diff options
| author | Dominik Schürmann <dominik@dominikschuermann.de> | 2014-03-18 15:56:46 +0100 |
|---|---|---|
| committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2014-03-18 15:56:46 +0100 |
| commit | d1f037462062b56b251702e7c577228519c924b9 (patch) | |
| tree | 07e88da064c09ac69cd5d0f7c3e41a6635819a87 | |
| parent | 72a5d6d87088ac690f5eaaffec52c2553a071929 (diff) | |
| parent | fee18bd33e56a90f3d0df9d39dc70b3a2bf30132 (diff) | |
| download | open-keychain-d1f037462062b56b251702e7c577228519c924b9.tar.gz open-keychain-d1f037462062b56b251702e7c577228519c924b9.tar.bz2 open-keychain-d1f037462062b56b251702e7c577228519c924b9.zip | |
Merge pull request #424 from gogowitczak/mro-branch
Machine readable output for Keyserver query
3 files changed, 117 insertions, 59 deletions
diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java index 436c26700..b93c68677 100644 --- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java +++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java @@ -477,7 +477,7 @@ public class PgpKeyHelper { * @return */ public static String convertKeyIdToHex(long keyId) { - return "0x" + convertKeyIdToHex32bit(keyId >> 32) + convertKeyIdToHex32bit(keyId); + return "0x" + ((keyId >> 32) > 0 ? convertKeyIdToHex32bit(keyId >> 32) : "") + convertKeyIdToHex32bit(keyId); } private static String convertKeyIdToHex32bit(long keyId) { @@ -498,7 +498,7 @@ public class PgpKeyHelper { int len = hexString.length(); String s2 = hexString.substring(len - 8); String s1 = hexString.substring(0, len - 8); - return (Long.parseLong(s1, 16) << 32) | Long.parseLong(s2, 16); + return ((!s1.isEmpty() ? Long.parseLong(s1, 16) << 32 : 0) | Long.parseLong(s2, 16)); } /** diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/ImportKeysListEntry.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/ImportKeysListEntry.java index 19f0d1eaf..05521b0c9 100644 --- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/ImportKeysListEntry.java +++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/ui/adapter/ImportKeysListEntry.java @@ -19,6 +19,7 @@ package org.sufficientlysecure.keychain.ui.adapter; import android.os.Parcel; import android.os.Parcelable; +import android.util.SparseArray; import org.spongycastle.openpgp.PGPKeyRing; import org.spongycastle.openpgp.PGPPublicKey; import org.spongycastle.openpgp.PGPSecretKeyRing; @@ -171,20 +172,31 @@ public class ImportKeysListEntry implements Serializable, Parcelable { .getFingerprint(), true); this.hexKeyId = PgpKeyHelper.convertKeyIdToHex(keyId); this.bitStrength = pgpKeyRing.getPublicKey().getBitStrength(); - int algorithm = pgpKeyRing.getPublicKey().getAlgorithm(); - if (algorithm == PGPPublicKey.RSA_ENCRYPT || algorithm == PGPPublicKey.RSA_GENERAL - || algorithm == PGPPublicKey.RSA_SIGN) { - this.algorithm = "RSA"; - } else if (algorithm == PGPPublicKey.DSA) { - this.algorithm = "DSA"; - } else if (algorithm == PGPPublicKey.ELGAMAL_ENCRYPT - || algorithm == PGPPublicKey.ELGAMAL_GENERAL) { - this.algorithm = "ElGamal"; - } else if (algorithm == PGPPublicKey.EC || algorithm == PGPPublicKey.ECDSA) { - this.algorithm = "ECC"; - } else { - // TODO: with resources - this.algorithm = "unknown"; - } + final int algorithm = pgpKeyRing.getPublicKey().getAlgorithm(); + this.algorithm = getAlgorithmFromId(algorithm); + } + + /** + * Based on <a href="http://tools.ietf.org/html/rfc2440#section-9.1">OpenPGP Message Format</a> + */ + private final static SparseArray<String> ALGORITHM_IDS = new SparseArray<String>() {{ + put(-1, "unknown"); // TODO: with resources + put(0, "unencrypted"); + put(PGPPublicKey.RSA_GENERAL, "RSA"); + put(PGPPublicKey.RSA_ENCRYPT, "RSA"); + put(PGPPublicKey.RSA_SIGN, "RSA"); + put(PGPPublicKey.ELGAMAL_ENCRYPT, "ElGamal"); + put(PGPPublicKey.ELGAMAL_GENERAL, "ElGamal"); + put(PGPPublicKey.DSA, "DSA"); + put(PGPPublicKey.EC, "ECC"); + put(PGPPublicKey.ECDSA, "ECC"); + put(PGPPublicKey.ECDH, "ECC"); + }}; + + /** + * Based on <a href="http://tools.ietf.org/html/rfc2440#section-9.1">OpenPGP