diff options
| author | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-08-28 17:08:10 +0200 |
|---|---|---|
| committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-08-28 17:08:10 +0200 |
| commit | 25699846018577576e83dce6fc4b5cd3655b65c3 (patch) | |
| tree | b7b1c24dd0e2370efde2f9435b3e2e2ab4e91186 | |
| parent | 765ec094c9415fcaddd65b7b743179b2ea7dc098 (diff) | |
| parent | 298e42d3aa5a4d78778df08aab3634a7c771d361 (diff) | |
| download | open-keychain-25699846018577576e83dce6fc4b5cd3655b65c3.tar.gz open-keychain-25699846018577576e83dce6fc4b5cd3655b65c3.tar.bz2 open-keychain-25699846018577576e83dce6fc4b5cd3655b65c3.zip | |
Merge branch 'master' of https://github.com/mgeier63/open-keychain into mgeier63-master
4 files changed, 207 insertions, 271 deletions
diff --git a/OpenKeychain/src/main/AndroidManifest.xml b/OpenKeychain/src/main/AndroidManifest.xml index f8708722a..02cdacb6e 100644 --- a/OpenKeychain/src/main/AndroidManifest.xml +++ b/OpenKeychain/src/main/AndroidManifest.xml @@ -760,8 +760,9 @@ android:configChanges="orientation|screenSize|keyboardHidden|keyboard" android:exported="false" /> - <!-- OpenPGP Remote API, this service has explicitly no permission requirements - because we are using our own package based allow/disallow system --> + <!-- DEPRECATED service, + using this service may lead to truncated data being returned to the caller + --> <service android:name=".remote.OpenPgpService" android:enabled="true" @@ -773,6 +774,19 @@ </intent-filter> </service> + <!-- OpenPGP Remote API, this service has explicitly no permission requirements + because we are using our own package based allow/disallow system --> + <service + android:name=".remote.OpenPgpService2" + android:enabled="true" + android:exported="true" + android:process=":remote_api_2" + tools:ignore="ExportedService"> + <intent-filter> + <action android:name="org.openintents.openpgp.IOpenPgpService2" /> + </intent-filter> + </service> + <!-- Contact Sync services --> <service android:name=".service.DummyAccountService" diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java index 49079f585..cc4a08fb4 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java @@ -25,6 +25,7 @@ import android.net.Uri; import android.os.IBinder; import android.os.ParcelFileDescriptor; import android.os.Parcelable; +import android.support.annotation.Nullable; import android.text.TextUtils; import org.openintents.openpgp.IOpenPgpService; @@ -842,67 +843,8 @@ public class OpenPgpService extends RemoteService { private final IOpenPgpService.Stub mBinder = new IOpenPgpService.Stub() { @Override public Intent execute(Intent data, ParcelFileDescriptor input, ParcelFileDescriptor output) { - try { - Intent errorResult = checkRequirements(data); - if (errorResult != null) { - return errorResult; - } - - String action = data.getAction(); - switch (action) { - case OpenPgpApi.ACTION_CLEARTEXT_SIGN: { - return signImpl(data, input, output, true); - } - case OpenPgpApi.ACTION_SIGN: { - // DEPRECATED: same as ACTION_CLEARTEXT_SIGN - Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!"); - return signImpl(data, input, output, true); - } - case OpenPgpApi.ACTION_DETACHED_SIGN: { - return signImpl(data, input, output, false); - } - case OpenPgpApi.ACTION_ENCRYPT: { - return encryptAndSignImpl(data, input, output, false); - } - case OpenPgpApi.ACTION_SIGN_AND_ENCRYPT: { - return encryptAndSignImpl(data, input, output, true); - } - case OpenPgpApi.ACTION_DECRYPT_VERIFY: { - return decryptAndVerifyImpl(data, input, output, false); - } - case OpenPgpApi.ACTION_DECRYPT_METADATA: { - return decryptAndVerifyImpl(data, input, output, true); - } - case OpenPgpApi.ACTION_GET_SIGN_KEY_ID: { - return getSignKeyIdImpl(data); - } - case OpenPgpApi.ACTION_GET_KEY_IDS: { - return getKeyIdsImpl(data); - } - case OpenPgpApi.ACTION_GET_KEY: { - return getKeyImpl(data); - } - default: { - return null; - } - } - } finally { - // always close input and output file descriptors even in error cases - if (input != null) { - try { - input.close(); - } catch (IOException e) { - Log.e(Constants.TAG, "IOException