Code formatting and package re-structuring

OpenKeychain/src/main/AndroidManifest.xml

@@ -105,7 +105,7 @@
             </intent-filter>
         </receiver>
         <!-- broadcast receiver for Orbots status -->
-        <receiver android:name=".util.orbot.OrbotStatusReceiver">
+        <receiver android:name=".network.orbot.OrbotStatusReceiver">
             <intent-filter>
                 <action android:name="org.torproject.android.intent.action.STATUS"/>
             </intent-filter>

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/KeychainApplication.java

@@ -40,7 +40,7 @@ import org.sufficientlysecure.keychain.ui.util.FormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.PRNGFixes;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.TlsHelper;
+import org.sufficientlysecure.keychain.network.TlsCertificatePinning;
 
 import java.security.Security;
 import java.util.HashMap;
@@ -114,9 +114,9 @@ public class KeychainApplication extends Application {
         // Update keyserver list as needed
         Preferences.getPreferences(this).upgradePreferences(this);
 
-        TlsHelper.addPinnedCertificate("hkps.pool.sks-keyservers.net", getAssets(), "hkps.pool.sks-keyservers.net.CA.cer");
-        TlsHelper.addPinnedCertificate("pgp.mit.edu", getAssets(), "pgp.mit.edu.cer");
-        TlsHelper.addPinnedCertificate("api.keybase.io", getAssets(), "api.keybase.io.CA.cer");
+        TlsCertificatePinning.addPinnedCertificate("hkps.pool.sks-keyservers.net", getAssets(), "hkps.pool.sks-keyservers.net.CA.cer");
+        TlsCertificatePinning.addPinnedCertificate("pgp.mit.edu", getAssets(), "pgp.mit.edu.cer");
+        TlsCertificatePinning.addPinnedCertificate("api.keybase.io", getAssets(), "api.keybase.io.CA.cer");
 
         TemporaryFileProvider.cleanUp(this);
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/FacebookKeyserver.java

@@ -30,9 +30,9 @@ import org.sufficientlysecure.keychain.pgp.UncachedPublicKey;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpClientFactory;
+import org.sufficientlysecure.keychain.network.OkHttpClientFactory;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
-import org.sufficientlysecure.keychain.util.TlsHelper;
+import org.sufficientlysecure.keychain.network.TlsCertificatePinning;
 
 import java.io.IOException;
 import java.net.Proxy;
@@ -128,7 +128,7 @@ public class FacebookKeyserver extends Keyserver {
             throw new QueryFailedException("Cannot connect to Facebook. "
                     + "Check your Internet connection!"
                     + (proxy.getProxy() == Proxy.NO_PROXY ? "" : " Using proxy " + proxy.getProxy()));
-        } catch (TlsHelper.TlsHelperException e) {
+        } catch (TlsCertificatePinning.TlsCertificatePinningException e) {
             Log.e(Constants.TAG, "Exception in cert pinning", e);
             throw new QueryFailedException("Exception in cert pinning.");
         }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/KeybaseKeyserver.java

@@ -25,7 +25,7 @@ import com.textuality.keybase.lib.User;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpKeybaseClient;
+import org.sufficientlysecure.keychain.network.OkHttpKeybaseClient;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 
 import java.util.ArrayList;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/ParcelableHkpKeyserver.java

@@ -54,9 +54,9 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.PgpHelper;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpClientFactory;
+import org.sufficientlysecure.keychain.network.OkHttpClientFactory;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
-import org.sufficientlysecure.keychain.util.TlsHelper;
+import org.sufficientlysecure.keychain.network.TlsCertificatePinning;
 
 public class ParcelableHkpKeyserver extends Keyserver implements Parcelable {
 
@@ -228,7 +228,7 @@ public class ParcelableHkpKeyserver extends Keyserver implements Parcelable {
             Log.e(Constants.TAG, "IOException at HkpKeyserver", e);
             throw new Keyserver.QueryFailedException("Keyserver '" + mUrl + "' is unavailable. Check your Internet connection!" +
                     (proxy.getProxy() == Proxy.NO_PROXY ? "" : " Using proxy " + proxy.getProxy()));
-        } catch (TlsHelper.TlsHelperException e) {
+        } catch (TlsCertificatePinning.TlsCertificatePinningException e) {
             Log.e(Constants.TAG, "Exception in pinning certs", e);
             throw new Keyserver.QueryFailedException("Exception in pinning certs");
         } catch (UnsupportedCharsetException e) {
@@ -439,7 +439,7 @@ public class ParcelableHkpKeyserver extends Keyserver implements Parcelable {
         } catch (IOException e) {
             Log.e(Constants.TAG, "IOException", e);
             throw new Keyserver.AddKeyException();
-        } catch (TlsHelper.TlsHelperException e) {
+        } catch (TlsCertificatePinning.TlsCertificatePinningException e) {
             Log.e(Constants.TAG, "Exception in pinning certs", e);
             throw new Keyserver.AddKeyException();
         } catch (URISyntaxException e) {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/processing/ImportKeysListCloudLoader.java

