From dfce5449c2e8029039533c26ba15e5ac468eb8e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= <dominik@dominikschuermann.de>
Date: Sun, 4 Oct 2015 22:46:21 +0200
Subject: Raise min asymmetric key length for all ciphers to 2048 bit

---
 .../operations/results/OperationResult.java        |  2 +-
 .../keychain/pgp/PgpKeyOperation.java              |  4 +--
 .../ui/dialog/AddSubkeyDialogFragment.java         | 38 +++++++++++++---------
 OpenKeychain/src/main/res/values-de/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-es/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-eu/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-fr/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-it/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-ja/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-nl/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-ru/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-sr/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-sv/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values-uk/strings.xml    |  2 +-
 OpenKeychain/src/main/res/values/arrays.xml        |  8 ++---
 OpenKeychain/src/main/res/values/strings.xml       |  6 +---
 .../keychain/operations/ExportTest.java            | 12 +++----
 .../operations/PromoteKeyOperationTest.java        |  6 ++--
 .../keychain/pgp/PgpEncryptDecryptTest.java        |  6 ++--
 .../keychain/pgp/PgpKeyOperationTest.java          | 12 +++----
 .../pgp/UncachedKeyringCanonicalizeTest.java       |  4 +--
 .../keychain/pgp/UncachedKeyringMergeTest.java     |  4 +--
 22 files changed, 63 insertions(+), 61 deletions(-)

(limited to 'OpenKeychain')

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
index 65816e5f2..00c88089a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/results/OperationResult.java
@@ -514,7 +514,7 @@ public abstract class OperationResult implements Parcelable {
         MSG_CR_ERROR_NO_USER_ID (LogLevel.ERROR, R.string.msg_cr_error_no_user_id),
         MSG_CR_ERROR_NO_CERTIFY (LogLevel.ERROR, R.string.msg_cr_error_no_certify),
         MSG_CR_ERROR_NULL_EXPIRY(LogLevel.ERROR, R.string.msg_cr_error_null_expiry),
-        MSG_CR_ERROR_KEYSIZE_512 (LogLevel.ERROR, R.string.msg_cr_error_keysize_512),
+        MSG_CR_ERROR_KEYSIZE_2048(LogLevel.ERROR, R.string.msg_cr_error_keysize_2048),
         MSG_CR_ERROR_NO_KEYSIZE (LogLevel.ERROR, R.string.msg_cr_error_no_keysize),
         MSG_CR_ERROR_NO_CURVE (LogLevel.ERROR, R.string.msg_cr_error_no_curve),
         MSG_CR_ERROR_UNKNOWN_ALGO (LogLevel.ERROR, R.string.msg_cr_error_unknown_algo),
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 6f156c201..59b840054 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -171,8 +171,8 @@ public class PgpKeyOperation {
                     log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
                     return null;
                 }
-                if (add.mKeySize < 512) {
-                    log.add(LogType.MSG_CR_ERROR_KEYSIZE_512, indent);
+                if (add.mKeySize < 2048) {
+                    log.add(LogType.MSG_CR_ERROR_KEYSIZE_2048, indent);
                     return null;
                 }
             }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/AddSubkeyDialogFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/AddSubkeyDialogFragment.java
index b51d081e1..cd5281c7c 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/AddSubkeyDialogFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/AddSubkeyDialogFragment.java
@@ -348,30 +348,30 @@ public class AddSubkeyDialogFragment extends DialogFragment {
 
