From 1fb0ed8454c5a6cac16db336dc3af33013308d01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Thu, 8 Oct 2015 20:07:29 +0200
Subject: Revert "Check that the encrypt input uris are not linked to our own
 internal storage (OKC-01-010)"

Fix was not sufficient

This reverts commit b10b14d9bc737edc56af0eec3a14bed5ebf3ea39.
---
 .../keychain/ui/EncryptFilesFragment.java          | 29 +++-------------------
 1 file changed, 3 insertions(+), 26 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java
index ebb9674bf..19603a549 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptFilesFragment.java
@@ -18,7 +18,6 @@
 package org.sufficientlysecure.keychain.ui;
 
 
-import java.io.File;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Date;
@@ -451,29 +450,9 @@ public class EncryptFilesFragment
 
     }
 
-    /**
-     * Checks that the input uris are not linked to our own internal storage.
-     * This prevents the encryption of our own database (-> export of whole database)
-     */
-    private void securityCheckInternalStorage() {
-        for (FilesAdapter.ViewModel model : mFilesAdapter.mDataset) {
-            File fileInput = new File(model.inputUri.getPath());
-            try {
-                // the canonical path of the file must not start with /data/data/org.sufficientlysecure.keychain/
-                if (fileInput.getCanonicalPath().startsWith(getActivity().getApplicationInfo().dataDir)) {
-                    throw new RuntimeException("Encrypting OpenKeychain's private files is not allowed!");
-                }
-            } catch (IOException e) {
-                Log.e(Constants.TAG, "Getting canonical path failed!", e);
-            }
-        }
-    }
-
-    /**
-     * Prepares mOutputUris, either directly and returns false, or indirectly
-     * which returns true and will call cryptoOperation after mOutputUris has
-     * been set at a later point.
-     */
+    // prepares mOutputUris, either directly and returns false, or indirectly
+    // which returns true and will call cryptoOperation after mOutputUris has
+    // been set at a later point.
     private boolean prepareOutputStreams() {
 
         switch (mAfterEncryptAction) {
@@ -549,8 +528,6 @@ public class EncryptFilesFragment
 
         }
 
-        securityCheckInternalStorage();
-
         return actionsParcel;
 
     }
-- 
cgit v1.2.3


From 3316cb65e6b739deb7d0652fcd16a9d9bedf8c5b Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Fri, 9 Oct 2015 13:11:25 +0200
Subject: viewkeyactivity: ask for passphrase for backup only if key has one

---
 .../keychain/ui/ViewKeyActivity.java               | 32 ++++++++++++++++++++--
 1 file changed, 29 insertions(+), 3 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
index de859724b..0fb7cdf92 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
@@ -65,12 +65,14 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
+import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
+import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.ui.ViewKeyFragment.PostponeType;
 import org.sufficientlysecure.keychain.ui.base.BaseNfcActivity;
@@ -450,9 +452,33 @@ public class ViewKeyActivity extends BaseNfcActivity implements
     }
 
     private void startPassphraseActivity(int requestCode) {
-        Intent intent = new Intent(this, PassphraseDialogActivity.class);
-        intent.putExtra(PassphraseDialogActivity.EXTRA_SUBKEY_ID, mMasterKeyId);
-        startActivityForResult(intent, requestCode);
+
+        if (keyHasPassphrase()) {
+            Intent intent = new Intent(this, PassphraseDialogActivity.class);
+            intent.putExtra(PassphraseDialogActivity.EXTRA_SUBKEY_ID, mMasterKeyId);
+            startActivityForResult(intent, requestCode);
+        } else {
+            startBackupActivity();
+        }
+    }
+
+    private boolean keyHasPassphrase() {
+        try {
+            SecretKeyType secretKeyType =
+                    mProviderHelper.getCachedPublicKeyRing(mMasterKeyId).getSecretKeyType(mMasterKeyId);
+            switch (secretKeyType) {
+                // all of these make no sense to ask
+                case PASSPHRASE_EMPTY:
+                case GNU_DUMMY:
+                case DIVERT_TO_CARD:
+                case UNAVAILABLE:
+                    return false;
+                default:
+                    return true;
+            }
+        } catch (NotFoundException e) {
+            return false;
+        }
     }
 
     private void backupToFile() {
-- 
cgit v1.2.3


From eff4ae5551f286f4c870c3f9db44ceb73c3c2fcf Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <valodim@mugenguild.com>
Date: Fri, 9 Oct 2015 14:56:46 +0200
Subject: Revert "viewkeyactivity: ask for passphrase for backup only if key
 has one"

This reverts commit 3316cb65e6b739deb7d0652fcd16a9d9bedf8c5b.

Committed to wrong branch, derp :)
---
 .../keychain/ui/ViewKeyActivity.java               | 32 ++--------------------
 1 file changed, 3 insertions(+), 29 deletions(-)

(limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
index 0fb7cdf92..de859724b 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyActivity.java
@@ -65,14 +65,12 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.keyimport.ParcelableKeyRing;
 import org.sufficientlysecure.keychain.operations.results.ImportKeyResult;
 import org.sufficientlysecure.keychain.operations.results.OperationResult;
-import org.sufficientlysecure.keychain.pgp.CanonicalizedSecretKey.SecretKeyType;
 import org.sufficientlysecure.keychain.pgp.KeyRing;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
-import org.sufficientlysecure.keychain.provider.ProviderHelper.NotFoundException;
 import org.sufficientlysecure.keychain.service.ImportKeyringParcel;
 import org.sufficientlysecure.keychain.ui.ViewKeyFragment.PostponeType;
 import org.sufficientlysecure.keychain.ui.base.BaseNfcActivity;
@@ -452,33 +450,9 @@ public class ViewKeyActivity extends BaseNfcActivity implements
     }
 
     private void startPassphraseActivity(int requestCode) {
-
-        if (keyHasPassphrase()) {
-            Intent intent = new Intent(this, PassphraseDialogActivity.class);
-            intent.putExtra(PassphraseDialogActivity.EXTRA_SUBKEY_ID, mMasterKeyId);
-            startActivityForResult(intent, requestCode);
-        } else {
-            startBackupActivity();
-        }
-    }
-
-    private boolean keyHasPassphrase() {
-        try {
-            SecretKeyType secretKeyType =
-                    mProviderHelper.getCachedPublicKeyRing(mMasterKeyId).getSecretKeyType(mMasterKeyId);
-            switch (secretKeyType) {
-                // all of these make no sense to ask
-                case PASSPHRASE_EMPTY:
-                case GNU_DUMMY:
-                case DIVERT_TO_CARD:
-                case UNAVAILABLE:
-                    return false;
-                default:
-                    return true;
-            }
-        } catch (NotFoundException e) {
-            return false;
-        }
+        Intent intent = new Intent(this, PassphraseDialogActivity.class);
+        intent.putExtra(PassphraseDialogActivity.EXTRA_SUBKEY_ID, mMasterKeyId);
+        startActivityForResult(intent, requestCode);
     }
 
     private void backupToFile() {
-- 
cgit v1.2.3