Update generating signed keylists to include new SHA256 field
#comment Update generating signed keylists to include new SHA256 field, as per the newly introduced KeyLists format. Affected: LoginService, AddressKeyActivationWorker Ticket: MAILAND-579
This commit is contained in:
parent
520eecc9ec
commit
086ecab605
|
@ -123,7 +123,8 @@ internal class CryptoTest {
|
|||
1,
|
||||
null,
|
||||
null,
|
||||
null
|
||||
null,
|
||||
1
|
||||
)
|
||||
)
|
||||
private val oneAddressKeyUserKeys = listOf(
|
||||
|
@ -198,7 +199,8 @@ internal class CryptoTest {
|
|||
1,
|
||||
null,
|
||||
null,
|
||||
null
|
||||
null,
|
||||
1
|
||||
)
|
||||
)
|
||||
//endregion
|
||||
|
@ -308,7 +310,8 @@ internal class CryptoTest {
|
|||
=68Qs
|
||||
-----END PGP SIGNATURE-----
|
||||
""".trimIndent(),
|
||||
null
|
||||
null,
|
||||
1
|
||||
),
|
||||
Keys(
|
||||
"QtsLAEJcOo_jhThoFLMfCQrWme3lRiQ16TWHwE9O0Vr-4Qn-3xSWvHGzYesK72--nTwebC9ZK01RhMd16ymDFg==",
|
||||
|
@ -364,7 +367,8 @@ internal class CryptoTest {
|
|||
=4SVY
|
||||
-----END PGP SIGNATURE-----
|
||||
""".trimIndent(),
|
||||
null
|
||||
null,
|
||||
1
|
||||
),
|
||||
Keys(
|
||||
"Kufr0UxSSqOB6975FEPC17yNhhq6FyE_Jc18-O_Q3w7bB3yWgC-hgJrxRF2iJxfqTDAwMjtvv8_roYJhDpv8Pg==",
|
||||
|
@ -465,7 +469,8 @@ internal class CryptoTest {
|
|||
=yh1P
|
||||
-----END PGP SIGNATURE-----
|
||||
""".trimIndent(),
|
||||
null
|
||||
null,
|
||||
1
|
||||
),
|
||||
Keys(
|
||||
"v3foSmcRMfxukR9VdZH-ql-sm4lFfAkHYbgsCzUbSrHQD-49BkEQVlmgkWk1u8oxMkceVW5Loaxwma3RSFTK8w==",
|
||||
|
@ -566,7 +571,8 @@ internal class CryptoTest {
|
|||
=Jrx1
|
||||
-----END PGP SIGNATURE-----
|
||||
""".trimIndent(),
|
||||
null
|
||||
null,
|
||||
1
|
||||
)
|
||||
)
|
||||
val manyAddressKeysUserKeys = listOf(
|
||||
|
@ -641,7 +647,8 @@ internal class CryptoTest {
|
|||
1,
|
||||
null,
|
||||
null,
|
||||
null
|
||||
null,
|
||||
1
|
||||
),
|
||||
Keys(
|
||||
"XFEG7ogZjpsk23o8AIPlzKZiqLnLlATQmbIJzt-RubRpwhNd6F2I29OSJWqwKiq73IQfctWOn9mgJ8J3Av4Xew==",
|
||||
|
@ -714,7 +721,8 @@ internal class CryptoTest {
|
|||
0,
|
||||
null,
|
||||
null,
|
||||
null
|
||||
null,
|
||||
1
|
||||
)
|
||||
)
|
||||
//endregion
|
||||
|
|
|
@ -46,8 +46,9 @@ public class Keys extends ResponseBody implements Parcelable {
|
|||
String Token;
|
||||
String Signature;
|
||||
String Activation;
|
||||
int Active;
|
||||
|
||||
public Keys(String ID, String privateKey, int flags, int primary, String token, String signature, String activation) {
|
||||
public Keys(String ID, String privateKey, int flags, int primary, String token, String signature, String activation, int active) {
|
||||
this.ID = ID;
|
||||
PrivateKey = privateKey;
|
||||
Flags = flags;
|
||||
|
@ -55,6 +56,7 @@ public class Keys extends ResponseBody implements Parcelable {
|
|||
Token = token;
|
||||
Signature = signature;
|
||||
Activation = activation;
|
||||
Active = active;
|
||||
}
|
||||
|
||||
protected Keys(Parcel in) {
|
||||
|
@ -65,6 +67,7 @@ public class Keys extends ResponseBody implements Parcelable {
|
|||
Token = in.readString();
|
||||
Signature = in.readString();
|
||||
Activation = in.readString();
|
||||
Active = in.readInt();
|
||||
}
|
||||
|
||||
public static final Creator<Keys> CREATOR = new Creator<Keys>() {
|
||||
|
@ -123,6 +126,10 @@ public class Keys extends ResponseBody implements Parcelable {
|
|||
return Activation;
|
||||
}
|
||||
|
||||
public int getActive() {
|
||||
return Active;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int describeContents() {
|
||||
return 0;
|
||||
|
@ -137,6 +144,7 @@ public class Keys extends ResponseBody implements Parcelable {
|
|||
dest.writeString(Token);
|
||||
dest.writeString(Signature);
|
||||
dest.writeString(Activation);
|
||||
dest.writeInt(Active);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -31,6 +31,7 @@ import ch.protonmail.android.core.ProtonMailApplication
|
|||
import ch.protonmail.android.core.UserManager
|
||||
import ch.protonmail.android.utils.Logger
|
||||
import ch.protonmail.android.utils.crypto.OpenPGP
|
||||
import com.proton.gopenpgp.helper.Helper
|
||||
import javax.inject.Inject
|
||||
|
||||
// region constants
|
||||
|
@ -76,7 +77,10 @@ class AddressKeyActivationWorker(context: Context, params: WorkerParameters) : W