     /**
      * <h3>RSA</h3>
-     * <p>for RSA algorithm, key length must be greater than 1024 (according to
-     * <a href="https://github.com/open-keychain/open-keychain/issues/102">#102</a>). Possibility to generate keys bigger
+     * <p>for RSA algorithm, key length must be greater than 2048. Possibility to generate keys bigger
      * than 8192 bits is currently disabled, because it's almost impossible to generate them on a mobile device (check
      * <a href="http://www.javamex.com/tutorials/cryptography/rsa_key_length.shtml">RSA key length plot</a> and
      * <a href="http://www.keylength.com/">Cryptographic Key Length Recommendation</a>). Also, key length must be a
      * multiplicity of 8.</p>
      * <h3>ElGamal</h3>
-     * <p>For ElGamal algorithm, supported key lengths are 1536, 2048, 3072, 4096 or 8192 bits.</p>
+     * <p>For ElGamal algorithm, supported key lengths are 2048, 3072, 4096 or 8192 bits.</p>
      * <h3>DSA</h3>
-     * <p>For DSA algorithm key length must be between 512 and 1024. Also, it must me dividable by 64.</p>
+     * <p>For DSA algorithm key length must be between 2048 and 3072. Also, it must me dividable by 64.</p>
      *
      * @return correct key length, according to SpongyCastle specification. Returns <code>-1</code>, if key length is
      * inappropriate.
      */
     private int getProperKeyLength(Algorithm algorithm, int currentKeyLength) {
-        final int[] elGamalSupportedLengths = {1536, 2048, 3072, 4096, 8192};
+        final int[] elGamalSupportedLengths = {2048, 3072, 4096, 8192};
         int properKeyLength = -1;
         switch (algorithm) {
-            case RSA:
-                if (currentKeyLength > 1024 && currentKeyLength <= 16384) {
+            case RSA: {
+                if (currentKeyLength >= 2048 && currentKeyLength <= 16384) {
                     properKeyLength = currentKeyLength + ((8 - (currentKeyLength % 8)) % 8);
                 }
                 break;
-            case ELGAMAL:
+            }
+            case ELGAMAL: {
                 int[] elGammalKeyDiff = new int[elGamalSupportedLengths.length];
                 for (int i = 0; i < elGamalSupportedLengths.length; i++) {
                     elGammalKeyDiff[i] = Math.abs(elGamalSupportedLengths[i] - currentKeyLength);
@@ -386,11 +386,14 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 }
                 properKeyLength = elGamalSupportedLengths[minimalIndex];
                 break;
-            case DSA:
-                if (currentKeyLength >= 512 && currentKeyLength <= 1024) {
+            }
+            case DSA: {
+                // Bouncy Castle supports 4096 maximum
+                if (currentKeyLength >= 2048 && currentKeyLength <= 4096) {
                     properKeyLength = currentKeyLength + ((64 - (currentKeyLength % 64)) % 64);
                 }
                 break;
+            }
         }
         return properKeyLength;
     }
@@ -424,7 +427,7 @@ public class AddSubkeyDialogFragment extends DialogFragment {
         final ArrayAdapter<CharSequence> keySizeAdapter = (ArrayAdapter<CharSequence>) mKeySizeSpinner.getAdapter();
         keySizeAdapter.clear();
         switch (algorithm) {
-            case RSA:
+            case RSA: {
                 replaceArrayAdapterContent(keySizeAdapter, R.array.rsa_key_size_spinner_values);
                 mKeySizeSpinner.setSelection(1);
                 mKeySizeRow.setVisibility(View.VISIBLE);
@@ -450,7 +453,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 }
                 mFlagAuthenticate.setChecked(false);
                 break;
-            case ELGAMAL:
+            }
+            case ELGAMAL: {
                 replaceArrayAdapterContent(keySizeAdapter, R.array.elgamal_key_size_spinner_values);
                 mKeySizeSpinner.setSelection(3);
                 mKeySizeRow.setVisibility(View.VISIBLE);
@@ -466,7 +470,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 mFlagAuthenticate.setChecked(false);
                 mFlagAuthenticate.setEnabled(false);
                 break;
-            case DSA:
+            }
+            case DSA: {
                 replaceArrayAdapterContent(keySizeAdapter, R.array.dsa_key_size_spinner_values);
                 mKeySizeSpinner.setSelection(2);
                 mKeySizeRow.setVisibility(View.VISIBLE);
@@ -482,7 +487,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 mFlagAuthenticate.setChecked(false);
                 mFlagAuthenticate.setEnabled(false);
                 break;
-            case ECDSA:
+            }
+            case ECDSA: {
                 mKeySizeRow.setVisibility(View.GONE);
                 mCurveRow.setVisibility(View.VISIBLE);
                 mCustomKeyInfoTextView.setText("");
@@ -496,7 +502,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 mFlagAuthenticate.setEnabled(true);
                 mFlagAuthenticate.setChecked(false);
                 break;
-            case ECDH:
+            }
+            case ECDH: {
                 mKeySizeRow.setVisibility(View.GONE);
                 mCurveRow.setVisibility(View.VISIBLE);
                 mCustomKeyInfoTextView.setText("");
@@ -510,6 +517,7 @@ public class AddSubkeyDialogFragment extends DialogFragment {
                 mFlagAuthenticate.setChecked(false);
                 mFlagAuthenticate.setEnabled(false);
                 break;
+            }
         }
         keySizeAdapter.notifyDataSetChanged();
 
