Due to compatiblity switch from SHA512 to SHA256

author: Dominik Schürmann <dominik@dominikschuermann.de> 2014-09-07 17:58:28 +0200
committer: Dominik Schürmann <dominik@dominikschuermann.de> 2014-09-07 17:58:28 +0200
commit: d172058150601c8ae6a3816c936e18685063389f (patch)
tree: 4b24b6d48184740ffb17ff519fabb95119b7052d
parent: c026dac8fc9d1afede0fb7fb0179a634d14b612e (diff)
download: open-keychain-d172058150601c8ae6a3816c936e18685063389f.tar.gz
open-keychain-d172058150601c8ae6a3816c936e18685063389f.tar.bz2
open-keychain-d172058150601c8ae6a3816c936e18685063389f.zip
4 files changed, 57 insertions, 38 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
index 5d5f0ab1a..25f031402 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/Constants.java
@@ -71,7 +71,7 @@ public final class Constants {
         public static final String PASSPHRASE_CACHE_TTL = "passphraseCacheTtl";
         public static final String LANGUAGE = "language";
         public static final String KEY_SERVERS = "keyServers";
-        public static final String KEY_SERVERS_DEFAULT_VERSION = "keyServersDefaultVersion";
+        public static final String PREF_DEFAULT_VERSION = "keyServersDefaultVersion";
         public static final String WRITE_VERSION_HEADER = "writeVersionHeader";
         public static final String FIRST_TIME = "firstTime";
         public static final String SHOW_ADVANCED_TABS = "showAdvancedTabs";
@@ -83,7 +83,7 @@ public final class Constants {
 
     public static final class Defaults {
         public static final String KEY_SERVERS = "hkps://hkps.pool.sks-keyservers.net, hkps://pgp.mit.edu";
-        public static final int KEY_SERVERS_VERSION = 3;
+        public static final int PREF_VERSION = 4;
     }
 
     public static final class DrawerItems {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java
index af7bdbdd2..6e16c8c54 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/helper/Preferences.java
@@ -29,7 +29,6 @@ import org.sufficientlysecure.keychain.Constants.Pref;
 
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Iterator;
 import java.util.ListIterator;
 import java.util.Vector;
 
@@ -94,7 +93,7 @@ public class Preferences {
 
     public int getDefaultHashAlgorithm() {
         return mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM,
-                HashAlgorithmTags.SHA512);
+                HashAlgorithmTags.SHA256);
     }
 
     public void setDefaultHashAlgorithm(int value) {
@@ -237,43 +236,63 @@ public class Preferences {
     }
 