@@ -33,7 +33,7 @@ import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.util.ArrayList;
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/linked/LinkedTokenResource.java

@@ -33,7 +33,7 @@ import org.sufficientlysecure.keychain.operations.results.OperationResult.LogTyp
 import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpClientFactory;
+import org.sufficientlysecure.keychain.network.OkHttpClientFactory;
 
 import java.io.IOException;
 import java.net.MalformedURLException;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpClientFactory.java

@@ -15,7 +15,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.network;
 
 import java.io.IOException;
 import java.net.Proxy;
@@ -47,7 +47,7 @@ public class OkHttpClientFactory {
     }
 
     public static OkHttpClient getClientPinnedIfAvailable(URL url, Proxy proxy)
-            throws IOException, TlsHelper.TlsHelperException {
+            throws IOException, TlsCertificatePinning.TlsCertificatePinningException {
         OkHttpClient.Builder builder = new OkHttpClient.Builder();
 
         // don't follow any redirects for keyservers, as discussed in the security audit
@@ -66,8 +66,8 @@ public class OkHttpClientFactory {
 
         // If a pinned cert is available, use it!
         // NOTE: this fails gracefully back to "no pinning" if no cert is available.
-        if (url != null && TlsHelper.getPinnedSslSocketFactory(url) != null) {
-            builder.sslSocketFactory(TlsHelper.getPinnedSslSocketFactory(url));
+        if (url != null && TlsCertificatePinning.getPinnedSslSocketFactory(url) != null) {
+            builder.sslSocketFactory(TlsCertificatePinning.getPinnedSslSocketFactory(url));
         }
 
         return builder.build();

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpKeybaseClient.java

@@ -15,8 +15,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util;
-
+package org.sufficientlysecure.keychain.network;
 
 import com.textuality.keybase.lib.KeybaseUrlConnectionClient;
 
@@ -24,6 +23,7 @@ import okhttp3.OkHttpClient;
 import okhttp3.Request;
 
 import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.util.Log;
 
 import java.io.IOException;
 import java.net.Proxy;
@@ -44,7 +44,7 @@ public class OkHttpKeybaseClient implements KeybaseUrlConnectionClient {
             } else {
                 client = OkHttpClientFactory.getSimpleClient();
             }
-        } catch (TlsHelper.TlsHelperException e) {
+        } catch (TlsCertificatePinning.TlsCertificatePinningException e) {
             Log.e(Constants.TAG, "TlsHelper failed", e);
             throw new IOException("TlsHelper failed");
         }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/TlsCertificatePinning.java

@@ -15,11 +15,12 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.network;
 
 import android.content.res.AssetManager;
 
 import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.util.Log;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
@@ -40,7 +41,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSocketFactory;
 import javax.net.ssl.TrustManagerFactory;
 
-public class TlsHelper {
+public class TlsCertificatePinning {
 
     private static Map<String, byte[]> sPinnedCertificates = new HashMap<>();
 
@@ -70,10 +71,10 @@ public class TlsHelper {
      * Use pinned certificate for OkHttpClient if we have one.
      *
      * @return true, if certificate is available, false if not
-     * @throws TlsHelperException
+     * @throws TlsCertificatePinningException
      * @throws IOException
      */
-    public static SSLSocketFactory getPinnedSslSocketFactory(URL url) throws TlsHelperException, IOException {
+    public static SSLSocketFactory getPinnedSslSocketFactory(URL url) throws TlsCertificatePinningException, IOException {
         if (url.getProtocol().equals("https")) {
             // use certificate PIN from assets if we have one
             for (String host : sPinnedCertificates.keySet()) {
@@ -92,11 +93,11 @@ public class TlsHelper {
      * to URLs with passed certificate.
      *
      * @param certificate certificate to pin
-     * @throws TlsHelperException
+     * @throws TlsCertificatePinningException
      * @throws IOException
      */
     private static SSLSocketFactory pinCertificate(byte[] certificate)
-            throws TlsHelperException, IOException {
+            throws TlsCertificatePinningException, IOException {
         // We don't use OkHttp's CertificatePinner since it can not be used to pin self-signed
         // certificate if such certificate is not accepted by TrustManager.
         // (Refer to note at end of description:
@@ -124,12 +125,12 @@ public class TlsHelper {
 
