use detached signatures
This commit is contained in:
parent
149224a073
commit
78901e3339
|
@ -6,10 +6,17 @@ import android.util.Log;
|
|||
|
||||
import androidx.annotation.StringRes;
|
||||
|
||||
import com.google.common.base.CharMatcher;
|
||||
import com.google.common.base.Joiner;
|
||||
import com.google.common.base.Splitter;
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.io.BaseEncoding;
|
||||
|
||||
import org.openintents.openpgp.OpenPgpError;
|
||||
import org.openintents.openpgp.OpenPgpSignatureResult;
|
||||
import org.openintents.openpgp.util.OpenPgpApi;
|
||||
import org.openintents.openpgp.util.OpenPgpApi.IOpenPgpCallback;
|
||||
import org.openintents.openpgp.util.OpenPgpUtils;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
|
@ -18,6 +25,7 @@ import java.io.FileOutputStream;
|
|||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.util.ArrayList;
|
||||
|
||||
import eu.siacs.conversations.Config;
|
||||
import eu.siacs.conversations.R;
|
||||
|
@ -29,6 +37,7 @@ import eu.siacs.conversations.entities.Message;
|
|||
import eu.siacs.conversations.persistance.FileBackend;
|
||||
import eu.siacs.conversations.services.XmppConnectionService;
|
||||
import eu.siacs.conversations.ui.UiCallback;
|
||||
import eu.siacs.conversations.utils.AsciiArmor;
|
||||
|
||||
public class PgpEngine {
|
||||
private final OpenPgpApi api;
|
||||
|
@ -42,7 +51,7 @@ public class PgpEngine {
|
|||
private static void logError(Account account, OpenPgpError error) {
|
||||
if (error != null) {
|
||||
error.describeContents();
|
||||
Log.d(Config.LOGTAG, account.getJid().asBareJid().toString() + ": OpenKeychain error '" + error.getMessage() + "' code=" + error.getErrorId()+" class="+error.getClass().getName());
|
||||
Log.d(Config.LOGTAG, account.getJid().asBareJid().toString() + ": OpenKeychain error '" + error.getMessage() + "' code=" + error.getErrorId() + " class=" + error.getClass().getName());
|
||||
} else {
|
||||
Log.d(Config.LOGTAG, account.getJid().asBareJid().toString() + ": OpenKeychain error with no message");
|
||||
}
|
||||
|
@ -77,14 +86,14 @@ public class PgpEngine {
|
|||
case OpenPgpApi.RESULT_CODE_SUCCESS:
|
||||
try {
|
||||
os.flush();
|
||||
StringBuilder encryptedMessageBody = new StringBuilder();
|
||||
String[] lines = os.toString().split("\n");
|
||||
final ArrayList<String> encryptedMessageBody = new ArrayList<>();
|
||||
final String[] lines = os.toString().split("\n");
|
||||
for (int i = 2; i < lines.length - 1; ++i) {
|
||||
if (!lines[i].contains("Version")) {
|
||||
encryptedMessageBody.append(lines[i].trim());
|
||||
encryptedMessageBody.add(lines[i].trim());
|
||||
}
|
||||
}
|
||||
message.setEncryptedBody(encryptedMessageBody.toString());
|
||||
message.setEncryptedBody(Joiner.on('\n').join(encryptedMessageBody));
|
||||
message.setEncryption(Message.ENCRYPTION_DECRYPTED);
|
||||
mXmppConnectionService.sendMessage(message);
|
||||
callback.success(message);
|
||||
|
@ -147,36 +156,26 @@ public class PgpEngine {
|
|||
}
|
||||
}
|
||||
|
||||
public long fetchKeyId(Account account, String status, String signature) {
|
||||
if ((signature == null) || (api == null)) {
|
||||
public long fetchKeyId(final Account account, final String status, final String signature) {
|
||||
if (signature == null || api == null) {
|
||||
return 0;
|
||||
}
|
||||
if (status == null) {
|
||||
status = "";
|
||||
}
|
||||
final StringBuilder pgpSig = new StringBuilder();
|
||||
pgpSig.append("-----BEGIN PGP SIGNED MESSAGE-----");
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append(status);
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append("-----BEGIN PGP SIGNATURE-----");
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append(signature.replace("\n", "").trim());
|
||||
pgpSig.append('\n');
|
||||
pgpSig.append("-----END PGP SIGNATURE-----");
|
||||
Intent params = new Intent();
|
||||
final Intent params = new Intent();
|
||||
params.setAction(OpenPgpApi.ACTION_DECRYPT_VERIFY);
|
||||
params.putExtra(OpenPgpApi.EXTRA_REQUEST_ASCII_ARMOR, true);
|
||||
InputStream is = new ByteArrayInputStream(pgpSig.toString().getBytes());
|
||||
ByteArrayOutputStream os = new ByteArrayOutputStream();
|
||||
Intent result = api.executeApi(params, is, os);
|
||||
try {
|
||||
params.putExtra(OpenPgpApi.RESULT_DETACHED_SIGNATURE, AsciiArmor.decode(signature));
|
||||
} catch (final IllegalArgumentException e) {
|
||||
Log.d(Config.LOGTAG, "unable to parse signature", e);
|
||||
return 0;
|
||||
}
|
||||
final InputStream is = new ByteArrayInputStream(Strings.nullToEmpty(status).getBytes());
|
||||
final ByteArrayOutputStream os = new ByteArrayOutputStream();
|
||||
final Intent result = api.executeApi(params, is, os);
|
||||
switch (result.getIntExtra(OpenPgpApi.RESULT_CODE,
|
||||
OpenPgpApi.RESULT_CODE_ERROR)) {
|
||||
case OpenPgpApi.RESULT_CODE_SUCCESS:
|
||||
OpenPgpSignatureResult sigResult = result
|
||||
.getParcelableExtra(OpenPgpApi.RESULT_SIGNATURE);
|
||||
final OpenPgpSignatureResult sigResult = result.getParcelableExtra(OpenPgpApi.RESULT_SIGNATURE);
|
||||
//TODO unsure that sigResult.getResult() is either 1, 2 or 3
|
||||
if (sigResult != null) {
|
||||
return sigResult.getKeyId();
|
||||
} else {
|
||||
|
@ -223,18 +222,17 @@ public class PgpEngine {
|
|||
api.executeApiAsync(params, is, os, result -> {
|
||||
switch (result.getIntExtra(OpenPgpApi.RESULT_CODE, 0)) {
|
||||
case OpenPgpApi.RESULT_CODE_SUCCESS:
|
||||
StringBuilder signatureBuilder = new StringBuilder();
|
||||
final ArrayList<String> signature = new ArrayList<>();
|
||||
try {
|
||||
os.flush();
|
||||
String[] lines = os.toString().split("\n");
|
||||
boolean sig = false;
|
||||
for (String line : lines) {
|
||||
for (final String line : Splitter.on('\n').split(os.toString())) {
|
||||
if (sig) {
|
||||
if (line.contains("END PGP SIGNATURE")) {
|
||||
sig = false;
|
||||
} else {
|
||||
if (!line.contains("Version")) {
|
||||
signatureBuilder.append(line.trim());
|
||||
signature.add(line.trim());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -246,7 +244,7 @@ public class PgpEngine {
|
|||
callback.error(R.string.openpgp_error, null);
|
||||
return;
|
||||
}
|
||||
callback.success(signatureBuilder.toString());
|
||||
callback.success(Joiner.on('\n').join(signature));
|
||||
return;
|
||||
case OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED:
|
||||
callback.userInputRequired(result.getParcelableExtra(OpenPgpApi.RESULT_INTENT), status);
|
||||
|
|
|
@ -2,6 +2,8 @@ package eu.siacs.conversations.parser;
|
|||
|
||||
import android.util.Log;
|
||||
|
||||
import org.openintents.openpgp.util.OpenPgpUtils;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
|
