RemoteService {
|
|||
}
|
||||
|
||||
// sign and encrypt
|
||||
pseInput.setSignatureHashAlgorithm(Preferences.getPreferences(this).getDefaultHashAlgorithm())
|
||||
pseInput.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
|
||||
.setSignatureMasterKeyId(accSettings.getKeyId())
|
||||
.setNfcState(nfcSignedHash, nfcCreationDate);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ public interface EncryptActivityInterface {
|
|||
}
|
||||
|
||||
public boolean isUseArmor();
|
||||
public boolean isUseCompression();
|
||||
|
||||
public long getSignatureKey();
|
||||
public long[] getEncryptionKeys();
|
||||
|
|
|
|||
|
|
@ -25,11 +25,13 @@ import android.support.v4.app.Fragment;
|
|||
import android.view.Menu;
|
||||
import android.view.MenuItem;
|
||||
|
||||
import org.spongycastle.bcpg.CompressionAlgorithmTags;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.api.OpenKeychainIntents;
|
||||
import org.sufficientlysecure.keychain.operations.results.SignEncryptResult;
|
||||
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpConstants;
|
||||
import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
|
||||
import org.sufficientlysecure.keychain.ui.dialog.DeleteFileDialogFragment;
|
||||
import org.sufficientlysecure.keychain.ui.util.Notify;
|
||||
|
|
@ -66,6 +68,7 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
private long mSigningKeyId = Constants.key.none;
|
||||
private String mPassphrase = "";
|
||||
private boolean mUseArmor;
|
||||
private boolean mUseCompression;
|
||||
private boolean mDeleteAfterEncrypt = false;
|
||||
private boolean mShareAfterEncrypt = false;
|
||||
private ArrayList<Uri> mInputUris;
|
||||
|
|
@ -81,6 +84,11 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
return mUseArmor;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isUseCompression() {
|
||||
return mUseCompression;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getSignatureKey() {
|
||||
return mSigningKeyId;
|
||||
|
|
@ -196,12 +204,13 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
data.addInputUris(mInputUris);
|
||||
data.addOutputUris(mOutputUris);
|
||||
|
||||
data.setCompressionId(Preferences.getPreferences(this).getDefaultMessageCompression());
|
||||
data.setSymmetricEncryptionAlgorithm(Preferences.getPreferences(this).getDefaultEncryptionAlgorithm());
|
||||
data.setSignatureHashAlgorithm(Preferences.getPreferences(this).getDefaultHashAlgorithm());
|
||||
|
||||
// Always use armor for messages
|
||||
data.setEnableAsciiArmorOutput(mUseArmor);
|
||||
if (mUseCompression) {
|
||||
data.setCompressionId(CompressionAlgorithmTags.ZLIB);
|
||||
} else {
|
||||
data.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED);
|
||||
}
|
||||
data.setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
|
||||
data.setSignatureHashAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
|
||||
|
||||
if (isModeSymmetric()) {
|
||||
Log.d(Constants.TAG, "Symmetric encryption enabled!");
|
||||
|
|
@ -317,8 +326,6 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
// Handle intent actions
|
||||
handleActions(getIntent());
|
||||
updateModeFragment();
|
||||
|
||||
mUseArmor = Preferences.getPreferences(this).getDefaultAsciiArmor();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
@ -329,7 +336,6 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
@Override
|
||||
public boolean onCreateOptionsMenu(Menu menu) {
|
||||
getMenuInflater().inflate(R.menu.encrypt_file_activity, menu);
|
||||
menu.findItem(R.id.check_use_armor).setChecked(mUseArmor);
|
||||
return super.onCreateOptionsMenu(menu);
|
||||
}
|
||||
|
||||
|
|
@ -350,21 +356,30 @@ public class EncryptFilesActivity extends EncryptActivity implements EncryptActi
|
|||
item.setChecked(!item.isChecked());
|
||||
}
|
||||
switch (item.getItemId()) {
|
||||
case R.id.check_use_symmetric:
|
||||
case R.id.check_use_symmetric: {
|
||||
mCurrentMode = item.isChecked() ? MODE_SYMMETRIC : MODE_ASYMMETRIC;
|
||||
updateModeFragment();
|
||||
notifyUpdate();
|
||||
break;
|
||||
case R.id.check_use_armor:
|
||||
}
|
||||
case R.id.check_use_armor: {
|
||||
mUseArmor = item.isChecked();
