9 files changed, 78 insertions, 45 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
index 3390fb729..57fce633e 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java
@@ -17,6 +17,8 @@
 
 package org.sufficientlysecure.keychain;
 
+import android.accounts.Account;
+import android.accounts.AccountManager;
 import android.app.Application;
 import android.content.Context;
 import android.content.Intent;
@@ -25,6 +27,7 @@ import android.graphics.PorterDuff;
 import android.graphics.drawable.Drawable;
 import android.os.Build;
 import android.os.Environment;
+import android.widget.Toast;
 
 import org.spongycastle.jce.provider.BouncyCastleProvider;
 import org.sufficientlysecure.keychain.provider.KeychainDatabase;
@@ -90,8 +93,13 @@ public class KeychainApplication extends Application {
                 FormattingUtils.getColorFromAttr(getApplicationContext(), R.attr.colorPrimary));
 
         // Add OpenKeychain account to Android to link contacts with keys and keyserver sync
-        KeyserverSyncAdapterService.enableKeyserverSync(this);
-        ContactSyncAdapterService.enableContactsSync(this);
+        createAccountIfNecessary();
+
+        // if first time, enable keyserver and contact sync
+        if (Preferences.getPreferences(this).isFirstTime()) {
+            KeyserverSyncAdapterService.enableKeyserverSync(this);
+            ContactSyncAdapterService.enableContactsSync(this);
+        }
 
         // Update keyserver list as needed
         Preferences.getPreferences(this).upgradePreferences(this);
@@ -108,6 +116,23 @@ public class KeychainApplication extends Application {
         }
     }
 
+    private void createAccountIfNecessary() {
+        try {
+            AccountManager manager = AccountManager.get(this);
+            Account[] accounts = manager.getAccountsByType(Constants.ACCOUNT_TYPE);
+
+            Account account = new Account(Constants.ACCOUNT_NAME, Constants.ACCOUNT_TYPE);
+            if (accounts.length == 0) {
+                if (!manager.addAccountExplicitly(account, null, null)) {
+                    Log.d(Constants.TAG, "account already exists, the account is null, or another error occured");
+                }
+            }
+        } catch (SecurityException e) {
+            Log.e(Constants.TAG, "SecurityException when adding the account", e);
+            Toast.makeText(this, R.string.reinstall_openkeychain, Toast.LENGTH_LONG).show();
+        }
+    }
+
     public static HashMap<String,Bitmap> qrCodeCache = new HashMap<>();
 
     @Override
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/PgpSignEncryptResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/PgpSignEncryptResult.java
index 12b091e32..c4f66b950 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/PgpSignEncryptResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/PgpSignEncryptResult.java
@@ -27,6 +27,9 @@ public class PgpSignEncryptResult extends InputPendingResult {
 
     byte[] mDetachedSignature;
     public long mOperationTime;
+    // this is the micalg parameter used in PGP/MIME, see RFC3156:
+    // https://tools.ietf.org/html/rfc3156#section-5
+    private String mMicAlgDigestName;
 
     public void setDetachedSignature(byte[] detachedSignature) {
         mDetachedSignature = detachedSignature;
@@ -74,4 +77,11 @@ public class PgpSignEncryptResult extends InputPendingResult {
         }
     };
 
+    public void setMicAlgDigestName(String micAlgDigestName) {
+        mMicAlgDigestName = micAlgDigestName;
+    }
+
+    public String getMicAlgDigestName() {
+        return mMicAlgDigestName;
+    }
 }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
index 45641b33a..40d6a710b 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -32,6 +32,7 @@ import org.spongycastle.openpgp.PGPException;
 import org.spongycastle.openpgp.PGPLiteralData;
 import org.spongycastle.openpgp.PGPLiteralDataGenerator;
 import org.spongycastle.openpgp.PGPSignatureGenerator;
+import org.spongycastle.openpgp.PGPUtil;
 import org.spongycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
 import org.spongycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
 import org.spongycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
@@ -574,6 +575,13 @@ public class PgpSignEncryptOperation extends BaseOperation {
                 // silently catch
             }
             result.setDetachedSignature(detachedByteOut.toByteArray());
+            try {
+                String digestName = PGPUtil.getDigestName(input.getSignatureHashAlgorithm());
+                // construct micalg parameter according to https://tools.ietf.org/html/rfc3156#section-5
+                result.setMicAlgDigestName("pgp-" + digestName.toLowerCase());
+            } catch (PGPException e) {
+                Log.e(Constants.TAG, "error setting micalg parameter!", e);
+            }
         }
         return result;
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
index 78c02681b..a6d505763 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java
@@ -327,6 +327,7 @@ public class OpenPgpService extends Service {
                 Intent result = new Intent();
                 if (pgpResult.getDetachedSignature() != null && !cleartextSign) {
                     result.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, pgpResult.getDetachedSignature());
+                    result.putExtra(OpenPgpApi.RESULT_SIGNATURE_MICALG, pgpResult.getMicAlgDigestName());
                 }
                 result.putExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_SUCCESS);
                 return result;
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/ContactSyncAdapterService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/ContactSyncAdapterService.java
index 86da33a74..387347986 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/ContactSyncAdapterService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/ContactSyncAdapterService.java
@@ -155,22 +155,10 @@ public class ContactSyncAdapterService extends Service {
     }
 