diff --git a/OpenKeychain/src/main/res/values-de/strings.xml b/OpenKeychain/src/main/res/values-de/strings.xml
index 0e4a43c6f..7de834eea 100644
--- a/OpenKeychain/src/main/res/values-de/strings.xml
+++ b/OpenKeychain/src/main/res/values-de/strings.xml
@@ -922,7 +922,7 @@
   <string name="msg_cr_error_no_user_id">Schlüsselbünde müssen mindestens eine User-ID enthalten!</string>
   <string name="msg_cr_error_no_certify">Hauptschlüssel benötigt das Attribut beglaubigen!</string>
   <string name="msg_cr_error_null_expiry">Ablaufdatum kann bei Schlüsselerstellung nicht \'gleiche wie vorher\' sein. Dies ist ein Programmierfehler, bitte reiche einen Fehlerbericht ein!</string>
-  <string name="msg_cr_error_keysize_512">Schlüssellänge muss größer/gleich 512 sein!</string>
+  <string name="msg_cr_error_keysize_2048">Schlüssellänge muss größer/gleich 512 sein!</string>
   <string name="msg_cr_error_no_curve">Keine Schlüssellänge spezifiziert! Dies ist ein Progammierfehler, bitte reiche einen Fehlerbericht ein!</string>
   <string name="msg_cr_error_no_keysize">Keine Elliptische Kurve spezifiziert! Dies ist ein Progammierfehler, bitte reiche einen Fehlerbericht ein!</string>
   <string name="msg_cr_error_internal_pgp">Interner OpenPGP Fehler!</string>
diff --git a/OpenKeychain/src/main/res/values-es/strings.xml b/OpenKeychain/src/main/res/values-es/strings.xml
index a6849c542..fa0a53b88 100644
--- a/OpenKeychain/src/main/res/values-es/strings.xml
+++ b/OpenKeychain/src/main/res/values-es/strings.xml
@@ -921,7 +921,7 @@
   <string name="msg_cr_error_no_user_id">¡Los juegos de claves tienen que crearse con al menos una identificación de usuario!</string>
   <string name="msg_cr_error_no_certify">¡La clave maestra debe tener el indicador de certificado!</string>
   <string name="msg_cr_error_null_expiry">El periodo hasta la expiración no puede ser \'el mismo que antes\' al crear clave. Esto es un error de programación, ¡por favor consigne un informe de error!</string>
-  <string name="msg_cr_error_keysize_512">¡El tamaño de la clave debe ser mayor o igual de 512!</string>
+  <string name="msg_cr_error_keysize_2048">¡El tamaño de la clave debe ser mayor o igual de 512!</string>
   <string name="msg_cr_error_no_curve">¡No se especificó tamaño de clave! ¡Esto es un error de programación, por favor consigne un informe de fallo!</string>
   <string name="msg_cr_error_no_keysize">¡No se especificó curva elíptica! ¡Esto es un error de programación, por favor consigne un informe de fallo!</string>
   <string name="msg_cr_error_internal_pgp">¡Error OpenPGP interno!</string>
diff --git a/OpenKeychain/src/main/res/values-eu/strings.xml b/OpenKeychain/src/main/res/values-eu/strings.xml
index f57297498..81daa67ef 100644
--- a/OpenKeychain/src/main/res/values-eu/strings.xml
+++ b/OpenKeychain/src/main/res/values-eu/strings.xml
@@ -850,7 +850,7 @@
   <string name="msg_cr_error_no_user_id">Giltza-uztaiak gutxienez erabiltzaile ID batekin sortu behar dira!</string>
   <string name="msg_cr_error_no_certify">Maisu giltzak egiaztagiri ikurra izan behar du!</string>
   <string name="msg_cr_error_null_expiry">Epemuga ezin daiteke giltza sortzea baino \'lehenago\' izan. Hau programazio akats bat da, mesedez agiritu akats jakinarazpen bat!</string>
-  <string name="msg_cr_error_keysize_512">Giltza neurria 512 edo handiagoa izan behar da!</string>
+  <string name="msg_cr_error_keysize_2048">Giltza neurria 512 edo handiagoa izan behar da!</string>
   <string name="msg_cr_error_no_curve">Ez da giltzaren neurria adierazi! Hau programazio akats bat da, mesedez agiritu akats jakinarazpen bat!</string>
   <string name="msg_cr_error_internal_pgp">Barneko OpenPGP akatsa!</string>
   <string name="msg_cr_error_unknown_algo">Algoritmo ezezaguna hautatu da! Hau programazio akats bat da, mesedez agiritu akats jakinarazpen bat!</string>
diff --git a/OpenKeychain/src/main/res/values-fr/strings.xml b/OpenKeychain/src/main/res/values-fr/strings.xml
index b5e5f3d53..d67a9560f 100644
--- a/OpenKeychain/src/main/res/values-fr/strings.xml
+++ b/OpenKeychain/src/main/res/values-fr/strings.xml
@@ -921,7 +921,7 @@
   <string name="msg_cr_error_no_user_id">Les trousseaux doivent être créés avec au moins un ID utilisateur !</string>
   <string name="msg_cr_error_no_certify">La clef maîtresse doit avoir le drapeau « certifié » !</string>
   <string name="msg_cr_error_null_expiry">L\'expiration ne peut pas être « pareille qu\'avant » à la création de la clef. C\'est une erreur du programme, veuillez remplir un rapport de bogue !</string>
-  <string name="msg_cr_error_keysize_512">La taille de la clef doit être supérieure ou égale à 512 !</string>
