diff options
author | Vincent Breitmoser <valodim@mugenguild.com> | 2015-03-18 21:12:31 +0100 |
---|---|---|
committer | Vincent Breitmoser <valodim@mugenguild.com> | 2015-03-18 21:12:31 +0100 |
commit | d46fc3740bbfc3bac0b1133a3e9d47c7ce3e06e2 (patch) | |
tree | 034ef267e71613dedfd74183a1ac7d7f4414813c /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java | |
parent | aca54e31eae450e7deec54cca6654ee202c7a90f (diff) | |
download | open-keychain-d46fc3740bbfc3bac0b1133a3e9d47c7ce3e06e2.tar.gz open-keychain-d46fc3740bbfc3bac0b1133a3e9d47c7ce3e06e2.tar.bz2 open-keychain-d46fc3740bbfc3bac0b1133a3e9d47c7ce3e06e2.zip |
yubikey certifications!
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java')
-rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java index ebf0dc70b..140e03764 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/CertifyOperation.java @@ -30,6 +30,8 @@ import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType; import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKeyRing; +import org.sufficientlysecure.keychain.pgp.PgpCertifyOperation; +import org.sufficientlysecure.keychain.pgp.PgpCertifyOperation.PgpCertifyResult; import org.sufficientlysecure.keychain.pgp.Progressable; import org.sufficientlysecure.keychain.pgp.UncachedKeyRing; import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException; @@ -38,6 +40,8 @@ import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException import org.sufficientlysecure.keychain.service.CertifyActionsParcel; import org.sufficientlysecure.keychain.service.CertifyActionsParcel.CertifyAction; import org.sufficientlysecure.keychain.service.ContactSyncAdapterService; +import org.sufficientlysecure.keychain.service.input.NfcOperationsParcel; +import org.sufficientlysecure.keychain.service.input.NfcOperationsParcel.NfcSignOperationsBuilder; import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils; import org.sufficientlysecure.keychain.util.Log; @@ -73,10 +77,6 @@ public class CertifyOperation extends BaseOperation { mProviderHelper.getCanonicalizedSecretKeyRing(parcel.mMasterKeyId); log.add(LogType.MSG_CRT_UNLOCK, 1); certificationKey = secretKeyRing.getSecretKey(); - if (certificationKey.getSecretKeyType() == SecretKeyType.DIVERT_TO_CARD) { - log.add(LogType.MSG_CRT_ERROR_DIVERT, 2); - return new CertifyResult(CertifyResult.RESULT_ERROR, log); - } // certification is always with the master key id, so use that one String passphrase = getCachedPassphrase(parcel.mMasterKeyId, parcel.mMasterKeyId); @@ -102,6 +102,8 @@ public class CertifyOperation extends BaseOperation { int certifyOk = 0, certifyError = 0, uploadOk = 0, uploadError = 0; + NfcSignOperationsBuilder allRequiredInput = new NfcSignOperationsBuilder(parcel.getSignatureTime()); + // Work through all requested certifications for (CertifyAction action : parcel.mCertifyActions) { @@ -122,28 +124,21 @@ public class CertifyOperation extends BaseOperation { CanonicalizedPublicKeyRing publicRing = mProviderHelper.getCanonicalizedPublicKeyRing(action.mMasterKeyId); - UncachedKeyRing certifiedKey = null; - if (action.mUserIds != null) { - log.add(LogType.MSG_CRT_CERTIFY_UIDS, 2, action.mUserIds.size(), - KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId)); + PgpCertifyOperation op = new PgpCertifyOperation(); + PgpCertifyResult result = op.certify(certificationKey, publicRing, + log, 2, action, parcel.getSignatureData(), parcel.getSignatureTime()); - certifiedKey = certificationKey.certifyUserIds( - publicRing, action.mUserIds, null, null); + if (!result.success()) { + certifyError += 1; + continue; } - - if (action.mUserAttributes != null) { - log.add(LogType.MSG_CRT_CERTIFY_UATS, 2, action.mUserAttributes.size(), - KeyFormattingUtils.convertKeyIdToHex(action.mMasterKeyId)); - - certifiedKey = certificationKey.certifyUserAttributes( - publicRing, action.mUserAttributes, null, null); + if (result.nfcInputRequired()) { + NfcOperationsParcel requiredInput = result.getRequiredInput(); + allRequiredInput.addAll(requiredInput); + continue; } - if (certifiedKey == null) { - certifyError += 1; - log.add(LogType.MSG_CRT_WARN_CERT_FAILED, 3); - } - certifiedKeys.add(certifiedKey); + certifiedKeys.add(result.getCertifiedRing()); } catch (NotFoundException e) { certifyError += 1; @@ -152,6 +147,11 @@ public class CertifyOperation extends BaseOperation { } + if ( ! allRequiredInput.isEmpty()) { + log.add(LogType.MSG_CRT_NFC_RETURN, 1); + return new CertifyResult(log, allRequiredInput.build()); + } + log.add(LogType.MSG_CRT_SAVING, 1); // Check if we were cancelled |