Message Format</a> + */ + public static String getAlgorithmFromId(int algorithmId) { + return (ALGORITHM_IDS.get(algorithmId) != null ? ALGORITHM_IDS.get(algorithmId) : ALGORITHM_IDS.get(-1)); } } diff --git a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/util/HkpKeyServer.java b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/util/HkpKeyServer.java index 42fb03a3e..a354d19e8 100644 --- a/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/util/HkpKeyServer.java +++ b/OpenPGP-Keychain/src/main/java/org/sufficientlysecure/keychain/util/HkpKeyServer.java @@ -43,13 +43,8 @@ import java.util.*; import java.util.regex.Matcher; import java.util.regex.Pattern; -/** - * TODO: - * rewrite to use machine readable output. - * <p/> - * see http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5 - * https://github.com/openpgp-keychain/openpgp-keychain/issues/259 - */ +import static org.sufficientlysecure.keychain.ui.adapter.ImportKeysListEntry.getAlgorithmFromId; + public class HkpKeyServer extends KeyServer { private static class HttpError extends Exception { private static final long serialVersionUID = 1718783705229428893L; @@ -74,16 +69,64 @@ public class HkpKeyServer extends KeyServer { private String mHost; private short mPort; - // example: - // pub 2048R/<a href="/pks/lookup?op=get&search=0x887DF4BE9F5C9090">9F5C9090</a> 2009-08-17 <a - // href="/pks/lookup?op=vindex&search=0x887DF4BE9F5C9090">Jörg Runge - // <joerg@joergrunge.de></a> + /** + * pub:%keyid%:%algo%:%keylen%:%creationdate%:%expirationdate%:%flags% + * <ul> + * <li>%<b>keyid</b>% = this is either the fingerprint or the key ID of the key. Either the 16-digit or 8-digit + * key IDs are acceptable, but obviously the fingerprint is best.</li> + * <li>%<b>algo</b>% = the algorithm number, (i.e. 1==RSA, 17==DSA, etc). + * See <a href="http://tools.ietf.org/html/rfc2440#section-9.1">RFC-2440</a></li> + * <li>%<b>keylen</b>% = the key length (i.e. 1024, 2048, 4096, etc.)</li> + * <li>%<b>creationdate</b>% = creation date of the key in standard + * <a href="http://tools.ietf.org/html/rfc2440#section-9.1">RFC-2440</a> form (i.e. number of seconds since + * 1/1/1970 UTC time)</li> + * <li>%<b>expirationdate</b>% = expiration date of the key in standard + * <a href="http://tools.ietf.org/html/rfc2440#section-9.1">RFC-2440</a> form (i.e. number of seconds since + * 1/1/1970 UTC time)</li> + * <li>%<b>flags</b>% = letter codes to indicate details of the key, if any. Flags may be in any order. The + * meaning of "disabled" is implementation-specific. Note that individual flags may be unimplemented, so + * the absence of a given flag does not necessarily mean the absence of the detail. + * <ul> + * <li>r == revoked</li> + * <li>d == disabled</li> + * <li>e == expired</li> + * </ul> + * </li> + * </ul> + * + * @see <a href="http://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5.2">5.2. Machine Readable Indexes</a> + * in Internet-Draft OpenPGP HTTP Keyserver Protocol Document + */ public static final Pattern PUB_KEY_LINE = Pattern - .compile( - "pub +([0-9]+)([a-z]+)/.*?0x([0-9a-z]+).*? +([0-9-]+) +(.+)[\n\r]+((?: +.+[\n\r]+)*)", + .compile("pub:([0-9a-fA-F]+):([0-9]+):([0-9]+):([0-9]+):([0-9]*):([rde]*)[ \n\r]*" // pub line + + "(uid:(.*):([0-9]+):([0-9]*):([rde]*))+", // one or more uid lines + Pattern.CASE_INSENSITIVE); + + /** + * uid:%escaped uid string%:%creationdate%:%expirationdate%:%flags% + * <ul> + * <li>%<b>escaped uid string</b>% = the user ID string, with HTTP %-escaping for anything that isn't 7-bit + * safe as well as for the ":" character. Any other characters may be escaped, as desired.