+  <string name="msg_cr_error_keysize_2048">La taille de la clef doit être supérieure ou égale à 512 !</string>
   <string name="msg_cr_error_no_curve">Aucune taille de clef n\'a été spécifiée ! C\'est une erreur de programmation, veuillez remplir un rapport de bogue !</string>
   <string name="msg_cr_error_no_keysize">Aucune courbe elliptique n\'a été spécifiée ! C\'est une erreur de programmation, veuillez remplir un rapport de bogue !</string>
   <string name="msg_cr_error_internal_pgp">Erreur interne OpenPGP !</string>
diff --git a/OpenKeychain/src/main/res/values-it/strings.xml b/OpenKeychain/src/main/res/values-it/strings.xml
index 5b87c6ced..c158e341c 100644
--- a/OpenKeychain/src/main/res/values-it/strings.xml
+++ b/OpenKeychain/src/main/res/values-it/strings.xml
@@ -658,7 +658,7 @@ Permetti accesso?\n\nATTENZIONE: Se non sai perche\' questo schermata e\' appars
   <string name="msg_cr_error_no_master">Nessuna opzione della chiave principale specificata!</string>
   <string name="msg_cr_error_no_certify">La chiave principale deve avere la caratteristica di certificazione!</string>
   <string name="msg_cr_error_null_expiry">La data di scadenza non può essere \'come prima\' sulla creazione di chiavi. Questo è un errore di programmazione, si prega di inviare una segnalazione di bug!</string>
-  <string name="msg_cr_error_keysize_512">La grandezza della chiave deve essere di 512bit o maggiore</string>
+  <string name="msg_cr_error_keysize_2048">La grandezza della chiave deve essere di 512bit o maggiore</string>
   <string name="msg_cr_error_no_keysize">Nessuna curva ellittica specificata! Questo è un errore di programmazione, per favore invia una segnalazione!</string>
   <!--modifySecretKeyRing-->
   <string name="msg_mr">Modifica del portachiavi %s</string>
diff --git a/OpenKeychain/src/main/res/values-ja/strings.xml b/OpenKeychain/src/main/res/values-ja/strings.xml
index 789a35e75..3abf085c6 100644
--- a/OpenKeychain/src/main/res/values-ja/strings.xml
+++ b/OpenKeychain/src/main/res/values-ja/strings.xml
@@ -898,7 +898,7 @@
   <string name="msg_cr_error_no_user_id">鍵輪は最低でも1つのユーザIDの生成が必要です!</string>
   <string name="msg_cr_error_no_certify">主鍵は検証フラグが必須です!</string>
   <string name="msg_cr_error_null_expiry">鍵の生成時に期限を\'過去\'とすることはできません。これはプログラムエラーで、バグレポートでファイルを送ってください!</string>
-  <string name="msg_cr_error_keysize_512">鍵サイズは512かそれ以上が必須です!</string>
+  <string name="msg_cr_error_keysize_2048">鍵サイズは512かそれ以上が必須です!</string>
   <string name="msg_cr_error_no_curve">鍵サイズが不明です! これはプログラムエラーで、バグレポートでファイルの提出をお願いします!</string>
   <string name="msg_cr_error_no_keysize">楕円暗号が不明です! これはプログラムエラーで、バグレポートでファイルの提出をお願いします!</string>
   <string name="msg_cr_error_internal_pgp">PGP内部エラー!</string>
diff --git a/OpenKeychain/src/main/res/values-nl/strings.xml b/OpenKeychain/src/main/res/values-nl/strings.xml
index 812376026..29d0cd57d 100644
--- a/OpenKeychain/src/main/res/values-nl/strings.xml
+++ b/OpenKeychain/src/main/res/values-nl/strings.xml
@@ -877,7 +877,7 @@
   <string name="msg_cr_error_no_user_id">Sleutelbossen moeten met minstens een gebruikers-ID aangemaakt worden!</string>
   <string name="msg_cr_error_no_certify">Hoofdsleutel moet certificeer-vlag hebben!</string>
   <string name="msg_cr_error_null_expiry">Verloopdatum kan niet hetzelfde als voordien zijn bij aanmaken van een sleutel. Dit is een bug, gelieve een verslag in te dienen!</string>
-  <string name="msg_cr_error_keysize_512">Sleutelgrootte moet groter dan of gelijk zijn aan 512!</string>
+  <string name="msg_cr_error_keysize_2048">Sleutelgrootte moet groter dan of gelijk zijn aan 512!</string>
   <string name="msg_cr_error_no_curve">Geen sleutelgrootte opgegeven! Dit is een bug, gelieve een verslag in te dienen!</string>
   <string name="msg_cr_error_no_keysize">Geen elliptische curve opgegeven! Dit is een bug, gelieve een verslag in te dienen!</string>
   <string name="msg_cr_error_internal_pgp">Interne OpenPGP-fout!</string>
diff --git a/OpenKeychain/src/main/res/values-ru/strings.xml b/OpenKeychain/src/main/res/values-ru/strings.xml
index 6b73d367c..e3f9ccaea 100644
--- a/OpenKeychain/src/main/res/values-ru/strings.xml
+++ b/OpenKeychain/src/main/res/values-ru/strings.xml
@@ -768,7 +768,7 @@
   <string name="msg_cr_error_no_user_id">Связки должны создаваться с хотя бы одним ID пользователя!</string>
   <string name="msg_cr_error_no_certify">Основной ключ должен иметь флаг сертификата!</string>
   <string name="msg_cr_error_null_expiry">Срок годности не может быть \'такой же как раньше\' при создании ключа. Это программная ошибка, пожалуйста, сообщите об этом!</string>
-  <string name="msg_cr_error_keysize_512">Размер ключа должен быть больше или равен 512!</string>
