don't show allowed key list if no key exists, and some minor PgpDecryptVerify changes

12 files changed, 50 insertions, 35 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
index 917b3415f..7680107f8 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/DecryptVerifyResult.java
@@ -27,12 +27,19 @@ import org.sufficientlysecure.keychain.util.Passphrase;
 
 public class DecryptVerifyResult extends InputPendingResult {
 
+    public static final int RESULT_NO_DATA = RESULT_ERROR + 16;
+    public static final int RESULT_KEY_DISALLOWED = RESULT_ERROR + 32;
+
     OpenPgpSignatureResult mSignatureResult;
     OpenPgpMetadata mDecryptMetadata;
     // This holds the charset which was specified in the ascii armor, if specified
     // https://tools.ietf.org/html/rfc4880#page56
     String mCharset;
 
+    public boolean isKeysDisallowed () {
+        return (mResult & RESULT_KEY_DISALLOWED) == RESULT_KEY_DISALLOWED;
+    }
+
     public OpenPgpSignatureResult getSignatureResult() {
         return mSignatureResult;
     }
@@ -57,10 +64,6 @@ public class DecryptVerifyResult extends InputPendingResult {
         mCharset = charset;
     }
 
-    public boolean isPending() {
-        return (mResult & RESULT_PENDING) == RESULT_PENDING;
-    }
-
     public DecryptVerifyResult(int result, OperationLog log) {
         super(result, log);
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
index ad7feaea6..119678f16 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@@ -590,7 +590,7 @@ public abstract class OperationResult implements Parcelable {
         MSG_DC_ERROR_EXTRACT_KEY (LogLevel.ERROR, R.string.msg_dc_error_extract_key),
         MSG_DC_ERROR_INTEGRITY_CHECK (LogLevel.ERROR, R.string.msg_dc_error_integrity_check),
         MSG_DC_ERROR_INTEGRITY_MISSING (LogLevel.ERROR, R.string.msg_dc_error_integrity_missing),
-        MSG_DC_ERROR_INVALID_SIGLIST(LogLevel.ERROR, R.string.msg_dc_error_invalid_siglist),
+        MSG_DC_ERROR_INVALID_DATA (LogLevel.ERROR, R.string.msg_dc_error_invalid_data),
         MSG_DC_ERROR_IO (LogLevel.ERROR, R.string.msg_dc_error_io),
         MSG_DC_ERROR_NO_DATA (LogLevel.ERROR, R.string.msg_dc_error_no_data),
         MSG_DC_ERROR_NO_KEY (LogLevel.ERROR, R.string.msg_dc_error_no_key),
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index f6580b85a..aa1125800 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -384,7 +384,7 @@ public class PgpDecryptVerify extends BaseOperation {
         }
 
         if (enc == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, indent);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, indent);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -419,6 +419,7 @@ public class PgpDecryptVerify extends BaseOperation {
         }
 
         Passphrase passphrase = null;
+        boolean skippedDisallowedKey = false;
 
         // go through all objects and find one we can decrypt
         while (it.hasNext()) {
@@ -451,13 +452,6 @@ public class PgpDecryptVerify extends BaseOperation {
                     log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
                     continue;
                 }
-                // get subkey which has been used for this encryption packet
-                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
-                if (secretEncryptionKey == null) {
-                    // should actually never happen, so no need to be more specific.
-                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
-                    continue;
-                }
 
                 // allow only specific keys for decryption?
                 if (mAllowedKeyIds != null) {
@@ -469,11 +463,20 @@ public class PgpDecryptVerify extends BaseOperation {
                     if (!mAllowedKeyIds.contains(masterKeyId)) {
                         // this key is in our db, but NOT allowed!
                         // continue with the next packet in the while loop
+                        skippedDisallowedKey = true;
                         log.add(LogType.MSG_DC_ASKIP_NOT_ALLOWED, indent + 1);
                         continue;
                     }
                 }
 
+                // get subkey which has been used for this encryption packet
+                secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
+                if (secretEncryptionKey == null) {
+                    // should actually never happen, so no need to be more specific.
+                    log.add(LogType.MSG_DC_ASKIP_NO_KEY, indent + 1);
+                    continue;
+                }
+
                 /* secret key exists in database and is allowed! */
                 asymmetricPacketFound = true;
 