|
||||
notifyUpdate();
|
||||
break;
|
||||
case R.id.check_delete_after_encrypt:
|
||||
}
|
||||
case R.id.check_delete_after_encrypt: {
|
||||
mDeleteAfterEncrypt = item.isChecked();
|
||||
notifyUpdate();
|
||||
break;
|
||||
default:
|
||||
}
|
||||
case R.id.check_enable_compression: {
|
||||
mUseCompression = item.isChecked();
|
||||
notifyUpdate();
|
||||
break;
|
||||
}
|
||||
default: {
|
||||
return super.onOptionsItemSelected(item);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,12 +25,14 @@ import android.support.v4.app.Fragment;
|
|||
import android.view.Menu;
|
||||
import android.view.MenuItem;
|
||||
|
||||
import org.spongycastle.bcpg.CompressionAlgorithmTags;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.R;
|
||||
import org.sufficientlysecure.keychain.api.OpenKeychainIntents;
|
||||
import org.sufficientlysecure.keychain.compatibility.ClipboardReflection;
|
||||
import org.sufficientlysecure.keychain.operations.results.SignEncryptResult;
|
||||
import org.sufficientlysecure.keychain.pgp.KeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpConstants;
|
||||
import org.sufficientlysecure.keychain.pgp.SignEncryptParcel;
|
||||
import org.sufficientlysecure.keychain.ui.util.Notify;
|
||||
import org.sufficientlysecure.keychain.util.Log;
|
||||
|
|
@ -70,6 +72,7 @@ public class EncryptTextActivity extends EncryptActivity implements EncryptActiv
|
|||
private ArrayList<Uri> mInputUris;
|
||||
private ArrayList<Uri> mOutputUris;
|
||||
private String mMessage = "";
|
||||
private boolean mUseCompression;
|
||||
|
||||
public boolean isModeSymmetric() {
|
||||
return MODE_SYMMETRIC == mCurrentMode;
|
||||
|
|
@ -80,6 +83,11 @@ public class EncryptTextActivity extends EncryptActivity implements EncryptActiv
|
|||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isUseCompression() {
|
||||
return mUseCompression;
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getSignatureKey() {
|
||||
return mSigningKeyId;
|
||||
|
|
@ -189,9 +197,13 @@ public class EncryptTextActivity extends EncryptActivity implements EncryptActiv
|
|||
data.setBytes(mMessage.getBytes());
|
||||
data.setCleartextSignature(true);
|
||||
|
||||
data.setCompressionId(Preferences.getPreferences(this).getDefaultMessageCompression());
|
||||
data.setSymmetricEncryptionAlgorithm(Preferences.getPreferences(this).getDefaultEncryptionAlgorithm());
|
||||
data.setSignatureHashAlgorithm(Preferences.getPreferences(this).getDefaultHashAlgorithm());
|
||||
if (mUseCompression) {
|
||||
data.setCompressionId(CompressionAlgorithmTags.ZLIB);
|
||||
} else {
|
||||
data.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED);
|
||||
}
|
||||
data.setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
|
||||
data.setSignatureHashAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
|
||||
|
||||
// Always use armor for messages
|
||||
data.setEnableAsciiArmorOutput(true);
|
||||
|
|
@ -330,13 +342,20 @@ public class EncryptTextActivity extends EncryptActivity implements EncryptActiv
|
|||
item.setChecked(!item.isChecked());
|
||||
}
|
||||
switch (item.getItemId()) {
|
||||
case R.id.check_use_symmetric:
|
||||
case R.id.check_use_symmetric: {
|
||||
mCurrentMode = item.isChecked() ? MODE_SYMMETRIC : MODE_ASYMMETRIC;
|
||||
updateModeFragment();
|
||||
notifyUpdate();
|
||||
break;
|
||||
default:
|
||||
}
|
||||
case R.id.check_enable_compression: {
|
||||
mUseCompression = item.isChecked();
|
||||
notifyUpdate();
|
||||
break;
|
||||
}
|
||||
default: {
|
||||
return super.onOptionsItemSelected(item);
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -91,12 +91,6 @@ public class SettingsActivity extends PreferenceActivity {
|
|||
initializePassphraseCacheTtl(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.PASSPHRASE_CACHE_TTL));
|
||||
|
||||
initializeEncryptionAlgorithm(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_ENCRYPTION_ALGORITHM));
|
||||
|
||||
initializeHashAlgorithm(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_HASH_ALGORITHM));
|
||||
|
||||
int[] valueIds = new int[]{
|
||||
CompressionAlgorithmTags.UNCOMPRESSED,