             return context.getSocketFactory();
         } catch (CertificateException | KeyStoreException | KeyManagementException | NoSuchAlgorithmException e) {
-            throw new TlsHelperException(e);
+            throw new TlsCertificatePinningException(e);
         }
     }
 
-    public static class TlsHelperException extends Exception {
-        public TlsHelperException(Exception e) {
+    public static class TlsCertificatePinningException extends Exception {
+        TlsCertificatePinningException(Exception e) {
             super(e);
         }
     }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/orbot/OrbotHelper.java

@@ -47,7 +47,7 @@
         *****
 */
 
-package org.sufficientlysecure.keychain.util.orbot;
+package org.sufficientlysecure.keychain.network.orbot;
 
 import android.app.Activity;
 import android.app.ProgressDialog;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/orbot/OrbotStatusReceiver.java

@@ -13,7 +13,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util.orbot;
+package org.sufficientlysecure.keychain.network.orbot;
 
 import android.content.BroadcastReceiver;
 import android.content.Context;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/ImportOperation.java

@@ -50,10 +50,9 @@ import org.sufficientlysecure.keychain.util.ParcelableFileCache;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.io.IOException;
-import java.net.Proxy;
 import java.util.ArrayList;
 import java.util.GregorianCalendar;
 import java.util.Iterator;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/KeybaseVerificationOperation.java

@@ -40,9 +40,9 @@ import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.service.KeybaseVerificationParcel;
 import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
-import org.sufficientlysecure.keychain.util.OkHttpKeybaseClient;
+import org.sufficientlysecure.keychain.network.OkHttpKeybaseClient;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/UploadOperation.java

@@ -45,7 +45,7 @@ import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/ECKeyFormat.java

@@ -42,13 +42,15 @@ public class ECKeyFormat extends KeyFormat {
         return mECAlgorithmFormat;
     }
 
-    public ASN1ObjectIdentifier getCurveOID() { return mECCurveOID; }
+    public ASN1ObjectIdentifier getCurveOID() {
+        return mECCurveOID;
+    }
 
     public enum ECAlgorithmFormat {
-        ECDH((byte)18, true, false),
-        ECDH_WITH_PUBKEY((byte)18, true, true),
-        ECDSA((byte)19, false, false),
-        ECDSA_WITH_PUBKEY((byte)19, false, true);
+        ECDH((byte) 18, true, false),
+        ECDH_WITH_PUBKEY((byte) 18, true, true),
+        ECDSA((byte) 19, false, false),
+        ECDSA_WITH_PUBKEY((byte) 19, false, true);
 
         private final byte mValue;
         private final boolean mIsECDH;
@@ -62,16 +64,24 @@ public class ECKeyFormat extends KeyFormat {
 
         public static ECKeyFormat.ECAlgorithmFormat from(final byte bFirst, final byte bLast) {
             for (ECKeyFormat.ECAlgorithmFormat format : values()) {
-                if (format.mValue == bFirst && ((bLast == (byte)0xff) == format.isWithPubkey())) {
+                if (format.mValue == bFirst && ((bLast == (byte) 0xff) == format.isWithPubkey())) {
                     return format;
                 }
             }
             return null;
         }
 
-        public final byte getValue() { return mValue; }
-        public final boolean isECDH() { return mIsECDH; }
-        public final boolean isWithPubkey() { return mWithPubkey; }
+        public final byte getValue() {
+            return mValue;
+        }
+
+        public final boolean isECDH() {
+            return mIsECDH;
+        }
+
+        public final boolean isWithPubkey() {
+            return mWithPubkey;
+        }
     }
 
     public void addToSaveKeyringParcel(SaveKeyringParcel keyring, int keyFlags) {
@@ -80,7 +90,7 @@ public class ECKeyFormat extends KeyFormat {
 