+  <string name="msg_cr_error_keysize_2048">Размер ключа должен быть больше или равен 512!</string>
   <string name="msg_cr_error_no_curve">Не задан размер ключа! Это программная ошибка, пожалуйста, сообщите об этом!</string>
   <string name="msg_cr_error_no_keysize">Не задана эллиптическая кривая! Это программная ошибка, пожалуйста, сообщите об этом!</string>
   <string name="msg_cr_error_internal_pgp">Внутренняя ошибка OpenPGP!</string>
diff --git a/OpenKeychain/src/main/res/values-sr/strings.xml b/OpenKeychain/src/main/res/values-sr/strings.xml
index ed7bce5f7..db31cd414 100644
--- a/OpenKeychain/src/main/res/values-sr/strings.xml
+++ b/OpenKeychain/src/main/res/values-sr/strings.xml
@@ -944,7 +944,7 @@
   <string name="msg_cr_error_no_user_id">Привесци морају садржати бар један кориснички ИД!</string>
   <string name="msg_cr_error_no_certify">Главни кључ мора имати заставицу овере!</string>
   <string name="msg_cr_error_null_expiry">Датум истицања не може бити „исти као пре“ на стварању кључа. Ово је грешка у програмирању, поднесите извештај о грешци!</string>
-  <string name="msg_cr_error_keysize_512">Величина кључа мора бити већа или једнака 512!</string>
+  <string name="msg_cr_error_keysize_2048">Величина кључа мора бити већа или једнака 512!</string>
   <string name="msg_cr_error_no_curve">Није наведена величина кључа! Ово је грешка у програмирању, поднесите извештај о грешци!</string>
   <string name="msg_cr_error_no_keysize">Није наведена елиптичка крива! Ово је грешка у програмирању, поднесите извештај о грешци!</string>
   <string name="msg_cr_error_internal_pgp">Унутрашња ОпенПГП грешка!</string>
diff --git a/OpenKeychain/src/main/res/values-sv/strings.xml b/OpenKeychain/src/main/res/values-sv/strings.xml
index 4a0a9d083..2f4986df9 100644
--- a/OpenKeychain/src/main/res/values-sv/strings.xml
+++ b/OpenKeychain/src/main/res/values-sv/strings.xml
@@ -727,7 +727,7 @@
   <string name="msg_cr">Genererar ny huvudnyckel</string>
   <string name="msg_cr_error_no_user_id">Nyckelringar måste skapas med minst ett användar-ID!</string>
   <string name="msg_cr_error_no_certify">Huvudnyckel måste ha en certifieringsflagga!</string>
-  <string name="msg_cr_error_keysize_512">Nyckelstorlek måste vara större eller lika med 512!</string>
+  <string name="msg_cr_error_keysize_2048">Nyckelstorlek måste vara större eller lika med 512!</string>
   <string name="msg_cr_error_internal_pgp">Internt OpenPGP-fel!</string>
   <string name="msg_cr_error_unknown_algo">Okänd algoritm vald. Detta är ett programmeringsfel, skicka en buggrapport!</string>
   <string name="msg_cr_error_flags_dsa">Dåliga nyckelflaggor valda, DSA kan inte användas för kryptering!</string>
diff --git a/OpenKeychain/src/main/res/values-uk/strings.xml b/OpenKeychain/src/main/res/values-uk/strings.xml
index 6c0420c0b..3dc19b573 100644
--- a/OpenKeychain/src/main/res/values-uk/strings.xml
+++ b/OpenKeychain/src/main/res/values-uk/strings.xml
@@ -454,7 +454,7 @@
   <string name="msg_cr">Генерується новий основний ключ</string>
   <string name="msg_cr_error_no_master">Не вказано параметрів основного ключа!</string>
   <string name="msg_cr_error_no_certify">Основний ключ повинен мати прапорець certify!</string>
-  <string name="msg_cr_error_keysize_512">Розмір ключа має бути більшим або рівним 512!</string>
+  <string name="msg_cr_error_keysize_2048">Розмір ключа має бути більшим або рівним 512!</string>
   <!--modifySecretKeyRing-->
   <string name="msg_mr">Змінюється в\'язка %s</string>
   <string name="msg_mf_error_encode">Виняток шифрування!</string>
diff --git a/OpenKeychain/src/main/res/values/arrays.xml b/OpenKeychain/src/main/res/values/arrays.xml
index 28b6fcd78..393a1e091 100644
--- a/OpenKeychain/src/main/res/values/arrays.xml
+++ b/OpenKeychain/src/main/res/values/arrays.xml
@@ -48,17 +48,15 @@
         <item>@string/key_size_custom</item>
     </string-array>
     <string-array name="elgamal_key_size_spinner_values" translatable="false">
-        <item>@string/key_size_1536</item>
         <item>@string/key_size_2048</item>
         <item>@string/key_size_3072</item>
         <item>@string/key_size_4096</item>
         <item>@string/key_size_8192</item>
     </string-array>
     <string-array name="dsa_key_size_spinner_values" translatable="false">
-        <item>@string/key_size_512</item>
-        <item>@string/key_size_768</item>
-        <item>@string/key_size_1024</item>
-        <item>@string/key_size_custom</item>
+        <item>@string/key_size_2048</item>
+        <item>@string/key_size_3072</item>
+        <item>@string/key_size_4096</item>
     </string-array>
 