when closing input ParcelFileDescriptor", e); - } - } - if (output != null) { - try { - output.close(); - } catch (IOException e) { - Log.e(Constants.TAG, "IOException when closing output ParcelFileDescriptor", e); - } - } - } + Log.w(Constants.TAG, "You are using a deprecated service which may lead to truncated data on return, please use IOpenPgpService2!"); + return executeInternal(data, input, output); } }; @@ -912,4 +854,69 @@ public class OpenPgpService extends RemoteService { return mBinder; } + + + protected Intent executeInternal(Intent data, ParcelFileDescriptor input, ParcelFileDescriptor output) { + try { + Intent errorResult = checkRequirements(data); + if (errorResult != null) { + return errorResult; + } + + String action = data.getAction(); + switch (action) { + case OpenPgpApi.ACTION_CLEARTEXT_SIGN: { + return signImpl(data, input, output, true); + } + case OpenPgpApi.ACTION_SIGN: { + // DEPRECATED: same as ACTION_CLEARTEXT_SIGN + Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!"); + return signImpl(data, input, output, true); + } + case OpenPgpApi.ACTION_DETACHED_SIGN: { + return signImpl(data, input, output, false); + } + case OpenPgpApi.ACTION_ENCRYPT: { + return encryptAndSignImpl(data, input, output, false); + } + case OpenPgpApi.ACTION_SIGN_AND_ENCRYPT: { + return encryptAndSignImpl(data, input, output, true); + } + case OpenPgpApi.ACTION_DECRYPT_VERIFY: { + return decryptAndVerifyImpl(data, input, output, false); + } + case OpenPgpApi.ACTION_DECRYPT_METADATA: { + return decryptAndVerifyImpl(data, input, output, true); + } + case OpenPgpApi.ACTION_GET_SIGN_KEY_ID: { + return getSignKeyIdImpl(data); + } + case OpenPgpApi.ACTION_GET_KEY_IDS: { + return getKeyIdsImpl(data); + } + case OpenPgpApi.ACTION_GET_KEY: { + return getKeyImpl(data); + } + default: { + return null; + } + } + } finally { + // always close input and output file descriptors even in error cases + if (input != null) { + try { + input.close(); + } catch (IOException e) { + Log.e(Constants.TAG, "IOException when closing input ParcelFileDescriptor", e); + } + } + if (output != null) { + try { + output.close(); + } catch (IOException e) { + Log.e(Constants.TAG, "IOException when closing output ParcelFileDescriptor", e); + } + } + } + } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService2.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService2.java new file mode 100644 index 000000000..317d4dd73 --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService2.java @@ -0,0 +1,120 @@ +/* + * Copyright (C) 2013-2015 Dominik Schürmann <dominik@dominikschuermann.de> + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +package org.sufficientlysecure.keychain.remote; + +import android.app.PendingIntent; +import android.content.Context; +import android.content.Intent; +import android.database.Cursor; +import android.net.Uri; +import android.os.Binder; +import android.os.IBinder; +import android.os.ParcelFileDescriptor; +import android.os.Parcelable; +import android.text.TextUtils; + +import org.openintents.openpgp.IOpenPgpService2; +import org.openintents.openpgp.OpenPgpDecryptionResult; +import org.openintents.openpgp.OpenPgpError; +import org.openintents.openpgp.OpenPgpMetadata; +import org.openintents.openpgp.OpenPgpSignatureResult; +import org.openintents.openpgp.util.OpenPgpApi; +import org.sufficientlysecure.keychain.Constants; +import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult; +import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel; +import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult; +import org.sufficientlysecure.keychain.pgp.PgpDecryptVerify; +import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel; +import org.sufficientlysecure.keychain.pgp.PgpSecurityConstants; +import org.sufficientlysecure.keychain.pgp.PgpSignEncryptInputParcel; +import org.sufficientlysecure.keychain.pgp.PgpSignEncryptOperation; +import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException; +import