         SaveKeyringParcel.Algorithm algo = SaveKeyringParcel.Algorithm.ECDSA;
         if (((keyFlags & KeyFlags.ENCRYPT_COMMS) == KeyFlags.ENCRYPT_COMMS)
-            || ((keyFlags & KeyFlags.ENCRYPT_STORAGE) == KeyFlags.ENCRYPT_STORAGE)) {
+                || ((keyFlags & KeyFlags.ENCRYPT_STORAGE) == KeyFlags.ENCRYPT_STORAGE)) {
             algo = SaveKeyringParcel.Algorithm.ECDH;
         }
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/Iso7816TLV.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.securitytoken;
 
 import java.io.IOException;
 import java.nio.ByteBuffer;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/OpenPgpCapabilities.java

@@ -17,8 +17,6 @@
 
 package org.sufficientlysecure.keychain.securitytoken;
 
-import org.sufficientlysecure.keychain.util.Iso7816TLV;
-
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
@@ -108,7 +106,7 @@ public class OpenPgpCapabilities {
     private void parseExtendedCaps(byte[] v) {
         mHasSM = (v[0] & MASK_SM) != 0;
         mHasKeyImport = (v[0] & MASK_KEY_IMPORT) != 0;
-        mAttriburesChangable =(v[0] & MASK_ATTRIBUTES_CHANGABLE) != 0;
+        mAttriburesChangable = (v[0] & MASK_ATTRIBUTES_CHANGABLE) != 0;
 
         mSMAESKeySize = (v[1] == 1) ? 16 : 32;
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/RSAKeyFormat.java

@@ -47,10 +47,10 @@ public class RSAKeyFormat extends KeyFormat {
     }
 
     public enum RSAAlgorithmFormat {
-        STANDARD((byte)0, false, false),
-        STANDARD_WITH_MODULUS((byte)1, false, true),
-        CRT((byte)2, true, false),
-        CRT_WITH_MODULUS((byte)3, true, true);
+        STANDARD((byte) 0, false, false),
+        STANDARD_WITH_MODULUS((byte) 1, false, true),
+        CRT((byte) 2, true, false),
+        CRT_WITH_MODULUS((byte) 3, true, true);
 
         private byte mValue;
         private boolean mIncludeModulus;
@@ -71,7 +71,9 @@ public class RSAKeyFormat extends KeyFormat {
             return null;
         }
 
-        public byte getValue() { return mValue; }
+        public byte getValue() {
+            return mValue;
+        }
 
         public boolean isIncludeModulus() {
             return mIncludeModulus;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SCP11bSecureMessaging.java

@@ -18,9 +18,7 @@
 package org.sufficientlysecure.keychain.securitytoken;
 
 import android.content.Context;
-import android.content.SharedPreferences;
 import android.support.annotation.NonNull;
-import android.util.Log;
 
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.x9.ECNamedCurveTable;
@@ -28,19 +26,11 @@ import org.bouncycastle.asn1.x9.X9ECParameters;
 import org.bouncycastle.math.ec.ECCurve;
 import org.bouncycastle.math.ec.ECPoint;
 import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Iterable;
-import org.bouncycastle.util.encoders.Hex;
 import org.sufficientlysecure.keychain.ui.SettingsSmartPGPAuthoritiesActivity;
-import org.sufficientlysecure.keychain.ui.util.Notify;
-import org.sufficientlysecure.keychain.util.Iso7816TLV;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.SecurityTokenUtils;
 
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.security.AlgorithmParameters;
 import java.security.InvalidAlgorithmParameterException;
@@ -55,7 +45,6 @@ import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.security.PublicKey;
 import java.security.SecureRandom;
-import java.security.SignatureException;
 import java.security.cert.CertPathBuilder;
 import java.security.cert.CertPathBuilderException;
 import java.security.cert.CertStore;
@@ -65,7 +54,6 @@ import java.security.cert.CertificateFactory;
 import java.security.cert.CollectionCertStoreParameters;
 import java.security.cert.PKIXBuilderParameters;
 import java.security.cert.PKIXCertPathBuilderResult;
-import java.security.cert.TrustAnchor;
 import java.security.cert.X509CertSelector;
 import java.security.cert.X509Certificate;
 import java.security.interfaces.ECPrivateKey;
@@ -75,10 +63,6 @@ import java.security.spec.ECParameterSpec;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.InvalidParameterSpecException;
 import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
@@ -89,7 +73,6 @@ import javax.crypto.NoSuchPaddingException;
 import javax.crypto.SecretKey;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
-import javax.net.ssl.TrustManagerFactory;
 import javax.smartcardio.CommandAPDU;
 import javax.smartcardio.ResponseAPDU;
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenHelper.java