     <string-array name="theme_entries" translatable="false">
diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml
index 171561625..e39132f42 100644
--- a/OpenKeychain/src/main/res/values/strings.xml
+++ b/OpenKeychain/src/main/res/values/strings.xml
@@ -458,10 +458,6 @@
     <string name="hint_cloud_search_hint">"Search via Name, Email…"</string>
 
     <!-- key bit length selections -->
-    <string name="key_size_512">"512"</string>
-    <string name="key_size_768">"768"</string>
-    <string name="key_size_1024">"1024"</string>
-    <string name="key_size_1536">"1536"</string>
     <string name="key_size_2048">"2048"</string>
     <string name="key_size_3072">"3072"</string>
     <string name="key_size_4096">"4096"</string>
@@ -1029,7 +1025,7 @@
     <string name="msg_cr_error_no_user_id">"Keyrings must be created with at least one user ID!"</string>
     <string name="msg_cr_error_no_certify">"Master key must have certify flag!"</string>
     <string name="msg_cr_error_null_expiry">"Expiry time cannot be 'same as before' on key creation. This is a programming error, please file a bug report!"</string>
-    <string name="msg_cr_error_keysize_512">"Key size must be greater or equal 512!"</string>
+    <string name="msg_cr_error_keysize_2048">"Key size must be greater or equal 2048!"</string>
     <string name="msg_cr_error_no_curve">"No key size specified! This is a programming error, please file a bug report!"</string>
     <string name="msg_cr_error_no_keysize">"No elliptic curve specified! This is a programming error, please file a bug report!"</string>
     <string name="msg_cr_error_internal_pgp">"Internal OpenPGP error!"</string>
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/ExportTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/ExportTest.java
index a659dc7da..ae7c13c76 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/ExportTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/ExportTest.java
@@ -75,11 +75,11 @@ public class ExportTest {
         {
             SaveKeyringParcel parcel = new SaveKeyringParcel();
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.CERTIFY_OTHER, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.DSA, 1024, null, KeyFlags.SIGN_DATA, 0L));
+                    Algorithm.DSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.ELGAMAL, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L));
+                    Algorithm.ELGAMAL, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L));
             parcel.mAddUserIds.add("snips");
             parcel.mNewUnlock = new ChangeUnlockParcel(mKeyPhrase1);
 
@@ -93,11 +93,11 @@ public class ExportTest {
         {
             SaveKeyringParcel parcel = new SaveKeyringParcel();
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.CERTIFY_OTHER, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.DSA, 1024, null, KeyFlags.SIGN_DATA, 0L));
+                    Algorithm.DSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.ELGAMAL, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L));
+                    Algorithm.ELGAMAL, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L));
             parcel.mAddUserIds.add("snails");
             parcel.mNewUnlock = new ChangeUnlockParcel(null, new Passphrase("1234"));
 
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperationTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperationTest.java
index e6c8c0efe..717dfe508 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperationTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/operations/PromoteKeyOperationTest.java
@@ -74,11 +74,11 @@ public class PromoteKeyOperationTest {
         {
             SaveKeyringParcel parcel = new SaveKeyringParcel();
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.CERTIFY_OTHER, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.DSA, 1024, null, KeyFlags.SIGN_DATA, 0L));
+                    Algorithm.DSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.ELGAMAL, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L));
+                    Algorithm.ELGAMAL, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L));
             parcel.mAddUserIds.add("derp");
             parcel.mNewUnlock = new ChangeUnlockParcel(mKeyPhrase1);
 
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
index cc5ef8038..4710edcba 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpEncryptDecryptTest.java
@@ -131,11 +131,11 @@ public class PgpEncryptDecryptTest {
             // insecure (1024 bit) RSA key
             SaveKeyringParcel parcel = new SaveKeyringParcel();
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.CERTIFY_OTHER, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.SIGN_DATA, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
             parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                    Algorithm.RSA, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L));
+                    Algorithm.RSA, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L));
             parcel.mAddUserIds.add("eve");
             parcel.mNewUnlock = new ChangeUnlockParcel(mKeyPhraseInsecure);
 