@@ -604,10 +607,18 @@ public class PgpDecryptVerify extends BaseOperation {
             }
             encryptedData = encryptedDataAsymmetric;
         } else {
-            // If we didn't find any useful data, error out
+            // there wasn't even any useful data
+            if (!anyPacketFound) {
+                log.add(LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
+                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_NO_DATA, log);
+            }
+            // there was data but key wasn't allowed
+            if (skippedDisallowedKey) {
+                log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
+                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_KEY_DISALLOWED, log);
+            }
             // no packet has been found where we have the corresponding secret key in our db
-            log.add(
-                    anyPacketFound ? LogType.MSG_DC_ERROR_NO_KEY : LogType.MSG_DC_ERROR_NO_DATA, indent + 1);
+            log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -910,7 +921,7 @@ public class PgpDecryptVerify extends BaseOperation {
 
         PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
         if (sigList == null) {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
@@ -993,7 +1004,7 @@ public class PgpDecryptVerify extends BaseOperation {
         } else if (o instanceof PGPSignatureList) {
             sigList = (PGPSignatureList) o;
         } else {
-            log.add(LogType.MSG_DC_ERROR_INVALID_SIGLIST, 0);
+            log.add(LogType.MSG_DC_ERROR_INVALID_DATA, 0);
             return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
         }
 
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
index 4a8bf9332..179b78f26 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@@ -34,7 +34,6 @@ import org.openintents.openpgp.util.OpenPgpApi;
 import org.spongycastle.bcpg.CompressionAlgorithmTags;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
-import org.sufficientlysecure.keychain.operations.results.OperationResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult.LogEntryParcel;
 import org.sufficientlysecure.keychain.operations.results.PgpSignEncryptResult;
 import org.sufficientlysecure.keychain.pgp.PgpConstants;
@@ -601,9 +600,8 @@ public class OpenPgpService extends RemoteService {
                 result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
                 return result;
             } else {
-                LogEntryParcel errorMsg = pgpResult.getLog().getLast();
-
-                if (errorMsg.mType == OperationResult.LogType.MSG_DC_ERROR_NO_KEY) {
+                //
+                if (pgpResult.isKeysDisallowed()) {
                     // allow user to select allowed keys
                     Intent result = new Intent();
                     result.putExtra(OpenPgpApi.RESULT_INTENT, getSelectAllowedKeysIntent(data));
@@ -611,14 +609,17 @@ public class OpenPgpService extends RemoteService {
                     return result;
                 }
 
-                throw new Exception(getString(errorMsg.mType.getMsgId()));
+                String errorMsg = getString(pgpResult.getLog().getLast().mType.getMsgId());
+                Intent result = new Intent();
+                result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, errorMsg));
+                result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
+                return result;
             }
 