@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2016 Nikita Mikhailov <nikita.s.mikhailov@gmail.com>
- * Copyright (C) 2013-2015 Dominik Schürmann <dominik@dominikschuermann.de>
+ * Copyright (C) 2013-2017 Dominik Schürmann <dominik@dominikschuermann.de>
  * Copyright (C) 2015 Vincent Breitmoser <v.breitmoser@mugenguild.com>
  * Copyright (C) 2013-2014 Signe Rüsch
  * Copyright (C) 2013-2014 Philipp Jakubeit
@@ -48,11 +48,10 @@ import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.SecretKeySpec;
 import javax.smartcardio.CommandAPDU;
 import javax.smartcardio.ResponseAPDU;
+
 import org.sufficientlysecure.keychain.securitytoken.usb.UsbTransportException;
-import org.sufficientlysecure.keychain.util.Iso7816TLV;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Passphrase;
-import org.sufficientlysecure.keychain.util.SecurityTokenUtils;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -101,7 +100,7 @@ public class SecurityTokenHelper {
     private boolean mPw1ValidatedForDecrypt; // Mode 82 does other things; consider renaming?
     private boolean mPw3Validated;
 
-    protected SecurityTokenHelper() {
+    private SecurityTokenHelper() {
     }
 
     public static double parseOpenPgpVersion(final byte[] aid) {
@@ -169,12 +168,14 @@ public class SecurityTokenHelper {
     private boolean isSlotEmpty(KeyType keyType) throws IOException {
         // Note: special case: This should not happen, but happens with
         // https://github.com/FluffyKaon/OpenPGP-Card, thus for now assume true
-        if (getKeyFingerprint(keyType) == null) return true;
+        if (getKeyFingerprint(keyType) == null) {
+            return true;
+        }
 
         return keyMatchesFingerPrint(keyType, BLANK_FINGERPRINT);
     }
 
-    public boolean keyMatchesFingerPrint(KeyType keyType, byte[] fingerprint) throws IOException {
+    private boolean keyMatchesFingerPrint(KeyType keyType, byte[] fingerprint) throws IOException {
         return java.util.Arrays.equals(getKeyFingerprint(keyType), fingerprint);
     }
 
@@ -208,7 +209,7 @@ public class SecurityTokenHelper {
         if (mOpenPgpCapabilities.isHasSM()) {
             try {
                 SCP11bSecureMessaging.establish(this, ctx);
-            } catch(SecureMessagingException e) {
+            } catch (SecureMessagingException e) {
                 mSecureMessaging = null;
                 Log.e(Constants.TAG, "failed to establish secure messaging", e);
             }
@@ -276,7 +277,7 @@ public class SecurityTokenHelper {
         byte[] data;
         int pLen = 0;
 
-        X9ECParameters x9Params = null;
+        X9ECParameters x9Params;
 
         switch (kf.keyFormatType()) {
             case RSAKeyFormatType:
@@ -292,7 +293,7 @@ public class SecurityTokenHelper {
 
                 System.arraycopy(encryptedSessionKey, 2, data, 0, pLen);
 
-                final ECKeyFormat eckf = (ECKeyFormat)kf;
+                final ECKeyFormat eckf = (ECKeyFormat) kf;
                 x9Params = NISTNamedCurves.getByOID(eckf.getCurveOID());
 
                 final ECPoint p = x9Params.getCurve().decodePoint(data);
@@ -303,15 +304,15 @@ public class SecurityTokenHelper {
                 data = p.getEncoded(false);
                 data = Arrays.concatenate(
                         Hex.decode("86"),
-                        new byte[]{ (byte)data.length },
+                        new byte[]{(byte) data.length},
                         data);
                 data = Arrays.concatenate(
                         Hex.decode("7F49"),
-                        new byte[] { (byte)data.length },
+                        new byte[]{(byte) data.length},
                         data);
                 data = Arrays.concatenate(
                         Hex.decode("A6"),
-                        new byte[] { (byte)data.length },
+                        new byte[]{(byte) data.length},
                         data);
                 break;
 
@@ -353,7 +354,7 @@ public class SecurityTokenHelper {
                 try {
                     final MessageDigest kdf = MessageDigest.getInstance(MessageDigestUtils.getDigestName(publicKey.getSecurityTokenHashAlgorithm()));
 
-                    kdf.update(new byte[]{ (byte)0, (byte)0, (byte)0, (byte)1 });
+                    kdf.update(new byte[]{(byte) 0, (byte) 0, (byte) 0, (byte) 1});
                     kdf.update(data);
                     kdf.update(publicKey.createUserKeyingMaterial(fingerprintCalculator));
 
@@ -364,7 +365,7 @@ public class SecurityTokenHelper {
 
                     final Key paddedSessionKey = c.unwrap(keyEnc, "Session", Cipher.SECRET_KEY);
 
-                    Arrays.fill(kek, (byte)0);
+                    Arrays.fill(kek, (byte) 0);
 
                     return PGPPad.unpadSessionData(paddedSessionKey.getEncoded());
                 } catch (NoSuchAlgorithmException e) {
@@ -443,7 +444,7 @@ public class SecurityTokenHelper {
 
 
     private void setKeyAttributes(final KeyType slot, final CanonicalizedSecretKey secretKey)
-             throws IOException {
+            throws IOException {
 
         if (mOpenPgpCapabilities.isAttributesChangable()) {
             int tag;
@@ -619,10 +620,10 @@ public class SecurityTokenHelper {
                 }
                 dsi = Arrays.concatenate(Hex.decode(
                         "3021" // Tag/Length of Sequence, the 0x21 includes all following 33 bytes
-                        + "3009" // Tag/Length of Sequence, the 0x09 are the following header bytes
-                        + "0605" + "2B0E03021A" // OID of SHA1
-                        + "0500" // TLV coding of ZERO
-                        + "0414"), hash); // 0x14 are 20 hash bytes
+                                + "3009" // Tag/Length of Sequence, the 0x09 are the following header bytes
+                                + "0605" + "2B0E03021A" // OID of SHA1
+                                + "0500" // TLV coding of ZERO
+                                + "0414"), hash); // 0x14 are 20 hash bytes
                 break;
             case HashAlgorithmTags.RIPEMD160:
                 if (hash.length != 20) {
@@ -700,13 +701,13 @@ public class SecurityTokenHelper {
                 }
                 final byte[] br = new byte[signature.length / 2];
                 final byte[] bs = new byte[signature.length / 2];
-                for(int i = 0; i < br.length; ++i) {
+                for (int i = 0; i < br.length; ++i) {
                     br[i] = signature[i];
                     bs[i] = signature[br.length + i];
                 }
                 final ByteArrayOutputStream baos = new ByteArrayOutputStream();
                 ASN1OutputStream out = new ASN1OutputStream(baos);
-                out.writeObject(new DERSequence(new ASN1Encodable[] { new ASN1Integer(br), new ASN1Integer(bs) }));
+                out.writeObject(new DERSequence(new ASN1Encodable[]{new ASN1Integer(br), new ASN1Integer(bs)}));
                 out.flush();
                 signature = baos.toByteArray();
                 break;
@@ -720,6 +721,7 @@ public class SecurityTokenHelper {
      * Transceives APDU
      * Splits extended APDU into short APDUs and chains them if necessary
      * Performs GET RESPONSE command(ISO/IEC 7816-4 par.7.6.1) on retrieving if necessary
+     *
      * @param apdu short or extended APDU to transceive
      * @return response from the card
      * @throws IOException
@@ -730,7 +732,7 @@ public class SecurityTokenHelper {
                 apdu = mSecureMessaging.encryptAndSign(apdu);
             } catch (SecureMessagingException e) {
                 clearSecureMessaging();
-                throw new IOException("secure messaging encrypt/sign failure : " + e. getMessage());
+                throw new IOException("secure messaging encrypt/sign failure : " + e.getMessage());
             }
         }
 
@@ -787,7 +789,7 @@ public class SecurityTokenHelper {
                 lastResponse = mSecureMessaging.verifyAndDecrypt(lastResponse);
             } catch (SecureMessagingException e) {
                 clearSecureMessaging();
-                throw new IOException("secure messaging verify/decrypt failure : " + e. getMessage());
+                throw new IOException("secure messaging verify/decrypt failure : " + e.getMessage());
             }
         }
 
