PeterCxy/open-keychain
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 1 Wiki Activity

Fix keybase verification

Browse source
This commit is contained in:
Dominik Schürmann 2015-10-21 23:07:10 +02:00
parent 69376a489e
commit 22c36d609c
4 changed files with 18 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/OkHttpKeybaseClient.java
View file

@ -34,24 +34,14 @@ import java.util.concurrent.TimeUnit;
*/
public class OkHttpKeybaseClient implements KeybaseUrlConnectionClient {
private final OkUrlFactory factory;
private static OkUrlFactory generateUrlFactory() {
private OkUrlFactory generateUrlFactory() {
OkHttpClient client = new OkHttpClient();
return new OkUrlFactory(client);
}
public OkHttpKeybaseClient() {
factory = generateUrlFactory();
}
@Override
public URLConnection openConnection(URL url) throws IOException {
return openConnection(url, null);
}
@Override
public URLConnection openConnection(URL url, Proxy proxy) throws IOException {
public URLConnection openConnection(URL url, Proxy proxy, boolean isKeybase) throws IOException {
OkUrlFactory factory = generateUrlFactory();
if (proxy != null) {
factory.client().setProxy(proxy);
factory.client().setConnectTimeout(30000, TimeUnit.MILLISECONDS);
@ -63,17 +53,24 @@ public class OkHttpKeybaseClient implements KeybaseUrlConnectionClient {
factory.client().setFollowSslRedirects(false);
// forced the usage of keybase.io pinned certificate
try {
if (!TlsHelper.usePinnedCertificateIfAvailable(factory.client(), url)) {
throw new IOException("no pinned certificate found for URL!");
// forced the usage of api.keybase.io pinned certificate
if (isKeybase) {
try {
if (!TlsHelper.usePinnedCertificateIfAvailable(factory.client(), url)) {
throw new IOException("no pinned certificate found for URL!");
}
} catch (TlsHelper.TlsHelperException e) {
Log.e(Constants.TAG, "TlsHelper failed", e);
throw new IOException("TlsHelper failed");
}
} catch (TlsHelper.TlsHelperException e) {
Log.e(Constants.TAG, "TlsHelper failed", e);
throw new IOException("TlsHelper failed");
}
return factory.open(url);
}
@Override
public String getKeybaseBaseUrl() {
return "https://api.keybase.io/";
}
}

9
OpenKeychain/src/main/res/layout/view_key_adv_keybase_fragment.xml
View file

@ -30,15 +30,6 @@
android:layout_height="wrap_content"
android:text="@string/section_keybase_proofs" />
<TextView
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:background="?attr/colorButtonRow"
android:gravity="center_horizontal"
android:padding="8dp"
android:text="@string/key_trust_header_text"
android:textAppearance="?android:attr/textAppearanceSmall" />
<View
android:layout_width="match_parent"
android:layout_height="1dip"

1
OpenKeychain/src/main/res/values/strings.xml
View file

@ -681,7 +681,6 @@
<string name="key_trust_no_cloud_evidence">"No proof from the Internet on this keys trustworthiness."</string>
<string name="key_trust_start_cloud_search">"Start search"</string>
<string name="key_trust_results_prefix">"Keybase.io offers “proofs” which assert that the owner of this key: "</string>
<string name="key_trust_header_text">"Note: Keybase.io proofs are an experimental feature of OpenKeychain. We encourage you to scan QR Codes or exchange keys via NFC in addition to confirming them."</string>
<!-- keybase proof stuff -->
<string name="keybase_narrative_twitter">"Posts to Twitter as %s"</string>

2
extern/KeybaseLib vendored

@ -1 +1 @@
Subproject commit b89648f50011445df59fa02f16a0691857aea681
Subproject commit bc02742a59f4cc984cd497e14ac48cb61fe6e8ce