-        } catch (Exception e) {
-            Log.d(Constants.TAG, "decryptAndVerifyImpl", e);
+        } catch (IOException e) {
+            Log.e(Constants.TAG, "decryptAndVerifyImpl", e);
             Intent result = new Intent();
-            result.putExtra(OpenPgpApi.RESULT_ERROR,
-                    new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
+            result.putExtra(OpenPgpApi.RESULT_ERROR, new OpenPgpError(OpenPgpError.GENERIC_ERROR, e.getMessage()));
             result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR);
             return result;
         } finally {
diff --git a/OpenKeychain/src/main/res/values-de/strings.xml b/OpenKeychain/src/main/res/values-de/strings.xml
index 4fd310837..2dc6962cb 100644
--- a/OpenKeychain/src/main/res/values-de/strings.xml
+++ b/OpenKeychain/src/main/res/values-de/strings.xml
@@ -929,7 +929,7 @@
   <string name="msg_dc_error_extract_key">Unbekannter Fehler bei Schlüsselentsperrung!</string>
   <string name="msg_dc_error_integrity_check">Integritätsprüfungsfehler!</string>
   <string name="msg_dc_error_integrity_missing">Fehlende Integritätsprüfung Dies kann passieren, wenn die Verschlüsselungsanwendung veraltet ist oder durch einen Downgrade-Angriff.</string>
-  <string name="msg_dc_error_invalid_siglist">Keine gültigen Signaturdaten gefunden!</string>
+  <string name="msg_dc_error_invalid_data">Keine gültigen Signaturdaten gefunden!</string>
   <string name="msg_dc_error_io">Ein-/Ausgabefehler während Vorgang aufgetreten!</string>
   <string name="msg_dc_error_no_data">Keine verschlüsselten Daten in Datenstrom gefunden!</string>
   <string name="msg_dc_error_no_key">Keine verschlüsselten Daten mit bekanntem geheimen Schlüssel in Datenstrom gefunden!</string>
diff --git a/OpenKeychain/src/main/res/values-es/strings.xml b/OpenKeychain/src/main/res/values-es/strings.xml
index 2d94eb6a2..f672ab84b 100644
--- a/OpenKeychain/src/main/res/values-es/strings.xml
+++ b/OpenKeychain/src/main/res/values-es/strings.xml
@@ -928,7 +928,7 @@
   <string name="msg_dc_error_extract_key">¡Error desconocido al desbloquear clave!</string>
   <string name="msg_dc_error_integrity_check">¡Error de comprobación de integridad!</string>
   <string name="msg_dc_error_integrity_missing">¡Verificación de integridad ausente! Esto puede ocurrir porque la aplicación de cifrado no está actualizada, o debido a un ataque desactualización.</string>
-  <string name="msg_dc_error_invalid_siglist">¡No se encontraron datos de firma válidos!</string>
+  <string name="msg_dc_error_invalid_data">¡No se encontraron datos de firma válidos!</string>
   <string name="msg_dc_error_io">¡Se encontró Excepción de E/S durante la operación!</string>
   <string name="msg_dc_error_no_data">¡No se encontraron datos cifrados en el flujo de datos (`stream`)!</string>
   <string name="msg_dc_error_no_key">¡No se encontraron datos cifrados con clave secreta (privada) conocida en el flujo de datos (`stream`)!</string>
diff --git a/OpenKeychain/src/main/res/values-fr/strings.xml b/OpenKeychain/src/main/res/values-fr/strings.xml
index f34dd8e46..c7ac082dd 100644
--- a/OpenKeychain/src/main/res/values-fr/strings.xml
+++ b/OpenKeychain/src/main/res/values-fr/strings.xml
@@ -928,7 +928,7 @@
   <string name="msg_dc_error_extract_key">Erreur inconnue de déverrouillage de la clef !</string>
   <string name="msg_dc_error_integrity_check">Erreur de vérification de l\'intégrité !</string>
   <string name="msg_dc_error_integrity_missing">Vérification de l\'intégrité absente ! Ceci peut arriver car l\'application n\'est pas à jour, ou à cause d\'une attaque par mise à niveau inférieur.</string>
-  <string name="msg_dc_error_invalid_siglist">Aucune donnée de signature valide trouvée !</string>
+  <string name="msg_dc_error_invalid_data">Aucune donnée de signature valide trouvée !</string>
   <string name="msg_dc_error_io">Une exception E/S a été rencontrée durant l\'opération !</string>
   <string name="msg_dc_error_no_data">Aucune donnée chiffrée n\'a été trouvée dans le flux !</string>
   <string name="msg_dc_error_no_key">Aucune donnée chiffrée avec une clef secrète connue n\'a été trouvée dans le flux !</string>
diff --git a/OpenKeychain/src/main/res/values-ja/strings.xml b/OpenKeychain/src/main/res/values-ja/strings.xml
index 13647a1bb..ad66b9a37 100644
--- a/OpenKeychain/src/main/res/values-ja/strings.xml
+++ b/OpenKeychain/src/main/res/values-ja/strings.xml
@@ -913,7 +913,7 @@
