Add option to only accept signed backups
This commit is contained in:
Jakob Nixdorf
parent
505db3946e
commit
7097f350bb
4 changed files with 40 additions and 22 deletions
|
|
@ -25,6 +25,7 @@ import android.widget.TextView;
|
|||
import android.widget.Toast;
|
||||
|
||||
import org.openintents.openpgp.OpenPgpError;
|
||||
import org.openintents.openpgp.OpenPgpSignatureResult;
|
||||
import org.openintents.openpgp.util.OpenPgpApi;
|
||||
import org.openintents.openpgp.util.OpenPgpServiceConnection;
|
||||
|
||||
|
|
@ -404,29 +405,35 @@ public class BackupActivity extends AppCompatActivity {
|
|||
}
|
||||
}
|
||||
|
||||
public String outputStreamToString(ByteArrayOutputStream os) {
|
||||
String string = "";
|
||||
try {
|
||||
string = os.toString("UTF-8");
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
return string;
|
||||
}
|
||||
|
||||
public void handleOpenPGPResult(Intent result, ByteArrayOutputStream os, Uri file, int requestCode) {
|
||||
if (result.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR) == OpenPgpApi.RESULT_CODE_SUCCESS) {
|
||||
if (requestCode == INTENT_ENCRYPT) {
|
||||
if (os != null) {
|
||||
String encrypted = "";
|
||||
try {
|
||||
encrypted = os.toString("UTF-8");
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
doExportEncrypted(file, encrypted);
|
||||
}
|
||||
if (os != null)
|
||||
doExportEncrypted(file, outputStreamToString(os));
|
||||
} else if (requestCode == INTENT_DECRYPT) {
|
||||
if (os != null) {
|
||||
String decrypted = "";
|
||||
try {
|
||||
decrypted = os.toString("UTF-8");
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
if (settings.getBoolean(getString(R.string.settings_key_openpgp_verify), false)) {
|
||||
OpenPgpSignatureResult sigResult = result.getParcelableExtra(OpenPgpApi.RESULT_SIGNATURE);
|
||||
|
||||
doImportEncrypted(decrypted);
|
||||
if (sigResult.getResult() == OpenPgpSignatureResult.RESULT_VALID_KEY_CONFIRMED) {
|
||||
doImportEncrypted(outputStreamToString(os));
|
||||
} else {
|
||||
Toast.makeText(this, R.string.backup_toast_openpgp_not_verified, Toast.LENGTH_LONG).show();
|
||||
}
|
||||
} else {
|
||||
doImportEncrypted(outputStreamToString(os));
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if (result.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR) == OpenPgpApi.RESULT_CODE_USER_INTERACTION_REQUIRED) {
|
||||
|
|
@ -446,7 +453,7 @@ public class BackupActivity extends AppCompatActivity {
|
|||
}
|
||||
} else if (result.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR) == OpenPgpApi.RESULT_CODE_ERROR) {
|
||||
OpenPgpError error = result.getParcelableExtra(OpenPgpApi.RESULT_ERROR);
|
||||
Toast.makeText(this, "OpenPGP Error: " + error.getMessage(), Toast.LENGTH_LONG).show();
|
||||
Toast.makeText(this, String.format(getString(R.string.backup_toast_openpgp_error), error.getMessage()), Toast.LENGTH_LONG).show();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -36,4 +36,6 @@
|
|||
<string name="backup_toast_import_failed">Import from external storage failed</string>
|
||||
<string name="backup_toast_storage_not_accessible">External storage currently not accessible</string>
|
||||
<string name="backup_toast_storage_permissions">Storage permissions not granted</string>
|
||||
<string name="backup_toast_openpgp_error">OpenPGP Error: %s</string>
|
||||
<string name="backup_toast_openpgp_not_verified">No verified signature detected</string>
|
||||
</resources>
|
||||
|
|
@ -12,7 +12,8 @@
|
|||
|
||||
<string name="settings_title_openpgp_provider">Select OpenPGP provider</string>
|
||||
<string name="settings_title_openpgp_keyid">Select OpenPGP key</string>
|
||||
<string name="settings_title_openpgp_sign">Sign encrypted backups?</string>
|
||||
<string name="settings_title_openpgp_sign">Sign encrypted backups</string>
|
||||
<string name="settings_title_openpgp_verify">Verify encrypted backups</string>
|
||||
|
||||
<!-- Descriptions -->
|
||||
<string name="settings_desc_tap_to_reveal">If enabled the OTP token is hidden by default and has
|
||||
|
|
@ -25,9 +26,10 @@
|
|||
<string name="settings_desc_auth_device_not_secure">This feature requires a secure lock screen
|
||||
to be set up (Settings -> Security -> Screenlock).</string>
|
||||
|
||||
<string name="settings_desc_openpgp_sign">Should the encrypted backups also be signed with your
|
||||
key (requires password during each encryption)?
|
||||
</string>
|
||||
<string name="settings_desc_openpgp_sign">Every encrypted backup is additionally signed with
|
||||
your key (requires password).</string>
|
||||
<string name="settings_desc_openpgp_verify">Encrypted backups are only imported if they are
|
||||
signed with a valid key.</string>
|
||||
|
||||
<!-- Keys -->
|
||||
<string name="settings_key_tap_to_reveal" translatable="false">pref_tap_to_reveal</string>
|
||||
|
|
@ -36,5 +38,6 @@
|
|||
<string name="settings_key_openpgp_provider">pref_openpgp_provider</string>
|
||||
<string name="settings_key_openpgp_keyid">pref_openpgp_keyid</string>
|
||||
<string name="settings_key_openpgp_sign">pref_openpgp_sign</string>
|
||||
<string name="settings_key_openpgp_verify">pref_openpgp_verify</string>
|
||||
|
||||
</resources>
|
||||
|
|
@ -35,6 +35,12 @@
|
|||
android:summary="@string/settings_desc_openpgp_sign"
|
||||
android:defaultValue="false" />
|
||||
|
||||
<CheckBoxPreference
|
||||
android:key="@string/settings_key_openpgp_verify"
|
||||
android:title="@string/settings_title_openpgp_verify"
|
||||
android:summary="@string/settings_desc_openpgp_verify"
|
||||
android:defaultValue="false" />
|
||||
|
||||
</PreferenceCategory>
|
||||
|
||||
</PreferenceScreen>
|
||||
Loading…
Reference in a new issue