This commit is contained in:
Dominik Schürmann 2015-03-10 11:34:35 +01:00
parent b3257e0ffa
commit f13953e8fc
12 changed files with 633 additions and 280 deletions

View File

@ -711,6 +711,12 @@
android:label="@string/app_name" android:label="@string/app_name"
android:launchMode="singleTop" android:launchMode="singleTop"
android:process=":remote_api" /> android:process=":remote_api" />
<activity
android:name=".remote.ui.SelectSignKeyIdActivity"
android:exported="false"
android:label="@string/app_name"
android:launchMode="singleTop"
android:process=":remote_api" />
<activity <activity
android:name=".remote.ui.AppSettingsActivity" android:name=".remote.ui.AppSettingsActivity"
android:configChanges="orientation|screenSize|keyboardHidden|keyboard" android:configChanges="orientation|screenSize|keyboardHidden|keyboard"

View File

@ -28,6 +28,7 @@ import android.net.Uri;
import android.os.RemoteException; import android.os.RemoteException;
import android.support.v4.util.LongSparseArray; import android.support.v4.util.LongSparseArray;
import org.spongycastle.bcpg.CompressionAlgorithmTags;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R; import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing; import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
@ -43,6 +44,7 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing;
import org.sufficientlysecure.keychain.pgp.KeyRing; import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.pgp.PgpConstants;
import org.sufficientlysecure.keychain.pgp.PgpHelper; import org.sufficientlysecure.keychain.pgp.PgpHelper;
import org.sufficientlysecure.keychain.pgp.Progressable; import org.sufficientlysecure.keychain.pgp.Progressable;
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
@ -81,15 +83,15 @@ import java.util.Iterator;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
/** This class contains high level methods for database access. Despite its /**
* This class contains high level methods for database access. Despite its
* name, it is not only a helper but actually the main interface for all * name, it is not only a helper but actually the main interface for all
* synchronous database operations. * synchronous database operations.
* * <p/>
* Operations in this class write logs. These can be obtained from the * Operations in this class write logs. These can be obtained from the
* OperationResultParcel return values directly, but are also accumulated over * OperationResultParcel return values directly, but are also accumulated over
* the lifetime of the executing ProviderHelper object unless the resetLog() * the lifetime of the executing ProviderHelper object unless the resetLog()
* method is called to start a new one specifically. * method is called to start a new one specifically.
*
*/ */
public class ProviderHelper { public class ProviderHelper {
private final Context mContext; private final Context mContext;
@ -126,12 +128,13 @@ public class ProviderHelper {
} }
public void log(LogType type) { public void log(LogType type) {
if(mLog != null) { if (mLog != null) {
mLog.add(type, mIndent); mLog.add(type, mIndent);
} }
} }
public void log(LogType type, Object... parameters) { public void log(LogType type, Object... parameters) {
if(mLog != null) { if (mLog != null) {
mLog.add(type, mIndent, parameters); mLog.add(type, mIndent, parameters);
} }
} }
@ -213,7 +216,7 @@ public class ProviderHelper {
} }
private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() { private LongSparseArray<CanonicalizedPublicKey> getTrustedMasterKeys() {
Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[] { Cursor cursor = mContentResolver.query(KeyRings.buildUnifiedKeyRingsUri(), new String[]{
KeyRings.MASTER_KEY_ID, KeyRings.MASTER_KEY_ID,
// we pick from cache only information that is not easily available from keyrings // we pick from cache only information that is not easily available from keyrings
KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED, KeyRings.HAS_ANY_SECRET, KeyRings.VERIFIED,
@ -288,7 +291,7 @@ public class ProviderHelper {
boolean hasAnySecret = cursor.getInt(0) > 0; boolean hasAnySecret = cursor.getInt(0) > 0;
int verified = cursor.getInt(1); int verified = cursor.getInt(1);
byte[] blob = cursor.getBlob(2); byte[] blob = cursor.getBlob(2);
if(secret &! hasAnySecret) { if (secret & !hasAnySecret) {
throw new NotFoundException("Secret key not available!"); throw new NotFoundException("Secret key not available!");
} }
return secret return secret
@ -305,7 +308,7 @@ public class ProviderHelper {
} }
// bits, in order: CESA. make SURE these are correct, we will get bad log entries otherwise!! // bits, in order: CESA. make SURE these are correct, we will get bad log entries otherwise!!
static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[] { static final LogType LOG_TYPES_FLAG_MASTER[] = new LogType[]{
LogType.MSG_IP_MASTER_FLAGS_XXXX, LogType.MSG_IP_MASTER_FLAGS_CXXX, LogType.MSG_IP_MASTER_FLAGS_XXXX, LogType.MSG_IP_MASTER_FLAGS_CXXX,
LogType.MSG_IP_MASTER_FLAGS_XEXX, LogType.MSG_IP_MASTER_FLAGS_CEXX, LogType.MSG_IP_MASTER_FLAGS_XEXX, LogType.MSG_IP_MASTER_FLAGS_CEXX,
LogType.MSG_IP_MASTER_FLAGS_XXSX, LogType.MSG_IP_MASTER_FLAGS_CXSX, LogType.MSG_IP_MASTER_FLAGS_XXSX, LogType.MSG_IP_MASTER_FLAGS_CXSX,
@ -317,7 +320,7 @@ public class ProviderHelper {
}; };
// same as above, but for subkeys // same as above, but for subkeys
static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[] { static final LogType LOG_TYPES_FLAG_SUBKEY[] = new LogType[]{
LogType.MSG_IP_SUBKEY_FLAGS_XXXX, LogType.MSG_IP_SUBKEY_FLAGS_CXXX, LogType.MSG_IP_SUBKEY_FLAGS_XXXX, LogType.MSG_IP_SUBKEY_FLAGS_CXXX,
LogType.MSG_IP_SUBKEY_FLAGS_XEXX, LogType.MSG_IP_SUBKEY_FLAGS_CEXX, LogType.MSG_IP_SUBKEY_FLAGS_XEXX, LogType.MSG_IP_SUBKEY_FLAGS_CEXX,
LogType.MSG_IP_SUBKEY_FLAGS_XXSX, LogType.MSG_IP_SUBKEY_FLAGS_CXSX, LogType.MSG_IP_SUBKEY_FLAGS_XXSX, LogType.MSG_IP_SUBKEY_FLAGS_CXSX,
@ -328,8 +331,9 @@ public class ProviderHelper {
LogType.MSG_IP_SUBKEY_FLAGS_XESA, LogType.MSG_IP_SUBKEY_FLAGS_CESA LogType.MSG_IP_SUBKEY_FLAGS_XESA, LogType.MSG_IP_SUBKEY_FLAGS_CESA
}; };
/** Saves an UncachedKeyRing of the public variant into the db. /**
* * Saves an UncachedKeyRing of the public variant into the db.
* <p/>
* This method will not delete all previous data for this masterKeyId from the database prior * This method will not delete all previous data for this masterKeyId from the database prior
* to inserting. All public data is effectively re-inserted, secret keyrings are left deleted * to inserting. All public data is effectively re-inserted, secret keyrings are left deleted
* and need to be saved externally to be preserved past the operation. * and need to be saved externally to be preserved past the operation.
@ -403,7 +407,7 @@ public class ProviderHelper {
if (key.getKeyUsage() == null) { if (key.getKeyUsage() == null) {
log(LogType.MSG_IP_MASTER_FLAGS_UNSPECIFIED); log(LogType.MSG_IP_MASTER_FLAGS_UNSPECIFIED);
} else { } else {
log(LOG_TYPES_FLAG_MASTER[(c?1:0) + (e?2:0) + (s?4:0) + (a?8:0)]); log(LOG_TYPES_FLAG_MASTER[(c ? 1 : 0) + (e ? 2 : 0) + (s ? 4 : 0) + (a ? 8 : 0)]);
} }
} else { } else {
if (key.getKeyUsage() == null) { if (key.getKeyUsage() == null) {
@ -492,7 +496,7 @@ public class ProviderHelper {
try { try {
cert.init(trustedKey); cert.init(trustedKey);
// if it doesn't certify, leave a note and skip // if it doesn't certify, leave a note and skip
if ( ! cert.verifySignature(masterKey, rawUserId)) { if (!cert.verifySignature(masterKey, rawUserId)) {
log(LogType.MSG_IP_UID_CERT_BAD); log(LogType.MSG_IP_UID_CERT_BAD);
continue; continue;
} }