org.sufficientlysecure.keychain.provider.KeychainContract; +import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAccounts; +import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings; +import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables; +import org.sufficientlysecure.keychain.provider.ProviderHelper; +import org.sufficientlysecure.keychain.remote.ui.RemoteServiceActivity; +import org.sufficientlysecure.keychain.remote.ui.SelectAllowedKeysActivity; +import org.sufficientlysecure.keychain.remote.ui.SelectSignKeyIdActivity; +import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; +import org.sufficientlysecure.keychain.service.input.RequiredInputParcel; +import org.sufficientlysecure.keychain.ui.ImportKeysActivity; +import org.sufficientlysecure.keychain.ui.NfcOperationActivity; +import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity; +import org.sufficientlysecure.keychain.ui.ViewKeyActivity; +import org.sufficientlysecure.keychain.util.InputData; +import org.sufficientlysecure.keychain.util.Log; +import org.sufficientlysecure.keychain.util.Passphrase; + +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.util.ArrayList; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; + +public class OpenPgpService2 extends OpenPgpService { + + + + private Map<Long, ParcelFileDescriptor> mOutputPipeMap = new HashMap<Long, ParcelFileDescriptor>(); + + private long createKey(int id) { + int callingPid = Binder.getCallingPid(); + return ((long) callingPid << 32) | ((long) id & 0xFFFFFFFL); + } + + private final IOpenPgpService2.Stub mBinder = new IOpenPgpService2.Stub() { + + @Override + public ParcelFileDescriptor createOutputPipe(int outputPipeId) { + try { + ParcelFileDescriptor[] pipe = ParcelFileDescriptor.createPipe(); + mOutputPipeMap.put(createKey(outputPipeId), pipe[1]); + return pipe[0]; + } catch (IOException e) { + e.printStackTrace(); + return null; + } + + } + + @Override + public Intent execute(Intent data, ParcelFileDescriptor input,int outputPipeId) { + long key = createKey(outputPipeId); + ParcelFileDescriptor output = mOutputPipeMap.get(key); + mOutputPipeMap.remove(key); + return executeInternal(data, input, output); + } + + + + + }; + + @Override + public IBinder onBind(Intent intent) { + return mBinder; + } + + + +} @@ -1,212 +1,7 @@ # OpenKeychain (for Android) -OpenKeychain is an OpenPGP implementation for Android. -For a more detailed description and installation instructions go to http://www.openkeychain.org . +This is a fork of [OpenPGP API](http://github.com/open-keychain/open-keychain) -### Branches -* The development of OpenKeychain happens in the "master" branch. -* For every release a new branch, e.g., "3.2-fixes" is created to backport fixes from "master" +It has been patched to address [this bug](https://github.com/open-keychain/open-keychain/issues/1504) -### Travis CI Build Status of master branch - -[](https://travis-ci.org/open-keychain/open-keychain) - -## How to help the project? - -### Translate the application - -Translations are managed at Transifex, please contribute there at https://www.transifex.com/projects/p/open-keychain/ - -### Contribute Code - -1. Lookout for interesting issues on Github. We have tagged issues were we explicitly like to see contributions: https://github.com/open-keychain/open-keychain/labels/help-wanted -2. Read this README, especially the notes about coding style -3. Fork OpenKeychain and contribute code (the best part :sunglasses: ) -4. Open a pull request on Github. We will help with occuring problems and merge your changes back into the main project. -5. PROFIT - -### For bigger changes - -1. Join the development mailinglist at http://groups.google.com/d/forum/openpgp-keychain-dev -2. Propose bigger changes and discuss the consequences - -I am happy about every code contribution and appreciate your effort to help us developing OpenKeychain! - -## Development - -Development mailinglist at http://groups.google.com/d/forum/openpgp-keychain-dev - -### Build with Gradle - -1. Clone the project from GitHub -2. Get all external submodules with ``git submodule update --init --recursive`` -3. Have Android SDK "tools", "platform-tools", and "build-tools" directories in your PATH (http://developer.android.com/sdk/index.html) -4. Open the Android SDK Manager (shell command: ``android``). -Expand the Tools directory and select "Android SDK Build-tools (Version 21.1.2)". -Expand the Extras directory and install "Android Support Repository" -Select everything for the newest SDK Platform, API 22, and also API 21 -5. Export ANDROID_HOME pointing to your Android SDK -6. Execute ``./gradlew build`` -7. You can install the app with ``adb install -r OpenKeychain/build/outputs/apk/OpenKeychain-debug-unaligned.apk`` - -### Run Tests -1. Use OpenJDK instead of Oracle JDK -2. Execute ``./gradlew clean testDebug --continue`` - -### Run Jacoco Test Coverage -1. Use OpenJDK instead of Oracle JDK -2. Execute ``./gradlew clean testDebug jacocoTestReport`` -3. Report is here: OpenKeychain/build/reports/jacoco/jacocoTestReport/html/index.html - -### Development with Android Studio - -We are using the newest [Android Studio](http://developer.android.com/sdk/installing/studio.html) for development. Development with Eclipse is currently not possible because we are using the new [project structure](http://developer.android.com/sdk/installing/studio-tips.html). - -1. Clone the project from Github -2. Get all external submodules with ``git submodule update --init --recursive`` -3. From Android Studio: File -> Import Project -> Select the cloned top folder - -## Libraries - -### Bouncy Castle - -#### Spongy Castle - -Spongy Castle is the stock Bouncy Castle libraries with a couple of small changes to make it work on Android. OpenKeychain uses a forked version with some small changes. These changes will been sent to Bouncy Castle, and Spongy Castle will be used again when they have filtered down. - -see -* Fork: https://github.com/openpgp-keychain/spongycastle -* Spongy Castle: http://rtyley.github.com/spongycastle/ - -#### Bouncy Castle resources - -* Repository: https://github.com/bcgit/bc-java -* Issue tracker: http://www.bouncycastle.org/jira/browse/BJA - -#### Documentation -* Documentation project at http://www.cryptoworkshop.com/guide/ -* Tests in https://github.com/bcgit/bc-java/tree/master/pg/src/test/java/org/bouncycastle/openpgp/test -* Examples in https://github.com/bcgit/bc-java/tree/master/pg/src/main/java/org/bouncycastle/openpgp/examples -* Mailinglist Archive at http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html -* Commit changelog of pg subpackage: https://github.com/bcgit/bc-java/commits/master/pg - -## Build System - -We try to make our builds as [reproducible/deterministic](https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise) as possible. - -#### Update Gradle version -* Always use a fixed Android Gradle plugin version not a dynamic one, e.g. ``0.7.3`` instead of ``0.7.+`` (allows offline builds without lookups for new versions, also some minor Android plugin versions had serious issues, i.e. [0.7.2 and 0.8.1](http://tools.android.com/tech-docs/new-build-system)) -* Update every build.gradle file with the new gradle version and/or gradle plugin version - * build.gradle - * OpenKeychain/build.gradle -* run ./gradlew wrapper twice to update gradle and download the new gradle jar file -* commit the corresponding [Gradle wrapper](http://www.gradle.org/docs/current/userguide/gradle_wrapper.html) to the repository (allows easy building for new contributors without the need to install the required Gradle version using a package manager) - -#### Update SDK and Build Tools -* Open build.gradle and change: -``` -ext { - compileSdkVersion = 21 - buildToolsVersion = '21.1.2' -} -``` -* Change SDK and Build Tools in git submodules "openkeychain-api-lib" and "openpgp-api-lib" manually. They should also build on their own without the ext variables. - -#### Add new library -* You can add the library as a Maven dependency or as a git submodule (if patches are required) in the "extern" folder. -* If added as a Maven dependency, pin the library using [Gradle Witness](https://github.com/WhisperSystems/gradle-witness) (Do ``./gradlew -q calculateChecksums`` for Trust on