</li> + * <li>%<b>creationdate</b>% = creation date of the key in standard + * <a href="http://tools.ietf.org/html/rfc2440#section-9.1">RFC-2440</a> form (i.e. number of seconds since + * 1/1/1970 UTC time)</li> + * <li>%<b>expirationdate</b>% = expiration date of the key in standard + * <a href="http://tools.ietf.org/html/rfc2440#section-9.1">RFC-2440</a> form (i.e. number of seconds since + * 1/1/1970 UTC time)</li> + * <li>%<b>flags</b>% = letter codes to indicate details of the key, if any. Flags may be in any order. The + * meaning of "disabled" is implementation-specific. Note that individual flags may be unimplemented, so + * the absence of a given flag does not necessarily mean the absence of the detail. + * <ul> + * <li>r == revoked</li> + * <li>d == disabled</li> + * <li>e == expired</li> + * </ul> + * </li> + * </ul> + */ + public static final Pattern UID_LINE = Pattern + .compile("uid:(.*):([0-9]+):([0-9]*):([rde]*)", Pattern.CASE_INSENSITIVE); - public static final Pattern USER_ID_LINE = Pattern.compile("^ +(.+)$", Pattern.MULTILINE - | Pattern.CASE_INSENSITIVE); private static final short PORT_DEFAULT = 11371; @@ -173,7 +216,7 @@ public class HkpKeyServer extends KeyServer { } catch (UnsupportedEncodingException e) { return null; } - String request = "/pks/lookup?op=index&search=" + encodedQuery; + String request = "/pks/lookup?op=index&search=" + encodedQuery + "&options=mr"; String data = null; try { @@ -193,38 +236,41 @@ public class HkpKeyServer extends KeyServer { throw new QueryException("querying server(s) for '" + mHost + "' failed"); } - Matcher matcher = PUB_KEY_LINE.matcher(data); + final Matcher matcher = PUB_KEY_LINE.matcher(data); while (matcher.find()) { - ImportKeysListEntry info = new ImportKeysListEntry(); - info.bitStrength = Integer.parseInt(matcher.group(1)); - info.algorithm = matcher.group(2); - info.hexKeyId = "0x" + matcher.group(3); - info.keyId = PgpKeyHelper.convertHexToKeyId(matcher.group(3)); - String chunks[] = matcher.group(4).split("-"); - - GregorianCalendar tmpGreg = new GregorianCalendar(TimeZone.getTimeZone("UTC")); - tmpGreg.set(Integer.parseInt(chunks[0]), Integer.parseInt(chunks[1]), - Integer.parseInt(chunks[2])); + final ImportKeysListEntry info = new ImportKeysListEntry(); + info.bitStrength = Integer.parseInt(matcher.group(3)); + final int algorithmId = Integer.decode(matcher.group(2)); + info.algorithm = getAlgorithmFromId(algorithmId); + + info.hexKeyId = "0x" + matcher.group(1); + info.keyId = PgpKeyHelper.convertHexToKeyId(matcher.group(1)); + + final long creationDate = Long.parseLong(matcher.group(4)); + final GregorianCalendar tmpGreg = new GregorianCalendar(TimeZone.getTimeZone("UTC")); + tmpGreg.setTimeInMillis(creationDate * 1000); info.date = tmpGreg.getTime(); + + info.revoked = matcher.group(6).contains("r"); info.userIds = new ArrayList<String>(); - if (matcher.group(5).startsWith("*** KEY")) { - info.revoked = true; - } else { - String tmp = matcher.group(5).replaceAll("<.*?>", ""); - tmp = Html.fromHtml(tmp).toString(); - info.userIds.add(tmp); - } - if (matcher.group(6).length() > 0) { - Matcher matcher2 = USER_ID_LINE.matcher(matcher.group(6)); - while (matcher2.find()) { - String tmp = matcher2.group(1).replaceAll("<.*?>", ""); - tmp = Html.fromHtml(tmp).toString(); - info.userIds.add(tmp); + + final String uidLines = matcher.group(7); + final Matcher uidMatcher = UID_LINE.matcher(uidLines); + while (uidMatcher.find()) { + String tmp = uidMatcher.group(1).replaceAll("<.*?>", ""); + tmp = Html.fromHtml(tmp).toString().trim(); + if (tmp.contains("%")) { + try { + // converts Strings like "Universit%C3%A4t" to a proper encoding form "Universität". + tmp = (URLDecoder.decode(tmp, "UTF8")); + } catch (UnsupportedEncodingException ignored) { + // will never happen, because "UTF8" is supported + } } + info.userIds.add(tmp); } results.add(info); } - return results; } @@ -233,7 +279,7 @@ public class HkpKeyServer extends KeyServer { HttpClient client = new DefaultHttpClient(); try { HttpGet get = new HttpGet("http://" + mHost + ":" + mPort - + "/pks/lookup?op=get&search=" + PgpKeyHelper.convertKeyIdToHex(keyId)); + + "/pks/lookup?op=get&search=" + PgpKeyHelper.convertKeyIdToHex(keyId) + "&options=mr"); HttpResponse response = client.execute(get); if (response.getStatusLine().getStatusCode() != HttpStatus.SC_OK) { |