     public void updatePreferences() {
-        // migrate keyserver to hkps
-        if (mSharedPreferences.getInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, 0) !=
-                Constants.Defaults.KEY_SERVERS_VERSION) {
-            String[] serversArray = getKeyServers();
-            ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
-            ListIterator<String> it = servers.listIterator();
-            while (it.hasNext()) {
-                String server = it.next();
-                if (server == null) {
-                    continue;
+        if (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0) !=
+                Constants.Defaults.PREF_VERSION) {
+            switch (mSharedPreferences.getInt(Constants.Pref.PREF_DEFAULT_VERSION, 0)) {
+                case 1:
+                    // fall through
+                case 2:
+                    // fall through
+                case 3: {
+                    // migrate keyserver to hkps
+                    String[] serversArray = getKeyServers();
+                    ArrayList<String> servers = new ArrayList<String>(Arrays.asList(serversArray));
+                    ListIterator<String> it = servers.listIterator();
+                    while (it.hasNext()) {
+                        String server = it.next();
+                        if (server == null) {
+                            continue;
+                        }
+                        if (server.equals("pool.sks-keyservers.net")) {
+                            // use HKPS!
+                            it.set("hkps://hkps.pool.sks-keyservers.net");
+                        } else if (server.equals("pgp.mit.edu")) {
+                            // use HKPS!
+                            it.set("hkps://pgp.mit.edu");
+                        } else if (server.equals("subkeys.pgp.net")) {
+                            // remove, because often down and no HKPS!
+                            it.remove();
+                        }
+
+                    }
+                    setKeyServers(servers.toArray(new String[servers.size()]));
+
+                    // migrate old uncompressed constant to new one
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0)
+                            == 0x21070001) {
+                        setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
+                    }
+
+                    // migrate away from MD5
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
+                            == HashAlgorithmTags.MD5) {
+                        setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
+                    }
                 }
-                if (server.equals("pool.sks-keyservers.net")) {
-                    // use HKPS!
-                    it.set("hkps://hkps.pool.sks-keyservers.net");
-                } else if (server.equals("pgp.mit.edu")) {
-                    // use HKPS!
-                    it.set("hkps://pgp.mit.edu");
-                } else if (server.equals("subkeys.pgp.net")) {
-                    // remove, because often down and no HKPS!
-                    it.remove();
+                // fall through
+                case 4: {
+                    // for compatibility: change from SHA512 to SHA256
+                    if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0)
+                            == HashAlgorithmTags.SHA512) {
+                        setDefaultHashAlgorithm(HashAlgorithmTags.SHA256);
+                    }
                 }
-
             }
-            setKeyServers(servers.toArray(new String[servers.size()]));
+
+            // write new preference version
             mSharedPreferences.edit()
-                    .putInt(Constants.Pref.KEY_SERVERS_DEFAULT_VERSION, Constants.Defaults.KEY_SERVERS_VERSION)
+                    .putInt(Constants.Pref.PREF_DEFAULT_VERSION, Constants.Defaults.PREF_VERSION)
                     .commit();
         }
-
-        // migrate old uncompressed constant to new one
-        if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_FILE_COMPRESSION, 0) == 0x21070001) {
-            setDefaultFileCompression(CompressionAlgorithmTags.UNCOMPRESSED);
-        }
-
-        // migrate away from MD5
-        if (mSharedPreferences.getInt(Constants.Pref.DEFAULT_HASH_ALGORITHM, 0) == HashAlgorithmTags.MD5) {
-            setDefaultHashAlgorithm(HashAlgorithmTags.SHA512);
-        }
     }
 }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 5b78d4a03..ddb00305a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -125,7 +125,7 @@ public class PgpKeyOperation {
      * http://kbsriram.com/2013/01/generating-rsa-keys-with-bouncycastle.html
      */
     private static final int SECRET_KEY_ENCRYPTOR_S2K_COUNT = 0x60;
-    private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA512;
+    private static final int SECRET_KEY_ENCRYPTOR_HASH_ALGO = HashAlgorithmTags.SHA256;
     private static final int SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO = SymmetricKeyAlgorithmTags.AES_256;
 
     public PgpKeyOperation(Progressable progress) {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java
index d6013b49d..6cffeeb53 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/AccountSettings.java
@@ -39,7 +39,7 @@ public class AccountSettings {
 
         // defaults:
         this.mEncryptionAlgorithm = PGPEncryptedData.AES_256;
-        this.mHashAlgorithm = HashAlgorithmTags.SHA512;
+        this.mHashAlgorithm = HashAlgorithmTags.SHA256;
         this.mCompression = CompressionAlgorithmTags.ZLIB;
     }
author	Dominik Schürmann <dominik@dominikschuermann.de>	2014-09-07 17:58:28 +0200
committer	Dominik Schürmann <dominik@dominikschuermann.de>	2014-09-07 17:58:28 +0200
commit	d172058150601c8ae6a3816c936e18685063389f (patch)
tree	4b24b6d48184740ffb17ff519fabb95119b7052d
parent	c026dac8fc9d1afede0fb7fb0179a634d14b612e (diff)
download	open-keychain-d172058150601c8ae6a3816c936e18685063389f.tar.gz open-keychain-d172058150601c8ae6a3816c936e18685063389f.tar.bz2 open-keychain-d172058150601c8ae6a3816c936e18685063389f.zip