|
||||
CompressionAlgorithmTags.ZIP,
|
||||
|
|
@ -113,20 +107,6 @@ public class SettingsActivity extends PreferenceActivity {
|
|||
values[i] = "" + valueIds[i];
|
||||
}
|
||||
|
||||
initializeMessageCompression(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_MESSAGE_COMPRESSION),
|
||||
entries, values);
|
||||
|
||||
initializeFileCompression(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_FILE_COMPRESSION),
|
||||
entries, values);
|
||||
|
||||
initializeAsciiArmor(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
|
||||
|
||||
initializeWriteVersionHeader(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.WRITE_VERSION_HEADER));
|
||||
|
||||
initializeUseDefaultYubikeyPin(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.USE_DEFAULT_YUBIKEY_PIN));
|
||||
|
||||
|
|
@ -263,12 +243,6 @@ public class SettingsActivity extends PreferenceActivity {
|
|||
initializePassphraseCacheTtl(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.PASSPHRASE_CACHE_TTL));
|
||||
|
||||
initializeEncryptionAlgorithm(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_ENCRYPTION_ALGORITHM));
|
||||
|
||||
initializeHashAlgorithm(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_HASH_ALGORITHM));
|
||||
|
||||
int[] valueIds = new int[]{
|
||||
CompressionAlgorithmTags.UNCOMPRESSED,
|
||||
CompressionAlgorithmTags.ZIP,
|
||||
|
|
@ -288,20 +262,6 @@ public class SettingsActivity extends PreferenceActivity {
|
|||
values[i] = "" + valueIds[i];
|
||||
}
|
||||
|
||||
initializeMessageCompression(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_MESSAGE_COMPRESSION),
|
||||
entries, values);
|
||||
|
||||
initializeFileCompression(
|
||||
(IntegerListPreference) findPreference(Constants.Pref.DEFAULT_FILE_COMPRESSION),
|
||||
entries, values);
|
||||
|
||||
initializeAsciiArmor(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.DEFAULT_ASCII_ARMOR));
|
||||
|
||||
initializeWriteVersionHeader(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.WRITE_VERSION_HEADER));
|
||||
|
||||
initializeUseDefaultYubikeyPin(
|
||||
(CheckBoxPreference) findPreference(Constants.Pref.USE_DEFAULT_YUBIKEY_PIN));
|
||||
|
||||
|
|
@ -342,131 +302,6 @@ public class SettingsActivity extends PreferenceActivity {
|
|||
});
|
||||
}
|
||||
|
||||
private static void initializeEncryptionAlgorithm(final IntegerListPreference mEncryptionAlgorithm) {
|
||||
int valueIds[] = {
|
||||
Constants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED,
|
||||
Constants.OpenKeychainSymmetricKeyAlgorithmTags.AES_256,
|
||||
Constants.OpenKeychainSymmetricKeyAlgorithmTags.AES_192,
|
||||
Constants.OpenKeychainSymmetricKeyAlgorithmTags.AES_128,
|
||||
Constants.OpenKeychainSymmetricKeyAlgorithmTags.TWOFISH,
|
||||
};
|
||||
String entries[] = {
|
||||
"Use preferred algorithm",
|
||||
"AES-256",
|
||||
"AES-192",
|
||||
"AES-128",
|
||||
"Twofish",
|
||||
};
|
||||
String values[] = new String[valueIds.length];
|
||||
for (int i = 0; i < values.length; ++i) {
|
||||
values[i] = "" + valueIds[i];
|
||||
}
|
||||
mEncryptionAlgorithm.setEntries(entries);
|
||||
mEncryptionAlgorithm.setEntryValues(values);
|
||||
mEncryptionAlgorithm.setValue("" + sPreferences.getDefaultEncryptionAlgorithm());
|
||||
mEncryptionAlgorithm.setSummary(mEncryptionAlgorithm.getEntry());
|
||||
mEncryptionAlgorithm
|
||||
.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mEncryptionAlgorithm.setValue(newValue.toString());
|
||||
mEncryptionAlgorithm.setSummary(mEncryptionAlgorithm.getEntry());
|
||||
sPreferences.setDefaultEncryptionAlgorithm(Integer.parseInt(newValue
|
||||
.toString()));
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeHashAlgorithm(final IntegerListPreference mHashAlgorithm) {
|
||||
int[] valueIds = new int[]{
|
||||
Constants.OpenKeychainHashAlgorithmTags.USE_PREFERRED,
|
||||
Constants.OpenKeychainHashAlgorithmTags.SHA512,
|
||||
Constants.OpenKeychainHashAlgorithmTags.SHA384,
|
||||
Constants.OpenKeychainHashAlgorithmTags.SHA256,
|
||||
Constants.OpenKeychainHashAlgorithmTags.SHA224,
|
||||
Constants.OpenKeychainHashAlgorithmTags.RIPEMD160,
|
||||
};
|
||||
