From 1463bae1b43ffbac6672a19cc87ac1dbcfca9530 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 17:32:21 +0200 Subject: fix merge problems (derp) --- .../java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 991d013ae..612f38e15 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -422,7 +422,7 @@ public class PgpKeyOperation { Date expiryTime = wsKR.getPublicKey().getExpiryTime(); long masterKeyExpiry = expiryTime != null ? expiryTime.getTime() / 1000 : 0L; - return internal(sKR, masterSecretKey, masterKeyFlags, masterKeyExpiry, cryptoInput, saveParcel, log); + return internal(sKR, masterSecretKey, masterKeyFlags, masterKeyExpiry, cryptoInput, saveParcel, log, indent); } @@ -430,9 +430,7 @@ public class PgpKeyOperation { int masterKeyFlags, long masterKeyExpiry, CryptoInputParcel cryptoInput, SaveKeyringParcel saveParcel, - OperationLog log) { - - int indent = 1; + OperationLog log, int indent) { NfcSignOperationsBuilder nfcSignOps = new NfcSignOperationsBuilder( cryptoInput.getSignatureTime(), masterSecretKey.getKeyID(), -- cgit v1.2.3 From 34c26fe5d1b0ae3b69a264d56e2b3752711410ca Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 17:33:28 +0200 Subject: shorten fp data to 20 bytes for convertFingerprintToHex in NfcBaseOperation --- .../keychain/ui/CreateKeyYubiKeyImportFragment.java | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java index e2c36c60d..61db8552b 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyYubiKeyImportFragment.java @@ -18,6 +18,7 @@ package org.sufficientlysecure.keychain.ui; import java.io.IOException; +import java.nio.ByteBuffer; import java.util.ArrayList; import android.app.Activity; @@ -57,7 +58,6 @@ public class CreateKeyYubiKeyImportFragment extends Fragment implements NfcListe CreateKeyActivity mCreateKeyActivity; private byte[] mNfcFingerprints; - private long mNfcMasterKeyId; private byte[] mNfcAid; private String mNfcUserId; private String mNfcFingerprint; @@ -88,8 +88,9 @@ public class CreateKeyYubiKeyImportFragment extends Fragment implements NfcListe mNfcAid = args.getByteArray(ARG_AID); mNfcUserId = args.getString(ARG_USER_ID); - mNfcMasterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mNfcFingerprints); - mNfcFingerprint = KeyFormattingUtils.convertFingerprintToHex(mNfcFingerprints); + byte[] fp = new byte[20]; + ByteBuffer.wrap(fp).put(mNfcFingerprints, 0, 20); + mNfcFingerprint = KeyFormattingUtils.convertFingerprintToHex(fp); } @@ -226,9 +227,8 @@ public class CreateKeyYubiKeyImportFragment extends Fragment implements NfcListe intent.setAction(KeychainIntentService.ACTION_IMPORT_KEYRING); - String hexFp = KeyFormattingUtils.convertFingerprintToHex(mNfcFingerprints); ArrayList keyList = new ArrayList<>(); - keyList.add(new ParcelableKeyRing(hexFp, null, null)); + keyList.add(new ParcelableKeyRing(mNfcFingerprint, null, null)); data.putParcelableArrayList(KeychainIntentService.IMPORT_KEY_LIST, keyList); { @@ -258,8 +258,9 @@ public class CreateKeyYubiKeyImportFragment extends Fragment implements NfcListe mNfcAid = mCreateKeyActivity.nfcGetAid(); mNfcUserId = mCreateKeyActivity.nfcGetUserId(); - mNfcMasterKeyId = KeyFormattingUtils.getKeyIdFromFingerprint(mNfcFingerprints); - mNfcFingerprint = KeyFormattingUtils.convertFingerprintToHex(mNfcFingerprints); + byte[] fp = new byte[20]; + ByteBuffer.wrap(fp).put(mNfcFingerprints, 0, 20); + mNfcFingerprint = KeyFormattingUtils.convertFingerprintToHex(fp); setData(); refreshSearch(); -- cgit v1.2.3 From 1deb5dbfda73b0fa72c132c318d9fb7a46aafeee Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 18:55:34 +0200 Subject: preserve state in DecryptTextActivity --- .../keychain/ui/DecryptFragment.java | 25 ++++++++++++++++++++ .../keychain/ui/DecryptTextActivity.java | 26 +++++++++------------ .../keychain/ui/DecryptTextFragment.java | 27 ++++++++++++++-------- .../keychain/ui/util/KeyFormattingUtils.java | 2 +- 4 files changed, 55 insertions(+), 25 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptFragment.java index c5f9821d3..e13365feb 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptFragment.java @@ -60,6 +60,7 @@ public abstract class DecryptFragment extends CryptoOperationFragment implements LoaderManager.LoaderCallbacks { public static final int LOADER_ID_UNIFIED = 0; + public static final String ARG_DECRYPT_VERIFY_RESULT = "decrypt_verify_result"; protected LinearLayout mResultLayout; protected ImageView mEncryptionIcon; @@ -75,6 +76,7 @@ public abstract class DecryptFragment extends CryptoOperationFragment implements private LinearLayout mErrorOverlayLayout; private OpenPgpSignatureResult mSignatureResult; + private DecryptVerifyResult mDecryptVerifyResult; @Override public void onViewCreated(View view, Bundle savedInstanceState) { @@ -105,6 +107,27 @@ public abstract class DecryptFragment extends CryptoOperationFragment implements }); } + @Override + public void onSaveInstanceState(Bundle outState) { + super.onSaveInstanceState(outState); + + outState.putParcelable(ARG_DECRYPT_VERIFY_RESULT, mDecryptVerifyResult); + } + + @Override + public void onViewStateRestored(Bundle savedInstanceState) { + super.onViewStateRestored(savedInstanceState); + + if (savedInstanceState == null) { + return; + } + + DecryptVerifyResult result = savedInstanceState.getParcelable(ARG_DECRYPT_VERIFY_RESULT); + if (result != null) { + loadVerifyResult(result); + } + } + private void lookupUnknownKey(long unknownKeyId) { // Message is received after importing is done in KeychainIntentService @@ -183,7 +206,9 @@ public abstract class DecryptFragment extends CryptoOperationFragment implements */ protected void loadVerifyResult(DecryptVerifyResult decryptVerifyResult) { + mDecryptVerifyResult = decryptVerifyResult; mSignatureResult = decryptVerifyResult.getSignatureResult(); + mResultLayout.setVisibility(View.VISIBLE); // unsigned data diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextActivity.java index e2eba3947..0c463c2cd 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextActivity.java @@ -21,6 +21,7 @@ package org.sufficientlysecure.keychain.ui; import android.app.Activity; import android.content.Intent; import android.os.Bundle; +import android.support.v4.app.Fragment; import android.text.TextUtils; import android.view.View; import android.widget.Toast; @@ -46,8 +47,6 @@ public class DecryptTextActivity extends BaseActivity { // intern public static final String ACTION_DECRYPT_FROM_CLIPBOARD = Constants.INTENT_PREFIX + "DECRYPT_TEXT_FROM_CLIPBOARD"; - DecryptTextFragment mFragment; - @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); @@ -148,6 +147,10 @@ public class DecryptTextActivity extends BaseActivity { extras = new Bundle(); } + if (savedInstanceState != null) { + return; + } + if (Intent.ACTION_SEND.equals(action) && type != null) { Log.d(Constants.TAG, "ACTION_SEND"); Log.logDebugBundle(extras, "SEND extras"); @@ -158,7 +161,7 @@ public class DecryptTextActivity extends BaseActivity { sharedText = getPgpContent(sharedText); if (sharedText != null) { - loadFragment(savedInstanceState, sharedText); + loadFragment(sharedText); } else { Log.e(Constants.TAG, "EXTRA_TEXT does not contain PGP content!"); Toast.makeText(this, R.string.error_invalid_data, Toast.LENGTH_LONG).show(); @@ -176,7 +179,7 @@ public class DecryptTextActivity extends BaseActivity { extraText = getPgpContent(extraText); if (extraText != null) { - loadFragment(savedInstanceState, extraText); + loadFragment(extraText); } else { Log.e(Constants.TAG, "EXTRA_TEXT does not contain PGP content!"); Toast.makeText(this, R.string.error_invalid_data, Toast.LENGTH_LONG).show(); @@ -189,7 +192,7 @@ public class DecryptTextActivity extends BaseActivity { String text = getPgpContent(clipboardText); if (text != null) { - loadFragment(savedInstanceState, text); + loadFragment(text); } else { returnInvalidResult(); } @@ -209,21 +212,14 @@ public class DecryptTextActivity extends BaseActivity { finish(); } - private void loadFragment(Bundle savedInstanceState, String ciphertext) { - // However, if we're being restored from a previous state, - // then we don't need to do anything and should return or else - // we could end up with