@ -537,7 +541,7 @@ public class ProviderHelper {
ArrayList<WrappedUserAttribute> userAttributes = masterKey.getUnorderedUserAttributes(); ArrayList<WrappedUserAttribute> userAttributes = masterKey.getUnorderedUserAttributes();
// Don't spam the log if there aren't even any attributes // Don't spam the log if there aren't even any attributes
if ( ! userAttributes.isEmpty()) { if (!userAttributes.isEmpty()) {
log(LogType.MSG_IP_UAT_CLASSIFYING); log(LogType.MSG_IP_UAT_CLASSIFYING);
} }
@ -592,7 +596,7 @@ public class ProviderHelper {
try { try {
cert.init(trustedKey); cert.init(trustedKey);
// if it doesn't certify, leave a note and skip // if it doesn't certify, leave a note and skip
if ( ! cert.verifySignature(masterKey, userAttribute)) { if (!cert.verifySignature(masterKey, userAttribute)) {
log(LogType.MSG_IP_UAT_CERT_BAD); log(LogType.MSG_IP_UAT_CERT_BAD);
continue; continue;
} }
@ -660,7 +664,7 @@ public class ProviderHelper {
selfCertsAreTrusted ? Certs.VERIFIED_SECRET : Certs.VERIFIED_SELF)); selfCertsAreTrusted ? Certs.VERIFIED_SECRET : Certs.VERIFIED_SELF));
// iterate over signatures // iterate over signatures
for (int i = 0; i < item.trustedCerts.size() ; i++) { for (int i = 0; i < item.trustedCerts.size(); i++) {
WrappedSignature sig = item.trustedCerts.valueAt(i); WrappedSignature sig = item.trustedCerts.valueAt(i);
// if it's a revocation // if it's a revocation
if (sig.isRevocation()) { if (sig.isRevocation()) {
@ -725,7 +729,7 @@ public class ProviderHelper {
public int compareTo(UserPacketItem o) { public int compareTo(UserPacketItem o) {
// revoked keys always come last! // revoked keys always come last!
//noinspection DoubleNegation //noinspection DoubleNegation
if ( (selfRevocation != null) != (o.selfRevocation != null)) { if ((selfRevocation != null) != (o.selfRevocation != null)) {
return selfRevocation != null ? 1 : -1; return selfRevocation != null ? 1 : -1;
} }
// if one is a user id, but the other isn't, the user id always comes first. // if one is a user id, but the other isn't, the user id always comes first.
@ -742,7 +746,8 @@ public class ProviderHelper {
} }
} }
/** Saves an UncachedKeyRing of the secret variant into the db. /**
* Saves an UncachedKeyRing of the secret variant into the db.
* This method will fail if no corresponding public keyring is in the database! * This method will fail if no corresponding public keyring is in the database!
*/ */
private int saveCanonicalizedSecretKeyRing(CanonicalizedSecretKeyRing keyRing) { private int saveCanonicalizedSecretKeyRing(CanonicalizedSecretKeyRing keyRing) {
@ -789,7 +794,7 @@ public class ProviderHelper {
SecretKeyType mode = sub.getSecretKeyType(); SecretKeyType mode = sub.getSecretKeyType();
values.put(Keys.HAS_SECRET, mode.getNum()); values.put(Keys.HAS_SECRET, mode.getNum());
int upd = mContentResolver.update(uri, values, Keys.KEY_ID + " = ?", int upd = mContentResolver.update(uri, values, Keys.KEY_ID + " = ?",
new String[]{ Long.toString(id) }); new String[]{Long.toString(id)});
if (upd == 1) { if (upd == 1) {
switch (mode) { switch (mode) {
case PASSPHRASE: case PASSPHRASE:
@ -843,8 +848,9 @@ public class ProviderHelper {
return savePublicKeyRing(keyRing, new ProgressScaler()); return savePublicKeyRing(keyRing, new ProgressScaler());
} }
/** Save a public keyring into the database. /**
* * Save a public keyring into the database.
* <p/>
* This is a high level method, which takes care of merging all new information into the old and * This is a high level method, which takes care of merging all new information into the old and
* keep public and secret keyrings in sync. * keep public and secret keyrings in sync.
*/ */
@ -949,7 +955,7 @@ public class ProviderHelper {
log(LogType.MSG_IS, KeyFormattingUtils.convertKeyIdToHex(masterKeyId)); log(LogType.MSG_IS, KeyFormattingUtils.convertKeyIdToHex(masterKeyId));
mIndent += 1; mIndent += 1;
if ( ! secretRing.isSecret()) { if (!secretRing.isSecret()) {
log(LogType.MSG_IS_BAD_TYPE_PUBLIC); log(LogType.MSG_IS_BAD_TYPE_PUBLIC);
return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null); return new SaveKeyringResult(SaveKeyringResult.RESULT_ERROR, mLog, null);
} }
@ -1420,9 +1426,13 @@ public class ProviderHelper {
ContentValues values = new ContentValues(); ContentValues values = new ContentValues();
values.put(KeychainContract.ApiAccounts.ACCOUNT_NAME, accSettings.getAccountName()); values.put(KeychainContract.ApiAccounts.ACCOUNT_NAME, accSettings.getAccountName());
values.put(KeychainContract.ApiAccounts.KEY_ID, accSettings.getKeyId()); values.put(KeychainContract.ApiAccounts.KEY_ID, accSettings.getKeyId());
values.put(KeychainContract.ApiAccounts.COMPRESSION, accSettings.getCompression());
values.put(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM, accSettings.getEncryptionAlgorithm()); // DEPRECATED and thus hardcoded
values.put(KeychainContract.ApiAccounts.HASH_ALORITHM, accSettings.getHashAlgorithm()); values.put(KeychainContract.ApiAccounts.COMPRESSION, CompressionAlgorithmTags.ZLIB);
values.put(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM,
PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED);
values.put(KeychainContract.ApiAccounts.HASH_ALORITHM,
PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED);
return values; return values;
} }
@ -1478,12 +1488,6 @@ public class ProviderHelper {
cursor.getColumnIndex(KeychainContract.ApiAccounts.ACCOUNT_NAME))); cursor.getColumnIndex(KeychainContract.ApiAccounts.ACCOUNT_NAME)));
settings.setKeyId(cursor.getLong( settings.setKeyId(cursor.getLong(
cursor.getColumnIndex(KeychainContract.ApiAccounts.KEY_ID))); cursor.getColumnIndex(KeychainContract.ApiAccounts.KEY_ID)));
settings.setCompression(cursor.getInt(
cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.COMPRESSION)));
settings.setHashAlgorithm(cursor.getInt(
cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.HASH_ALORITHM)));
settings.setEncryptionAlgorithm(cursor.getInt(
cursor.getColumnIndexOrThrow(KeychainContract.ApiAccounts.ENCRYPTION_ALGORITHM)));
} }
} finally { } finally {
if (cursor != null) { if (cursor != null) {
@ -1547,26 +1551,32 @@ public class ProviderHelper {
} }
} }
public void addAllowedKeyIdForApp(Uri uri, long allowedKeyId) {
ContentValues values = new ContentValues();
values.put(ApiAllowedKeys.KEY_ID, allowedKeyId);
mContentResolver.insert(uri, values);
}
public Set<String> getAllFingerprints(Uri uri) { public Set<String> getAllFingerprints(Uri uri) {
Set<String> fingerprints = new HashSet<>(); Set<String> fingerprints = new HashSet<>();
String[] projection = new String[]{KeyRings.FINGERPRINT}; String[] projection = new String[]{KeyRings.FINGERPRINT};
Cursor cursor = mContentResolver.query(uri, projection, null, null, null); Cursor cursor = mContentResolver.query(uri, projection, null, null, null);
try { try {
if(cursor != null) { if (cursor != null) {
int fingerprintColumn = cursor.getColumnIndex(KeyRings.FINGERPRINT); int fingerprintColumn = cursor.getColumnIndex(KeyRings.FINGERPRINT);
while(cursor.moveToNext()) { while (cursor.moveToNext()) {
fingerprints.add( fingerprints.add(
KeyFormattingUtils.convertFingerprintToHex(cursor.getBlob(fingerprintColumn)) KeyFormattingUtils.convertFingerprintToHex(cursor.getBlob(fingerprintColumn))
); );
} }
} }
} finally { } finally {
if (cursor != null) { if (cursor != null) {
cursor.close(); cursor.close();
} }
} }
return fingerprints; return fingerprints;
} }
public byte[] getApiAppSignature(String packageName) { public byte[] getApiAppSignature(String packageName) {
Uri queryUri = ApiApps.buildByPackageNameUri(packageName); Uri queryUri = ApiApps.buildByPackageNameUri(packageName);

View File

@ -17,17 +17,14 @@
package org.sufficientlysecure.keychain.remote; package org.sufficientlysecure.keychain.remote;
import org.spongycastle.bcpg.CompressionAlgorithmTags;
import org.spongycastle.bcpg.HashAlgorithmTags;
import org.spongycastle.openpgp.PGPEncryptedData;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
/**
* DEPRECATED API
*/
public class AccountSettings { public class AccountSettings {
private String mAccountName; private String mAccountName;
private long mKeyId = Constants.key.none; private long mKeyId = Constants.key.none;
private int mEncryptionAlgorithm;
private int mHashAlgorithm;
private int mCompression;
public AccountSettings() { public AccountSettings() {
@ -36,11 +33,6 @@ public class AccountSettings {
public AccountSettings(String accountName) { public AccountSettings(String accountName) {
super(); super();
this.mAccountName = accountName; this.mAccountName = accountName;
// defaults:
this.mEncryptionAlgorithm = PGPEncryptedData.AES_256;
this.mHashAlgorithm = HashAlgorithmTags.SHA256;
this.mCompression = CompressionAlgorithmTags.ZLIB;
} }
public String getAccountName() { public String getAccountName() {
@ -59,28 +51,4 @@ public class AccountSettings {
this.mKeyId = scretKeyId; this.mKeyId = scretKeyId;
} }
public int getEncryptionAlgorithm() {
return mEncryptionAlgorithm;
}
public void setEncryptionAlgorithm(int encryptionAlgorithm) {
this.mEncryptionAlgorithm = encryptionAlgorithm;
}
public int getHashAlgorithm() {
return mHashAlgorithm;
}
public void setHashAlgorithm(int hashAlgorithm) {
this.mHashAlgorithm = hashAlgorithm;
}
public int getCompression() {
return mCompression;
}
public void setCompression(int compression) {
this.mCompression = compression;
}
} }