First Use) -* If added as a git submodule, change the ``compileSdkVersion`` and ``buildToolsVersion`` in build.gradle to use the variables from the root project: -``` -android { - compileSdkVersion rootProject.ext.compileSdkVersion - buildToolsVersion rootProject.ext.buildToolsVersion -} -``` -* You can check for wrong ``compileSdkVersion`` by ``find -name build.gradle | xargs grep compileSdkVersion`` - -#### Slow Gradle? - -* https://www.timroes.de/2013/09/12/speed-up-gradle/ -* Disable Lint checking if it is enabled in build.gradle - -#### Error:Configuration with name 'default' not found. - -Gradle project dependencies are missing. Do a ``git submodule init && git submodule update`` - -#### Build on Mac OS X fails? - -Try exporting JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF8" - -## Translations - -Translations are hosted on Transifex, which is configured by ".tx/config". - -1. To pull newest translations install transifex client (e.g. ``apt-get install transifex-client``) -2. Config Transifex client with "~/.transifexrc" -3. Go into root folder of git repo -4. execute ``tx pull -af --skip`` - -see http://help.transifex.net/features/client/index.html#user-client - -## Coding Style - -### Code -* Indentation: 4 spaces, no tabs. -* Maximum line width for code and comments: 100. -* Opening braces don't go on their own line. -* Field names: Non-public, non-static fields start with m. -* Acronyms are words: Treat acronyms as words in names, yielding !XmlHttpRequest, getUrl(), etc. -* Fully Qualify Imports: Do *not* use wildcard-imports such as ``import foo.*;`` -* Android Studio warnings should be fixed, or suppressed if they are incorrect. - -The full coding style can be found at http://source.android.com/source/code-style.html - -### Automated syntax check with CheckStyle - -#### Linux -1. Paste the `tools/checkstyle.xml` file to `~/.AndroidStudioPreview/config/codestyles/` -2. Go to Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again. -3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first. - -#### Mac OSX -1. Paste the `tools/checkstyle.xml` file to `~/Library/Preferences/AndroidStudioPreview/codestyles` -2. Go to Preferences > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again. -3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first. - -#### Windows -1. Paste the `tools/checkstyle.xml` file to `C:\Users\<UserName>\.AndroidStudioPreview\config\codestyles` -2. Go to File > Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again. -3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio. - -## Licenses -OpenKechain is licensed under GPLv3+. -The full license text can be found in the [LICENSE file](https://github.com/open-keychain/open-keychain/blob/HEAD/LICENSE). -Some parts and some libraries are Apache License v2, MIT X11 License (see below). - -> This program is free software: you can redistribute it and/or modify -> it under the terms of the GNU General Public License as published by -> the Free Software Foundation, either version 3 of the License, or -> (at your option) any later version. -> -> This program is distributed in the hope that it will be useful, -> but WITHOUT ANY WARRANTY; without even the implied warranty of -> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -> GNU General Public License for more details. -> -> You should have received a copy of the GNU General Public License -> along with this program. If not, see <http://www.gnu.org/licenses/>. - - -### Libraries - -See [In-app about screen](https://github.com/open-keychain/open-keychain/blob/HEAD/OpenKeychain/src/main/res/raw/help_about.md) - -### Images -* Actionbar icons - http://developer.android.com/design/downloads/index.html#action-bar-icon-pack - -* QR Code Actionbar icon - https://github.com/openintents/openintents/blob/master/extensions/qrcode_ext/icons/ic_menu_qr_code/ic_menu_qr_code_holo_light/ic_menu_qr_code.svg - -* Key status icons by the ModernPGP working group - https://github.com/ModernPGP +See also [this pull request](https://github.com/open-keychain/openpgp-api/pull/3)
\ No newline at end of file |