|
|||
|
||||
val newPrivateKey: String = openPgp.updatePrivateKeyPassphrase(key.privateKey, activationToken.toByteArray() /*TODO passphrase*/, mailboxPassword)
|
||||
val keyFingerprint = openPgp.getFingerprint(key.privateKey)
|
||||
val keyList = "[{\"Fingerprint\": \"$keyFingerprint\", \"Primary\": 1, \"Flags\": 3}]" // one-element JSON list
|
||||
val keyList = "[{\"Fingerprint\": \"" + keyFingerprint + "\", " +
|
||||
"\"SHA256Fingerprints\": " + String(Helper.getJsonSHA256Fingerprints(key.privateKey)) + ", " +
|
||||
"\"Primary\": 1, \"Flags\": 3}]" // one-element JSON list
|
||||
|
||||
val signature = openPgp.signTextDetached(keyList, newPrivateKey, mailboxPassword)
|
||||
val signedKeyList = SignedKeyList(keyList, signature)
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ import androidx.core.app.ProtonJobIntentService;
|
|||
import com.birbit.android.jobqueue.JobManager;
|
||||
import com.google.android.gms.safetynet.SafetyNet;
|
||||
import com.proton.gopenpgp.crypto.ClearTextMessage;
|
||||
import com.proton.gopenpgp.helper.Helper;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
@ -847,6 +848,7 @@ public class LoginService extends ProtonJobIntentService {
|
|||
final String privateKey = userManager.getPrivateKey();
|
||||
|
||||
AddressPrivateKey addressPrivateKey = new AddressPrivateKey(addressId, privateKey);
|
||||
|
||||
addressPrivateKey.setSignedKeyList(generateSignedKeyList(privateKey));
|
||||
List<AddressPrivateKey> addressPrivateKeys = new ArrayList<>();
|
||||
addressPrivateKeys.add(addressPrivateKey);
|
||||
|
@ -878,7 +880,9 @@ public class LoginService extends ProtonJobIntentService {
|
|||
|
||||
private SignedKeyList generateSignedKeyList(String key) throws Exception {
|
||||
String keyFingerprint = openPGP.getFingerprint(key);
|
||||
String keyList = "[{\"Fingerprint\": \"" + keyFingerprint + "\", \"Primary\": 1, \"Flags\": 3}]"; // one-element JSON list
|
||||
String keyList = "[{\"Fingerprint\": \"" + keyFingerprint + "\", " +
|
||||
"\"SHA256Fingerprints\": " + new String(Helper.getJsonSHA256Fingerprints(key)) + ", " +
|
||||
"\"Primary\": 1, \"Flags\": 3}]"; // one-element JSON list
|
||||
String signedKeyList = openPGP.signTextDetached(keyList, key, userManager.getMailboxPassword());
|
||||
return new SignedKeyList(keyList, signedKeyList);
|
||||
}
|
||||
|
|
|
@ -66,7 +66,8 @@ class AddressKeyBridgeMapper @Inject constructor() : BridgeMapper<OldKey, Addres
|
|||
privateKey = PgpField.PrivateKey(NotBlankString(privateKey)),
|
||||
token = getToken(token),
|
||||
signature = getSignature(signature),
|
||||
activation = getActivation(activation)
|
||||
activation = getActivation(activation),
|
||||
active = getActive(active)
|
||||
)
|
||||
|
||||
private fun canEncrypt(flags: Int) =
|
||||
|
@ -84,6 +85,8 @@ class AddressKeyBridgeMapper @Inject constructor() : BridgeMapper<OldKey, Addres
|
|||
private fun getActivation(activation: String?) =
|
||||
activation?.takeIfNotBlank()?.let { PgpField.Message(NotBlankString(it)) }
|
||||
|
||||
private fun getActive(active: Int) = active == 1
|
||||
|
||||
private companion object {
|
||||
const val CAN_VERIFY_SIGNATURE = 1 // 01
|
||||
const val CAN_ENCRYPT_VALUE = 2 // 10
|
||||
|
|
|
@ -67,7 +67,13 @@ data class AddressKey(
|
|||
* decrypt the encrypted address key.
|
||||
* The address key will be encrypted using the pwd + salt and updated.
|
||||
*/
|
||||
val activation: PgpField.Message?
|
||||
val activation: PgpField.Message?,
|
||||
|
||||
/**
|
||||
* Newly added entry in AddressKey model on API side. Designates whether a key can be decrypted or not.
|
||||
* Non-decryptable keys should be excluded from keylists since their ownership cannot be proved
|
||||
*/
|
||||
val active: Boolean
|
||||
)
|
||||
|
||||
/**
|
||||
|
|
|
@ -83,7 +83,8 @@ internal class AddressKeyTest {
|
|||
privateKey = PrivateKey(NotBlankString("priv_key")),
|
||||
token = null,
|
||||
signature = null,
|
||||
activation = null
|
||||
activation = null,
|
||||
active = true
|
||||
)
|
||||
|
||||
private val anotherDummyKey = dummyKey.copy(id = Id("another_id"))
|
||||
|
|
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue