OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/affirmation/LinkedIdentity.java


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160

package org.sufficientlysecure.keychain.pgp.affirmation;

import org.spongycastle.bcpg.UserAttributeSubpacket;
import org.spongycastle.util.Strings;
import org.spongycastle.util.encoders.Hex;
import org.sufficientlysecure.keychain.Constants;
import org.sufficientlysecure.keychain.util.Log;

import java.net.URI;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map.Entry;
import java.util.Set;

public class LinkedIdentity {

    protected byte[] mData;
    public final String mNonce;
    public final URI mSubUri;
    final Set<String> mFlags;
    final HashMap<String,String> mParams;

    protected LinkedIdentity(byte[] data, String nonce, Set<String> flags,
                             HashMap<String, String> params, URI subUri) {
        if ( ! nonce.matches("[0-9a-zA-Z]+")) {
            throw new AssertionError("bug: nonce must be hexstring!");
        }

        mData = data;
        mNonce = nonce;
        mFlags = flags;
        mParams = params;
        mSubUri = subUri;
    }

    LinkedIdentity(String nonce, Set<String> flags,
                   HashMap<String, String> params, URI subUri) {
        this(null, nonce, flags, params, subUri);
    }

    public byte[] encode() {
        if (mData != null) {
            return mData;
        }

        StringBuilder b = new StringBuilder();
        b.append("pgpid:");

        // add flags
        if (mFlags != null) {
            boolean first = true;
            for (String flag : mFlags) {
                if (!first) {
                    b.append(";");
                }
                first = false;
                b.append(flag);
            }
        }

        // add parameters
        if (mParams != null) {
            boolean first = true;
            Iterator<Entry<String, String>> it = mParams.entrySet().iterator();
            while (it.hasNext()) {
                if (!first) {
                    b.append(";");
                }
                first = false;
                Entry<String, String> entry = it.next();
                b.append(entry.getKey()).append("=").append(entry.getValue());
            }
        }

        b.append("@");
        b.append(mSubUri);

        byte[] nonceBytes = Hex.decode(mNonce);
        byte[] data = Strings.toUTF8ByteArray(b.toString());

        byte[] result = new byte[data.length+12];
        System.arraycopy(nonceBytes, 0, result, 0, 12);
        System.arraycopy(data, 0, result, 12, result.length);

        return result;
    }

    /** This method parses an affirmation from a UserAttributeSubpacket, or returns null if the
     * subpacket can not be parsed as a valid affirmation.
     */
    public static LinkedIdentity parseAffirmation(UserAttributeSubpacket subpacket) {
        if (subpacket.getType() != 100) {
            return null;
        }

        byte[] data = subpacket.getData();
        String nonce = Hex.toHexString(data, 0, 12);

        try {
            return parseUri(nonce, Strings.fromUTF8ByteArray(Arrays.copyOfRange(data, 12, data.length)));

        } catch (IllegalArgumentException e) {
            Log.e(Constants.TAG, "error parsing uri in (suspected) affirmation packet");
            return null;
        }
    }

    protected static LinkedIdentity parseUri (String nonce, String uriString) {
        URI uri = URI.create(uriString);

        if ("pgpid".equals(uri.getScheme())) {
            Log.e(Constants.TAG, "unknown uri scheme in (suspected) affirmation packet");
            return null;
        }

        if (!uri.isOpaque()) {
            Log.e(Constants.TAG, "non-opaque uri in (suspected) affirmation packet");
            return null;
        }

        String specific = uri.getSchemeSpecificPart();
        if (!specific.contains("@")) {
            Log.e(Constants.TAG, "unknown uri scheme in affirmation packet");
            return null;
        }

        String[] pieces = specific.split("@", 2);
        URI subUri = URI.create(pieces[1]);

        Set<String> flags = new HashSet<String>();
        HashMap<String,String> params = new HashMap<String,String>();
        {
            String[] rawParams = pieces[0].split(";");
            for (String param : rawParams) {
                String[] p = param.split("=", 2);
                if (p.length == 1) {
                    flags.add(param);
                } else {
                    params.put(p[0], p[1]);
                }
            }
        }

        return new LinkedIdentity(nonce, flags, params, subUri);

    }

    public static String generateNonce() {
        // TODO make this actually random
        // byte[] data = new byte[96];
        // new SecureRandom().nextBytes(data);
        // return Hex.toHexString(data);

        // debug for now
        return "0123456789ABCDEF01234567";
    }

}