diff options
| author | Vincent Breitmoser <valodim@mugenguild.com> | 2015-09-28 18:27:29 +0200 |
|---|---|---|
| committer | Vincent Breitmoser <valodim@mugenguild.com> | 2015-09-28 18:27:29 +0200 |
| commit | 0e613aff2e617ca12c1b2e1032b21334c2ca674a (patch) | |
| tree | 4e16d6a086cbe12875454fba520241ac84e277c7 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java | |
| parent | b65a23f2d46f905160b47e044de12cf9177dfd51 (diff) | |
| parent | 3df9bea4554c0edddce57aa6a2e32cfe5250ed72 (diff) | |
| download | open-keychain-0e613aff2e617ca12c1b2e1032b21334c2ca674a.tar.gz open-keychain-0e613aff2e617ca12c1b2e1032b21334c2ca674a.tar.bz2 open-keychain-0e613aff2e617ca12c1b2e1032b21334c2ca674a.zip | |
Merge remote-tracking branch 'origin/master' into encrypted-export
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java')
| -rw-r--r-- | OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java | 45 |
1 files changed, 39 insertions, 6 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java index 8572a5712..0e357cfcd 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java @@ -18,6 +18,7 @@ package org.sufficientlysecure.keychain.ui; +import java.io.File; import java.io.IOException; import java.util.ArrayList; import java.util.Date; @@ -224,9 +225,8 @@ public class EncryptFilesFragment String targetName = (mEncryptFilenames ? "1" : FileHelper.getFilename(getActivity(), model.inputUri)) + (mUseArmor ? Constants.FILE_EXTENSION_ASC : Constants.FILE_EXTENSION_PGP_MAIN); - Uri inputUri = model.inputUri; - FileHelper.saveDocument(this, targetName, inputUri, - R.string.title_encrypt_to_file, R.string.specify_file_to_encrypt_to, REQUEST_CODE_OUTPUT); + FileHelper.saveDocument(this, targetName, + REQUEST_CODE_OUTPUT); } public void addFile(Intent data) { @@ -308,6 +308,17 @@ public class EncryptFilesFragment return true; } + @Override + public void onPrepareOptionsMenu(Menu menu) { + super.onPrepareOptionsMenu(menu); + + // Show save only on Android >= 4.4 (Document Provider) + if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) { + MenuItem save = menu.findItem(R.id.encrypt_save); + save.setVisible(false); + } + } + public void toggleUseArmor(MenuItem item, final boolean useArmor) { mUseArmor = useArmor; @@ -441,9 +452,29 @@ public class EncryptFilesFragment } - // prepares mOutputUris, either directly and returns false, or indirectly - // which returns true and will call cryptoOperation after mOutputUris has - // been set at a later point. + /** + * Checks that the input uris are not linked to our own internal storage. + * This prevents the encryption of our own database (-> export of whole database) + */ + private void securityCheckInternalStorage() { + for (FilesAdapter.ViewModel model : mFilesAdapter.mDataset) { + File fileInput = new File(model.inputUri.getPath()); + try { + // the canonical path of the file must not start with /data/data/org.sufficientlysecure.keychain/ + if (fileInput.getCanonicalPath().startsWith(getActivity().getApplicationInfo().dataDir)) { + throw new RuntimeException("Encrypting OpenKeychain's private files is not allowed!"); + } + } catch (IOException e) { + Log.e(Constants.TAG, "Getting canonical path failed!", e); + } + } + } + + /** + * Prepares mOutputUris, either directly and returns false, or indirectly + * which returns true and will call cryptoOperation after mOutputUris has + * been set at a later point. + */ private boolean prepareOutputStreams() { switch (mAfterEncryptAction) { @@ -519,6 +550,8 @@ public class EncryptFilesFragment } + securityCheckInternalStorage(); + return actionsParcel; } |