overlapping fragments. - if (savedInstanceState != null) { - return; - } - + private void loadFragment(String ciphertext) { // Create an instance of the fragment - mFragment = DecryptTextFragment.newInstance(ciphertext); + Fragment frag = DecryptTextFragment.newInstance(ciphertext); // Add the fragment to the 'fragment_container' FrameLayout // NOTE: We use commitAllowingStateLoss() to prevent weird crashes! getSupportFragmentManager().beginTransaction() - .replace(R.id.decrypt_text_fragment_container, mFragment) + .replace(R.id.decrypt_text_fragment_container, frag) .commitAllowingStateLoss(); // do it immediately! getSupportFragmentManager().executePendingTransactions(); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextFragment.java index 381da6f0d..a666c2357 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/DecryptTextFragment.java @@ -28,8 +28,6 @@ import android.view.MenuInflater; import android.view.MenuItem; import android.view.View; import android.view.ViewGroup; -import android.widget.Button; -import android.widget.LinearLayout; import android.widget.TextView; import org.sufficientlysecure.keychain.Constants; @@ -48,17 +46,15 @@ import java.io.UnsupportedEncodingException; public class DecryptTextFragment extends DecryptFragment { public static final String ARG_CIPHERTEXT = "ciphertext"; + public static final String ARG_SHOW_MENU = "show_menu"; // view private TextView mText; // model private String mCiphertext; - private boolean mShowMenuOptions = false; + private boolean mShowMenuOptions; - /** - * Creates new instance of this fragment - */ public static DecryptTextFragment newInstance(String ciphertext) { DecryptTextFragment frag = new DecryptTextFragment(); @@ -115,11 +111,24 @@ public class DecryptTextFragment extends DecryptFragment { setHasOptionsMenu(true); - String ciphertext = getArguments().getString(ARG_CIPHERTEXT); - if (ciphertext != null) { - mCiphertext = ciphertext; + Bundle args = savedInstanceState == null ? getArguments() : savedInstanceState; + mCiphertext = args.getString(ARG_CIPHERTEXT); + mShowMenuOptions = args.getBoolean(ARG_SHOW_MENU, false); + + if (savedInstanceState == null) { cryptoOperation(new CryptoInputParcel()); } + + } + + @Override + public void onSaveInstanceState(Bundle outState) { + super.onSaveInstanceState(outState); + + outState.putString(ARG_CIPHERTEXT, mCiphertext); + outState.putBoolean(ARG_SHOW_MENU, mShowMenuOptions); + // no need to save the decrypted text, it's in the textview + } @Override diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java index 10c1aca0c..dd85a6e46 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java @@ -219,7 +219,7 @@ public class KeyFormattingUtils { // NOTE: Even though v3 keys are not imported we need to support both fingerprints for // display/comparison before import if (fingerprint.length != 16 && fingerprint.length != 20) { - throw new AssertionError("No valid v3 or v4 fingerprint!"); + throw new IllegalArgumentException("No valid v3 or v4 fingerprint!"); } return Hex.toHexString(fingerprint).toLowerCase(Locale.ENGLISH); -- cgit v1.2.3 From 18844a20bba68f8a6bf89c2faaa698c403ff1c18 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 19:16:36 +0200 Subject: make masterKeyId and subKeyId strictly required in CryptoInputParcel --- .../keychain/pgp/PgpDecryptVerify.java | 3 +- .../keychain/pgp/PgpSignEncryptOperation.java | 1 + .../service/input/RequiredInputParcel.java | 38 ++++++++-------------- 3 files changed, 17 insertions(+), 25 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java index aa1125800..ea5147eb5 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java @@ -602,7 +602,8 @@ public class PgpDecryptVerify extends BaseOperation { } catch (NfcSyncPublicKeyDataDecryptorFactoryBuilder.NfcInteractionNeeded e) { log.add(LogType.MSG_DC_PENDING_NFC, indent + 1); return new DecryptVerifyResult(log, RequiredInputParcel.createNfcDecryptOperation( - e.encryptedSessionKey, secretEncryptionKey.getKeyId() + secretEncryptionKey.getRing().getMasterKeyId(), + secretEncryptionKey.getKeyId(), e.encryptedSessionKey )); } encryptedData = encryptedDataAsymmetric; diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java index 9073e81b9..89bdf1c89 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java @@ -497,6 +497,7 @@ public class PgpSignEncryptOperation extends BaseOperation { // this secret key diverts to a OpenPGP card, throw exception with hash that will be signed log.add(LogType.MSG_PSE_PENDING_NFC, indent); return new PgpSignEncryptResult(log, RequiredInputParcel.createNfcSignOperation( + signingKey.getRing().getMasterKeyId(), signingKey.getKeyId(), e.hashToSign, e.hashAlgo, cryptoInput.getSignatureTime())); } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java index 535c1e735..6436589e3 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/input/RequiredInputParcel.java @@ -7,8 +7,6 @@ import java.util.Date; import android.os.Parcel; import android.os.Parcelable; -import org.sufficientlysecure.keychain.Constants.key; - public class RequiredInputParcel implements Parcelable { @@ -23,8 +21,8 @@ public class RequiredInputParcel implements Parcelable { public final byte[][] mInputHashes; public final int[] mSignAlgos; - private Long mMasterKeyId; - private Long mSubKeyId; + private long mMasterKeyId; + private long mSubKeyId; private RequiredInputParcel(RequiredInputType type, byte[][] inputHashes, int[] signAlgos, Date signatureTime, Long masterKeyId, Long subKeyId) { @@ -62,8 +60,8 @@ public class RequiredInputParcel implements Parcelable { } mSignatureTime = source.readInt() != 0 ? new Date(source.readLong()) : null; - mMasterKeyId = source.readInt() != 0 ? source.readLong() : null; - mSubKeyId = source.readInt() != 0 ? source.readLong() : null; + mMasterKeyId = source.readLong(); + mSubKeyId = source.readLong(); } @@ -76,15 +74,17 @@ public class RequiredInputParcel implements Parcelable { } public static RequiredInputParcel createNfcSignOperation( + long masterKeyId, long subKeyId, byte[] inputHash, int signAlgo, Date signatureTime) { return new RequiredInputParcel(RequiredInputType.NFC_SIGN, new byte[][] { inputHash }, new int[] { signAlgo }, - signatureTime, null, null); + signatureTime, masterKeyId, subKeyId); } - public static RequiredInputParcel createNfcDecryptOperation(byte[] inputHash, long subKeyId) { + public static RequiredInputParcel createNfcDecryptOperation( + long masterKeyId, long subKeyId, byte[] inputHash) { return new RequiredInputParcel(RequiredInputType.NFC_DECRYPT, - new byte[][] { inputHash }, null, null, null, subKeyId); + new byte[][] { inputHash }, null, null, masterKeyId, subKeyId); } public static RequiredInputParcel createRequiredSignPassphrase( @@ -136,18 +136,8 @@ public class RequiredInputParcel implements Parcelable { } else { dest.writeInt(0); } - if (mMasterKeyId != null) { - dest.writeInt(1); - dest.writeLong(mMasterKeyId); - } else { - dest.writeInt(0); - } - if (mSubKeyId != null) { - dest.writeInt(1); - dest.writeLong(mSubKeyId); - } else { - dest.writeInt(0); - } + dest.writeLong(mMasterKeyId); + dest.writeLong(mSubKeyId); } @@ -165,10 +155,10 @@ public class RequiredInputParcel implements Parcelable { Date mSignatureTime; ArrayList mSignAlgos = new ArrayList<>(); ArrayList mInputHashes = new ArrayList<>(); - Long mMasterKeyId; - Long mSubKeyId; + long mMasterKeyId; + long mSubKeyId; - public NfcSignOperationsBuilder(Date signatureTime, Long masterKeyId, Long subKeyId) { + public NfcSignOperationsBuilder(Date signatureTime, long masterKeyId, long subKeyId) { mSignatureTime = signatureTime; mMasterKeyId = masterKeyId; mSubKeyId = subKeyId; -- cgit v1.2.3 From 007bbdda2bd310d7141a4d1c2125c781bf8aabef Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 19:27:56 +0200 Subject: respect cache in yubikey pin data flow --- .../keychain/ui/NfcOperationActivity.java | 4 ++-- .../keychain/ui/base/BaseNfcActivity.java | 23 ++++++++++++++++++---- 2 files changed, 21 insertions(+), 6 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java index aa66053fa..08a34b49f 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/NfcOperationActivity.java @@ -54,7 +54,7 @@ public