   <string name="msg_dc_error_extract_key">鍵のロック解除で不明なエラー!</string>
   <string name="msg_dc_error_integrity_check">完全性チェックエラー!</string>
   <string name="msg_dc_error_integrity_missing">完全聖チェックの欠落!これは暗号化アプリケーションが期限切れになった場合、もしくは暗号強度低下攻撃がある場合に発生します。</string>
-  <string name="msg_dc_error_invalid_siglist">正常な署名データが見付からなかった!</string>
+  <string name="msg_dc_error_invalid_data">正常な署名データが見付からなかった!</string>
   <string name="msg_dc_error_io">操作中にIO例外に当たりました!</string>
   <string name="msg_dc_error_no_data">ストリーム中に暗号化されたデータが見付からなかった!</string>
   <string name="msg_dc_error_no_key">ストリーム中に既知の秘密鍵で暗号化されたデータが見付からなかった!</string>
diff --git a/OpenKeychain/src/main/res/values-nl/strings.xml b/OpenKeychain/src/main/res/values-nl/strings.xml
index 74e2c7117..37975ab1a 100644
--- a/OpenKeychain/src/main/res/values-nl/strings.xml
+++ b/OpenKeychain/src/main/res/values-nl/strings.xml
@@ -928,7 +928,7 @@
   <string name="msg_dc_error_extract_key">Onbekende fout bij ontgrendelen van sleutel!</string>
   <string name="msg_dc_error_integrity_check">Fout bij integriteitscontrole!</string>
   <string name="msg_dc_error_integrity_missing">Integriteitscheck ontbreekt! Dit kan gebeuren omdat de versleutelingsapplicatie verouderd is, of door een downgrade-aanval.</string>
-  <string name="msg_dc_error_invalid_siglist">Geen geldige ondertekeningsgegevens gevonden!</string>
+  <string name="msg_dc_error_invalid_data">Geen geldige ondertekeningsgegevens gevonden!</string>
   <string name="msg_dc_error_io">I/O-uitzondering tegengekomen tijdens bewerking!</string>
   <string name="msg_dc_error_no_data">Geen versleutelde gegevens gevonden!</string>
   <string name="msg_dc_error_no_key">Geen versleutelde gegevens met bekende geheime sleutel gevonden!</string>
diff --git a/OpenKeychain/src/main/res/values-sr/strings.xml b/OpenKeychain/src/main/res/values-sr/strings.xml
index c4c92dce5..5b3027398 100644
--- a/OpenKeychain/src/main/res/values-sr/strings.xml
+++ b/OpenKeychain/src/main/res/values-sr/strings.xml
@@ -915,7 +915,7 @@
   <string name="msg_dc_error_extract_key">Непозната грешка откључавања кључа!</string>
   <string name="msg_dc_error_integrity_check">Грешка провере интегритета!</string>
   <string name="msg_dc_error_integrity_missing">Недостаје провера интегритета! Ово може да се деси ако је апликација за шифровање застарела, или услед напада старијег издања.</string>
-  <string name="msg_dc_error_invalid_siglist">Нису нађени исправни подаци потписа!</string>
+  <string name="msg_dc_error_invalid_data">Нису нађени исправни подаци потписа!</string>
   <string name="msg_dc_error_io">Наиђох на У/И изузетак током радње!</string>
   <string name="msg_dc_error_no_data">Шифровани подаци нису нађени у току!</string>
   <string name="msg_dc_error_no_key">Подаци шифровани познатим тајним кључем нису нађени у току!</string>
diff --git a/OpenKeychain/src/main/res/values-zh-rTW/strings.xml b/OpenKeychain/src/main/res/values-zh-rTW/strings.xml
index 95fa8a28c..728eeccdd 100644
--- a/OpenKeychain/src/main/res/values-zh-rTW/strings.xml
+++ b/OpenKeychain/src/main/res/values-zh-rTW/strings.xml
@@ -510,7 +510,7 @@
   <!--Other messages used in OperationLogs-->
   <string name="msg_ek_error_not_found">找不到金鑰！</string>
   <!--Messages for DecryptVerify operation-->
-  <string name="msg_dc_error_invalid_siglist">找不到有效的簽名資訊！</string>
+  <string name="msg_dc_error_invalid_data">找不到有效的簽名資訊！</string>
   <string name="msg_dc">開始解密…</string>
   <!--Messages for VerifySignedLiteralData operation-->
   <!--Messages for SignEncrypt operation-->
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index f01b2cace..3ae4afa35 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -1041,7 +1041,7 @@
     <string name="msg_dc_error_extract_key">"Unknown error unlocking key!"</string>
     <string name="msg_dc_error_integrity_check">"Integrity check error!"</string>
     <string name="msg_dc_error_integrity_missing">"Missing integrity check! This can happen because the encrypting application is out of date, or from a downgrade attack."</string>
-    <string name="msg_dc_error_invalid_siglist">"No valid signature data found!"</string>
+    <string name="msg_dc_error_invalid_data">"No valid OpenPGP encrypted or signed data found!"</string>
     <string name="msg_dc_error_io">"Encountered IO Exception during operation!"</string>
     <string name="msg_dc_error_no_data">"No encrypted data found in stream!"</string>
     <string name="msg_dc_error_no_key">"No encrypted data with known secret key found in stream!"</string>