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
index c0e28cd4b..a3b5ae9fa 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperationTest.java
@@ -82,8 +82,8 @@ public class PgpKeyOperationTest {
     UncachedKeyRing ring;
     PgpKeyOperation op;
     SaveKeyringParcel parcel;
-    ArrayList<RawPacket> onlyA = new ArrayList<RawPacket>();
-    ArrayList<RawPacket> onlyB = new ArrayList<RawPacket>();
+    ArrayList<RawPacket> onlyA = new ArrayList<>();
+    ArrayList<RawPacket> onlyB = new ArrayList<>();
 
     static CryptoInputParcel cryptoInput;
 
@@ -94,11 +94,11 @@ public class PgpKeyOperationTest {
 
         SaveKeyringParcel parcel = new SaveKeyringParcel();
         parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                Algorithm.DSA, 1024, null, KeyFlags.CERTIFY_OTHER, 0L));
+                Algorithm.DSA, 2048, null, KeyFlags.CERTIFY_OTHER, 0L));
         parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
                 Algorithm.RSA, 2048, null, KeyFlags.SIGN_DATA, 0L));
         parcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(
-                Algorithm.RSA, 1024, null, KeyFlags.ENCRYPT_COMMS, 0L));
+                Algorithm.RSA, 2048, null, KeyFlags.ENCRYPT_COMMS, 0L));
 
         parcel.mAddUserIds.add("twi");
         parcel.mAddUserIds.add("pink");
@@ -153,7 +153,7 @@ public class PgpKeyOperationTest {
             parcel.mNewUnlock = new ChangeUnlockParcel(passphrase);
 
             assertFailure("creating ring with < 512 bytes keysize should fail", parcel,
-                    LogType.MSG_CR_ERROR_KEYSIZE_512);
+                    LogType.MSG_CR_ERROR_KEYSIZE_2048);
         }
 
         {
@@ -391,7 +391,7 @@ public class PgpKeyOperationTest {
             parcel.mAddSubKeys.add(new SubkeyAdd(
                     Algorithm.RSA, new Random().nextInt(512), null, KeyFlags.SIGN_DATA, 0L));
             assertModifyFailure("creating a subkey with keysize < 512 should fail", ring, parcel,
-                    LogType.MSG_CR_ERROR_KEYSIZE_512);
+                    LogType.MSG_CR_ERROR_KEYSIZE_2048);
 
         }
 
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringCanonicalizeTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringCanonicalizeTest.java
index 5e552fecc..5a4e5aad2 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringCanonicalizeTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringCanonicalizeTest.java
@@ -89,8 +89,8 @@ public class UncachedKeyringCanonicalizeTest {
     static UncachedKeyRing staticRing;
     static int totalPackets;
     UncachedKeyRing ring;
-    ArrayList<RawPacket> onlyA = new ArrayList<RawPacket>();
-    ArrayList<RawPacket> onlyB = new ArrayList<RawPacket>();
+    ArrayList<RawPacket> onlyA = new ArrayList<>();
+    ArrayList<RawPacket> onlyB = new ArrayList<>();
     OperationResult.OperationLog log = new OperationResult.OperationLog();
     PGPSignatureSubpacketGenerator subHashedPacketsGen;
     PGPSecretKey secretKey;
diff --git a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringMergeTest.java b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringMergeTest.java
index 90189e377..dd0a537f6 100644
--- a/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringMergeTest.java
+++ b/OpenKeychain/src/test/java/org/sufficientlysecure/keychain/pgp/UncachedKeyringMergeTest.java
@@ -87,8 +87,8 @@ public class UncachedKeyringMergeTest {
 
     static UncachedKeyRing staticRingA, staticRingB;
     UncachedKeyRing ringA, ringB;
-    ArrayList<RawPacket> onlyA = new ArrayList<RawPacket>();
-    ArrayList<RawPacket> onlyB = new ArrayList<RawPacket>();
+    ArrayList<RawPacket> onlyA = new ArrayList<>();
+    ArrayList<RawPacket> onlyB = new ArrayList<>();
     OperationResult.OperationLog log = new OperationResult.OperationLog();
     PgpKeyOperation op;
     SaveKeyringParcel parcel;
-- 
cgit v1.2.3