View File

@ -47,6 +47,7 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables; import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
import org.sufficientlysecure.keychain.provider.ProviderHelper; import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity; import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity;
import org.sufficientlysecure.keychain.remote.ui.SelectSignKeyIdActivity;
import org.sufficientlysecure.keychain.ui.ImportKeysActivity; import org.sufficientlysecure.keychain.ui.ImportKeysActivity;
import org.sufficientlysecure.keychain.ui.NfcActivity; import org.sufficientlysecure.keychain.ui.NfcActivity;
import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity; import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity;
@ -232,8 +233,7 @@ public class OpenPgpService extends RemoteService {
} }
private Intent signImpl(Intent data, ParcelFileDescriptor input, private Intent signImpl(Intent data, ParcelFileDescriptor input,
ParcelFileDescriptor output, AccountSettings accSettings, ParcelFileDescriptor output, boolean cleartextSign) {
boolean cleartextSign) {
InputStream is = null; InputStream is = null;
OutputStream os = null; OutputStream os = null;
try { try {
@ -246,6 +246,17 @@ public class OpenPgpService extends RemoteService {
Log.d(Constants.TAG, "nfcSignedHash: null"); Log.d(Constants.TAG, "nfcSignedHash: null");
} }
Intent signKeyIdIntent = getSignKeyMasterId(data);
// NOTE: Fallback to return account settings (Old API)
if (signKeyIdIntent.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR)
== OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED) {
return signKeyIdIntent;
}
long signKeyId = signKeyIdIntent.getLongExtra(OpenPgpApi.EXTRA_SIGN_KEY_ID, Constants.key.none);
if (signKeyId == Constants.key.none) {
Log.e(Constants.TAG, "No signing key given!");
}
// carefully: only set if timestamp exists // carefully: only set if timestamp exists
Date nfcCreationDate = null; Date nfcCreationDate = null;
long nfcCreationTimestamp = data.getLongExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, -1); long nfcCreationTimestamp = data.getLongExtra(OpenPgpApi.EXTRA_NFC_SIG_CREATION_TIMESTAMP, -1);
@ -271,7 +282,7 @@ public class OpenPgpService extends RemoteService {
.setDetachedSignature(!cleartextSign) .setDetachedSignature(!cleartextSign)
.setVersionHeader(null) .setVersionHeader(null)
.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED) .setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
.setSignatureMasterKeyId(accSettings.getKeyId()) .setSignatureMasterKeyId(signKeyId)
.setNfcState(nfcSignedHash, nfcCreationDate); .setNfcState(nfcSignedHash, nfcCreationDate);
// execute PGP operation! // execute PGP operation!
@ -336,8 +347,7 @@ public class OpenPgpService extends RemoteService {
} }
private Intent encryptAndSignImpl(Intent data, ParcelFileDescriptor input, private Intent encryptAndSignImpl(Intent data, ParcelFileDescriptor input,
ParcelFileDescriptor output, AccountSettings accSettings, ParcelFileDescriptor output, boolean sign) {
boolean sign) {
InputStream is = null; InputStream is = null;
OutputStream os = null; OutputStream os = null;
try { try {
@ -347,6 +357,14 @@ public class OpenPgpService extends RemoteService {
originalFilename = ""; originalFilename = "";
} }
boolean enableCompression = data.getBooleanExtra(OpenPgpApi.EXTRA_ENABLE_COMPRESSION, true);
int compressionId;
if (enableCompression) {
compressionId = CompressionAlgorithmTags.ZLIB;
} else {
compressionId = CompressionAlgorithmTags.UNCOMPRESSED;
}
// first try to get key ids from non-ambiguous key id extra // first try to get key ids from non-ambiguous key id extra
long[] keyIds = data.getLongArrayExtra(OpenPgpApi.EXTRA_KEY_IDS); long[] keyIds = data.getLongArrayExtra(OpenPgpApi.EXTRA_KEY_IDS);
if (keyIds == null) { if (keyIds == null) {
@ -374,14 +392,24 @@ public class OpenPgpService extends RemoteService {
PgpSignEncryptInput pseInput = new PgpSignEncryptInput(); PgpSignEncryptInput pseInput = new PgpSignEncryptInput();
pseInput.setEnableAsciiArmorOutput(asciiArmor) pseInput.setEnableAsciiArmorOutput(asciiArmor)
.setVersionHeader(null) .setVersionHeader(null)
.setCompressionId(CompressionAlgorithmTags.UNCOMPRESSED) .setCompressionId(compressionId)
.setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED) .setSymmetricEncryptionAlgorithm(PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED)
.setEncryptionMasterKeyIds(keyIds) .setEncryptionMasterKeyIds(keyIds)
.setFailOnMissingEncryptionKeyIds(true) .setFailOnMissingEncryptionKeyIds(true);
.setAdditionalEncryptId(accSettings.getKeyId()); // add acc key for encryption
if (sign) { if (sign) {
Intent signKeyIdIntent = getSignKeyMasterId(data);
// NOTE: Fallback to return account settings (Old API)
if (signKeyIdIntent.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR)
== OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED) {
return signKeyIdIntent;
}
long signKeyId = signKeyIdIntent.getLongExtra(OpenPgpApi.EXTRA_SIGN_KEY_ID, Constants.key.none);
if (signKeyId == Constants.key.none) {
Log.e(Constants.TAG, "No signing key given!");
}
byte[] nfcSignedHash = data.getByteArrayExtra(OpenPgpApi.EXTRA_NFC_SIGNED_HASH); byte[] nfcSignedHash = data.getByteArrayExtra(OpenPgpApi.EXTRA_NFC_SIGNED_HASH);
// carefully: only set if timestamp exists // carefully: only set if timestamp exists
Date nfcCreationDate = null; Date nfcCreationDate = null;
@ -392,8 +420,9 @@ public class OpenPgpService extends RemoteService {
// sign and encrypt // sign and encrypt
pseInput.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED) pseInput.setSignatureHashAlgorithm(PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED)
.setSignatureMasterKeyId(accSettings.getKeyId()) .setSignatureMasterKeyId(signKeyId)
.setNfcState(nfcSignedHash, nfcCreationDate); .setNfcState(nfcSignedHash, nfcCreationDate)
.setAdditionalEncryptId(signKeyId); // add sign key for encryption
} }
PgpSignEncryptOperation op = new PgpSignEncryptOperation(this, new ProviderHelper(getContext()), null); PgpSignEncryptOperation op = new PgpSignEncryptOperation(this, new ProviderHelper(getContext()), null);
@ -455,8 +484,7 @@ public class OpenPgpService extends RemoteService {
} }
private Intent decryptAndVerifyImpl(Intent data, ParcelFileDescriptor input, private Intent decryptAndVerifyImpl(Intent data, ParcelFileDescriptor input,
ParcelFileDescriptor output, Set<Long> allowedKeyIds, ParcelFileDescriptor output, boolean decryptMetadataOnly) {
boolean decryptMetadataOnly) {
InputStream is = null; InputStream is = null;
OutputStream os = null; OutputStream os = null;
try { try {
@ -470,6 +498,16 @@ public class OpenPgpService extends RemoteService {
os = new ParcelFileDescriptor.AutoCloseOutputStream(output); os = new ParcelFileDescriptor.AutoCloseOutputStream(output);
} }
String currentPkg = getCurrentCallingPackage();
Set<Long> allowedKeyIds;
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 7) {
allowedKeyIds = mProviderHelper.getAllKeyIdsForApp(
ApiAccounts.buildBaseUri(currentPkg));
} else {
allowedKeyIds = mProviderHelper.getAllowedKeyIdsForApp(
KeychainContract.ApiAllowedKeys.buildBaseUri(currentPkg));
}
String passphrase = data.getStringExtra(OpenPgpApi.EXTRA_PASSPHRASE); String passphrase = data.getStringExtra(OpenPgpApi.EXTRA_PASSPHRASE);
long inputLength = is.available(); long inputLength = is.available();
InputData inputData = new InputData(is, inputLength); InputData inputData = new InputData(is, inputLength);
@ -516,9 +554,16 @@ public class OpenPgpService extends RemoteService {
} }
} else if (pgpResult.success()) { } else if (pgpResult.success()) {
Intent result = new Intent(); Intent result = new Intent();
int resultType = OpenPgpApi.RESULT_TYPE_UNENCRYPTED_UNSIGNED;
OpenPgpSignatureResult signatureResult = pgpResult.getSignatureResult(); OpenPgpSignatureResult signatureResult = pgpResult.getSignatureResult();
if (signatureResult != null) { if (signatureResult != null) {
resultType |= OpenPgpApi.RESULT_TYPE_SIGNED;
if (!signatureResult.isSignatureOnly()) {
resultType |= OpenPgpApi.RESULT_TYPE_ENCRYPTED;
}
result.putExtra(OpenPgpApi.RESULT_TYPE, resultType);
result.putExtra(OpenPgpApi.RESULT_SIGNATURE, signatureResult); result.putExtra(OpenPgpApi.RESULT_SIGNATURE, signatureResult);
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 5) { if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 5) {
@ -615,6 +660,27 @@ public class OpenPgpService extends RemoteService {
} }
} }
private Intent getSignKeyIdImpl(Intent data) {
String preferredUserId = data.getStringExtra(OpenPgpApi.EXTRA_USER_ID);
Intent intent = new Intent(getBaseContext(), SelectSignKeyIdActivity.class);
