aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp
diff options
context:
space:
mode:
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedKeyRing.java53
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedPublicKeyRing.java80
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedSecretKeyRing.java94
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java9
4 files changed, 117 insertions, 119 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedKeyRing.java
index 334f676c4..def673469 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedKeyRing.java
@@ -3,45 +3,66 @@ package org.sufficientlysecure.keychain.pgp;
public abstract class CachedKeyRing {
private final long mMasterKeyId;
- private final boolean mCanCertify;
- private final byte[] mFingerprint;
private final String mUserId;
+ private final boolean mHasAnySecret;
+ private final boolean mIsRevoked;
+ private final boolean mCanCertify;
+ private final long mHasEncryptId;
+ private final long mHasSignId;
private final int mVerified;
- private final boolean mHasSecret;
- protected CachedKeyRing(long masterKeyId, boolean canCertify,
- byte[] fingerprint, String userId, int verified, boolean hasSecret)
+ protected CachedKeyRing(long masterKeyId, String userId, boolean hasAnySecret,
+ boolean isRevoked, boolean canCertify, long hasEncryptId, long hasSignId,
+ int verified)
{
mMasterKeyId = masterKeyId;
- mCanCertify = canCertify;
- mFingerprint = fingerprint;
mUserId = userId;
+ mHasAnySecret = hasAnySecret;
+ mIsRevoked = isRevoked;
+ mCanCertify = canCertify;
+ mHasEncryptId = hasEncryptId;
+ mHasSignId = hasSignId;
mVerified = verified;
- mHasSecret = hasSecret;
}
- public byte[] getFingerprint() {
- return mFingerprint;
+ public long getMasterKeyId() {
+ return mMasterKeyId;
}
public String getPrimaryUserId() {
return mUserId;
}
- public long getMasterKeyId() {
- return mMasterKeyId;
+ public boolean hasAnySecret() {
+ return mHasAnySecret;
}
- public int getVerified() {
- return mVerified;
+ public boolean isRevoked() {
+ return mIsRevoked;
}
public boolean canCertify() {
return mCanCertify;
}
- public boolean hasSecret() {
- return mHasSecret;
+ public long getEncryptId() {
+ return mHasEncryptId;
+ }
+
+ public boolean hasEncrypt() {
+ return mHasEncryptId != 0;
+ }
+
+ public long getSignId() {
+ return mHasSignId;
+ }
+
+ public boolean hasSign() {
+ return mHasSignId != 0;
+ }
+
+ public int getVerified() {
+ return mVerified;
}
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedPublicKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedPublicKeyRing.java
index 8970d18ec..bbce42f86 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedPublicKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedPublicKeyRing.java
@@ -23,14 +23,14 @@ public class CachedPublicKeyRing extends CachedKeyRing {
private PGPPublicKeyRing mRing;
private final byte[] mPubKey;
- public CachedPublicKeyRing(long masterKeyId, int keySize, boolean isRevoked,
- boolean canCertify, long creation, long expiry, int algorithm,
- byte[] fingerprint, String userId, int verified, boolean hasSecret,
- byte[] pubkey)
+ public CachedPublicKeyRing(long masterKeyId, String userId, boolean hasAnySecret,
+ boolean isRevoked, boolean canCertify, long hasEncryptId, long hasSignId,
+ int verified, byte[] blob)
{
- super(masterKeyId, canCertify, fingerprint, userId, verified, hasSecret);
+ super(masterKeyId, userId, hasAnySecret, isRevoked, canCertify,
+ hasEncryptId, hasSignId, verified);
- mPubKey = pubkey;
+ mPubKey = blob;
}
PGPPublicKeyRing getRing() {
@@ -52,46 +52,18 @@ public class CachedPublicKeyRing extends CachedKeyRing {
return new CachedPublicKey(this, getRing().getPublicKey(id));
}
- public CachedPublicKey getFirstSignSubkey() throws PgpGeneralException {
- // only return master key if no other signing key is available
- CachedPublicKey masterKey = null;
- for (PGPPublicKey k : new IterableIterator<PGPPublicKey>(getRing().getPublicKeys())) {
- CachedPublicKey key = new CachedPublicKey(this, k);
- if (key.isRevoked() || key.canSign() || key.isExpired()) {
- continue;
+ /** Getter that returns the subkey that should be used for signing. */
+ CachedPublicKey getEncryptionSubKey() throws PgpGeneralException {
+ PGPPublicKey key = getRing().getPublicKey(getEncryptId());
+ if(key != null) {
+ CachedPublicKey cKey = new CachedPublicKey(this, key);
