From 4499caef1e64d2e1afec37d360958f516da4dd40 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Wed, 18 Mar 2015 13:45:16 +0100 Subject: introduce CryptoOperationParcel for nfc data --- .../keychain/service/CertifyActionsParcel.java | 11 ++++- .../service/input/CryptoOperationParcel.java | 52 ++++++++++++++++++++++ 2 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java index f4b941109..d6da18e6e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java @@ -23,15 +23,17 @@ import android.os.Parcelable; import java.io.Serializable; import java.util.ArrayList; +import java.util.Date; import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute; +import org.sufficientlysecure.keychain.service.input.CryptoOperationParcel; /** * This class is a a transferable representation for a number of keyrings to * be certified. */ -public class CertifyActionsParcel implements Parcelable { +public class CertifyActionsParcel extends CryptoOperationParcel { // the master key id to certify with final public long mMasterKeyId; @@ -39,12 +41,15 @@ public class CertifyActionsParcel implements Parcelable { public ArrayList mCertifyActions = new ArrayList<>(); - public CertifyActionsParcel(long masterKeyId) { + public CertifyActionsParcel(Date operationTime, long masterKeyId) { + super(operationTime); mMasterKeyId = masterKeyId; mLevel = CertifyLevel.DEFAULT; } public CertifyActionsParcel(Parcel source) { + super(source); + mMasterKeyId = source.readLong(); // just like parcelables, this is meant for ad-hoc IPC only and is NOT portable! mLevel = CertifyLevel.values()[source.readInt()]; @@ -58,6 +63,8 @@ public class CertifyActionsParcel implements Parcelable { @Override public void writeToParcel(Parcel destination, int flags) { + super.writeToParcel(destination, flags); + destination.writeLong(mMasterKeyId); destination.writeInt(mLevel.ordinal()); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java new file mode 100644 index 000000000..2101755ad --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java @@ -0,0 +1,52 @@ +package org.sufficientlysecure.keychain.service.input; + +import java.nio.ByteBuffer; +import java.util.Date; +import java.util.HashMap; + +import android.os.Parcel; +import android.os.Parcelable; + + +/** This is a base class for the input of crypto operations. + * + */ +public abstract class CryptoOperationParcel implements Parcelable { + + Date mOperationTime; + + // this map contains both decrypted session keys and signed hashes to be + // used in the crypto operation described by this parcel. + HashMap mCryptoData; + + protected CryptoOperationParcel(Date operationTime) { + mOperationTime = operationTime; + } + + protected CryptoOperationParcel(Parcel source) { + mOperationTime = new Date(source.readLong()); + + { + int count = source.readInt(); + mCryptoData = new HashMap<>(count); + for (int i = 0; i < count; i++) { + byte[] key = source.createByteArray(); + byte[] value = source.createByteArray(); + mCryptoData.put(ByteBuffer.wrap(key), value); + } + } + + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeLong(mOperationTime.getTime()); + + dest.writeInt(mCryptoData.size()); + for (HashMap.Entry entry : mCryptoData.entrySet()) { + dest.writeByteArray(entry.getKey().array()); + dest.writeByteArray(entry.getValue()); + } + } + +} -- cgit v1.2.3 From aca54e31eae450e7deec54cca6654ee202c7a90f Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Wed, 18 Mar 2015 18:25:44 +0100 Subject: generalize nfc crypto input structure --- .../keychain/service/CertifyActionsParcel.java | 13 ++-- .../keychain/service/input/CryptoInputParcel.java | 81 +++++++++++++++++++++ .../service/input/CryptoOperationParcel.java | 52 ------------- .../service/input/NfcOperationsParcel.java | 85 ++++++++++++++++++++++ 4 files changed, 172 insertions(+), 59 deletions(-) create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java delete mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java index d6da18e6e..485d5de72 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java @@ -26,31 +26,31 @@ import java.util.ArrayList; import java.util.Date; import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute; -import org.sufficientlysecure.keychain.service.input.CryptoOperationParcel; +import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; /** * This class is a a transferable representation for a number of keyrings to * be certified. */ -public class CertifyActionsParcel extends CryptoOperationParcel { +public class CertifyActionsParcel implements Parcelable { // the master key id to certify with final public long mMasterKeyId; public CertifyLevel mLevel; public ArrayList mCertifyActions = new ArrayList<>(); + public CryptoInputParcel mCryptoInput; public CertifyActionsParcel(Date operationTime, long masterKeyId) { - super(operationTime); mMasterKeyId = masterKeyId; + mCryptoInput = new CryptoInputParcel(operationTime); mLevel = CertifyLevel.DEFAULT; } public CertifyActionsParcel(Parcel source) { - super(source); - mMasterKeyId = source.readLong(); + mCryptoInput = source.readParcelable(CertifyActionsParcel.class.getClassLoader()); // just like parcelables, this is meant for ad-hoc IPC only and is NOT portable! mLevel = CertifyLevel.values()[source.readInt()]; @@ -63,9 +63,8 @@ public class CertifyActionsParcel extends CryptoOperationParcel { @Override public void writeToParcel(Parcel destination, int flags) { - super.writeToParcel(destination, flags); - destination.writeLong(mMasterKeyId); + destination.writeParcelable(mCryptoInput, 0); destination.writeInt(mLevel.ordinal()); destination.writeSerializable(mCertifyActions); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java new file mode 100644 index 000000000..e02eda4b3 --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -0,0 +1,81 @@ +package org.sufficientlysecure.keychain.service.input; + +import java.nio.ByteBuffer; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +import android.os.Parcel; +import android.os.Parcelable; + + +/** This is a base class for the input of crypto operations. + * + */ +public class CryptoInputParcel implements Parcelable { + + Date mSignatureTime; + + // this map contains both decrypted session keys and signed hashes to be + // used in the crypto operation described by this parcel. + private HashMap mCryptoData = new HashMap<>(); + + public CryptoInputParcel(Date signatureTime) { + mSignatureTime = signatureTime == null ? new Date() : signatureTime; + } + + protected CryptoInputParcel(Parcel source) { + mSignatureTime = new Date(source.readLong()); + + { + int count = source.readInt(); + mCryptoData = new HashMap<>(count); + for (int i = 0; i < count; i++) { + byte[] key = source.createByteArray(); + byte[] value = source.createByteArray(); + mCryptoData.put(ByteBuffer.wrap(key), value); + } + } + + } + + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeLong(mSignatureTime.getTime()); + + dest.writeInt(mCryptoData.size()); + for (HashMap.Entry entry : mCryptoData.entrySet()) { + dest.writeByteArray(entry.getKey().array()); + dest.writeByteArray(entry.getValue()); + } + } + + public void addCryptoData(byte[] hash, byte[] signedHash) { + mCryptoData.put(ByteBuffer.wrap(hash), signedHash); + } + + public Map getCryptoData() { + return Collections.unmodifiableMap(mCryptoData); + } + + public Date getSignatureTime() { + return mSignatureTime; + } + + public static final Creator CREATOR = new Creator() { + public CryptoInputParcel createFromParcel(final Parcel source) { + return new CryptoInputParcel(source); + } + + public CryptoInputParcel[] newArray(final int size) { + return new CryptoInputParcel[size]; + } + }; + +} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java deleted file mode 100644 index 2101755ad..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoOperationParcel.java +++ /dev/null @@ -1,52 +0,0 @@ -package org.sufficientlysecure.keychain.service.input; - -import java.nio.ByteBuffer; -import java.util.Date; -import java.util.HashMap; - -import android.os.Parcel; -import android.os.Parcelable; - - -/** This is a base class for the input of crypto operations. - * - */ -public abstract class CryptoOperationParcel implements Parcelable { - - Date mOperationTime; - - // this map contains both decrypted session keys and signed hashes to be - // used in the crypto operation described by this parcel. - HashMap mCryptoData; - - protected CryptoOperationParcel(Date operationTime) { - mOperationTime = operationTime; - } - - protected CryptoOperationParcel(Parcel source) { - mOperationTime = new Date(source.readLong()); - - { - int count = source.readInt(); - mCryptoData = new HashMap<>(count); - for (int i = 0; i < count; i++) { - byte[] key = source.createByteArray(); - byte[] value = source.createByteArray(); - mCryptoData.put(ByteBuffer.wrap(key), value); - } - } - - } - - @Override - public void writeToParcel(Parcel dest, int flags) { - dest.writeLong(mOperationTime.getTime()); - - dest.writeInt(mCryptoData.size()); - for (HashMap.Entry entry : mCryptoData.entrySet()) { - dest.writeByteArray(entry.getKey().array()); - dest.writeByteArray(entry.getValue()); - } - } - -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java new file mode 100644 index 000000000..5d35e94e0 --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java @@ -0,0 +1,85 @@ +package org.sufficientlysecure.keychain.service.input; + +import java.util.Date; + +import android.os.Parcel; +import android.os.Parcelable; + + +public class NfcOperationsParcel implements Parcelable { + + public enum NfcOperationType { + NFC_SIGN, NFC_DECRYPT + } + + public Date mSignatureTime; + public final NfcOperationType mType; + public final byte[][] mInputHash; + public final int[] mSignAlgo; + + private NfcOperationsParcel(NfcOperationType type, byte[] inputHash, int signAlgo, Date signatureTime) { + mType = type; + mInputHash = new byte[][] { inputHash }; + mSignAlgo = new int[] { signAlgo }; + mSignatureTime = signatureTime; + } + + public NfcOperationsParcel(Parcel source) { + mType = NfcOperationType.values()[source.readInt()]; + + { + int count = source.readInt(); + mInputHash = new byte[count][]; + mSignAlgo = new int[count]; + for (int i = 0; i < count; i++) { + mInputHash[i] = source.createByteArray(); + mSignAlgo[i] = source.readInt(); + } + } + + mSignatureTime = source.readInt() != 0 ? new Date(source.readLong()) : null; + + } + + public static NfcOperationsParcel createNfcSignOperation( + byte[] inputHash, int signAlgo, Date signatureTime) { + return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, inputHash, signAlgo, signatureTime); + } + + public static NfcOperationsParcel createNfcDecryptOperation(byte[] inputHash) { + return new NfcOperationsParcel(NfcOperationType.NFC_DECRYPT, inputHash, 0, null); + } + + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeInt(mType.ordinal()); + dest.writeInt(mInputHash.length); + for (int i = 0; i < mInputHash.length; i++) { + dest.writeByteArray(mInputHash[i]); + dest.writeInt(mSignAlgo[i]); + } + if (mSignatureTime != null) { + dest.writeInt(1); + dest.writeLong(mSignatureTime.getTime()); + } else { + dest.writeInt(0); + } + + } + + public static final Creator CREATOR = new Creator() { + public NfcOperationsParcel createFromParcel(final Parcel source) { + return new NfcOperationsParcel(source); + } + + public NfcOperationsParcel[] newArray(final int size) { + return new NfcOperationsParcel[size]; + } + }; + +} -- cgit v1.2.3 From d46fc3740bbfc3bac0b1133a3e9d47c7ce3e06e2 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Wed, 18 Mar 2015 21:12:31 +0100 Subject: yubikey certifications! --- .../keychain/service/CertifyActionsParcel.java | 14 +++- .../service/KeychainIntentServiceHandler.java | 2 + .../service/input/NfcOperationsParcel.java | 81 ++++++++++++++++++---- 3 files changed, 80 insertions(+), 17 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java index 485d5de72..63a7bf371 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java @@ -22,8 +22,10 @@ import android.os.Parcel; import android.os.Parcelable; import java.io.Serializable; +import java.nio.ByteBuffer; import java.util.ArrayList; import java.util.Date; +import java.util.Map; import org.sufficientlysecure.keychain.pgp.WrappedUserAttribute; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; @@ -42,9 +44,9 @@ public class CertifyActionsParcel implements Parcelable { public ArrayList mCertifyActions = new ArrayList<>(); public CryptoInputParcel mCryptoInput; - public CertifyActionsParcel(Date operationTime, long masterKeyId) { + public CertifyActionsParcel(CryptoInputParcel cryptoInput, long masterKeyId) { mMasterKeyId = masterKeyId; - mCryptoInput = new CryptoInputParcel(operationTime); + mCryptoInput = cryptoInput != null ? cryptoInput : new CryptoInputParcel(new Date()); mLevel = CertifyLevel.DEFAULT; } @@ -70,6 +72,14 @@ public class CertifyActionsParcel implements Parcelable { destination.writeSerializable(mCertifyActions); } + public Map getSignatureData() { + return mCryptoInput.getCryptoData(); + } + + public Date getSignatureTime() { + return mCryptoInput.getSignatureTime(); + } + public static final Creator CREATOR = new Creator() { public CertifyActionsParcel createFromParcel(final Parcel source) { return new CertifyActionsParcel(source); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentServiceHandler.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentServiceHandler.java index bd047518d..05d80b4e0 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentServiceHandler.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentServiceHandler.java @@ -18,6 +18,7 @@ package org.sufficientlysecure.keychain.service; import android.app.Activity; +import android.content.Intent; import android.os.Bundle; import android.os.Handler; import android.os.Message; @@ -26,6 +27,7 @@ import android.support.v4.app.FragmentManager; import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.R; +import org.sufficientlysecure.keychain.operations.results.CertifyResult; import org.sufficientlysecure.keychain.ui.dialog.ProgressDialogFragment; import org.sufficientlysecure.keychain.ui.util.Notify; import org.sufficientlysecure.keychain.util.Log; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java index 5d35e94e0..b9ee9e6ca 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java @@ -1,5 +1,7 @@ package org.sufficientlysecure.keychain.service.input; +import java.util.ArrayList; +import java.util.Collections; import java.util.Date; import android.os.Parcel; @@ -14,13 +16,14 @@ public class NfcOperationsParcel implements Parcelable { public Date mSignatureTime; public final NfcOperationType mType; - public final byte[][] mInputHash; - public final int[] mSignAlgo; + public final byte[][] mInputHashes; + public final int[] mSignAlgos; - private NfcOperationsParcel(NfcOperationType type, byte[] inputHash, int signAlgo, Date signatureTime) { + private NfcOperationsParcel(NfcOperationType type, byte[][] inputHashes, + int[] signAlgos, Date signatureTime) { mType = type; - mInputHash = new byte[][] { inputHash }; - mSignAlgo = new int[] { signAlgo }; + mInputHashes = inputHashes; + mSignAlgos = signAlgos; mSignatureTime = signatureTime; } @@ -29,11 +32,11 @@ public class NfcOperationsParcel implements Parcelable { { int count = source.readInt(); - mInputHash = new byte[count][]; - mSignAlgo = new int[count]; + mInputHashes = new byte[count][]; + mSignAlgos = new int[count]; for (int i = 0; i < count; i++) { - mInputHash[i] = source.createByteArray(); - mSignAlgo[i] = source.readInt(); + mInputHashes[i] = source.createByteArray(); + mSignAlgos[i] = source.readInt(); } } @@ -43,11 +46,13 @@ public class NfcOperationsParcel implements Parcelable { public static NfcOperationsParcel createNfcSignOperation( byte[] inputHash, int signAlgo, Date signatureTime) { - return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, inputHash, signAlgo, signatureTime); + return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, + new byte[][] { inputHash }, new int[] { signAlgo }, signatureTime); } public static NfcOperationsParcel createNfcDecryptOperation(byte[] inputHash) { - return new NfcOperationsParcel(NfcOperationType.NFC_DECRYPT, inputHash, 0, null); + return new NfcOperationsParcel(NfcOperationType.NFC_DECRYPT, + new byte[][] { inputHash }, null, null); } @Override @@ -58,10 +63,10 @@ public class NfcOperationsParcel implements Parcelable { @Override public void writeToParcel(Parcel dest, int flags) { dest.writeInt(mType.ordinal()); - dest.writeInt(mInputHash.length); - for (int i = 0; i < mInputHash.length; i++) { - dest.writeByteArray(mInputHash[i]); - dest.writeInt(mSignAlgo[i]); + dest.writeInt(mInputHashes.length); + for (int i = 0; i < mInputHashes.length; i++) { + dest.writeByteArray(mInputHashes[i]); + dest.writeInt(mSignAlgos[i]); } if (mSignatureTime != null) { dest.writeInt(1); @@ -82,4 +87,50 @@ public class NfcOperationsParcel implements Parcelable { } }; + public static class NfcSignOperationsBuilder { + Date mSignatureTime; + ArrayList mSignAlgos = new ArrayList<>(); + ArrayList mInputHashes = new ArrayList<>(); + + public NfcSignOperationsBuilder(Date signatureTime) { + mSignatureTime = signatureTime; + } + + public NfcOperationsParcel build() { + byte[][] inputHashes = new byte[mInputHashes.size()][]; + mInputHashes.toArray(inputHashes); + int[] signAlgos = new int[mSignAlgos.size()]; + for (int i = 0; i < mSignAlgos.size(); i++) { + signAlgos[i] = mSignAlgos.get(i); + } + + return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, + inputHashes, signAlgos, mSignatureTime); + } + + public void addHash(byte[] hash, int algo) { + mInputHashes.add(hash); + mSignAlgos.add(algo); + } + + public void addAll(NfcOperationsParcel input) { + if (!mSignatureTime.equals(input.mSignatureTime)) { + throw new AssertionError("input times must match, this is a programming error!"); + } + if (input.mType != NfcOperationType.NFC_SIGN) { + throw new AssertionError("operation types must match, this is a progrmming error!"); + } + + Collections.addAll(mInputHashes, input.mInputHashes); + for (int signAlgo : input.mSignAlgos) { + mSignAlgos.add(signAlgo); + } + } + + public boolean isEmpty() { + return mInputHashes.isEmpty(); + } + + } + } -- cgit v1.2.3 From 25d89b5550b7fd699988954b07cad61bee9a8ba5 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 19 Mar 2015 14:21:30 +0100 Subject: generalize NfcOperationParcel to RequiredInputParcel, including passphrases --- .../keychain/service/input/CryptoInputParcel.java | 19 ++- .../service/input/NfcOperationsParcel.java | 136 ----------------- .../service/input/RequiredInputParcel.java | 162 +++++++++++++++++++++ 3 files changed, 180 insertions(+), 137 deletions(-) delete mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java index e02eda4b3..7cc5069c8 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -15,18 +15,26 @@ import android.os.Parcelable; */ public class CryptoInputParcel implements Parcelable { - Date mSignatureTime; + final Date mSignatureTime; + final String mPassphrase; // this map contains both decrypted session keys and signed hashes to be // used in the crypto operation described by this parcel. private HashMap mCryptoData = new HashMap<>(); + public CryptoInputParcel(Date signatureTime, String passphrase) { + mSignatureTime = signatureTime == null ? new Date() : signatureTime; + mPassphrase = passphrase; + } + public CryptoInputParcel(Date signatureTime) { mSignatureTime = signatureTime == null ? new Date() : signatureTime; + mPassphrase = null; } protected CryptoInputParcel(Parcel source) { mSignatureTime = new Date(source.readLong()); + mPassphrase = source.readString(); { int count = source.readInt(); @@ -48,6 +56,7 @@ public class CryptoInputParcel implements Parcelable { @Override public void writeToParcel(Parcel dest, int flags) { dest.writeLong(mSignatureTime.getTime()); + dest.writeString(mPassphrase); dest.writeInt(mCryptoData.size()); for (HashMap.Entry entry : mCryptoData.entrySet()) { @@ -68,6 +77,14 @@ public class CryptoInputParcel implements Parcelable { return mSignatureTime; } + public boolean hasPassphrase() { + return mPassphrase != null; + } + + public String getPassphrase() { + return mPassphrase; + } + public static final Creator CREATOR = new Creator() { public CryptoInputParcel createFromParcel(final Parcel source) { return new CryptoInputParcel(source); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java deleted file mode 100644 index b9ee9e6ca..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/NfcOperationsParcel.java +++ /dev/null @@ -1,136 +0,0 @@ -package org.sufficientlysecure.keychain.service.input; - -import java.util.ArrayList; -import java.util.Collections; -import java.util.Date; - -import android.os.Parcel; -import android.os.Parcelable; - - -public class NfcOperationsParcel implements Parcelable { - - public enum NfcOperationType { - NFC_SIGN, NFC_DECRYPT - } - - public Date mSignatureTime; - public final NfcOperationType mType; - public final byte[][] mInputHashes; - public final int[] mSignAlgos; - - private NfcOperationsParcel(NfcOperationType type, byte[][] inputHashes, - int[] signAlgos, Date signatureTime) { - mType = type; - mInputHashes = inputHashes; - mSignAlgos = signAlgos; - mSignatureTime = signatureTime; - } - - public NfcOperationsParcel(Parcel source) { - mType = NfcOperationType.values()[source.readInt()]; - - { - int count = source.readInt(); - mInputHashes = new byte[count][]; - mSignAlgos = new int[count]; - for (int i = 0; i < count; i++) { - mInputHashes[i] = source.createByteArray(); - mSignAlgos[i] = source.readInt(); - } - } - - mSignatureTime = source.readInt() != 0 ? new Date(source.readLong()) : null; - - } - - public static NfcOperationsParcel createNfcSignOperation( - byte[] inputHash, int signAlgo, Date signatureTime) { - return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, - new byte[][] { inputHash }, new int[] { signAlgo }, signatureTime); - } - - public static NfcOperationsParcel createNfcDecryptOperation(byte[] inputHash) { - return new NfcOperationsParcel(NfcOperationType.NFC_DECRYPT, - new byte[][] { inputHash }, null, null); - } - - @Override - public int describeContents() { - return 0; - } - - @Override - public void writeToParcel(Parcel dest, int flags) { - dest.writeInt(mType.ordinal()); - dest.writeInt(mInputHashes.length); - for (int i = 0; i < mInputHashes.length; i++) { - dest.writeByteArray(mInputHashes[i]); - dest.writeInt(mSignAlgos[i]); - } - if (mSignatureTime != null) { - dest.writeInt(1); - dest.writeLong(mSignatureTime.getTime()); - } else { - dest.writeInt(0); - } - - } - - public static final Creator CREATOR = new Creator() { - public NfcOperationsParcel createFromParcel(final Parcel source) { - return new NfcOperationsParcel(source); - } - - public NfcOperationsParcel[] newArray(final int size) { - return new NfcOperationsParcel[size]; - } - }; - - public static class NfcSignOperationsBuilder { - Date mSignatureTime; - ArrayList mSignAlgos = new ArrayList<>(); - ArrayList mInputHashes = new ArrayList<>(); - - public NfcSignOperationsBuilder(Date signatureTime) { - mSignatureTime = signatureTime; - } - - public NfcOperationsParcel build() { - byte[][] inputHashes = new byte[mInputHashes.size()][]; - mInputHashes.toArray(inputHashes); - int[] signAlgos = new int[mSignAlgos.size()]; - for (int i = 0; i < mSignAlgos.size(); i++) { - signAlgos[i] = mSignAlgos.get(i); - } - - return new NfcOperationsParcel(NfcOperationType.NFC_SIGN, - inputHashes, signAlgos, mSignatureTime); - } - - public void addHash(byte[] hash, int algo) { - mInputHashes.add(hash); - mSignAlgos.add(algo); - } - - public void addAll(NfcOperationsParcel input) { - if (!mSignatureTime.equals(input.mSignatureTime)) { - throw new AssertionError("input times must match, this is a programming error!"); - } - if (input.mType != NfcOperationType.NFC_SIGN) { - throw new AssertionError("operation types must match, this is a progrmming error!"); - } - - Collections.addAll(mInputHashes, input.mInputHashes); - for (int signAlgo : input.mSignAlgos) { - mSignAlgos.add(signAlgo); - } - } - - public boolean isEmpty() { - return mInputHashes.isEmpty(); - } - - } - -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java new file mode 100644 index 000000000..a4df604be --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -0,0 +1,162 @@ +package org.sufficientlysecure.keychain.service.input; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.Date; + +import android.os.Parcel; +import android.os.Parcelable; + + +public class RequiredInputParcel implements Parcelable { + + public enum RequiredInputType { + PASSPHRASE, NFC_SIGN, NFC_DECRYPT + } + + public Date mSignatureTime; + public final RequiredInputType mType; + public final byte[][] mInputHashes; + public final int[] mSignAlgos; + private Long mSubKeyId; + + private RequiredInputParcel(RequiredInputType type, byte[][] inputHashes, + int[] signAlgos, Date signatureTime, Long keyId) { + mType = type; + mInputHashes = inputHashes; + mSignAlgos = signAlgos; + mSignatureTime = signatureTime; + mSubKeyId = keyId; + } + + public RequiredInputParcel(Parcel source) { + mType = RequiredInputType.values()[source.readInt()]; + + if (source.readInt() != 0) { + int count = source.readInt(); + mInputHashes = new byte[count][]; + mSignAlgos = new int[count]; + for (int i = 0; i < count; i++) { + mInputHashes[i] = source.createByteArray(); + mSignAlgos[i] = source.readInt(); + } + } else { + mInputHashes = null; + mSignAlgos = null; + } + + mSignatureTime = source.readInt() != 0 ? new Date(source.readLong()) : null; + mSubKeyId = source.readInt() != 0 ? source.readLong() : null; + + } + + public long getSubKeyId() { + return mSubKeyId; + } + + public static RequiredInputParcel createNfcSignOperation( + byte[] inputHash, int signAlgo, Date signatureTime) { + return new RequiredInputParcel(RequiredInputType.NFC_SIGN, + new byte[][] { inputHash }, new int[] { signAlgo }, signatureTime, null); + } + + public static RequiredInputParcel createNfcDecryptOperation(byte[] inputHash) { + return new RequiredInputParcel(RequiredInputType.NFC_DECRYPT, + new byte[][] { inputHash }, null, null, null); + } + + public static RequiredInputParcel createRequiredPassphrase(long keyId, Date signatureTime) { + return new RequiredInputParcel(RequiredInputType.PASSPHRASE, + null, null, signatureTime, keyId); + } + + @Override + public int describeContents() { + return 0; + } + + @Override + public void writeToParcel(Parcel dest, int flags) { + dest.writeInt(mType.ordinal()); + if (mInputHashes != null) { + dest.writeInt(1); + dest.writeInt(mInputHashes.length); + for (int i = 0; i < mInputHashes.length; i++) { + dest.writeByteArray(mInputHashes[i]); + dest.writeInt(mSignAlgos[i]); + } + } else { + dest.writeInt(0); + } + if (mSignatureTime != null) { + dest.writeInt(1); + dest.writeLong(mSignatureTime.getTime()); + } else { + dest.writeInt(0); + } + if (mSubKeyId != null) { + dest.writeInt(1); + dest.writeLong(mSubKeyId); + } else { + dest.writeInt(0); + } + + } + + public static final Creator CREATOR = new Creator() { + public RequiredInputParcel createFromParcel(final Parcel source) { + return new RequiredInputParcel(source); + } + + public RequiredInputParcel[] newArray(final int size) { + return new RequiredInputParcel[size]; + } + }; + + public static class NfcSignOperationsBuilder { + Date mSignatureTime; + ArrayList mSignAlgos = new ArrayList<>(); + ArrayList mInputHashes = new ArrayList<>(); + + public NfcSignOperationsBuilder(Date signatureTime) { + mSignatureTime = signatureTime; + } + + public RequiredInputParcel build() { + byte[][] inputHashes = new byte[mInputHashes.size()][]; + mInputHashes.toArray(inputHashes); + int[] signAlgos = new int[mSignAlgos.size()]; + for (int i = 0; i < mSignAlgos.size(); i++) { + signAlgos[i] = mSignAlgos.get(i); + } + + return new