String currentPkg = getCurrentCallingPackage();
intent.setData(KeychainContract.ApiApps.buildByPackageNameUri(currentPkg));
intent.putExtra(SelectSignKeyIdActivity.EXTRA_USER_ID, preferredUserId);
intent.putExtra(SelectSignKeyIdActivity.EXTRA_DATA, data);
PendingIntent pi = PendingIntent.getActivity(getBaseContext(), 0,
intent,
PendingIntent.FLAG_CANCEL_CURRENT);
// return PendingIntent to be executed by client
Intent result = new Intent();
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
result.putExtra(OpenPgpApi.RESULT_INTENT, pi);
return result;
}
private Intent getKeyIdsImpl(Intent data) { private Intent getKeyIdsImpl(Intent data) {
// if data already contains key ids extra GET_KEY_IDS has been executed again // if data already contains key ids extra GET_KEY_IDS has been executed again
// after user interaction. Then, we just need to return the array again! // after user interaction. Then, we just need to return the array again!
@ -632,6 +698,35 @@ public class OpenPgpService extends RemoteService {
} }
} }
private Intent getSignKeyMasterId(Intent data) {
// NOTE: Accounts are deprecated on API version >= 7
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 7) {
String accName = data.getStringExtra(OpenPgpApi.EXTRA_ACCOUNT_NAME);
// if no account name is given use name "default"
if (TextUtils.isEmpty(accName)) {
accName = "default";
}
Log.d(Constants.TAG, "accName: " + accName);
// fallback to old API
final AccountSettings accSettings = getAccSettings(accName);
if (accSettings == null || (accSettings.getKeyId() == Constants.key.none)) {
return getCreateAccountIntent(data, accName);
}
// NOTE: just wrapping the key id
Intent result = new Intent();
result.putExtra(OpenPgpApi.EXTRA_SIGN_KEY_ID, accSettings.getKeyId());
return result;
} else {
long signKeyId = data.getLongExtra(OpenPgpApi.EXTRA_SIGN_KEY_ID, Constants.key.none);
if (signKeyId == Constants.key.none) {
return getSignKeyIdImpl(data);
}
return data;
}
}
/** /**
* Check requirements: * Check requirements:
* - params != null * - params != null
@ -657,12 +752,13 @@ public class OpenPgpService extends RemoteService {
if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 3 if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 3
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 4 && data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 4
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 5 && data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 5
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 6) { && data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 6
&& data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) != 7) {
Intent result = new Intent(); Intent result = new Intent();
OpenPgpError error = new OpenPgpError OpenPgpError error = new OpenPgpError
(OpenPgpError.INCOMPATIBLE_API_VERSIONS, "Incompatible API versions!\n" (OpenPgpError.INCOMPATIBLE_API_VERSIONS, "Incompatible API versions!\n"
+ "used API version: " + data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) + "\n" + "used API version: " + data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) + "\n"
+ "supported API versions: 3, 4, 5, 6"); + "supported API versions: 3-7");
result.putExtra(OpenPgpApi.RESULT_ERROR, error); result.putExtra(OpenPgpApi.RESULT_ERROR, error);
result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR); result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
return result; return result;
@ -677,16 +773,6 @@ public class OpenPgpService extends RemoteService {
return null; return null;
} }
private String getAccountName(Intent data) {
String accName = data.getStringExtra(OpenPgpApi.EXTRA_ACCOUNT_NAME);
// if no account name is given use name "default"
if (TextUtils.isEmpty(accName)) {
accName = "default";
}
Log.d(Constants.TAG, "accName: " + accName);
return accName;
}
// TODO: multi-threading // TODO: multi-threading
private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() { private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() {
@ -698,41 +784,29 @@ public class OpenPgpService extends RemoteService {
return errorResult; return errorResult;
} }
String accName = getAccountName(data);
final AccountSettings accSettings = getAccSettings(accName);
if (accSettings == null) {
return getCreateAccountIntent(data, accName);
}
String action = data.getAction(); String action = data.getAction();
if (OpenPgpApi.ACTION_CLEARTEXT_SIGN.equals(action)) { if (OpenPgpApi.ACTION_CLEARTEXT_SIGN.equals(action)) {
return signImpl(data, input, output, accSettings, true); return signImpl(data, input, output, true);
} else if (OpenPgpApi.ACTION_SIGN.equals(action)) { } else if (OpenPgpApi.ACTION_SIGN.equals(action)) {
// DEPRECATED: same as ACTION_CLEARTEXT_SIGN // DEPRECATED: same as ACTION_CLEARTEXT_SIGN
Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!"); Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!");
return signImpl(data, input, output, accSettings, true); return signImpl(data, input, output, true);
} else if (OpenPgpApi.ACTION_DETACHED_SIGN.equals(action)) { } else if (OpenPgpApi.ACTION_DETACHED_SIGN.equals(action)) {
return signImpl(data, input, output, accSettings, false); return signImpl(data, input, output, false);
} else if (OpenPgpApi.ACTION_ENCRYPT.equals(action)) { } else if (OpenPgpApi.ACTION_ENCRYPT.equals(action)) {
return encryptAndSignImpl(data, input, output, accSettings, false); return encryptAndSignImpl(data, input, output, false);
} else if (OpenPgpApi.ACTION_SIGN_AND_ENCRYPT.equals(action)) { } else if (OpenPgpApi.ACTION_SIGN_AND_ENCRYPT.equals(action)) {
return encryptAndSignImpl(data, input, output, accSettings, true); return encryptAndSignImpl(data, input, output, true);
} else if (OpenPgpApi.ACTION_DECRYPT_VERIFY.equals(action)) { } else if (OpenPgpApi.ACTION_DECRYPT_VERIFY.equals(action)) {
String currentPkg = getCurrentCallingPackage(); return decryptAndVerifyImpl(data, input, output, false);
Set<Long> allowedKeyIds =
mProviderHelper.getAllKeyIdsForApp(
ApiAccounts.buildBaseUri(currentPkg));
return decryptAndVerifyImpl(data, input, output, allowedKeyIds, false);
} else if (OpenPgpApi.ACTION_DECRYPT_METADATA.equals(action)) { } else if (OpenPgpApi.ACTION_DECRYPT_METADATA.equals(action)) {
String currentPkg = getCurrentCallingPackage(); return decryptAndVerifyImpl(data, input, output, true);
Set<Long> allowedKeyIds = } else if (OpenPgpApi.ACTION_GET_SIGN_KEY_ID.equals(action)) {
mProviderHelper.getAllKeyIdsForApp( return getSignKeyIdImpl(data);
ApiAccounts.buildBaseUri(currentPkg));
return decryptAndVerifyImpl(data, input, output, allowedKeyIds, true);
} else if (OpenPgpApi.ACTION_GET_KEY.equals(action)) {
return getKeyImpl(data);
} else if (OpenPgpApi.ACTION_GET_KEY_IDS.equals(action)) { } else if (OpenPgpApi.ACTION_GET_KEY_IDS.equals(action)) {
return getKeyIdsImpl(data); return getKeyIdsImpl(data);
} else if (OpenPgpApi.ACTION_GET_KEY.equals(action)) {
return getKeyImpl(data);
} else { } else {
return null; return null;
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2013-2014 Dominik Schürmann <dominik@dominikschuermann.de> * Copyright (C) 2013-2015 Dominik Schürmann <dominik@dominikschuermann.de>
* *
* This program is free software: you can redistribute it and/or modify * This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -154,9 +154,9 @@ public abstract class RemoteService extends Service {
} }
/** /**
* Retrieves AccountSettings from database for the application calling this remote service * DEPRECATED API
* *
* @return * Retrieves AccountSettings from database for the application calling this remote service
*/ */
protected AccountSettings getAccSettings(String accountName) { protected AccountSettings getAccSettings(String accountName) {
String currentPkg = getCurrentCallingPackage(); String currentPkg = getCurrentCallingPackage();
@ -164,11 +164,12 @@ public abstract class RemoteService extends Service {
Uri uri = KeychainContract.ApiAccounts.buildByPackageAndAccountUri(currentPkg, accountName); Uri uri = KeychainContract.ApiAccounts.buildByPackageAndAccountUri(currentPkg, accountName);
AccountSettings settings = mProviderHelper.getApiAccountSettings(uri); return mProviderHelper.getApiAccountSettings(uri); // can be null!
return settings; // can be null!
} }
/**
* Deprecated API
*/
protected Intent getCreateAccountIntent(Intent data, String accountName) { protected Intent getCreateAccountIntent(Intent data, String accountName) {
String packageName = getCurrentCallingPackage(); String packageName = getCurrentCallingPackage();
Log.d(Constants.TAG, "getCreateAccountIntent accountName: " + accountName); Log.d(Constants.TAG, "getCreateAccountIntent accountName: " + accountName);

View File

@ -89,9 +89,10 @@ public class AccountSettingsActivity extends BaseActivity {
@Override @Override
public boolean onOptionsItemSelected(MenuItem item) { public boolean onOptionsItemSelected(MenuItem item) {
switch (item.getItemId()) { switch (item.getItemId()) {
case R.id.menu_account_settings_delete: case R.id.menu_account_settings_delete: {
deleteAccount(); deleteAccount();
return true; return true;
}
} }
return super.onOptionsItemSelected(item); return super.onOptionsItemSelected(item);
} }

View File

@ -24,9 +24,6 @@ import android.support.v4.app.Fragment;
import android.view.LayoutInflater; import android.view.LayoutInflater;
import android.view.View; import android.view.View;
import android.view.ViewGroup; import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.AdapterView.OnItemSelectedListener;
import android.widget.Spinner;
import android.widget.TextView; import android.widget.TextView;
import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.Constants;
@ -36,10 +33,8 @@ import org.sufficientlysecure.keychain.operations.results.SaveKeyringResult;
import org.sufficientlysecure.keychain.pgp.KeyRing; import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.remote.AccountSettings; import org.sufficientlysecure.keychain.remote.AccountSettings;
import org.sufficientlysecure.keychain.ui.CreateKeyActivity; import org.sufficientlysecure.keychain.ui.CreateKeyActivity;
import org.sufficientlysecure.keychain.ui.adapter.KeyValueSpinnerAdapter;
import org.sufficientlysecure.keychain.ui.widget.KeySpinner; import org.sufficientlysecure.keychain.ui.widget.KeySpinner;
import org.sufficientlysecure.keychain.ui.widget.SignKeySpinner; import org.sufficientlysecure.keychain.ui.widget.SignKeySpinner;
import org.sufficientlysecure.keychain.util.AlgorithmNames;
import org.sufficientlysecure.keychain.util.Log; import org.sufficientlysecure.keychain.util.Log;
public class AccountSettingsFragment extends Fragment { public class AccountSettingsFragment extends Fragment {
@ -51,17 +46,10 @@ public class AccountSettingsFragment extends Fragment {
// view // view
private TextView mAccNameView; private TextView mAccNameView;
private Spinner mEncryptionAlgorithm;
private Spinner mHashAlgorithm;
private Spinner mCompression;
private SignKeySpinner mSelectKeySpinner; private SignKeySpinner mSelectKeySpinner;
private View mCreateKeyButton; private View mCreateKeyButton;
KeyValueSpinnerAdapter mEncryptionAdapter;
KeyValueSpinnerAdapter mHashAdapter;
KeyValueSpinnerAdapter mCompressionAdapter;
public AccountSettings getAccSettings() { public AccountSettings getAccSettings() {
return mAccSettings; return mAccSettings;
} }
@ -71,10 +59,6 @@ public class AccountSettingsFragment extends Fragment {
mAccNameView.setText(accountSettings.getAccountName()); mAccNameView.setText(accountSettings.getAccountName());
mSelectKeySpinner.setSelectedKeyId(accountSettings.getKeyId()); mSelectKeySpinner.setSelectedKeyId(accountSettings.getKeyId());
mEncryptionAlgorithm.setSelection(mEncryptionAdapter.getPosition(accountSettings
.getEncryptionAlgorithm()));
mHashAlgorithm.setSelection(mHashAdapter.getPosition(accountSettings.getHashAlgorithm()));
mCompression.setSelection(mCompressionAdapter.getPosition(accountSettings.getCompression()));
} }
/** /**
@ -90,10 +74,6 @@ public class AccountSettingsFragment extends Fragment {
private void initView(View view) { private void initView(View view) {
mSelectKeySpinner = (SignKeySpinner) view.findViewById(R.id.api_account_settings_key_spinner); mSelectKeySpinner = (SignKeySpinner) view.findViewById(R.id.api_account_settings_key_spinner);
mAccNameView = (TextView) view.findViewById(R.id.api_account_settings_acc_name); mAccNameView = (TextView) view.findViewById(R.id.api_account_settings_acc_name);
mEncryptionAlgorithm = (Spinner) view
.findViewById(R.id.api_account_settings_encryption_algorithm);
mHashAlgorithm = (Spinner) view.findViewById(R.id.api_account_settings_hash_algorithm);
mCompression = (Spinner) view.findViewById(R.id.api_account_settings_compression);
mCreateKeyButton = view.findViewById(R.id.api_account_settings_create_key); mCreateKeyButton = view.findViewById(R.id.api_account_settings_create_key);
mSelectKeySpinner.setOnKeyChangedListener(new KeySpinner.OnKeyChangedListener() { mSelectKeySpinner.setOnKeyChangedListener(new KeySpinner.OnKeyChangedListener() {
@ -109,52 +89,6 @@ public class AccountSettingsFragment extends Fragment {
createKey(); createKey();
} }
}); });
AlgorithmNames algorithmNames = new AlgorithmNames(getActivity());
mEncryptionAdapter = new KeyValueSpinnerAdapter(getActivity(),
algorithmNames.getEncryptionNames());
mEncryptionAlgorithm.setAdapter(mEncryptionAdapter);
mEncryptionAlgorithm.setOnItemSelectedListener(new OnItemSelectedListener() {
@Override
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
mAccSettings.setEncryptionAlgorithm((int) id);
}
@Override
public void onNothingSelected(AdapterView<?> parent) {
}
});
mHashAdapter = new KeyValueSpinnerAdapter(getActivity(), algorithmNames.getHashNames());
mHashAlgorithm.setAdapter(mHashAdapter);
mHashAlgorithm.setOnItemSelectedListener(new OnItemSelectedListener() {
@Override
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
mAccSettings.setHashAlgorithm((int) id);
}
@Override
public void onNothingSelected(AdapterView<?> parent) {
}
});
mCompressionAdapter = new KeyValueSpinnerAdapter(getActivity(),
algorithmNames.getCompressionNames());
mCompression.setAdapter(mCompressionAdapter);
mCompression.setOnItemSelectedListener(new OnItemSelectedListener() {
@Override
public void onItemSelected(AdapterView<?> parent, View view, int position, long id) {
mAccSettings.setCompression((int) id);
}
@Override
public void onNothingSelected(AdapterView<?> parent) {
}
});
} }
private void createKey() { private void createKey() {