String[] entries = new String[]{
|
||||
"Use preferred algorithm",
|
||||
"SHA-512",
|
||||
"SHA-384",
|
||||
"SHA-256",
|
||||
"SHA-224",
|
||||
"RIPEMD-160"};
|
||||
String[] values = new String[valueIds.length];
|
||||
for (int i = 0; i < values.length; ++i) {
|
||||
values[i] = "" + valueIds[i];
|
||||
}
|
||||
mHashAlgorithm.setEntries(entries);
|
||||
mHashAlgorithm.setEntryValues(values);
|
||||
mHashAlgorithm.setValue("" + sPreferences.getDefaultHashAlgorithm());
|
||||
mHashAlgorithm.setSummary(mHashAlgorithm.getEntry());
|
||||
mHashAlgorithm.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mHashAlgorithm.setValue(newValue.toString());
|
||||
mHashAlgorithm.setSummary(mHashAlgorithm.getEntry());
|
||||
sPreferences.setDefaultHashAlgorithm(Integer.parseInt(newValue.toString()));
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeMessageCompression(final IntegerListPreference mMessageCompression,
|
||||
String[] entries, String[] values) {
|
||||
mMessageCompression.setEntries(entries);
|
||||
mMessageCompression.setEntryValues(values);
|
||||
mMessageCompression.setValue("" + sPreferences.getDefaultMessageCompression());
|
||||
mMessageCompression.setSummary(mMessageCompression.getEntry());
|
||||
mMessageCompression
|
||||
.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mMessageCompression.setValue(newValue.toString());
|
||||
mMessageCompression.setSummary(mMessageCompression.getEntry());
|
||||
sPreferences.setDefaultMessageCompression(Integer.parseInt(newValue
|
||||
.toString()));
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeFileCompression
|
||||
(final IntegerListPreference mFileCompression, String[] entries, String[] values) {
|
||||
mFileCompression.setEntries(entries);
|
||||
mFileCompression.setEntryValues(values);
|
||||
mFileCompression.setValue("" + sPreferences.getDefaultFileCompression());
|
||||
mFileCompression.setSummary(mFileCompression.getEntry());
|
||||
mFileCompression.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mFileCompression.setValue(newValue.toString());
|
||||
mFileCompression.setSummary(mFileCompression.getEntry());
|
||||
sPreferences.setDefaultFileCompression(Integer.parseInt(newValue.toString()));
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeAsciiArmor(final CheckBoxPreference mAsciiArmor) {
|
||||
mAsciiArmor.setChecked(sPreferences.getDefaultAsciiArmor());
|
||||
mAsciiArmor.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mAsciiArmor.setChecked((Boolean) newValue);
|
||||
sPreferences.setDefaultAsciiArmor((Boolean) newValue);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeWriteVersionHeader(final CheckBoxPreference mWriteVersionHeader) {
|
||||
mWriteVersionHeader.setChecked(sPreferences.getWriteVersionHeader());
|
||||
mWriteVersionHeader.setOnPreferenceChangeListener(new Preference.OnPreferenceChangeListener() {
|
||||
public boolean onPreferenceChange(Preference preference, Object newValue) {
|
||||
mWriteVersionHeader.setChecked((Boolean) newValue);
|
||||
sPreferences.setWriteVersionHeader((Boolean) newValue);
|
||||
return false;
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private static void initializeSearchKeyserver(final CheckBoxPreference mSearchKeyserver) {
|
||||
Preferences.CloudSearchPrefs prefs = sPreferences.getCloudSearchPrefs();
|
||||
mSearchKeyserver.setChecked(prefs.searchKeyserver);
|
||||
|
|
|
|||
|
|
@ -20,11 +20,7 @@ package org.sufficientlysecure.keychain.util;
|
|||
|
||||
import android.content.Context;
|
||||
import android.content.SharedPreferences;
|
||||
import android.os.Build;
|
||||
|
||||
import org.spongycastle.bcpg.CompressionAlgorithmTags;
|
||||
import org.spongycastle.bcpg.HashAlgorithmTags;
|
||||
import org.spongycastle.openpgp.PGPEncryptedData;
|
||||
import org.sufficientlysecure.keychain.Constants;
|
||||
import org.sufficientlysecure.keychain.Constants.Pref;
|
||||
|
||||
|
|
@ -99,60 +95,6 @@ public class Preferences {
|
|||
editor.commit();
|
||||
}
|
||||
|
||||
public int getDefaultEncryptionAlgorithm() {
|
||||
return mSharedPreferences.getInt(Constants.Pref.DEFAULT_ENCRYPTION_ALGORITHM,
|
||||
