From bbd97cf8004b2de49f2b8cf3b9ea1bf82b5882d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Fri, 11 Apr 2014 17:14:37 +0200 Subject: Remove queries from PgpKeyHelper, introduce encrypt to signer mode (not tested) --- .../keychain/pgp/PgpDecryptVerify.java | 2 +- .../keychain/pgp/PgpKeyHelper.java | 35 ++--------- .../keychain/pgp/PgpSignEncrypt.java | 69 ++++++++++++++-------- .../keychain/remote/OpenPgpService.java | 8 +-- .../keychain/service/KeychainIntentService.java | 14 +++-- .../keychain/ui/EncryptAsymmetricFragment.java | 2 +- .../keychain/ui/SelectSecretKeyLayoutFragment.java | 1 - 7 files changed, 66 insertions(+), 65 deletions(-) (limited to 'OpenKeychain/src/main/java/org') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java index 2bf75a4a0..33bd07086 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java @@ -594,7 +594,7 @@ public class PgpDecryptVerify { // any luck? otherwise, try next. if (data.get(KeyRings.MASTER_KEY_ID) == null) { signature = null; - // do NOT reset signatureKeyId, that one is shown when no known one is found! + // do NOT reset signatureMasterKeyId, that one is shown when no known one is found! continue; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java index cd00f000c..82136ac1b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyHelper.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2012-2013 Dominik Schürmann + * Copyright (C) 2012-2014 Dominik Schürmann * Copyright (C) 2010-2014 Thialfihar * * This program is free software: you can redistribute it and/or modify @@ -34,7 +34,6 @@ import org.spongycastle.openpgp.PGPSignatureSubpacketVector; import org.spongycastle.util.encoders.Hex; import org.sufficientlysecure.keychain.Constants; import org.sufficientlysecure.keychain.R; -import org.sufficientlysecure.keychain.provider.ProviderHelper; import org.sufficientlysecure.keychain.util.IterableIterator; import org.sufficientlysecure.keychain.util.Log; @@ -200,15 +199,7 @@ public class PgpKeyHelper { return getExpiryDate(key.getPublicKey()); } - public static PGPPublicKey getEncryptPublicKey(Context context, long masterKeyId) { - PGPPublicKeyRing keyRing = null; - try { - keyRing = ProviderHelper.getPGPPublicKeyRing(context, masterKeyId); - } catch (ProviderHelper.NotFoundException e) { - Log.e(Constants.TAG, "key not found!", e); - // TODO: throw exception here! - return null; - } + public static PGPPublicKey getEncryptPublicKey(PGPPublicKeyRing keyRing) { Vector encryptKeys = getUsableEncryptKeys(keyRing); if (encryptKeys.size() == 0) { Log.e(Constants.TAG, "encryptKeys is null!"); @@ -217,15 +208,7 @@ public class PgpKeyHelper { return encryptKeys.get(0); } - public static PGPSecretKey getCertificationKey(Context context, long masterKeyId) { - PGPSecretKeyRing keyRing = null; - try { - keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId); - } catch (ProviderHelper.NotFoundException e) { - Log.e(Constants.TAG, "key not found!", e); - // TODO: throw exception here! - return null; - } + public static PGPSecretKey getCertificationKey(PGPSecretKeyRing keyRing) { Vector signingKeys = getUsableCertificationKeys(keyRing); if (signingKeys.size() == 0) { return null; @@ -233,15 +216,7 @@ public class PgpKeyHelper { return signingKeys.get(0); } - public static PGPSecretKey getSigningKey(Context context, long masterKeyId) { - PGPSecretKeyRing keyRing = null; - try { - keyRing = ProviderHelper.getPGPSecretKeyRing(context, masterKeyId); - } catch (ProviderHelper.NotFoundException e) { - Log.e(Constants.TAG, "key not found!", e); - // TODO: throw exception here! - return null; - } + public static PGPSecretKey getSigningKey(PGPSecretKeyRing keyRing) { Vector signingKeys = getUsableSigningKeys(keyRing); if (signingKeys.size() == 0) { return null; @@ -482,7 +457,7 @@ public class PgpKeyHelper { break; } } - if(keySize > 0) + if (keySize > 0) return algorithmStr + ", " + keySize + " bit"; else return