RequiredInputParcel(RequiredInputType.NFC_SIGN, + inputHashes, signAlgos, mSignatureTime, null); + } + + public void addHash(byte[] hash, int algo) { + mInputHashes.add(hash); + mSignAlgos.add(algo); + } + + public void addAll(RequiredInputParcel input) { + if (!mSignatureTime.equals(input.mSignatureTime)) { + throw new AssertionError("input times must match, this is a programming error!"); + } + if (input.mType != RequiredInputType.NFC_SIGN) { + throw new AssertionError("operation types must match, this is a progrmming error!"); + } + + Collections.addAll(mInputHashes, input.mInputHashes); + for (int signAlgo : input.mSignAlgos) { + mSignAlgos.add(signAlgo); + } + } + + public boolean isEmpty() { + return mInputHashes.isEmpty(); + } + + } + +} -- cgit v1.2.3 From 3b04636f5daf3d171449296a5d9a67440abfbf75 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 20 Mar 2015 02:27:05 +0100 Subject: support yubikeys in (some) edit key operations --- .../keychain/service/CertifyActionsParcel.java | 4 ---- .../keychain/service/KeychainIntentService.java | 6 ++++-- .../keychain/service/input/CryptoInputParcel.java | 19 +++++++++++++++++-- .../keychain/service/input/RequiredInputParcel.java | 4 ++++ 4 files changed, 25 insertions(+), 8 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java index 63a7bf371..405a6a24b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java @@ -76,10 +76,6 @@ public class CertifyActionsParcel implements Parcelable { return mCryptoInput.getCryptoData(); } - public Date getSignatureTime() { - return mCryptoInput.getSignatureTime(); - } - public static final Creator CREATOR = new Creator() { public CertifyActionsParcel createFromParcel(final Parcel source) { return new CertifyActionsParcel(source); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index bf6a62782..6535cb404 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -61,6 +61,7 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException; import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralMsgIdException; import org.sufficientlysecure.keychain.provider.ProviderHelper; import org.sufficientlysecure.keychain.service.KeychainIntentServiceHandler.MessageStatus; +import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; import org.sufficientlysecure.keychain.util.FileHelper; import org.sufficientlysecure.keychain.util.InputData; import org.sufficientlysecure.keychain.util.Log; @@ -160,6 +161,7 @@ public class KeychainIntentService extends IntentService implements Progressable // save keyring public static final String EDIT_KEYRING_PARCEL = "save_parcel"; public static final String EDIT_KEYRING_PASSPHRASE = "passphrase"; + public static final String EXTRA_CRYPTO_INPUT = "crypto_input"; // delete keyring(s) public static final String DELETE_KEY_LIST = "delete_list"; @@ -469,11 +471,11 @@ public class KeychainIntentService extends IntentService implements Progressable // Input SaveKeyringParcel saveParcel = data.getParcelable(EDIT_KEYRING_PARCEL); - String passphrase = data.getString(EDIT_KEYRING_PASSPHRASE); + CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT); // Operation EditKeyOperation op = new EditKeyOperation(this, providerHelper, this, mActionCanceled); - EditKeyResult result = op.execute(saveParcel, passphrase); + OperationResult result = op.execute(saveParcel, cryptoInput); // Result sendMessageToHandler(MessageStatus.OKAY, result); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java index 7cc5069c8..836568533 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -81,8 +81,8 @@ public class CryptoInputParcel implements Parcelable { return mPassphrase != null; } - public String getPassphrase() { - return mPassphrase; + public char[] getPassphrase() { + return mPassphrase == null ? null : mPassphrase.toCharArray(); } public static final Creator CREATOR = new Creator() { @@ -95,4 +95,19 @@ public class CryptoInputParcel implements Parcelable { } }; + @Override + public String toString() { + StringBuilder b = new StringBuilder(); + b.append("CryptoInput: { "); + b.append(mSignatureTime).append(" "); + if (mPassphrase != null) { + b.append("passphrase"); + } + if (mCryptoData != null) { + b.append(mCryptoData.size()); + b.append(" hashes "); + } + b.append("}"); + return b.toString(); + } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index a4df604be..3d91812eb 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -15,9 +15,13 @@ public class RequiredInputParcel implements Parcelable { } public Date mSignatureTime; + public final RequiredInputType mType; + + public String mNfcPin = "123456"; public final byte[][] mInputHashes; public final int[] mSignAlgos; + private Long mSubKeyId; private RequiredInputParcel(RequiredInputType type, byte[][] inputHashes, -- cgit v1.2.3 From 879efc2c703d55cf3a50dc3c427129555ad58004 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 20 Mar 2015 14:21:55 +0100 Subject: fix unit tests (syntax) --- .../keychain/service/input/CryptoInputParcel.java | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java index d77bbe7e2..6edc48b09 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -24,11 +24,21 @@ public class CryptoInputParcel implements Parcelable { // used in the crypto operation described by this parcel. private HashMap mCryptoData = new HashMap<>(); + public CryptoInputParcel() { + mSignatureTime = new Date(); + mPassphrase = null; + } + public CryptoInputParcel(Date signatureTime, Passphrase passphrase) { mSignatureTime = signatureTime == null ? new Date() : signatureTime; mPassphrase = passphrase; } + public CryptoInputParcel(Passphrase passphrase) { + mSignatureTime = new Date(); + mPassphrase = null; + } + public CryptoInputParcel(Date signatureTime) { mSignatureTime = signatureTime == null ? new Date() : signatureTime; mPassphrase = null; -- cgit v1.2.3 From e00ce86de911e5b3f9aa7f5d8f1cb40e310e95e3 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 20 Mar 2015 14:57:38 +0100 Subject: fix more unit tests (syntax) --- .../keychain/service/CertifyActionsParcel.java | 10 +--------- .../keychain/service/KeychainIntentService.java | 3 ++- 2 files changed, 3 insertions(+), 10 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java index 405a6a24b..8721f4c0c 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/CertifyActionsParcel.java @@ -42,17 +42,14 @@ public class CertifyActionsParcel implements Parcelable { public CertifyLevel mLevel; public ArrayList mCertifyActions = new ArrayList<>(); - public CryptoInputParcel mCryptoInput; - public CertifyActionsParcel(CryptoInputParcel cryptoInput, long masterKeyId) { + public CertifyActionsParcel(long masterKeyId) { mMasterKeyId = masterKeyId; - mCryptoInput = cryptoInput != null ? cryptoInput : new CryptoInputParcel(new Date()); mLevel = CertifyLevel.DEFAULT; } public CertifyActionsParcel(Parcel source) { mMasterKeyId = source.readLong(); - mCryptoInput = source.readParcelable(CertifyActionsParcel.class.getClassLoader()); // just like parcelables, this is meant for ad-hoc IPC only and is NOT portable! mLevel = CertifyLevel.values()[source.readInt()]; @@ -66,16 +63,11 @@ public class CertifyActionsParcel implements Parcelable { @Override public void writeToParcel(Parcel destination, int flags) { destination.writeLong(mMasterKeyId); - destination.writeParcelable(mCryptoInput, 0); destination.writeInt(mLevel.ordinal()); destination.writeSerializable(mCertifyActions); } - public Map getSignatureData() { - return mCryptoInput.getCryptoData(); - } - public static final Creator CREATOR = new Creator() { public CertifyActionsParcel createFromParcel(final Parcel source) { return new CertifyActionsParcel(source); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index cd3e06705..ed6453e9d 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -254,11 +254,12 @@ public class KeychainIntentService extends IntentService implements Progressable // Input CertifyActionsParcel parcel = data.getParcelable(CERTIFY_PARCEL); + CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT); String keyServerUri = data.getString(UPLOAD_KEY_SERVER); // Operation CertifyOperation op = new CertifyOperation(this, providerHelper, this, mActionCanceled); - CertifyResult result = op.certify(parcel, keyServerUri); + CertifyResult result = op.certify(parcel, cryptoInput, keyServerUri); // Result sendMessageToHandler(MessageStatus.OKAY, result); -- cgit v1.2.3 From 3e51da3afa542c62b82bbcf9a953cdcd379950a2 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 20 Mar 2015 18:45:00 +0100 Subject: fix unit tests (for real) --- .../java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java | 2 +- .../sufficientlysecure/keychain/service/input/CryptoInputParcel.