From 9a6aa07089f195a95f15703e712ee95e077a7a09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Fri, 25 Sep 2015 00:01:24 +0200 Subject: Prevent database downgrade (OKC-01-012) --- .../keychain/provider/KeychainDatabase.java | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'OpenKeychain/src') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java index d7fb738fc..0f90f8141 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/provider/KeychainDatabase.java @@ -54,7 +54,7 @@ import java.io.IOException; */ public class KeychainDatabase extends SQLiteOpenHelper { private static final String DATABASE_NAME = "openkeychain.db"; - private static final int DATABASE_VERSION = 12; + private static final int DATABASE_VERSION = 13; static Boolean apgHack = false; private Context mContext; @@ -296,6 +296,8 @@ public class KeychainDatabase extends SQLiteOpenHelper { // the api_accounts fix and the new update keys table return; } + case 13: + // do nothing here, just consolidate } @@ -306,6 +308,13 @@ public class KeychainDatabase extends SQLiteOpenHelper { mContext.getApplicationContext().startActivity(consolidateIntent); } + @Override + public void onDowngrade(SQLiteDatabase db, int oldVersion, int newVersion) { + // NOTE: downgrading the database is explicitly not allowed to prevent + // someone from exploiting old bugs to export the database + throw new RuntimeException("Downgrading the database is not allowed!"); + } + /** This method tries to import data from a provided database. * * The sole assumptions made on this db are that there is a key_rings table -- cgit v1.2.3