+ if(!cKey.canEncrypt()) {
+ throw new PgpGeneralException("key error");
}
- if (key.isMasterKey()) {
- masterKey = key;
- } else {
- return key;
- }
- }
- if(masterKey == null) {
- // TODO proper exception
- throw new PgpGeneralException("key not found");
- }
- return masterKey;
- }
-
- public CachedPublicKey getFirstEncryptSubkey() throws PgpGeneralException {
- // only return master key if no other encryption key is available
- CachedPublicKey masterKey = null;
- for (PGPPublicKey k : new IterableIterator<PGPPublicKey>(getRing().getPublicKeys())) {
- CachedPublicKey key = new CachedPublicKey(this, k);
- if (key.isRevoked() || key.canEncrypt() || key.isExpired()) {
- continue;
- }
- if (key.isMasterKey()) {
- masterKey = key;
- } else {
- return key;
- }
- }
- if(masterKey == null) {
- // TODO proper exception
- throw new PgpGeneralException("key not found");
+ return cKey;
}
- return masterKey;
+ // TODO handle with proper exception
+ throw new PgpGeneralException("no encryption key available");
}
public boolean verifySubkeyBinding(CachedPublicKey cachedSubkey) {
@@ -189,4 +161,24 @@ public class CachedPublicKeyRing extends CachedKeyRing {
return validPrimaryKeyBinding;
}
+ public IterableIterator<CachedPublicKey> iterator() {
+ final Iterator<PGPPublicKey> it = getRing().getPublicKeys();
+ return new IterableIterator<CachedPublicKey>(new Iterator<CachedPublicKey>() {
+ @Override
+ public boolean hasNext() {
+ return it.hasNext();
+ }
+
+ @Override
+ public CachedPublicKey next() {
+ return new CachedPublicKey(CachedPublicKeyRing.this, it.next());
+ }
+
+ @Override
+ public void remove() {
+ it.remove();
+ }
+ });
+ }
+
} \ No newline at end of file
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedSecretKeyRing.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedSecretKeyRing.java
index 590a02b95..398092aeb 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedSecretKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CachedSecretKeyRing.java
@@ -1,18 +1,15 @@
package org.sufficientlysecure.keychain.pgp;
-import org.spongycastle.bcpg.sig.KeyFlags;
import org.spongycastle.openpgp.PGPException;
import org.spongycastle.openpgp.PGPPrivateKey;
-import org.spongycastle.openpgp.PGPPublicKey;
import org.spongycastle.openpgp.PGPSecretKey;
import org.spongycastle.openpgp.PGPSecretKeyRing;
-import org.spongycastle.openpgp.PGPSignature;
-import org.spongycastle.openpgp.PGPSignatureSubpacketVector;
import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.spongycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyEncryptorBuilder;
import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.util.IterableIterator;
import java.io.IOException;
@@ -23,12 +20,13 @@ public class CachedSecretKeyRing extends CachedKeyRing {
private PGPSecretKeyRing mRing;
- public CachedSecretKeyRing(long masterKeyId, int keySize, boolean isRevoked,
- boolean canCertify, long creation, long expiry, int algorithm,
- byte[] fingerprint, String userId, int verified, boolean hasSecret,
- byte[] blob)
+ public CachedSecretKeyRing(long masterKeyId, String userId, boolean hasAnySecret,
+ boolean isRevoked, boolean canCertify, long hasEncryptId, long hasSignId,
+ int verified, byte[] blob)
{
- super(masterKeyId, canCertify, fingerprint, userId, verified, hasSecret);
+ super(masterKeyId, userId, hasAnySecret,
+ isRevoked, canCertify, hasEncryptId, hasSignId,
+ verified);
mRing = (PGPSecretKeyRing) PgpConversionHelper.BytesToPGPKeyRing(blob);
}
@@ -45,8 +43,18 @@ public class CachedSecretKeyRing extends CachedKeyRing {
return new CachedSecretKey(this, mRing.getSecretKey(id));
}
- public IterableIterator<CachedSecretKey> iterator() {
- return new IterableIterator<CachedSecretKey>(mRing.getSecretKeys());
+ /** Getter that returns the subkey that should be used for signing. */
+ CachedSecretKey getSigningSubKey() throws PgpGeneralException {
+ PGPSecretKey key = mRing.getSecretKey(getSignId());
+ if(key != null) {
+ CachedSecretKey cKey = new CachedSecretKey(this, key);
+ if(!cKey.canSign()) {
+ throw new PgpGeneralException("key error");
+ }
+ return cKey;
+ }
+ // TODO handle with proper exception
+ throw new PgpGeneralException("no signing key available");
}
public boolean hasPassphrase() {
@@ -74,50 +82,6 @@ public class CachedSecretKeyRing extends CachedKeyRing {
}
}
- /** This returns the subkey that should be used for signing.