     public static void enableContactsSync(Context context) {
-        try {
-            AccountManager manager = AccountManager.get(context);
-            Account[] accounts = manager.getAccountsByType(Constants.ACCOUNT_TYPE);
-
-            Account account = new Account(Constants.ACCOUNT_NAME, Constants.ACCOUNT_TYPE);
-            if (accounts.length == 0) {
-                if (!manager.addAccountExplicitly(account, null, null)) {
-                    Log.d(Constants.TAG, "account already exists, the account is null, or another error occured");
-                }
-            }
-
-            ContentResolver.setIsSyncable(account, ContactsContract.AUTHORITY, 1);
-            ContentResolver.setSyncAutomatically(account, ContactsContract.AUTHORITY, true);
-        } catch (SecurityException e) {
-            Log.e(Constants.TAG, "SecurityException when adding the account", e);
-            Toast.makeText(context, R.string.reinstall_openkeychain, Toast.LENGTH_LONG).show();
-        }
+        AccountManager manager = AccountManager.get(context);
+        Account account = manager.getAccountsByType(Constants.ACCOUNT_TYPE)[0];
+
+        ContentResolver.setIsSyncable(account, ContactsContract.AUTHORITY, 1);
+        ContentResolver.setSyncAutomatically(account, ContactsContract.AUTHORITY, true);
     }
 }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java
index 35b4c2a7c..bacf56302 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java
@@ -26,7 +26,6 @@ import android.os.Messenger;
 import android.os.PowerManager;
 import android.os.SystemClock;
 import android.support.v4.app.NotificationCompat;
-import android.widget.Toast;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
@@ -55,7 +54,7 @@ public class KeyserverSyncAdapterService extends Service {
     // how often a sync should be initiated, in s
     public static final long SYNC_INTERVAL =
             Constants.DEBUG_KEYSERVER_SYNC
-                    ? TimeUnit.MINUTES.toSeconds(2) : TimeUnit.DAYS.toSeconds(3);
+                    ? TimeUnit.MINUTES.toSeconds(1) : TimeUnit.DAYS.toSeconds(3);
     // time since last update after which a key should be updated again, in s
     public static final long KEY_UPDATE_LIMIT =
             Constants.DEBUG_KEYSERVER_SYNC ? 1 : TimeUnit.DAYS.toSeconds(7);
@@ -82,6 +81,12 @@ public class KeyserverSyncAdapterService extends Service {
             // introduced due to https://github.com/open-keychain/open-keychain/issues/1573
             return START_NOT_STICKY; // we can't act on this Intent and don't want it redelivered
         }
+
+        if (!isSyncEnabled()) {
+            // if we have initiated a sync, but the user disabled it in preferences since
+            return START_NOT_STICKY;
+        }
+
         switch (intent.getAction()) {
             case ACTION_CANCEL: {
                 mCancelled.set(true);
@@ -505,30 +510,24 @@ public class KeyserverSyncAdapterService extends Service {
     }
 
     public static void enableKeyserverSync(Context context) {
-        try {
-            AccountManager manager = AccountManager.get(context);
-            Account[] accounts = manager.getAccountsByType(Constants.ACCOUNT_TYPE);
-
-            Account account = new Account(Constants.ACCOUNT_NAME, Constants.ACCOUNT_TYPE);
-            if (accounts.length == 0) {
-                if (!manager.addAccountExplicitly(account, null, null)) {
-                    Log.d(Constants.TAG, "account already exists, the account is null, or another error occured");
-                }
-            }
-            // for keyserver sync
-            ContentResolver.setIsSyncable(account, Constants.PROVIDER_AUTHORITY, 1);
-            ContentResolver.setSyncAutomatically(account, Constants.PROVIDER_AUTHORITY,
-                    true);
-            ContentResolver.addPeriodicSync(
-                    account,
-                    Constants.PROVIDER_AUTHORITY,
-                    new Bundle(),
-                    SYNC_INTERVAL
-            );
-        } catch (SecurityException e) {
-            Log.e(Constants.TAG, "SecurityException when adding the account", e);
-            Toast.makeText(context, R.string.reinstall_openkeychain, Toast.LENGTH_LONG).show();
-        }
+        AccountManager manager = AccountManager.get(context);
+        Account account = manager.getAccountsByType(Constants.ACCOUNT_TYPE)[0];
+
+        ContentResolver.setIsSyncable(account, Constants.PROVIDER_AUTHORITY, 1);
+        ContentResolver.setSyncAutomatically(account, Constants.PROVIDER_AUTHORITY, true);
+        ContentResolver.addPeriodicSync(
+                account,
+                Constants.PROVIDER_AUTHORITY,
+                new Bundle(),
+                SYNC_INTERVAL
+        );
+    }
+
+    private boolean isSyncEnabled() {
+        AccountManager manager = AccountManager.get(this);
+        Account account = manager.getAccountsByType(Constants.ACCOUNT_TYPE)[0];
+
+        return ContentResolver.getSyncAutomatically(account, Constants.PROVIDER_AUTHORITY);
     }
 
     private void startServiceWithUpdateAll() {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SettingsActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SettingsActivity.java
index 2b994e11c..cd754d60e 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SettingsActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SettingsActivity.java
@@ -476,6 +476,8 @@ public class SettingsActivity extends AppCompatPreferenceActivity {
 
         private boolean checkContactsPermission(String authority) {
             if (!ContactsContract.AUTHORITY.equals(authority)) {
+                // provides convenience of not using separate checks for keyserver and contact sync
+                // in initializeSyncCheckBox
                 return true;
             }
 
diff --git a/extern/openpgp-api-lib b/extern/openpgp-api-lib
-Subproject 89bf03c4985bde93d196d28beddf73ac5d7f421
+Subproject 075616c461f5ce2bd76a4078c31a51a6ee6b860
diff --git a/extern/spongycastle b/extern/spongycastle
-Subproject 432b7f1bfdc554f3b5e4e5ee1cac35bca0a6b49
+Subproject b8387f22a9f20d1bd186a377e1ec9208c6eae3e