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java index 9fd278c13..88f258c58 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java @@ -85,7 +85,7 @@ public class SaveKeyringParcel implements Parcelable { /** Returns true iff this parcel does not contain any operations which require a passphrase. */ public boolean isRestrictedOnly() { if (mNewUnlock != null || !mAddUserIds.isEmpty() || !mAddUserAttribute.isEmpty() - || !mAddSubKeys.isEmpty() || mChangePrimaryUserId != null || !mRevokeSubKeys .isEmpty() + || !mAddSubKeys.isEmpty() || mChangePrimaryUserId != null || !mRevokeUserIds.isEmpty() || !mRevokeSubKeys.isEmpty()) { return false; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java index 6edc48b09..21aacd1f0 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -36,7 +36,7 @@ public class CryptoInputParcel implements Parcelable { public CryptoInputParcel(Passphrase passphrase) { mSignatureTime = new Date(); - mPassphrase = null; + mPassphrase = passphrase; } public CryptoInputParcel(Date signatureTime) { -- cgit v1.2.3 From 88ca41d55586e5084cc3f177eb12617aa640ae1d Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Fri, 20 Mar 2015 18:55:16 +0100 Subject: add edit key unit test for no-op --- .../org/sufficientlysecure/keychain/service/SaveKeyringParcel.java | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java index 88f258c58..2e0524141 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/SaveKeyringParcel.java @@ -82,6 +82,10 @@ public class SaveKeyringParcel implements Parcelable { mRevokeSubKeys = new ArrayList<>(); } + public boolean isEmpty() { + return isRestrictedOnly() && mChangeSubKeys.isEmpty(); + } + /** Returns true iff this parcel does not contain any operations which require a passphrase. */ public boolean isRestrictedOnly() { if (mNewUnlock != null || !mAddUserIds.isEmpty() || !mAddUserAttribute.isEmpty() -- cgit v1.2.3 From 93c7eb72fbbf93938043566dfc1707b6714f325b Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Sat, 21 Mar 2015 15:16:32 +0100 Subject: more data in RequiredInputParcel, OperationResult notifications - pass both masterkeyid and subkeyid though RequiredInputParcel parcel - fix numeric vales in OperationResult.createNotify() --- .../service/input/RequiredInputParcel.java | 39 +++++++++++++++++----- 1 file changed, 30 insertions(+), 9 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index 3d91812eb..d8d87114e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -18,19 +18,20 @@ public class RequiredInputParcel implements Parcelable { public final RequiredInputType mType; - public String mNfcPin = "123456"; public final byte[][] mInputHashes; public final int[] mSignAlgos; + private Long mMasterKeyId; private Long mSubKeyId; private RequiredInputParcel(RequiredInputType type, byte[][] inputHashes, - int[] signAlgos, Date signatureTime, Long keyId) { + int[] signAlgos, Date signatureTime, Long masterKeyId, Long subKeyId) { mType = type; mInputHashes = inputHashes; mSignAlgos = signAlgos; mSignatureTime = signatureTime; - mSubKeyId = keyId; + mMasterKeyId = masterKeyId; + mSubKeyId = subKeyId; } public RequiredInputParcel(Parcel source) { @@ -50,6 +51,7 @@ public class RequiredInputParcel implements Parcelable { } mSignatureTime = source.readInt() != 0 ? new Date(source.readLong()) : null; + mMasterKeyId = source.readInt() != 0 ? source.readLong() : null; mSubKeyId = source.readInt() != 0 ? source.readLong() : null; } @@ -61,19 +63,28 @@ public class RequiredInputParcel implements Parcelable { public static RequiredInputParcel createNfcSignOperation( byte[] inputHash, int signAlgo, Date signatureTime) { return new RequiredInputParcel(RequiredInputType.NFC_SIGN, - new byte[][] { inputHash }, new int[] { signAlgo }, signatureTime, null); + new byte[][] { inputHash }, new int[] { signAlgo }, + signatureTime, null, null); } public static RequiredInputParcel createNfcDecryptOperation(byte[] inputHash) { return new RequiredInputParcel(RequiredInputType.NFC_DECRYPT, - new byte[][] { inputHash }, null, null, null); + new byte[][] { inputHash }, null, null, null, null); } - public static RequiredInputParcel createRequiredPassphrase(long keyId, Date signatureTime) { + public static RequiredInputParcel createRequiredPassphrase( + long masterKeyId, long subKeyId, Date signatureTime) { return new RequiredInputParcel(RequiredInputType.PASSPHRASE, - null, null, signatureTime, keyId); + null, null, signatureTime, masterKeyId, subKeyId); } + public static RequiredInputParcel createRequiredPassphrase( + RequiredInputParcel req) { + return new RequiredInputParcel(RequiredInputType.PASSPHRASE, + null, null, req.mSignatureTime, req.mMasterKeyId, req.mSubKeyId); + } + + @Override public int describeContents() { return 0; @@ -98,6 +109,12 @@ public class RequiredInputParcel implements Parcelable { } else { dest.writeInt(0); } + if (mMasterKeyId != null) { + dest.writeInt(1); + dest.writeLong(mMasterKeyId); + } else { + dest.writeInt(0); + } if (mSubKeyId != null) { dest.writeInt(1); dest.writeLong(mSubKeyId); @@ -121,9 +138,13 @@ public class RequiredInputParcel implements Parcelable { Date mSignatureTime; ArrayList mSignAlgos = new ArrayList<>(); ArrayList mInputHashes = new ArrayList<>(); + long mMasterKeyId; + long mSubKeyId; - public NfcSignOperationsBuilder(Date signatureTime) { + public NfcSignOperationsBuilder(Date signatureTime, long masterKeyId, long subKeyId) { mSignatureTime = signatureTime; + mMasterKeyId = masterKeyId; + mSubKeyId = subKeyId; } public RequiredInputParcel build() { @@ -135,7 +156,7 @@ public class RequiredInputParcel implements Parcelable { } return new RequiredInputParcel(RequiredInputType.NFC_SIGN, - inputHashes, signAlgos, mSignatureTime, null); + inputHashes, signAlgos, mSignatureTime, mMasterKeyId, mSubKeyId); } public void addHash(byte[] hash, int algo) { -- cgit v1.2.3 From 1ad3635d139ea5033b06e5cdd87a7b2eab5f2e75 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Sat, 21 Mar 2015 19:52:10 +0100 Subject: work on ad-hoc yubikey import support --- .../org/sufficientlysecure/keychain/service/KeychainIntentService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index ed6453e9d..5a9c146f7 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -487,7 +487,7 @@ public class KeychainIntentService extends IntentService implements Progressable case ACTION_PROMOTE_KEYRING: { // Input - long keyRingId = data.getInt(EXPORT_KEY_RING_MASTER_KEY_ID); + long keyRingId = data.getLong(PROMOTE_MASTER_KEY_ID); // Operation PromoteKeyOperation op = new PromoteKeyOperation(this, providerHelper, this, mActionCanceled); -- cgit v1.2.3 From 2151411219b4e5d609d25fcbb574ccf399f54d6f Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Sun, 22 Mar 2015 03:56:58 +0100 Subject: actually promote to divert, pass yubikey's AID --- .../sufficientlysecure/keychain/service/KeychainIntentService.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index 5a9c146f7..a400066ab 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -187,7 +187,7 @@ public class KeychainIntentService extends IntentService implements Progressable // promote key public static final String PROMOTE_MASTER_KEY_ID = "promote_master_key_id"; - public static final String PROMOTE_TYPE = "promote_type"; + public static final String PROMOTE_CARD_AID = "promote_card_aid"; // consolidate public static final String CONSOLIDATE_RECOVERY = "consolidate_recovery"; @@ -488,10 +488,11 @@ public class KeychainIntentService extends IntentService implements Progressable // Input long keyRingId = data.getLong(PROMOTE_MASTER_KEY_ID); + byte[] cardAid = data.getByteArray(PROMOTE_CARD_AID); // Operation PromoteKeyOperation op = new PromoteKeyOperation(this, providerHelper, this, mActionCanceled); - PromoteKeyResult result = op.execute(keyRingId); + PromoteKeyResult result = op.execute(keyRingId, cardAid); // Result sendMessageToHandler(MessageStatus.OKAY, result); -- cgit v1.2.3 From c694d73cab1edf91cb94d53cc8352ca93f0eb6ce Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Mon, 23 Mar 2015 01:44:14 +0100 Subject: further improve yubikey error handling --- .../keychain/service/PassphraseCacheService.java | 40 ++++++++++++++++++---- .../service/input/RequiredInputParcel.java | 4 +++ 2 files changed, 38 insertions(+), 6 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index ee481ad31..5e8ad96cd 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -124,7 +124,7 @@ public class PassphraseCacheService extends Service { public static void addCachedPassphrase(Context context, long masterKeyId, long subKeyId, Passphrase passphrase, String primaryUserId) { - Log.d(Constants.TAG, "PassphraseCacheService.cacheNewPassphrase() for " + masterKeyId); + Log.d(Constants.TAG, "PassphraseCacheService.addCachedPassphrase() for " + masterKeyId); Intent intent = new Intent(context, PassphraseCacheService.class); intent.setAction(ACTION_PASSPHRASE_CACHE_ADD); @@ -138,6 +138,19 @@ public class PassphraseCacheService extends Service { context.startService(intent); } + public static void clearCachedPassphrase(Context context, long masterKeyId, long subKeyId) { + Log.d(Constants.TAG, "PassphraseCacheService.clearCachedPassphrase() for " + masterKeyId); + + Intent intent = new Intent(context, PassphraseCacheService.class); + intent.setAction(ACTION_PASSPHRASE_CACHE_CLEAR); + + intent.putExtra(EXTRA_KEY_ID, masterKeyId); + intent.putExtra(EXTRA_SUBKEY_ID, subKeyId); + + context.startService(intent); + } + + /** * Gets a cached passphrase from memory by sending an intent to the service. This method is * designed to wait until the service returns the passphrase. @@ -395,12 +408,27 @@ public class PassphraseCacheService extends Service { } else if (ACTION_PASSPHRASE_CACHE_CLEAR.equals(intent.getAction())) { AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); - // Stop all ttl alarms - for (int i = 0; i < mPassphraseCache.size(); i++) { - am.cancel(buildIntent(this, mPassphraseCache.keyAt(i))); - } + if (intent.hasExtra(EXTRA_SUBKEY_ID) && intent.hasExtra(EXTRA_KEY_ID)) { - mPassphraseCache.clear(); + long keyId; + if (Preferences.getPreferences(mContext).getPassphraseCacheSubs()) { + keyId = intent.getLongExtra(EXTRA_KEY_ID, 0L); + } else { + keyId = intent.getLongExtra(EXTRA_SUBKEY_ID, 0L); + } + // Stop specific ttl alarm and + am.cancel(buildIntent(this, keyId)); + mPassphraseCache.delete(keyId); + + } else { + + // Stop all ttl alarms + for (int i = 0; i < mPassphraseCache.size(); i++) { + am.cancel(buildIntent(this, mPassphraseCache.keyAt(i))); + } + mPassphraseCache.clear(); + + } updateService(); } else { diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index d8d87114e..471fc0ec9 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -56,6 +56,10 @@ public class RequiredInputParcel implements Parcelable { } + public long getMasterKeyId() { + return mMasterKeyId; + } + public long getSubKeyId() { return mSubKeyId; } -- cgit v1.2.3 From d7b79e55fba170a0fe691f00dbc943d8ecfff33e Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Mon, 30 Mar 2015 16:40:41 +0200 Subject: pass CryptoInputParcel independently for SignEncryptOperation --- .../keychain/service/KeychainIntentService.java | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index 1a94d70b7..c7d9d5e38 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -46,7 +46,6 @@ import org.sufficientlysecure.keychain.operations.results.CertifyResult; import org.sufficientlysecure.keychain.operations.results.ConsolidateResult; import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult; import org.sufficientlysecure.keychain.operations.results.DeleteResult; -import org.sufficientlysecure.keychain.operations.results.EditKeyResult; import org.sufficientlysecure.keychain.operations.results.ExportResult; import org.sufficientlysecure.keychain.operations.results.ImportKeyResult; import org.sufficientlysecure.keychain.operations.results.OperationResult; @@ -284,14 +283,13 @@ public class KeychainIntentService extends IntentService implements Progressable case ACTION_DECRYPT_METADATA: { try { - /* Input */ + /* Input */ Passphrase passphrase = data.getParcelable(DECRYPT_PASSPHRASE); byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY); InputData inputData = createDecryptInputData(data); - /* Operation */ - + /* Operation */ Bundle resultData = new Bundle(); // verifyText and decrypt returning additional resultData values for the @@ -549,11 +547,12 @@ public class KeychainIntentService extends IntentService implements Progressable // Input SignEncryptParcel inputParcel = data.getParcelable(SIGN_ENCRYPT_PARCEL); + CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT); // Operation SignEncryptOperation op = new SignEncryptOperation( this, new ProviderHelper(this), this, mActionCanceled); - SignEncryptResult result = op.execute(inputParcel); + SignEncryptResult result = op.execute(inputParcel, cryptoInput); // Result sendMessageToHandler(MessageStatus.OKAY, result); -- cgit v1.2.3 From 39b131c7e58c358adf93bb64fe297884664a4ae1 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Mon, 30 Mar 2015 23:35:32 +0200 Subject: fix Encrypt* with RequiredInputParcel --- .../keychain/service/input/RequiredInputParcel.java | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index 471fc0ec9..5cc2607cc 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -1,6 +1,7 @@ package org.sufficientlysecure.keychain.service.input; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collections; import java.util.Date; @@ -56,11 +57,11 @@ public class RequiredInputParcel implements Parcelable { } - public long getMasterKeyId() { + public Long getMasterKeyId() { return mMasterKeyId; } - public long getSubKeyId() { + public Long getSubKeyId() { return mSubKeyId; } @@ -88,7 +89,6 @@ public class RequiredInputParcel implements Parcelable { null, null, req.mSignatureTime, req.mMasterKeyId, req.mSubKeyId); } - @Override public int describeContents() { return 0; @@ -142,10 +142,10 @@ public class RequiredInputParcel implements Parcelable { Date mSignatureTime; ArrayList mSignAlgos = new ArrayList<>(); ArrayList mInputHashes = new ArrayList<>(); - long mMasterKeyId; - long mSubKeyId; + Long mMasterKeyId; + Long mSubKeyId; - public NfcSignOperationsBuilder(Date signatureTime, long masterKeyId, long subKeyId) { + public NfcSignOperationsBuilder(Date signatureTime, Long masterKeyId, Long subKeyId) { mSignatureTime = signatureTime; mMasterKeyId = masterKeyId; mSubKeyId = subKeyId; -- cgit v1.2.3 From cc44ff1a8b3b51331023ef738ccd28bece32da40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Tue, 31 Mar 2015 15:44:37 +0200 Subject: Prepare decrypt UI for input parcel --- .../keychain/service/input/CryptoInputParcel.java | 26 +++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java index 21aacd1f0..3d1ccaca1 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/CryptoInputParcel.java @@ -1,3 +1,20 @@ +/* + * Copyright (C) 2015 Dominik Schürmann + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package org.sufficientlysecure.keychain.service.input; import java.nio.ByteBuffer; @@ -11,9 +28,8 @@ import android.os.Parcelable; import org.sufficientlysecure.keychain.util.Passphrase; - -/** This is a base class for the input of crypto operations. - * +/** + * This is a base class for the input of crypto operations. */ public class CryptoInputParcel implements Parcelable { @@ -22,7 +38,7 @@ public class CryptoInputParcel implements Parcelable { // this map contains both decrypted session keys and signed hashes to be // used in the crypto operation described by this parcel. - private HashMap mCryptoData = new HashMap<>(); + private HashMap mCryptoData = new HashMap<>(); public CryptoInputParcel() { mSignatureTime = new Date(); @@ -71,7 +87,7 @@ public class CryptoInputParcel implements Parcelable { dest.writeParcelable(mPassphrase, 0); dest.writeInt(mCryptoData.size()); - for (HashMap.Entry entry : mCryptoData.entrySet()) { + for (HashMap.Entry entry : mCryptoData.entrySet()) { dest.writeByteArray(entry.getKey().array()); dest.writeByteArray(entry.getValue()); } -- cgit v1.2.3 From ad69622b6983d139e2cef1380f502edef19d2180 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Wed, 1 Apr 2015 00:38:01 +0200 Subject: fix Decrypt*Fragment for RequiredInputParcel (except decryptOriginalFilename) --- .../keychain/service/KeychainIntentService.java | 39 +++++++----------- .../service/input/RequiredInputParcel.java | 47 ++++++++++++++++------ 2 files changed, 49 insertions(+), 37 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index c7d9d5e38..e0509ac9b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -151,8 +151,6 @@ public class KeychainIntentService extends IntentService implements Progressable // decrypt/verify public static final String DECRYPT_CIPHERTEXT_BYTES = "ciphertext_bytes"; - public static final String DECRYPT_PASSPHRASE = "passphrase"; - public static final String DECRYPT_NFC_DECRYPTED_SESSION_KEY = "nfc_decrypted_session_key"; // keybase proof public static final String KEYBASE_REQUIRED_FINGERPRINT = "keybase_required_fingerprint"; @@ -284,25 +282,19 @@ public class KeychainIntentService extends IntentService implements Progressable try { /* Input */ - Passphrase passphrase = data.getParcelable(DECRYPT_PASSPHRASE); - byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY); + CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT); InputData inputData = createDecryptInputData(data); - /* Operation */ - Bundle resultData = new Bundle(); - // verifyText and decrypt returning additional resultData values for the // verification of signatures PgpDecryptVerify.Builder builder = new PgpDecryptVerify.Builder( this, new ProviderHelper(this), this, inputData, null ); builder.setAllowSymmetricDecryption(true) - .setPassphrase(passphrase) - .setDecryptMetadataOnly(true) - .setNfcState(nfcDecryptedSessionKey); + .setDecryptMetadataOnly(true); - DecryptVerifyResult decryptVerifyResult = builder.build().execute(); + DecryptVerifyResult decryptVerifyResult = builder.build().execute(cryptoInput); sendMessageToHandler(MessageStatus.OKAY, decryptVerifyResult); } catch (Exception e) { @@ -377,7 +369,8 @@ public class KeychainIntentService extends IntentService implements Progressable ); builder.setSignedLiteralData(true).setRequiredSignerFingerprint(requiredFingerprint); - DecryptVerifyResult decryptVerifyResult = builder.build().execute(); + DecryptVerifyResult decryptVerifyResult = builder.build().execute( + new CryptoInputParcel()); outStream.close(); if (!decryptVerifyResult.success()) { @@ -412,15 +405,13 @@ public class KeychainIntentService extends IntentService implements Progressable case ACTION_DECRYPT_VERIFY: { try { - /* Input */ - Passphrase passphrase = data.getParcelable(DECRYPT_PASSPHRASE); - byte[] nfcDecryptedSessionKey = data.getByteArray(DECRYPT_NFC_DECRYPTED_SESSION_KEY); + /* Input */ + CryptoInputParcel cryptoInput = data.getParcelable(EXTRA_CRYPTO_INPUT); InputData inputData = createDecryptInputData(data); OutputStream outStream = createCryptOutputStream(data); - /* Operation */ - + /* Operation */ Bundle resultData = new Bundle(); // verifyText and decrypt returning additional resultData values for the @@ -429,24 +420,22 @@ public class KeychainIntentService extends IntentService implements Progressable this, new