- * At this point, this is simply the first suitable subkey.
- */
- CachedSecretKey getSigningSubKey() {
- for (PGPSecretKey key : new IterableIterator<PGPSecretKey>(mRing.getSecretKeys())) {
- if (isSigningKey(key.getPublicKey())) {
- return new CachedSecretKey(this, key);
- }
- }
- // TODO exception
- return null;
- }
-
- @SuppressWarnings("unchecked")
- public static boolean isSigningKey(PGPPublicKey key) {
- if (key.getVersion() <= 3) {
- return true;
- }
-
- // special case
- if (key.getAlgorithm() == PGPPublicKey.RSA_SIGN) {
- return true;
- }
-
- for (PGPSignature sig : new IterableIterator<PGPSignature>(key.getSignatures())) {
- if (key.isMasterKey() && sig.getKeyID() != key.getKeyID()) {
- continue;
- }
- PGPSignatureSubpacketVector hashed = sig.getHashedSubPackets();
-
- if (hashed != null && (hashed.getKeyFlags() & KeyFlags.SIGN_DATA) != 0) {
- return true;
- }
-
- PGPSignatureSubpacketVector unhashed = sig.getUnhashedSubPackets();
-
- if (unhashed != null && (unhashed.getKeyFlags() & KeyFlags.SIGN_DATA) != 0) {
- return true;
- }
- }
-
- return false;
- }
-
public UncachedSecretKeyRing changeSecretKeyPassphrase(String oldPassphrase,
String newPassphrase)
throws IOException, PGPException, NoSuchProviderException {
@@ -141,4 +105,24 @@ public class CachedSecretKeyRing extends CachedKeyRing {
}
+ public IterableIterator<CachedSecretKey> iterator() {
+ final Iterator<PGPSecretKey> it = mRing.getSecretKeys();
+ return new IterableIterator<CachedSecretKey>(new Iterator<CachedSecretKey>() {
+ @Override
+ public boolean hasNext() {
+ return it.hasNext();
+ }
+
+ @Override
+ public CachedSecretKey next() {
+ return new CachedSecretKey(CachedSecretKeyRing.this, it.next());
+ }
+
+ @Override
+ public void remove() {
+ it.remove();
+ }
+ });
+ }
+
}
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
index 48cc5d6da..ccbbb3719 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java
@@ -270,14 +270,15 @@ public class PgpSignEncrypt {
/* Get keys for signature generation for later usage */
CachedSecretKey signingKey = null;
if (enableSignature) {
- CachedSecretKeyRing signingKeyRing = null;
+ CachedSecretKeyRing signingKeyRing;
try {
signingKeyRing = mProviderHelper.getCachedSecretKeyRing(mSignatureMasterKeyId);
} catch (ProviderHelper.NotFoundException e) {
throw new NoSigningKeyException();
}
- signingKey = signingKeyRing.getSigningSubKey();
- if (signingKey == null) {
+ try {
+ signingKey = signingKeyRing.getSigningSubKey();
+ } catch(PgpGeneralException e) {
throw new NoSigningKeyException();
}
@@ -319,7 +320,7 @@ public class PgpSignEncrypt {
try {
CachedPublicKeyRing keyRing = mProviderHelper.getCachedPublicKeyRing(
KeyRings.buildUnifiedKeyRingUri(Long.toString(id)));
- CachedPublicKey key = keyRing.getFirstEncryptSubkey();
+ CachedPublicKey key = keyRing.getEncryptionSubKey();
cPk.addMethod(key.getPubKeyEncryptionGenerator());
} catch (PgpGeneralException e) {
Log.e(Constants.TAG, "key not found!", e);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 11:29:50 +0000