@ -17,6 +19,7 @@ import eu.siacs.conversations.entities.Presence;
|
|||
import eu.siacs.conversations.generator.IqGenerator;
|
||||
import eu.siacs.conversations.generator.PresenceGenerator;
|
||||
import eu.siacs.conversations.services.XmppConnectionService;
|
||||
import eu.siacs.conversations.utils.CryptoHelper;
|
||||
import eu.siacs.conversations.utils.XmppUri;
|
||||
import eu.siacs.conversations.xml.Element;
|
||||
import eu.siacs.conversations.xml.Namespace;
|
||||
|
@ -313,9 +316,10 @@ public class PresenceParser extends AbstractParser implements
|
|||
PgpEngine pgp = mXmppConnectionService.getPgpEngine();
|
||||
Element x = packet.findChild("x", "jabber:x:signed");
|
||||
if (pgp != null && x != null) {
|
||||
Element status = packet.findChild("status");
|
||||
String msg = status != null ? status.getContent() : "";
|
||||
if (contact.setPgpKeyId(pgp.fetchKeyId(account, msg, x.getContent()))) {
|
||||
final String status = packet.findChildContent("status");
|
||||
final long keyId = pgp.fetchKeyId(account, status, x.getContent());
|
||||
if (keyId != 0 && contact.setPgpKeyId(keyId)) {
|
||||
Log.d(Config.LOGTAG,account.getJid().asBareJid()+": found OpenPGP key id for "+contact.getJid()+" "+OpenPgpUtils.convertKeyIdToHex(keyId));
|
||||
mXmppConnectionService.syncRoster(account);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -52,6 +52,8 @@ import androidx.appcompat.app.AlertDialog.Builder;
|
|||
import androidx.appcompat.app.AppCompatDelegate;
|
||||
import androidx.databinding.DataBindingUtil;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.lang.ref.WeakReference;
|
||||
import java.util.ArrayList;
|
||||
|
@ -573,13 +575,7 @@ public abstract class XmppActivity extends ActionBarActivity {
|
|||
if (account.getPgpId() == 0) {
|
||||
choosePgpSignId(account);
|
||||
} else {
|
||||
String status = null;
|
||||
if (manuallyChangePresence()) {
|
||||
status = account.getPresenceStatusMessage();
|
||||
}
|
||||
if (status == null) {
|
||||
status = "";
|
||||
}
|
||||
final String status = Strings.nullToEmpty(account.getPresenceStatusMessage());
|
||||
xmppConnectionService.getPgpEngine().generateSignature(intent, account, status, new UiCallback<String>() {
|
||||
|
||||
@Override
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
package eu.siacs.conversations.utils;
|
||||
|
||||
import com.google.common.base.Joiner;
|
||||
import com.google.common.base.Splitter;
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.Iterables;
|
||||
import com.google.common.io.BaseEncoding;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class AsciiArmor {
|
||||
|
||||
public static byte[] decode(final String input) {
|
||||
final List<String> lines = Splitter.on('\n').splitToList(Strings.nullToEmpty(input).trim());
|
||||
if (lines.size() == 1) {
|
||||
final String line = lines.get(0);
|
||||
final String cleaned = line.substring(0, line.lastIndexOf("="));
|
||||
return BaseEncoding.base64().decode(cleaned);
|
||||
}
|
||||
final String withoutChecksum;
|
||||
if (Iterables.getLast(lines).charAt(0) == '=') {
|
||||
withoutChecksum = Joiner.on("").join(lines.subList(0, lines.size() - 1));
|
||||
} else {
|
||||
withoutChecksum = Joiner.on("").join(lines);
|
||||
}
|
||||
return BaseEncoding.base64().decode(withoutChecksum);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue