From 5aa36b089f09346787e44f9850924faae1fda363 Mon Sep 17 00:00:00 2001 From: hsm Date: Sun, 29 May 2016 03:12:09 +0100 Subject: ssh authentication support --- .../keychain/remote/OpenPgpService.java | 23 ++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java index c85774ead..c5cbcbb71 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java @@ -199,7 +199,8 @@ public class OpenPgpService extends Service { } private Intent signImpl(Intent data, InputStream inputStream, - OutputStream outputStream, boolean cleartextSign) { + OutputStream outputStream, boolean cleartextSign, + boolean sshAuth) { try { boolean asciiArmor = cleartextSign || data.getBooleanExtra(OpenPgpApi.EXTRA_REQUEST_ASCII_ARMOR, true); @@ -209,6 +210,7 @@ public class OpenPgpService extends Service { .setCleartextSignature(cleartextSign) .setDetachedSignature(!cleartextSign) .setVersionHeader(null) + .setSshAuth(sshAuth) .setSignatureHashAlgorithm(PgpSecurityConstants.OpenKeychainHashAlgorithmTags.USE_DEFAULT); @@ -227,9 +229,15 @@ public class OpenPgpService extends Service { // get first usable subkey capable of signing try { - long signSubKeyId = mProviderHelper.getCachedPublicKeyRing( + long subKeyId; + if (sshAuth) { + subKeyId = mProviderHelper.getCachedPublicKeyRing( + pgpData.getSignatureMasterKeyId()).getSecretAuthId(); + } else { + subKeyId = mProviderHelper.getCachedPublicKeyRing( pgpData.getSignatureMasterKeyId()).getSecretSignId(); - pgpData.setSignatureSubKeyId(signSubKeyId); + } + pgpData.setSignatureSubKeyId(subKeyId); } catch (PgpKeyNotFoundException e) { throw new Exception("signing subkey not found!", e); } @@ -941,15 +949,18 @@ public class OpenPgpService extends Service { return checkPermissionImpl(data); } case OpenPgpApi.ACTION_CLEARTEXT_SIGN: { - return signImpl(data, inputStream, outputStream, true); + return signImpl(data, inputStream, outputStream, true, false); } case OpenPgpApi.ACTION_SIGN: { // DEPRECATED: same as ACTION_CLEARTEXT_SIGN Log.w(Constants.TAG, "You are using a deprecated API call, please use ACTION_CLEARTEXT_SIGN instead of ACTION_SIGN!"); - return signImpl(data, inputStream, outputStream, true); + return signImpl(data, inputStream, outputStream, true, false); } case OpenPgpApi.ACTION_DETACHED_SIGN: { - return signImpl(data, inputStream, outputStream, false); + return signImpl(data, inputStream, outputStream, false, false); + } + case OpenPgpApi.ACTION_SSH_AUTH: { + return signImpl(data, inputStream, outputStream, false, true); } case OpenPgpApi.ACTION_ENCRYPT: { return encryptAndSignImpl(data, inputStream, outputStream, false); -- cgit v1.2.3