PGPEncryptedData.AES_256);
|
||||
}
|
||||
|
||||
public void setDefaultEncryptionAlgorithm(int value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putInt(Constants.Pref.DEFAULT_ENCRYPTION_ALGORITHM, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public int getDefaultHashAlgorithm() {
|
||||
return mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM,
|
||||
HashAlgorithmTags.SHA256);
|
||||
}
|
||||
|
||||
public void setDefaultHashAlgorithm(int value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public int getDefaultMessageCompression() {
|
||||
return mSharedPreferences.getInt(Constants.Pref.DEFAULT_MESSAGE_COMPRESSION,
|
||||
CompressionAlgorithmTags.ZLIB);
|
||||
}
|
||||
|
||||
public void setDefaultMessageCompression(int value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putInt(Constants.Pref.DEFAULT_MESSAGE_COMPRESSION, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public int getDefaultFileCompression() {
|
||||
return mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION,
|
||||
CompressionAlgorithmTags.UNCOMPRESSED);
|
||||
}
|
||||
|
||||
public void setDefaultFileCompression(int value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public boolean getDefaultAsciiArmor() {
|
||||
return mSharedPreferences.getBoolean(Constants.Pref.DEFAULT_ASCII_ARMOR, false);
|
||||
}
|
||||
|
||||
public void setDefaultAsciiArmor(boolean value) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putBoolean(Constants.Pref.DEFAULT_ASCII_ARMOR, value);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public boolean getCachedConsolidate() {
|
||||
return mSharedPreferences.getBoolean(Pref.CACHED_CONSOLIDATE, false);
|
||||
}
|
||||
|
|
@ -228,16 +170,6 @@ public class Preferences {
|
|||
editor.commit();
|
||||
}
|
||||
|
||||
public void setWriteVersionHeader(boolean conceal) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putBoolean(Constants.Pref.WRITE_VERSION_HEADER, conceal);
|
||||
editor.commit();
|
||||
}
|
||||
|
||||
public boolean getWriteVersionHeader() {
|
||||
return mSharedPreferences.getBoolean(Constants.Pref.WRITE_VERSION_HEADER, false);
|
||||
}
|
||||
|
||||
public void setSearchKeyserver(boolean searchKeyserver) {
|
||||
SharedPreferences.Editor editor = mSharedPreferences.edit();
|
||||
editor.putBoolean(Pref.SEARCH_KEYSERVER, searchKeyserver);
|
||||
|
|
@ -299,32 +231,9 @@ public class Preferences {
|
|||
|
||||
}
|
||||
setKeyServers(servers.toArray(new String[servers.size()]));
|
||||
|
||||
// migrate old uncompressed constant to new one
|
||||
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0)
|
||||
== 0x21070001) {
|
||||
setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
|
||||
}
|
||||
|
||||
// migrate away from MD5
|
||||
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
|
||||
== HashAlgorithmTags.MD5) {
|
||||
setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
|
||||
}
|
||||
}
|
||||
// fall through
|
||||
case 4: {
|
||||
// for compatibility: change from SHA512 to SHA256
|
||||
if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
|
||||
== HashAlgorithmTags.SHA512) {
|
||||
setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
|
||||
}
|
||||
}
|
||||
// fall through
|
||||
case 5: {
|
||||
// use preferred hash and encryption algo setting
|
||||
setDefaultHashAlgorithm(Constants.OpenKeychainHashAlgorithmTags.USE_PREFERRED);
|
||||
setDefaultEncryptionAlgorithm(Constants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,4 +12,9 @@
|
|||
android:id="@+id/check_delete_after_encrypt"
|
||||
android:title="@string/label_delete_after_encryption"
|
||||
android:checkable="true" />
|
||||
<item
|
||||
android:id="@+id/check_enable_compression"
|
||||
android:title="@string/label_enable_compression"
|
||||
android:checked="true"
|
||||
android:checkable="true" />
|
||||
</menu>
|
||||
|
|
@ -4,4 +4,9 @@
|
|||
android:id="@+id/check_use_symmetric"
|
||||
android:title="@string/label_symmetric"
|
||||
android:checkable="true" />
|
||||
<item
|
||||
android:id="@+id/check_enable_compression"
|
||||
android:title="@string/label_enable_compression"
|
||||
android:checked="true"