algorithmStr; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java index 53444f739..1a0bc85f8 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java @@ -29,6 +29,7 @@ import org.spongycastle.openpgp.PGPLiteralData; import org.spongycastle.openpgp.PGPLiteralDataGenerator; import org.spongycastle.openpgp.PGPPrivateKey; import org.spongycastle.openpgp.PGPPublicKey; +import org.spongycastle.openpgp.PGPPublicKeyRing; import org.spongycastle.openpgp.PGPSecretKey; import org.spongycastle.openpgp.PGPSecretKeyRing; import org.spongycastle.openpgp.PGPSignature; @@ -58,6 +59,7 @@ import java.io.OutputStream; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; import java.security.SignatureException; +import java.util.Arrays; import java.util.Date; /** @@ -71,13 +73,14 @@ public class PgpSignEncrypt { private ProgressDialogUpdater mProgress; private boolean mEnableAsciiArmorOutput; private int mCompressionId; - private long[] mEncryptionKeyIds; + private long[] mEncryptionMasterKeyIds; private String mSymmetricPassphrase; private int mSymmetricEncryptionAlgorithm; - private long mSignatureKeyId; + private long mSignatureMasterKeyId; private int mSignatureHashAlgorithm; private boolean mSignatureForceV3; private String mSignaturePassphrase; + private boolean mEncryptToSigner; private PgpSignEncrypt(Builder builder) { // private Constructor can only be called from Builder @@ -88,13 +91,14 @@ public class PgpSignEncrypt { this.mProgress = builder.mProgress; this.mEnableAsciiArmorOutput = builder.mEnableAsciiArmorOutput; this.mCompressionId = builder.mCompressionId; - this.mEncryptionKeyIds = builder.mEncryptionKeyIds; + this.mEncryptionMasterKeyIds = builder.mEncryptionMasterKeyIds; this.mSymmetricPassphrase = builder.mSymmetricPassphrase; this.mSymmetricEncryptionAlgorithm = builder.mSymmetricEncryptionAlgorithm; - this.mSignatureKeyId = builder.mSignatureKeyId; + this.mSignatureMasterKeyId = builder.mSignatureMasterKeyId; this.mSignatureHashAlgorithm = builder.mSignatureHashAlgorithm; this.mSignatureForceV3 = builder.mSignatureForceV3; this.mSignaturePassphrase = builder.mSignaturePassphrase; + this.mEncryptToSigner = builder.mEncryptToSigner; } public static class Builder { @@ -107,13 +111,14 @@ public class PgpSignEncrypt { private ProgressDialogUpdater mProgress = null; private boolean mEnableAsciiArmorOutput = false; private int mCompressionId = Id.choice.compression.none; - private long[] mEncryptionKeyIds = null; + private long[] mEncryptionMasterKeyIds = null; private String mSymmetricPassphrase = null; private int mSymmetricEncryptionAlgorithm = 0; - private long mSignatureKeyId = Id.key.none; + private long mSignatureMasterKeyId = Id.key.none; private int mSignatureHashAlgorithm = 0; private boolean mSignatureForceV3 = false; private String mSignaturePassphrase = null; + private boolean mEncryptToSigner = false; public Builder(Context context, InputData data, OutputStream outStream) { this.mContext = context; @@ -136,8 +141,8 @@ public class PgpSignEncrypt { return this; } - public Builder encryptionKeyIds(long[] encryptionKeyIds) { - this.mEncryptionKeyIds = encryptionKeyIds; + public Builder encryptionMasterKeyIds(long[] encryptionMasterKeyIds) { + this.mEncryptionMasterKeyIds = encryptionMasterKeyIds; return this; } @@ -151,8 +156,8 @@ public class PgpSignEncrypt { return this; } - public Builder signatureKeyId(long signatureKeyId) { - this.mSignatureKeyId = signatureKeyId; + public Builder signatureMasterKeyId(long signatureMasterKeyId) { + this.mSignatureMasterKeyId = signatureMasterKeyId; return this; } @@ -171,6 +176,11 @@ public class PgpSignEncrypt { return this; } + public Builder encryptToSigner(boolean encryptToSigner) { + this.mEncryptToSigner = encryptToSigner; + return this; + } + public PgpSignEncrypt build() { return new PgpSignEncrypt(this); } @@ -202,8 +212,8 @@ public class PgpSignEncrypt { throws IOException, PgpGeneralException, PGPException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException { - boolean enableSignature = mSignatureKeyId != Id.key.none; - boolean enableEncryption = ((mEncryptionKeyIds != null && mEncryptionKeyIds.length > 0) + boolean enableSignature = mSignatureMasterKeyId != Id.key.none; + boolean enableEncryption = ((mEncryptionMasterKeyIds != null && mEncryptionMasterKeyIds.length > 0) || mSymmetricPassphrase != null); boolean enableCompression = (enableEncryption && mCompressionId != Id.choice.compression.none); @@ -212,6 +222,12 @@ public class PgpSignEncrypt { + "\nenableCompression:" + enableCompression + "\nenableAsciiArmorOutput:" + mEnableAsciiArmorOutput); + // add signature key id to encryption ids (self-encrypt) + if (enableEncryption && enableSignature && mEncryptToSigner) { + mEncryptionMasterKeyIds = Arrays.copyOf(mEncryptionMasterKeyIds, mEncryptionMasterKeyIds.length + 1); + mEncryptionMasterKeyIds[mEncryptionMasterKeyIds.length - 1] = mSignatureMasterKeyId; + } + int signatureType; if (mEnableAsciiArmorOutput && enableSignature && !enableEncryption && !enableCompression) { // for sign-only ascii text @@ -236,11 +252,11 @@ public class PgpSignEncrypt { PGPPrivateKey signaturePrivateKey = null; if (enableSignature) { try { - signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId); + signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId); } catch (ProviderHelper.NotFoundException e) { throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); } - signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId); + signingKey = PgpKeyHelper.getSigningKey(signingKeyRing); if (signingKey == null) { throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); } @@ -275,19 +291,24 @@ public class PgpSignEncrypt { if (mSymmetricPassphrase != null) { // Symmetric encryption - Log.d(Constants.TAG, "encryptionKeyIds length is 0 -> symmetric encryption"); + Log.d(Constants.TAG, "encryptionMasterKeyIds length is 0 -> symmetric encryption"); JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator = new JcePBEKeyEncryptionMethodGenerator(mSymmetricPassphrase.toCharArray()); cPk.addMethod(symmetricEncryptionGenerator); } else { // Asymmetric encryption - for (long id : mEncryptionKeyIds) { - PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(mContext, id); - if (key != null) { - JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator = - new JcePublicKeyKeyEncryptionMethodGenerator(key); - cPk.addMethod(pubKeyEncryptionGenerator); + for (long id : mEncryptionMasterKeyIds) { + try { + PGPPublicKeyRing keyRing = ProviderHelper.getPGPPublicKeyRing(mContext, id); + PGPPublicKey key = PgpKeyHelper.getEncryptPublicKey(keyRing); + if (key != null) { + JcePublicKeyKeyEncryptionMethodGenerator pubKeyEncryptionGenerator = + new JcePublicKeyKeyEncryptionMethodGenerator(key); + cPk.addMethod(pubKeyEncryptionGenerator); + } + } catch (ProviderHelper.NotFoundException e) { + Log.e(Constants.TAG, "key not found!", e); } } } @@ -464,17 +485,17 @@ public class PgpSignEncrypt { out = mOutStream; } - if (mSignatureKeyId == 0) { + if (mSignatureMasterKeyId == 0) { throw new PgpGeneralException(mContext.getString(R.string.error_no_signature_key)); } PGPSecretKeyRing signingKeyRing; try { - signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureKeyId); + signingKeyRing = ProviderHelper.getPGPSecretKeyRingWithKeyId(mContext, mSignatureMasterKeyId); } catch (ProviderHelper.NotFoundException e) { throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); } - PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(mContext, mSignatureKeyId); + PGPSecretKey signingKey = PgpKeyHelper.getSigningKey(signingKeyRing); if (signingKey == null) { throw new PgpGeneralException(mContext.getString(R.string.error_signature_failed)); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java index b38fea5a9..06df2f881 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/remote/OpenPgpService.java @@ -169,7 +169,7 @@ public class OpenPgpService extends RemoteService { builder.enableAsciiArmorOutput(asciiArmor) .signatureHashAlgorithm(accSettings.getHashAlgorithm()) .signatureForceV3(false) - .signatureKeyId(accSettings.getKeyId()) + .signatureMasterKeyId(accSettings.getKeyId()) .signaturePassphrase(passphrase); builder.build().execute(); } finally { @@ -235,7 +235,7 @@ public class OpenPgpService extends RemoteService { builder.enableAsciiArmorOutput(asciiArmor) .compressionId(accSettings.getCompression()) .symmetricEncryptionAlgorithm(accSettings.getEncryptionAlgorithm()) - .encryptionKeyIds(keyIds); + .encryptionMasterKeyIds(keyIds); if (sign) { String passphrase; @@ -254,11 +254,11 @@ public class OpenPgpService extends RemoteService { // sign and encrypt builder.signatureHashAlgorithm(accSettings.getHashAlgorithm()) .signatureForceV3(false) - .signatureKeyId(accSettings.getKeyId()) + .signatureMasterKeyId(accSettings.getKeyId()) .signaturePassphrase(passphrase); } else { // encrypt only - builder.signatureKeyId(Id.key.none); + builder.signatureMasterKeyId(Id.key.none); } // execute PGP operation! builder.build().execute(); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java index 0fb28ed1c..c10dec24b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeychainIntentService.java @@ -319,9 +319,9 @@ public class KeychainIntentService extends IntentService .symmetricEncryptionAlgorithm( Preferences.getPreferences(this).getDefaultEncryptionAlgorithm()) .signatureForceV3(Preferences.getPreferences(this).getForceV3Signatures()) - .encryptionKeyIds(encryptionKeyIds) + .encryptionMasterKeyIds(encryptionKeyIds) .symmetricPassphrase(symmetricPassphrase) - .signatureKeyId(signatureKeyId) + .signatureMasterKeyId(signatureKeyId) .signatureHashAlgorithm( Preferences.getPreferences(this).getDefaultHashAlgorithm()) .signaturePassphrase( @@ -811,8 +811,14 @@ public class KeychainIntentService extends IntentService PgpKeyOperation keyOperation = new PgpKeyOperation(new ProgressScaler(this, 0, 100, 100)); PGPPublicKeyRing publicRing = ProviderHelper.getPGPPublicKeyRing(this, pubKeyId); PGPPublicKey publicKey = publicRing.getPublicKey(pubKeyId); - PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(this, - masterKeyId); + PGPSecretKeyRing secretKeyRing = null; + try { + secretKeyRing = ProviderHelper.getPGPSecretKeyRing(this, masterKeyId); + } catch (ProviderHelper.NotFoundException e) { + Log.e(Constants.TAG, "key not found!", e); + // TODO: throw exception here! + } + PGPSecretKey certificationKey = PgpKeyHelper.getCertificationKey(secretKeyRing); publicKey = keyOperation.certifyKey(certificationKey, publicKey, userIds, signaturePassphrase); publicRing = PGPPublicKeyRing.insertPublicKey(publicRing, publicKey); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java index a99c9eca8..a276b6382 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/EncryptAsymmetricFragment.java @@ -138,7 +138,7 @@ public class EncryptAsymmetricFragment extends Fragment { } /** - * If an Intent gives a signatureKeyId and/or encryptionKeyIds, preselect those! + * If an Intent gives a signatureMasterKeyId and/or encryptionMasterKeyIds, preselect those! * * @param preselectedSignatureKeyId * @param preselectedEncryptionKeyIds diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SelectSecretKeyLayoutFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SelectSecretKeyLayoutFragment.java index 514951385..a0aa97567 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SelectSecretKeyLayoutFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SelectSecretKeyLayoutFragment.java @@ -84,7 +84,6 @@ public class SelectSecretKeyLayoutFragment extends Fragment implements LoaderMan } public void setSelectedKeyData(String userName, String email, String masterKeyHex) { - mNoKeySelected.setVisibility(View.GONE); mKeyUserId.setText(userName); -- cgit v1.2.3