class NfcOperationActivity extends BaseNfcActivity { mServiceIntent = data.getParcelable(EXTRA_SERVICE_INTENT); // obtain passphrase for this subkey - obtainYubiKeyPin(RequiredInputParcel.createRequiredPassphrase(mRequiredInput)); + obtainYubiKeyPin(mRequiredInput); } @Override @@ -115,7 +115,7 @@ public class NfcOperationActivity extends BaseNfcActivity { PassphraseCacheService.clearCachedPassphrase( this, mRequiredInput.getMasterKeyId(), mRequiredInput.getSubKeyId()); - obtainYubiKeyPin(RequiredInputParcel.createRequiredPassphrase(mRequiredInput)); + obtainYubiKeyPin(mRequiredInput); } } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java index fb6060d58..9dd5815e3 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseNfcActivity.java @@ -39,6 +39,8 @@ import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException; import org.sufficientlysecure.keychain.provider.CachedPublicKeyRing; import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings; import org.sufficientlysecure.keychain.provider.ProviderHelper; +import org.sufficientlysecure.keychain.service.PassphraseCacheService; +import org.sufficientlysecure.keychain.service.PassphraseCacheService.KeyNotFoundException; import org.sufficientlysecure.keychain.service.input.CryptoInputParcel; import org.sufficientlysecure.keychain.service.input.RequiredInputParcel; import org.sufficientlysecure.keychain.ui.CreateKeyActivity; @@ -129,16 +131,29 @@ public abstract class BaseNfcActivity extends BaseActivity { protected void obtainYubiKeyPin(RequiredInputParcel requiredInput) { + // shortcut if we only use the default yubikey pin Preferences prefs = Preferences.getPreferences(this); if (prefs.useDefaultYubiKeyPin()) { mPin = new Passphrase("123456"); return; } - Intent intent = new Intent(this, PassphraseDialogActivity.class); - intent.putExtra(PassphraseDialogActivity.EXTRA_REQUIRED_INPUT, - RequiredInputParcel.createRequiredPassphrase(requiredInput)); - startActivityForResult(intent, REQUEST_CODE_PASSPHRASE); + try { + Passphrase phrase = PassphraseCacheService.getCachedPassphrase(this, + requiredInput.getMasterKeyId(), requiredInput.getSubKeyId()); + if (phrase != null) { + mPin = phrase; + return; + } + + Intent intent = new Intent(this, PassphraseDialogActivity.class); + intent.putExtra(PassphraseDialogActivity.EXTRA_REQUIRED_INPUT, + RequiredInputParcel.createRequiredPassphrase(requiredInput)); + startActivityForResult(intent, REQUEST_CODE_PASSPHRASE); + } catch (KeyNotFoundException e) { + throw new AssertionError( + "tried to find passphrase for non-existing key. this is a programming error!"); + } } -- cgit v1.2.3 From b2f32827c66c5cd5d14452b6f909cfe8c7c595a2 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 22:00:08 +0200 Subject: allow user packets with only revocation packet --- .../org/sufficientlysecure/keychain/provider/ProviderHelper.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index 33e9a4345..fe5cea70e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -648,10 +648,6 @@ public class ProviderHelper { UserPacketItem item = uids.get(userIdRank); operations.add(buildUserIdOperations(masterKeyId, item, userIdRank)); - if (item.selfCert == null) { - throw new AssertionError("User ids MUST be self-certified at this point!!"); - } - if (item.selfRevocation != null) { operations.add(buildCertOperations(masterKeyId, userIdRank, item.selfRevocation, Certs.VERIFIED_SELF)); @@ -659,6 +655,10 @@ public class ProviderHelper { continue; } + if (item.selfCert == null) { + throw new AssertionError("User ids MUST be self-certified at this point!!"); + } + operations.add(buildCertOperations(masterKeyId, userIdRank, item.selfCert, selfCertsAreTrusted ? Certs.VERIFIED_SECRET : Certs.VERIFIED_SELF)); -- cgit v1.2.3 From c8f788b92574e2dde181f3795ebd9749d76ceedf Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 22:22:24 +0200 Subject: set to stripped by default, rather than "unavailable" --- .../org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java | 6 +++--- .../org/sufficientlysecure/keychain/provider/ProviderHelper.java | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java index 39d0a2f1d..a26d80e8c 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java @@ -69,9 +69,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { private PGPPrivateKey mPrivateKey = null; private int mPrivateKeyState = PRIVATE_KEY_STATE_LOCKED; - private static int PRIVATE_KEY_STATE_LOCKED = 0; - private static int PRIVATE_KEY_STATE_UNLOCKED = 1; - private static int PRIVATE_KEY_STATE_DIVERT_TO_CARD = 2; + final private static int PRIVATE_KEY_STATE_LOCKED = 0; + final private static int PRIVATE_KEY_STATE_UNLOCKED = 1; + final private static int PRIVATE_KEY_STATE_DIVERT_TO_CARD = 2; CanonicalizedSecretKey(CanonicalizedSecretKeyRing ring, PGPSecretKey key) { super(ring, key.getPublicKey()); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index fe5cea70e..35996ffb7 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -782,7 +782,7 @@ public class ProviderHelper { // first, mark all keys as not available ContentValues values = new ContentValues(); - values.put(Keys.HAS_SECRET, SecretKeyType.UNAVAILABLE.getNum()); + values.put(Keys.HAS_SECRET, SecretKeyType.GNU_DUMMY.getNum()); mContentResolver.update(uri, values, null, null); // then, mark exactly the keys we have available -- cgit v1.2.3 From c4d392051c8967823fd28a75ed5b622219f816f7 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 28 May 2015 22:34:02 +0200 Subject: improve robustness of SecretKeyType handling --- .../keychain/pgp/CanonicalizedSecretKey.java | 12 +++++++----- .../org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java | 6 +++--- .../sufficientlysecure/keychain/provider/ProviderHelper.java | 2 +- 3 files changed, 11 insertions(+), 9 deletions(-) (limited to 'OpenKeychain/src/main/java') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java index a26d80e8c..2812ed954 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java @@ -123,9 +123,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { } public SecretKeyType getSecretKeyType() { - if (mSecretKey.getS2K() != null && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K) { // divert to card is special - if (mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + if (s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { return SecretKeyType.DIVERT_TO_CARD; } // no matter the exact protection mode, it's some kind of dummy key @@ -156,9 +157,10 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey { */ public boolean unlock(Passphrase passphrase) throws PgpGeneralException { // handle keys on OpenPGP cards like they were unlocked - if (mSecretKey.getS2K() != null - && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K - && mSecretKey.getS2K().getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { + S2K s2k = mSecretKey.getS2K(); + if (s2k != null + && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD) { mPrivateKeyState = PRIVATE_KEY_STATE_DIVERT_TO_CARD; return true; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java index 612f38e15..942eb7b68 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java @@ -1478,13 +1478,13 @@ public class PgpKeyOperation { private static boolean isDummy(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K - && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_NO_PRIVATE_KEY; + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K + && s2k.getProtectionMode() != S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } private static boolean isDivertToCard(PGPSecretKey secretKey) { S2K s2k = secretKey.getS2K(); - return s2k.getType() == S2K.GNU_DUMMY_S2K + return s2k != null && s2k.getType() == S2K.GNU_DUMMY_S2K && s2k.getProtectionMode() == S2K.GNU_PROTECTION_MODE_DIVERT_TO_CARD; } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java index 35996ffb7..a4ee7fc36 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/ProviderHelper.java @@ -831,7 +831,7 @@ public class ProviderHelper { mIndent -= 1; // this implicitly leaves all keys which were not in the secret key ring - // with has_secret = 0 + // with has_secret = 1 } log(LogType.MSG_IS_SUCCESS); -- cgit v1.2.3