From 14d193a0f26c1e56e561d16a76b59f60dc6c7d91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Wed, 21 Oct 2015 21:40:24 +0200 Subject: Use Github OAuth ID and secret from properties --- OpenKeychain/build.gradle | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/OpenKeychain/build.gradle b/OpenKeychain/build.gradle index fcf099023..98d183741 100644 --- a/OpenKeychain/build.gradle +++ b/OpenKeychain/build.gradle @@ -160,6 +160,19 @@ android { // Reference them in .xml files. resValue "string", "account_type", "org.sufficientlysecure.keychain.account" resValue "string", "provider_content_authority", "org.sufficientlysecure.keychain.provider" + + // Github API ID and secret are read from gradle.properties (not in git!) + // must use double escaping in gradle.properties! For example: + // githubClientId="\\"7a011b66275f244d3f21\\"" + // githubClientSecret="\\"eaced8a6655719d8c6848396de97b3f5d7a89fec\\"" + if (project.hasProperty('githubClientId') && + project.hasProperty('githubClientSecret')) { + + println "Found github oauth properties" + + buildConfigField "String", "GITHUB_CLIENT_ID", githubClientId + buildConfigField "String", "GITHUB_CLIENT_SECRET", githubClientSecret + } } debug { @@ -169,14 +182,14 @@ android { buildConfigField "String", "ACCOUNT_TYPE", "\"org.sufficientlysecure.keychain.debug.account\"" buildConfigField "String", "PROVIDER_CONTENT_AUTHORITY", "\"org.sufficientlysecure.keychain.debug.provider\"" - // Github api for debug build only - buildConfigField "String", "GITHUB_CLIENT_ID", "\"7a011b66275f244d3f21\"" - buildConfigField "String", "GITHUB_CLIENT_SECRET", "\"eaced8a6655719d8c6848396de97b3f5d7a89fec\"" - // Reference them in .xml files. resValue "string", "account_type", "org.sufficientlysecure.keychain.debug.account" resValue "string", "provider_content_authority", "org.sufficientlysecure.keychain.debug.provider" + // Github API for debug build only + buildConfigField "String", "GITHUB_CLIENT_ID", "\"7a011b66275f244d3f21\"" + buildConfigField "String", "GITHUB_CLIENT_SECRET", "\"eaced8a6655719d8c6848396de97b3f5d7a89fec\"" + // Enable code coverage (Jacoco) testCoverageEnabled true } -- cgit v1.2.3 From 10fed404ae000a9cd6f8d357e85202f4c884f54e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Wed, 21 Oct 2015 21:42:37 +0200 Subject: SHA1 and RIPEMD160 are not declared insecure until widely deployed --- .../org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java index cbd8ce47a..7ad7b4d0f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java @@ -79,8 +79,8 @@ public class PgpSecurityConstants { */ private static HashSet sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList( // MD5: broken - // SHA1: broken - // RIPEMD160: same security properties as SHA1 + HashAlgorithmTags.SHA1, // TODO: disable when SHA256 is widely deployed + HashAlgorithmTags.RIPEMD160, // same security properties as SHA1, TODO: disable when SHA256 is widely deployed // DOUBLE_SHA: not used widely // MD2: not used widely // TIGER_192: not used widely -- cgit v1.2.3