ProviderHelper(this), this, inputData, outStream ); - builder.setAllowSymmetricDecryption(true) - .setPassphrase(passphrase) - .setNfcState(nfcDecryptedSessionKey); + builder.setAllowSymmetricDecryption(true); - DecryptVerifyResult decryptVerifyResult = builder.build().execute(); + DecryptVerifyResult decryptVerifyResult = builder.build().execute(cryptoInput); outStream.close(); resultData.putParcelable(DecryptVerifyResult.EXTRA_RESULT, decryptVerifyResult); - /* Output */ - + /* Output */ finalizeDecryptOutputStream(data, resultData, outStream); - Log.logDebugBundle(resultData, "resultData"); sendMessageToHandler(MessageStatus.OKAY, resultData); - } catch (Exception e) { + + } catch (IOException | PgpGeneralException e) { + // TODO get rid of this! sendErrorToHandler(e); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index 5cc2607cc..535c1e735 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -1,18 +1,19 @@ package org.sufficientlysecure.keychain.service.input; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collections; import java.util.Date; import android.os.Parcel; import android.os.Parcelable; +import org.sufficientlysecure.keychain.Constants.key; + public class RequiredInputParcel implements Parcelable { public enum RequiredInputType { - PASSPHRASE, NFC_SIGN, NFC_DECRYPT + PASSPHRASE, PASSPHRASE_SYMMETRIC, NFC_SIGN, NFC_DECRYPT } public Date mSignatureTime; @@ -38,13 +39,22 @@ public class RequiredInputParcel implements Parcelable { public RequiredInputParcel(Parcel source) { mType = RequiredInputType.values()[source.readInt()]; - if (source.readInt() != 0) { + // 0 = none, 1 = both, 2 = only hashes (decrypt) + int hashTypes = source.readInt(); + if (hashTypes != 0) { int count = source.readInt(); mInputHashes = new byte[count][]; - mSignAlgos = new int[count]; - for (int i = 0; i < count; i++) { - mInputHashes[i] = source.createByteArray(); - mSignAlgos[i] = source.readInt(); + if (hashTypes == 1) { + mSignAlgos = new int[count]; + for (int i = 0; i < count; i++) { + mInputHashes[i] = source.createByteArray(); + mSignAlgos[i] = source.readInt(); + } + } else { + mSignAlgos = null; + for (int i = 0; i < count; i++) { + mInputHashes[i] = source.createByteArray(); + } } } else { mInputHashes = null; @@ -72,17 +82,28 @@ public class RequiredInputParcel implements Parcelable { signatureTime, null, null); } - public static RequiredInputParcel createNfcDecryptOperation(byte[] inputHash) { + public static RequiredInputParcel createNfcDecryptOperation(byte[] inputHash, long subKeyId) { return new RequiredInputParcel(RequiredInputType.NFC_DECRYPT, - new byte[][] { inputHash }, null, null, null, null); + new byte[][] { inputHash }, null, null, null, subKeyId); } - public static RequiredInputParcel createRequiredPassphrase( + public static RequiredInputParcel createRequiredSignPassphrase( long masterKeyId, long subKeyId, Date signatureTime) { return new RequiredInputParcel(RequiredInputType.PASSPHRASE, null, null, signatureTime, masterKeyId, subKeyId); } + public static RequiredInputParcel createRequiredDecryptPassphrase( + long masterKeyId, long subKeyId) { + return new RequiredInputParcel(RequiredInputType.PASSPHRASE, + null, null, null, masterKeyId, subKeyId); + } + + public static RequiredInputParcel createRequiredSymmetricPassphrase() { + return new RequiredInputParcel(RequiredInputType.PASSPHRASE_SYMMETRIC, + null, null, null, null, null); + } + public static RequiredInputParcel createRequiredPassphrase( RequiredInputParcel req) { return new RequiredInputParcel(RequiredInputType.PASSPHRASE, @@ -98,11 +119,13 @@ public class RequiredInputParcel implements Parcelable { public void writeToParcel(Parcel dest, int flags) { dest.writeInt(mType.ordinal()); if (mInputHashes != null) { - dest.writeInt(1); + dest.writeInt(mSignAlgos != null ? 1 : 2); dest.writeInt(mInputHashes.length); for (int i = 0; i < mInputHashes.length; i++) { dest.writeByteArray(mInputHashes[i]); - dest.writeInt(mSignAlgos[i]); + if (mSignAlgos != null) { + dest.writeInt(mSignAlgos[i]); + } } } else { dest.writeInt(0); -- cgit v1.2.3 From c3d6637e6acf595e0f13ce8a3cb7accd6173e5d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Sun, 12 Apr 2015 19:55:10 +0200 Subject: Simplify PassphraseCacheService --- .../keychain/service/PassphraseCacheService.java | 28 ++++++++++------------ 1 file changed, 12 insertions(+), 16 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index 8e37a8867..2bea05de8 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -355,25 +355,21 @@ public class PassphraseCacheService extends Service { + masterKeyId + ", subKeyId: " + subKeyId + ", ttl: " + ttl + ", usrId: " + primaryUserID ); - // if we don't cache by specific subkey id, or the requested subkey is the master key, - // just add master key id to the cache + long referenceKeyId; if (subKeyId == masterKeyId || !Preferences.getPreferences(mContext).getPassphraseCacheSubs()) { - mPassphraseCache.put(masterKeyId, new CachedPassphrase(passphrase, primaryUserID)); - if (ttl > 0) { - // register new alarm with keyId for this passphrase - long triggerTime = new Date().getTime() + (ttl * 1000); - AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); - am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, masterKeyId)); - } + // if we don't cache by specific subkey id, or the requested subkey is the master key, + // just add master key id to the cache + referenceKeyId = masterKeyId; } else { // otherwise, add this specific subkey to the cache - mPassphraseCache.put(subKeyId, new CachedPassphrase(passphrase, primaryUserID)); - if (ttl > 0) { - // register new alarm with keyId for this passphrase - long triggerTime = new Date().getTime() + (ttl * 1000); - AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); - am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, subKeyId)); - } + referenceKeyId = subKeyId; + } + mPassphraseCache.put(referenceKeyId, new CachedPassphrase(passphrase, primaryUserID)); + if (ttl > 0) { + // register new alarm with keyId for this passphrase + long triggerTime = new Date().getTime() + (ttl * 1000); + AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); + am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, referenceKeyId)); } updateService(); -- cgit v1.2.3 From 4a553087416097cfe08269c0417313fa691b3042 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Sun, 12 Apr 2015 20:12:10 +0200 Subject: More simplifications to PassphraseCacheService --- .../keychain/service/PassphraseCacheService.java | 48 ++++++++++------------ 1 file changed, 21 insertions(+), 27 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index 2bea05de8..ba3216c23 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -52,27 +52,26 @@ import java.util.Date; * This service runs in its own process, but is available to all other processes as the main * passphrase cache. Use the static methods addCachedPassphrase and getCachedPassphrase for * convenience. - * + *

* The passphrase cache service always works with both a master key id and a subkey id. The master * key id is always used to retrieve relevant info from the database, while the subkey id is used * to determine the type behavior (regular passphrase, empty passphrase, stripped key, * divert-to-card) for the specific key requested. - * + *

* Caching behavior for subkeys depends on the cacheSubs preference: - * - * - If cacheSubs is NOT set, passphrases will be cached and retrieved by master key id. The - * checks for special subkeys will still be done, but otherwise it is assumed that all subkeys - * from the same master key will use the same passphrase. This can lead to bad passphrase - * errors if two subkeys are encrypted differently. This is the default behavior. - * - * - If cacheSubs IS set, passphrases will be cached per subkey id. This means that if a keyring - * has two subkeys for different purposes, passphrases will be cached independently and the - * user will be asked for a passphrase once per subkey even if it is the same one. This mode - * of operation is more precise, since we can assume that all passphrases returned from cache - * will be correct without fail. Since keyrings with differently encrypted subkeys are a very - * rare occurrence, and caching by keyring is what the user expects in the vast majority of - * cases, this is not the default behavior. - * + *

+ * - If cacheSubs is NOT set, passphrases will be cached and retrieved by master key id. The + * checks for special subkeys will still be done, but otherwise it is assumed that all subkeys + * from the same master key will use the same passphrase. This can lead to bad passphrase + * errors if two subkeys are encrypted differently. This is the default behavior. + *

+ * - If cacheSubs IS set, passphrases will be cached per subkey id. This means that if a keyring + * has two subkeys for different purposes, passphrases will be cached independently and the + * user will be asked for a passphrase once per subkey even if it is the same one. This mode + * of operation is more precise, since we can assume that all passphrases returned from cache + * will be correct without fail. Since keyrings with differently encrypted subkeys are a very + * rare occurrence, and caching by keyring is what the user expects in the vast majority of + * cases, this is not the default behavior. */ public class PassphraseCacheService extends Service { @@ -153,7 +152,7 @@ public class PassphraseCacheService extends Service { /** * Gets a cached passphrase from memory by sending an intent to the service. This method is * designed to wait until the service returns the passphrase. - + * * @return passphrase or null (if no passphrase is cached for this keyId) */ public static Passphrase getCachedPassphrase(Context context, long masterKeyId, long subKeyId) throws KeyNotFoundException { @@ -231,7 +230,7 @@ public class PassphraseCacheService extends Service { } // on "none" key, just do nothing - if(masterKeyId == Constants.key.none) { + if (masterKeyId == Constants.key.none) { return null; } @@ -355,15 +354,10 @@ public class PassphraseCacheService extends Service { + masterKeyId + ", subKeyId: " + subKeyId + ", ttl: " + ttl + ", usrId: " + primaryUserID ); - long referenceKeyId; - if (subKeyId == masterKeyId || !Preferences.getPreferences(mContext).getPassphraseCacheSubs()) { - // if we don't cache by specific subkey id, or the requested subkey is the master key, - // just add master key id to the cache - referenceKeyId = masterKeyId; - } else { - // otherwise, add this specific subkey to the cache - referenceKeyId = subKeyId; - } + // if we don't cache by specific subkey id, or the requested subkey is the master key, + // just add master key id to the cache, otherwise, add this specific subkey to the cache + long referenceKeyId = + Preferences.getPreferences(mContext).getPassphraseCacheSubs() ? subKeyId : masterKeyId; mPassphraseCache.put(referenceKeyId, new CachedPassphrase(passphrase, primaryUserID)); if (ttl > 0) { // register new alarm with keyId for this passphrase -- cgit v1.2.3 From 9fc001c9b98e54f37eb8254a215f9d4c1e1c95ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Sun, 12 Apr 2015 21:23:59 +0200 Subject: Clearer var naming --- .../keychain/service/PassphraseCacheService.java | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index ba3216c23..2e09db900 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -322,11 +322,11 @@ public class PassphraseCacheService extends Service { /** * Build pending intent that is executed by alarm manager to time out a specific passphrase */ - private static PendingIntent buildIntent(Context context, long keyId) { + private static PendingIntent buildIntent(Context context, long referenceKeyId) { Intent intent = new Intent(BROADCAST_ACTION_PASSPHRASE_CACHE_SERVICE); - intent.putExtra(EXTRA_KEY_ID, keyId); + intent.putExtra(EXTRA_KEY_ID, referenceKeyId); // request code should be unique for each PendingIntent, thus keyId is used - return PendingIntent.getBroadcast(context, (int) keyId, intent, + return PendingIntent.getBroadcast(context, (int) referenceKeyId, intent, PendingIntent.FLAG_CANCEL_CURRENT); } @@ -400,15 +400,15 @@ public class PassphraseCacheService extends Service { if (intent.hasExtra(EXTRA_SUBKEY_ID) && intent.hasExtra(EXTRA_KEY_ID)) { - long keyId; + long referenceKeyId; if (Preferences.getPreferences(mContext).getPassphraseCacheSubs()) { - keyId = intent.getLongExtra(EXTRA_KEY_ID, 0L); + referenceKeyId = intent.getLongExtra(EXTRA_KEY_ID, 0L); } else { - keyId = intent.getLongExtra(EXTRA_SUBKEY_ID, 0L); + referenceKeyId = intent.getLongExtra(EXTRA_SUBKEY_ID, 0L); } // Stop specific ttl alarm and - am.cancel(buildIntent(this, keyId)); - mPassphraseCache.delete(keyId); + am.cancel(buildIntent(this, referenceKeyId)); + mPassphraseCache.delete(referenceKeyId); } else { -- cgit v1.2.3 From 256d644d03f989132e9db01e15f75aaee2f76157 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Mon, 13 Apr 2015 23:29:35 +0200 Subject: IMplement CryptoInputParcelCacheService --- .../keychain/service/PassphraseCacheService.java | 29 +++++++++++++++------- 1 file changed, 20 insertions(+), 9 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index 2e09db900..778d0d525 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -337,11 +337,17 @@ public class PassphraseCacheService extends Service { public int onStartCommand(Intent intent, int flags, int startId) { Log.d(Constants.TAG, "PassphraseCacheService.onStartCommand()"); + if (intent == null || intent.getAction() == null) { + updateService(); + return START_STICKY; + } + // register broadcastreceiver registerReceiver(); - if (intent != null && intent.getAction() != null) { - if (ACTION_PASSPHRASE_CACHE_ADD.equals(intent.getAction())) { + String action = intent.getAction(); + switch (action) { + case ACTION_PASSPHRASE_CACHE_ADD: { long ttl = intent.getLongExtra(EXTRA_TTL, DEFAULT_TTL); long masterKeyId = intent.getLongExtra(EXTRA_KEY_ID, -1); long subKeyId = intent.getLongExtra(EXTRA_SUBKEY_ID, -1); @@ -365,9 +371,9 @@ public class PassphraseCacheService extends Service { AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); am.set(AlarmManager.RTC_WAKEUP, triggerTime, buildIntent(this, referenceKeyId)); } - - updateService(); - } else if (ACTION_PASSPHRASE_CACHE_GET.equals(intent.getAction())) { + break; + } + case ACTION_PASSPHRASE_CACHE_GET: { long masterKeyId = intent.getLongExtra(EXTRA_KEY_ID, Constants.key.symmetric); long subKeyId = intent.getLongExtra(EXTRA_SUBKEY_ID, Constants.key.symmetric); Messenger messenger = intent.getParcelableExtra(EXTRA_MESSENGER); @@ -395,7 +401,9 @@ public class PassphraseCacheService extends Service { } catch (RemoteException e) { Log.e(Constants.TAG, "PassphraseCacheService: Sending message failed", e); } - } else if (ACTION_PASSPHRASE_CACHE_CLEAR.equals(intent.getAction())) { + break; + } + case ACTION_PASSPHRASE_CACHE_CLEAR: { AlarmManager am = (AlarmManager) this.getSystemService(Context.ALARM_SERVICE); if (intent.hasExtra(EXTRA_SUBKEY_ID) && intent.hasExtra(EXTRA_KEY_ID)) { @@ -419,13 +427,16 @@ public class PassphraseCacheService extends Service { mPassphraseCache.clear(); } - - updateService(); - } else { + break; + } + default: { Log.e(Constants.TAG, "PassphraseCacheService: Intent or Intent Action not supported!"); + break; } } + updateService(); + return START_STICKY; } -- cgit v1.2.3 From 71024460cbb397957ab079a3568b0bb9462c0c84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Mon, 13 Apr 2015 23:53:46 +0200 Subject: Reformat comment in PassphraseCacheService --- .../keychain/service/PassphraseCacheService.java | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index 778d0d525..03c250035 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -52,19 +52,19 @@ import java.util.Date; * This service runs in its own process, but is available to all other processes as the main * passphrase cache. Use the static methods addCachedPassphrase and getCachedPassphrase for * convenience. - *

+ * * The passphrase cache service always works with both a master key id and a subkey id. The master * key id is always used to retrieve relevant info from the database, while the subkey id is used * to determine the type behavior (regular passphrase, empty passphrase, stripped key, * divert-to-card) for the specific key requested. - *

+ * * Caching behavior for subkeys depends on the cacheSubs preference: - *

+ * * - If cacheSubs is NOT set, passphrases will be cached and retrieved by master key id. The * checks for special subkeys will still be done, but otherwise it is assumed that all subkeys * from the same master key will use the same passphrase. This can lead to bad passphrase * errors if two subkeys are encrypted differently. This is the default behavior. - *

+ * * - If cacheSubs IS set, passphrases will be cached per subkey id. This means that if a keyring * has two subkeys for different purposes, passphrases will be cached independently and the * user will be asked for a passphrase once per subkey even if it is the same one. This mode @@ -72,6 +72,7 @@ import java.util.Date; * will be correct without fail. Since keyrings with differently encrypted subkeys are a very * rare occurrence, and caching by keyring is what the user expects in the vast majority of * cases, this is not the default behavior. + * */ public class PassphraseCacheService extends Service { -- cgit v1.2.3 From 3668c8897d88989780da800ecd648c7b33a0e8f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Wed, 15 Apr 2015 10:02:41 +0200 Subject: Fix YubiKey naming, cleanup --- .../keychain/service/PassphraseCacheService.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java index 03c250035..78137170d 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/PassphraseCacheService.java @@ -245,11 +245,11 @@ public class PassphraseCacheService extends Service { switch (keyType) { case DIVERT_TO_CARD: - if (Preferences.getPreferences(this).useDefaultYubikeyPin()) { - Log.d(Constants.TAG, "PassphraseCacheService: Using default Yubikey PIN: 123456"); - return new Passphrase("123456"); // default Yubikey PIN, see http://www.yubico.com/2012/12/yubikey-neo-openpgp/ + if (Preferences.getPreferences(this).useDefaultYubiKeyPin()) { + Log.d(Constants.TAG, "PassphraseCacheService: Using default YubiKey PIN: 123456"); + return new Passphrase("123456"); // default YubiKey PIN, see http://www.yubico.com/2012/12/yubikey-neo-openpgp/ } else { - Log.d(Constants.TAG, "PassphraseCacheService: NOT using default Yubikey PIN"); + Log.d(Constants.TAG, "PassphraseCacheService: NOT using default YubiKey PIN"); break; } case PASSPHRASE_EMPTY: -- cgit v1.2.3