Add backup API

5 files changed, 136 insertions, 2 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ApiPendingIntentFactory.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ApiPendingIntentFactory.java
index 690a4d1a2..7c05edb71 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ApiPendingIntentFactory.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ApiPendingIntentFactory.java
@@ -23,6 +23,7 @@ import android.content.Intent;
 import android.os.Build;
 
 import org.sufficientlysecure.keychain.provider.KeychainContract;
+import org.sufficientlysecure.keychain.remote.ui.RemoteBackupActivity;
 import org.sufficientlysecure.keychain.remote.ui.RemoteCreateAccountActivity;
 import org.sufficientlysecure.keychain.remote.ui.RemoteErrorActivity;
 import org.sufficientlysecure.keychain.remote.ui.RemoteImportKeysActivity;
@@ -124,6 +125,14 @@ public class ApiPendingIntentFactory {
         return createInternal(data, intent);
     }
 
+    PendingIntent createBackupPendingIntent(Intent data, long[] masterKeyIds, boolean backupSecret) {
+        Intent intent = new Intent(mContext, RemoteBackupActivity.class);
+        intent.putExtra(RemoteBackupActivity.EXTRA_MASTER_KEY_IDS, masterKeyIds);
+        intent.putExtra(RemoteBackupActivity.EXTRA_SECRET, backupSecret);
+
+        return createInternal(data, intent);
+    }
+
     @Deprecated
     PendingIntent createAccountCreationPendingIntent(Intent data, String packageName, String accountName) {
         Intent intent = new Intent(mContext, RemoteCreateAccountActivity.class);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/CryptoInputParcelCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/CryptoInputParcelCacheService.java
index e3e39417a..3ced56b5a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/CryptoInputParcelCacheService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/CryptoInputParcelCacheService.java
@@ -37,7 +37,10 @@ import org.sufficientlysecure.keychain.util.Log;
 import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 
-
+/**
+ * This service caches CryptoInputParcels, which contain sensitive data like passphrases.
+ * This way, they are not exposed to the client app using the API.
+ */
 public class CryptoInputParcelCacheService extends Service {
 
     public static final String ACTION_ADD = Constants.INTENT_PREFIX + "ADD";
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
index 2e14099de..a5dc2a03c 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@@ -37,7 +37,9 @@ import org.openintents.openpgp.OpenPgpMetadata;
 import org.openintents.openpgp.OpenPgpSignatureResult;
 import org.openintents.openpgp.util.OpenPgpApi;
 import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.operations.BackupOperation;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
+import org.sufficientlysecure.keychain.operations.results.ExportResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.CanonicalizedPublicKeyRing;
@@ -52,6 +54,7 @@ import org.sufficientlysecure.keychain.provider.KeychainContract.ApiAccounts;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.KeychainDatabase.Tables;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.service.BackupKeyringParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.util.InputData;
@@ -670,6 +673,49 @@ public class OpenPgpService extends Service {
         }
     }
 
+    private Intent backupImpl(Intent data, OutputStream outputStream) {
+        try {
+            long[] masterKeyIds = data.getLongArrayExtra(OpenPgpApi.EXTRA_KEY_IDS);
+            boolean backupSecret = data.getBooleanExtra(OpenPgpApi.EXTRA_BACKUP_SECRET, false);
+
+            ApiPendingIntentFactory piFactory = new ApiPendingIntentFactory(getBaseContext());
+
+            CryptoInputParcel inputParcel = CryptoInputParcelCacheService.getCryptoInputParcel(this, data);
+            if (inputParcel == null) {
+                Intent result = new Intent();
+                result.putExtra(OpenPgpApi.RESULT_INTENT, piFactory.createBackupPendingIntent(data, masterKeyIds, backupSecret));
+                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED);
+                return result;
+            }
+            // after user interaction with RemoteBackupActivity,
+            // the backup code is cached in CryptoInputParcelCacheService, now we can proceed
+
+            BackupKeyringParcel input = new BackupKeyringParcel(masterKeyIds, backupSecret, null);
+            BackupOperation op = new BackupOperation(this, mProviderHelper, null);
+            ExportResult pgpResult = op.execute(input, inputParcel, outputStream);
+
+            if (pgpResult.success()) {
+                Intent result = new Intent();
+                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
+                return result;
+            } else {
+                // should not happen normally...
+                String errorMsg = getString(pgpResult.getLog().getLast().mType.getMsgId());
+                Intent result = new Intent();
+                result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, errorMsg));
+                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
+                return result;
+            }
+        } catch (Exception e) {
+            Log.d(Constants.TAG, "backupImpl", e);
+            Intent result = new Intent();
+            result.putExtra(OpenPgpApi.RESULT_ERROR,
+                    new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
+            result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
+            return result;
+        }
+    }
+
     private Intent getSignKeyMasterId(Intent data) {
         // NOTE: Accounts are deprecated on API version >= 7
         if (data.getIntExtra(OpenPgpApi.EXTRA_API_VERSION, -1) < 7) {
@@ -831,6 +877,9 @@ public class OpenPgpService extends Service {
             case OpenPgpApi.ACTION_GET_KEY: {
                 return getKeyImpl(data, outputStream);
             }
+            case OpenPgpApi.ACTION_BACKUP: {
+                return backupImpl(data, outputStream);
+            }
             default: {
                 return null;
             }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteBackupActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteBackupActivity.java
new file mode 100644
index 000000000..866775f97
--- /dev/null
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteBackupActivity.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2016 Dominik Schürmann <dominik@dominikschuermann.de>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package org.sufficientlysecure.keychain.remote.ui;
+
+import android.content.Intent;
+import android.net.Uri;
+import android.os.Bundle;
+import android.support.v4.app.Fragment;
+import android.support.v4.app.FragmentManager;
+
+import org.sufficientlysecure.keychain.R;
+import org.sufficientlysecure.keychain.remote.CryptoInputParcelCacheService;
+import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
+import org.sufficientlysecure.keychain.ui.BackupActivity;
+import org.sufficientlysecure.keychain.ui.BackupCodeFragment;
+
+public class RemoteBackupActivity extends BackupActivity {
+
+    public static final String EXTRA_DATA = "data";
+
+    private Intent mPendingIntentData;
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+
+        // noinspection ConstantConditions, we know this activity has an action bar
+        getSupportActionBar().setDisplayHomeAsUpEnabled(true);
+
+        if (savedInstanceState == null) {
+            Intent intent = getIntent();
+            boolean exportSecret = intent.getBooleanExtra(EXTRA_SECRET, false);
+            long[] masterKeyIds = intent.getLongArrayExtra(EXTRA_MASTER_KEY_IDS);
+            mPendingIntentData = getIntent().getParcelableExtra(EXTRA_DATA);
+
+            // NOTE: return backup!
+            Fragment frag = BackupCodeFragment.newInstance(masterKeyIds, exportSecret, false);
+
+            FragmentManager fragMan = getSupportFragmentManager();
+            fragMan.beginTransaction()
+                    .setCustomAnimations(0, 0)
+                    .replace(R.id.content_frame, frag)
+                    .commit();
+        }
+
+    }
+
+    @Override
+    public void handleBackupOperation(CryptoInputParcel inputParcel) {
+        // instead of handling the operation here directly,
+        // cache inputParcel containing the backup code and return to client
+        // Next time, the actual operation is directly executed.
+        CryptoInputParcelCacheService.addCryptoInputParcel(this, mPendingIntentData, inputParcel);
+        setResult(RESULT_OK, mPendingIntentData);
+        finish();
+    }
+
+}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteImportKeysActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteImportKeysActivity.java
index b57c50790..ff7138231 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteImportKeysActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/ui/RemoteImportKeysActivity.java
@@ -39,7 +39,7 @@ public class RemoteImportKeysActivity extends ImportKeysActivity {
     }
 
     @Override
-    public void handleResult(ImportKeyResult result) {
+    protected void handleResult(ImportKeyResult result) {
         setResult(RESULT_OK, mPendingIntentData);
         finish();
     }