|
||||
android:checkable="true" />
|
||||
</menu>
|
||||
|
|
@ -161,6 +161,7 @@
|
|||
<string name="expiry_date_dialog_title">"Set expiry date"</string>
|
||||
<string name="label_first_keyserver_is_used">"(First keyserver listed is preferred)"</string>
|
||||
<string name="label_preferred">"preferred"</string>
|
||||
<string name="label_enable_compression">"Enable compression"</string>
|
||||
|
||||
<string name="user_id_no_name">"<no name>"</string>
|
||||
<string name="none">"<none>"</string>
|
||||
|
|
|
|||
|
|
@ -1,52 +1,23 @@
|
|||
<PreferenceScreen xmlns:android="http://schemas.android.com/apk/res/android">
|
||||
<PreferenceCategory android:title="@string/section_defaults">
|
||||
<CheckBoxPreference
|
||||
android:key="writeVersionHeader"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_write_version_header"
|
||||
android:summary="@string/label_write_version_header_summary" />
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:key="defaultEncryptionAlgorithm"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_encryption_algorithm" />
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:key="defaultHashAlgorithm"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_hash_algorithm" />
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:key="defaultMessageCompression"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_message_compression" />
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:key="defaultFileCompression"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_file_compression" />
|
||||
<CheckBoxPreference
|
||||
android:key="defaultAsciiArmor"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_ascii_armor" />
|
||||
</PreferenceCategory>
|
||||
<PreferenceCategory android:title="@string/section_passphrase_cache">
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:entries="@array/passphrase_cache_ttl_entries"
|
||||
android:entryValues="@array/passphrase_cache_ttl_values"
|
||||
android:key="passphraseCacheTtl"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_passphrase_cache_ttl" />
|
||||
<CheckBoxPreference
|
||||
android:key="passphraseCacheSubs"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_passphrase_cache_subs" />
|
||||
<CheckBoxPreference
|
||||
android:key="useDefaultYubikeyPin"
|
||||
android:persistent="false"
|
||||
android:defaultValue="true"
|
||||
android:title="@string/label_use_default_yubikey_pin"
|
||||
android:summary="@string/label_label_use_default_yubikey_pin_summary" />
|
||||
<CheckBoxPreference
|
||||
android:key="useNumKeypadForYubikeyPin"
|
||||
android:persistent="false"
|
||||
android:defaultValue="false"
|
||||
android:title="@string/label_use_num_keypad_for_yubikey_pin" />
|
||||
</PreferenceCategory>
|
||||
<org.sufficientlysecure.keychain.ui.widget.IntegerListPreference
|
||||
android:entries="@array/passphrase_cache_ttl_entries"
|
||||
android:entryValues="@array/passphrase_cache_ttl_values"
|
||||
android:key="passphraseCacheTtl"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_passphrase_cache_ttl" />
|
||||
<CheckBoxPreference
|
||||
android:key="passphraseCacheSubs"
|
||||
android:persistent="false"
|
||||
android:title="@string/label_passphrase_cache_subs" />
|
||||
<CheckBoxPreference
|
||||
android:key="useDefaultYubikeyPin"
|
||||
android:persistent="false"
|
||||
android:defaultValue="true"
|
||||
android:title="@string/label_use_default_yubikey_pin"
|
||||
android:summary="@string/label_label_use_default_yubikey_pin_summary" />
|
||||
<CheckBoxPreference
|
||||
android:key="useNumKeypadForYubikeyPin"
|
||||
android:persistent="false"
|
||||
android:defaultValue="false"
|
||||
android:title="@string/label_use_num_keypad_for_yubikey_pin" />
|
||||
</PreferenceScreen>
|
||||
|
|
|
|||
|
|
@ -4,5 +4,5 @@
|
|||
android:title="@string/section_cloud_search" />
|
||||
<header
|
||||
android:fragment="org.sufficientlysecure.keychain.ui.SettingsActivity$AdvancedPrefsFragment"
|
||||
android:title="@string/section_advanced" />
|
||||
android:title="@string/section_passphrase_cache" />
|
||||
</preference-headers>
|
||||
|
|
|
|||
Loading…
Reference in New Issue