View File

@ -0,0 +1,145 @@
/*
* Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.sufficientlysecure.keychain.remote.ui;
import android.app.Activity;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.view.View;
import android.widget.TextView;
import org.openintents.openpgp.util.OpenPgpApi;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.operations.results.OperationResult;
import org.sufficientlysecure.keychain.pgp.KeyRing;
import org.sufficientlysecure.keychain.ui.BaseActivity;
import org.sufficientlysecure.keychain.ui.CreateKeyActivity;
import org.sufficientlysecure.keychain.util.Log;
public class SelectSignKeyIdActivity extends BaseActivity {
public static final String EXTRA_USER_ID = OpenPgpApi.EXTRA_USER_ID;
public static final String EXTRA_DATA = "data";
private static final int REQUEST_CODE_CREATE_KEY = 0x00008884;
private Uri mAppUri;
private String mPreferredUserId;
private SelectSignKeyIdListFragment mListFragment;
private TextView mActionCreateKey;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
// Inflate a "Done" custom action bar
setFullScreenDialogClose(
new View.OnClickListener() {
@Override
public void onClick(View v) {
setResult(RESULT_CANCELED);
finish();
}
});
mActionCreateKey = (TextView) findViewById(R.id.api_select_sign_key_create_key);
mActionCreateKey.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
createKey(mPreferredUserId);
}
});
Intent intent = getIntent();
mAppUri = intent.getData();
mPreferredUserId = intent.getStringExtra(EXTRA_USER_ID);
Intent data = intent.getParcelableExtra(EXTRA_DATA);
if (mAppUri == null) {
Log.e(Constants.TAG, "Intent data missing. Should be Uri of app!");
finish();
return;
} else {
Log.d(Constants.TAG, "uri: " + mAppUri);
startListFragments(savedInstanceState, mAppUri, data);
}
}
private void createKey(String userId) {
String[] userIdSplit = KeyRing.splitUserId(userId);
Intent intent = new Intent(this, CreateKeyActivity.class);
intent.putExtra(CreateKeyActivity.EXTRA_NAME, userIdSplit[0]);
intent.putExtra(CreateKeyActivity.EXTRA_EMAIL, userIdSplit[1]);
startActivityForResult(intent, REQUEST_CODE_CREATE_KEY);
}
private void startListFragments(Bundle savedInstanceState, Uri dataUri, Intent data) {
// However, if we're being restored from a previous state,
// then we don't need to do anything and should return or else
// we could end up with overlapping fragments.
if (savedInstanceState != null) {
return;
}
// Create an instance of the fragments
mListFragment = SelectSignKeyIdListFragment.newInstance(dataUri, data);
// Add the fragment to the 'fragment_container' FrameLayout
// NOTE: We use commitAllowingStateLoss() to prevent weird crashes!
getSupportFragmentManager().beginTransaction()
.replace(R.id.api_select_sign_key_list_fragment, mListFragment)
.commitAllowingStateLoss();
// do it immediately!
getSupportFragmentManager().executePendingTransactions();
}
@Override
protected void initLayout() {
setContentView(R.layout.api_select_sign_key_activity);
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
// if a result has been returned, display a notify
if (data != null && data.hasExtra(OperationResult.EXTRA_RESULT)) {
OperationResult result = data.getParcelableExtra(OperationResult.EXTRA_RESULT);
result.createNotify(this).show();
}
switch (requestCode) {
case REQUEST_CODE_CREATE_KEY: {
if (resultCode == Activity.RESULT_OK) {
if (data != null && data.hasExtra(OperationResult.EXTRA_RESULT)) {
// SaveKeyringResult result = data.getParcelableExtra(OperationResult.EXTRA_RESULT);
// TODO: select?
// mSelectKeySpinner.setSelectedKeyId(result.mRingMasterKeyId);
} else {
Log.e(Constants.TAG, "missing result!");
}
}
break;
}
default: {
super.onActivityResult(requestCode, resultCode, data);
}
}
}
}

View File

@ -0,0 +1,218 @@
/*
* Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package org.sufficientlysecure.keychain.remote.ui;
import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.database.Cursor;
import android.net.Uri;
import android.os.Bundle;
import android.support.v4.app.LoaderManager;
import android.support.v4.content.CursorLoader;
import android.support.v4.content.Loader;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.ListView;
import org.openintents.openpgp.util.OpenPgpApi;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.R;
import org.sufficientlysecure.keychain.compatibility.ListFragmentWorkaround;
import org.sufficientlysecure.keychain.provider.KeychainContract;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.provider.ProviderHelper;
import org.sufficientlysecure.keychain.ui.adapter.SelectKeyCursorAdapter;
import org.sufficientlysecure.keychain.ui.widget.FixedListView;
import org.sufficientlysecure.keychain.util.Log;
public class SelectSignKeyIdListFragment extends ListFragmentWorkaround implements LoaderManager.LoaderCallbacks<Cursor> {
private static final String ARG_DATA_URI = "uri";
public static final String ARG_DATA = "data";
private SelectKeyCursorAdapter mAdapter;
private ProviderHelper mProviderHelper;
private Uri mDataUri;
/**
* Creates new instance of this fragment
*/
public static SelectSignKeyIdListFragment newInstance(Uri dataUri, Intent data) {
SelectSignKeyIdListFragment frag = new SelectSignKeyIdListFragment();
Bundle args = new Bundle();
args.putParcelable(ARG_DATA_URI, dataUri);
args.putParcelable(ARG_DATA, data);
frag.setArguments(args);
return frag;
}
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
mProviderHelper = new ProviderHelper(getActivity());
}
@Override
public View onCreateView(LayoutInflater inflater, ViewGroup container,
Bundle savedInstanceState) {
View layout = super.onCreateView(inflater, container,
savedInstanceState);
ListView lv = (ListView) layout.findViewById(android.R.id.list);
ViewGroup parent = (ViewGroup) lv.getParent();
/*
* http://stackoverflow.com/a/15880684
* Remove ListView and add FixedListView in its place.
* This is done here programatically to be still able to use the progressBar of ListFragment.
*
* We want FixedListView to be able to put this ListFragment inside a ScrollView
*/
int lvIndex = parent.indexOfChild(lv);
parent.removeViewAt(lvIndex);
FixedListView newLv = new FixedListView(getActivity());
newLv.setId(android.R.id.list);
parent.addView(newLv, lvIndex, lv.getLayoutParams());
return layout;
}
/**
* Define Adapter and Loader on create of Activity
*/
@Override
public void onActivityCreated(Bundle savedInstanceState) {
super.onActivityCreated(savedInstanceState);
mDataUri = getArguments().getParcelable(ARG_DATA_URI);
final Intent resultData = getArguments().getParcelable(ARG_DATA);
getListView().setChoiceMode(ListView.CHOICE_MODE_SINGLE);
getListView().setOnItemClickListener(new AdapterView.OnItemClickListener() {
@Override
public void onItemClick(AdapterView<?> parent, View view, int position, long id) {
long masterKeyId = mAdapter.getMasterKeyId(position);
Uri allowedKeysUri = mDataUri.buildUpon().appendPath(KeychainContract.PATH_ALLOWED_KEYS).build();
Log.d(Constants.TAG, "allowedKeysUri: " + allowedKeysUri);
mProviderHelper.addAllowedKeyIdForApp(allowedKeysUri, masterKeyId);
resultData.putExtra(OpenPgpApi.EXTRA_SIGN_KEY_ID, masterKeyId);
getActivity().setResult(Activity.RESULT_OK, resultData);
getActivity().finish();
}
});
// Give some text to display if there is no data. In a real
// application this would come from a resource.
setEmptyText(getString(R.string.list_empty));
mAdapter = new SecretKeyCursorAdapter(getActivity(), null, 0, getListView());
setListAdapter(mAdapter);
// Start out with a progress indicator.
setListShown(false);
// Prepare the loader. Either re-connect with an existing one,
// or start a new one.
getLoaderManager().initLoader(0, null, this);
}
@Override
public Loader<Cursor> onCreateLoader(int id, Bundle args) {
Uri baseUri = KeyRings.buildUnifiedKeyRingsUri();
// These are the rows that we will retrieve.
String[] projection = new String[]{
KeyRings._ID,
KeyRings.MASTER_KEY_ID,
KeyRings.USER_ID,
KeyRings.IS_EXPIRED,
KeyRings.IS_REVOKED,
KeyRings.HAS_ENCRYPT,
KeyRings.VERIFIED,
KeyRings.HAS_ANY_SECRET,
};
String selection = KeyRings.HAS_ANY_SECRET + " != 0";
String orderBy = KeyRings.USER_ID + " ASC";
// Now create and return a CursorLoader that will take care of
// creating a Cursor for the data being displayed.
return new CursorLoader(getActivity(), baseUri, projection, selection, null, orderBy);
}
@Override
public void onLoadFinished(Loader<Cursor> loader, Cursor data) {
// Swap the new cursor in. (The framework will take care of closing the
// old cursor once we return.)
mAdapter.swapCursor(data);
// The list should now be shown.
if (isResumed()) {
setListShown(true);
} else {
setListShownNoAnimation(true);
}
}
@Override
public void onLoaderReset(Loader<Cursor> loader) {
// This is called when the last Cursor provided to onLoadFinished()
// above is about to be closed. We need to make sure we are no
// longer using it.
mAdapter.swapCursor(null);
}
private class SecretKeyCursorAdapter extends SelectKeyCursorAdapter {
public SecretKeyCursorAdapter(Context context, Cursor c, int flags, ListView listView) {
super(context, c, flags, listView);
}
@Override
protected void initIndex(Cursor cursor) {
super.initIndex(cursor);
}
@Override
public void bindView(View view, Context context, Cursor cursor) {
super.bindView(view, context, cursor);
ViewHolderItem h = (ViewHolderItem) view.getTag();
h.selected.setVisibility(View.GONE);
boolean enabled = false;
if ((Boolean) h.statusIcon.getTag()) {
h.statusIcon.setVisibility(View.GONE);
enabled = true;
}
h.setEnabled(enabled);
}
}
}

View File

@ -89,79 +89,4 @@
android:layout_height="1dip" android:layout_height="1dip"
android:background="?android:attr/listDivider" /> android:background="?android:attr/listDivider" />
<org.sufficientlysecure.keychain.ui.widget.FoldableLinearLayout
android:layout_width="match_parent"
android:layout_height="match_parent"
android:layout_marginTop="16dp"
custom:foldedLabel="@string/api_settings_show_advanced"
custom:unFoldedLabel="@string/api_settings_hide_advanced">
<LinearLayout
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:padding="0dp"
android:layout_margin="0dp">
<TextView
android:paddingLeft="8dp"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_gravity="center_vertical"
android:textAppearance="?android:attr/textAppearanceMedium"
android:text="@string/label_encryption_algorithm"
android:paddingRight="8dp" />
<Spinner
android:id="@+id/api_account_settings_encryption_algorithm"
android:layout_width="match_parent"
android:layout_height="wrap_content" />
</LinearLayout>
<LinearLayout
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:padding="0dp"
android:layout_margin="0dp">
<TextView
android:paddingLeft="8dp"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_gravity="center_vertical"
android:textAppearance="?android:attr/textAppearanceMedium"
android:text="@string/label_hash_algorithm"
android:paddingRight="8dp" />
<Spinner
android:id="@+id/api_account_settings_hash_algorithm"
android:layout_width="match_parent"
android:layout_height="wrap_content" />
</LinearLayout>
<LinearLayout
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:padding="0dp"
android:layout_margin="0dp">
<TextView
android:paddingLeft="8dp"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_gravity="center_vertical"
android:textAppearance="?android:attr/textAppearanceMedium"
android:text="@string/label_message_compression"
android:paddingRight="8dp" />
<Spinner
android:id="@+id/api_account_settings_compression"
android:layout_width="match_parent"
android:layout_height="wrap_content" />
</LinearLayout>
</org.sufficientlysecure.keychain.ui.widget.FoldableLinearLayout>
</LinearLayout> </LinearLayout>

View File

@ -0,0 +1,70 @@
<?xml version="1.0" encoding="utf-8"?>
<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
android:layout_width="match_parent"
android:layout_height="match_parent">
<include
android:id="@+id/toolbar_include"
layout="@layout/toolbar_standalone" />
<LinearLayout
android:layout_below="@id/toolbar_include"
android:orientation="vertical"
android:layout_width="match_parent"
android:layout_height="match_parent">
<ScrollView
android:layout_width="match_parent"
android:layout_height="match_parent">
<!-- focusable and related properties to workaround http://stackoverflow.com/q/16182331-->
<LinearLayout
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:focusable="true"
android:focusableInTouchMode="true"
android:descendantFocusability="beforeDescendants"
android:padding="16dp"
android:orientation="vertical">
<TextView
android:id="@+id/api_select_sign_key_list_text"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:paddingBottom="3dip"
android:text="@string/api_select_sign_key_text"
android:textAppearance="?android:attr/textAppearanceMedium" />
<FrameLayout
android:id="@+id/api_select_sign_key_list_fragment"
android:layout_width="match_parent"
android:layout_height="wrap_content" />
<View
android:layout_width="match_parent"
android:layout_height="1dip"
android:background="?android:attr/listDivider" />
<TextView
android:id="@+id/api_select_sign_key_create_key"
android:background="?android:selectableItemBackground"
android:paddingLeft="8dp"
android:paddingRight="8dp"
android:textAppearance="?android:attr/textAppearanceMedium"
android:layout_width="match_parent"
android:text="@string/api_settings_create_key"
android:layout_height="?android:attr/listPreferredItemHeight"
android:drawableLeft="@drawable/ic_key_plus_grey600_24dp"
android:drawablePadding="8dp"
android:gravity="center_vertical"
android:clickable="true" />
<View
android:layout_width="match_parent"
android:layout_height="1dip"
android:background="?android:attr/listDivider" />
</LinearLayout>
</ScrollView>
</LinearLayout>
</RelativeLayout>

View File

@ -491,7 +491,7 @@
<string name="api_settings_hide_advanced">"Hide advanced settings"</string> <string name="api_settings_hide_advanced">"Hide advanced settings"</string>
<string name="api_settings_no_key">"No key selected"</string> <string name="api_settings_no_key">"No key selected"</string>
<string name="api_settings_select_key">"Select key"</string> <string name="api_settings_select_key">"Select key"</string>
<string name="api_settings_create_key">"Create new key for this account"</string> <string name="api_settings_create_key">"Create new key"</string>
<string name="api_settings_save">"Save"</string> <string name="api_settings_save">"Save"</string>
<string name="api_settings_save_msg">"Account has been saved"</string> <string name="api_settings_save_msg">"Account has been saved"</string>
<string name="api_settings_cancel">"Cancel"</string> <string name="api_settings_cancel">"Cancel"</string>
@ -517,6 +517,7 @@
<string name="api_select_pub_keys_text">"Please review the list of recipients!"</string> <string name="api_select_pub_keys_text">"Please review the list of recipients!"</string>
<string name="api_select_pub_keys_text_no_user_ids">"Please select the recipients!"</string> <string name="api_select_pub_keys_text_no_user_ids">"Please select the recipients!"</string>
<string name="api_error_wrong_signature">"Signature check failed! Have you installed this app from a different source? If you are sure that this is not an attack, revoke this app's registration in OpenKeychain and then register the app again."</string> <string name="api_error_wrong_signature">"Signature check failed! Have you installed this app from a different source? If you are sure that this is not an attack, revoke this app's registration in OpenKeychain and then register the app again."</string>
<string name="api_select_sign_key_text">"Please select one of your existing keys or create a new one."</string>
<!-- Share --> <!-- Share -->
<string name="share_qr_code_dialog_title">"Share with QR Code"</string> <string name="share_qr_code_dialog_title">"Share with QR Code"</string>