@@ -923,7 +925,7 @@ public class SecurityTokenHelper {
         return mTransport != null &&
                 mTransport.isPersistentConnectionAllowed() &&
                 (mSecureMessaging == null ||
-                 !mSecureMessaging.isEstablished());
+                        !mSecureMessaging.isEstablished());
     }
 
     public boolean isConnected() {
@@ -931,7 +933,7 @@ public class SecurityTokenHelper {
     }
 
     public void clearSecureMessaging() {
-        if(mSecureMessaging != null) {
+        if (mSecureMessaging != null) {
             mSecureMessaging.clearSession();
         }
         mSecureMessaging = null;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtils.java

@@ -15,7 +15,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.securitytoken;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.util.Arrays;
@@ -41,11 +41,11 @@ public class SecurityTokenUtils {
             final byte[] attrs = new byte[6];
             int i = 0;
 
-            attrs[i++] = (byte)0x01;
-            attrs[i++] = (byte)((mModulusLength >> 8) & 0xff);
-            attrs[i++] = (byte)(mModulusLength & 0xff);
-            attrs[i++] = (byte)((mExponentLength >> 8) & 0xff);
-            attrs[i++] = (byte)(mExponentLength & 0xff);
+            attrs[i++] = (byte) 0x01;
+            attrs[i++] = (byte) ((mModulusLength >> 8) & 0xff);
+            attrs[i++] = (byte) (mModulusLength & 0xff);
+            attrs[i++] = (byte) ((mExponentLength >> 8) & 0xff);
+            attrs[i++] = (byte) (mExponentLength & 0xff);
             attrs[i++] = RSAKeyFormat.RSAAlgorithmFormat.CRT_WITH_MODULUS.getValue();
 
             return attrs;
@@ -61,7 +61,7 @@ public class SecurityTokenUtils {
 
             System.arraycopy(oid, 2, attrs, 1, (oid.length - 2));
 
-            attrs[attrs.length - 1] = (byte)0xff;
+            attrs[attrs.length - 1] = (byte) 0xff;
 
             return attrs;
         } else {
@@ -143,7 +143,7 @@ public class SecurityTokenUtils {
                 data = new ByteArrayOutputStream(),
                 res = new ByteArrayOutputStream();
 
-        final int csize = (int)Math.ceil(publicKey.getParams().getCurve().getField().getFieldSize() / 8.0);
+        final int csize = (int) Math.ceil(publicKey.getParams().getCurve().getField().getFieldSize() / 8.0);
 
         writeBits(data, secretKey.getS(), csize);
         template.write(Hex.decode("92"));
@@ -222,7 +222,7 @@ public class SecurityTokenUtils {
         final byte[] prime = value.toByteArray();
         int skip = 0;
 
-        while((skip < prime.length) && (prime[skip] == 0)) ++skip;
+        while ((skip < prime.length) && (prime[skip] == 0)) ++skip;
 
         if ((prime.length - skip) > width) {
             throw new IllegalArgumentException("not enough width to fit value: "
@@ -232,8 +232,8 @@ public class SecurityTokenUtils {
         byte[] res = new byte[width];
 
         System.arraycopy(prime, skip,
-                         res, width - (prime.length - skip),
-                         prime.length - skip);
+                res, width - (prime.length - skip),
+                prime.length - skip);
 
         stream.write(res, 0, width);
         Arrays.fill(res, (byte) 0);

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/UsbConnectionDispatcher.java

@@ -15,7 +15,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.securitytoken;
 
 import android.app.Activity;
 import android.content.BroadcastReceiver;
@@ -27,6 +27,7 @@ import android.hardware.usb.UsbManager;
 
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.ui.UsbEventReceiverActivity;
+import org.sufficientlysecure.keychain.util.Log;
 
 public class UsbConnectionDispatcher {
     private Activity mActivity;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/service/KeyserverSyncAdapterService.java

@@ -44,7 +44,7 @@ import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.util.ArrayList;
 import java.util.GregorianCalendar;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateSecurityTokenAlgorithmFragment.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
+ * Copyright (C) 2016 Dominik Schürmann <dominik@dominikschuermann.de>
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -35,15 +35,12 @@ import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
 import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
 import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
 import org.sufficientlysecure.keychain.util.Choice;
-import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.SecurityTokenUtils;
 
 import java.util.ArrayList;
 import java.util.List;
 
 public class CreateSecurityTokenAlgorithmFragment extends Fragment {
 
-
     public enum SupportedKeyType {
         RSA_2048, RSA_3072, RSA_4096, ECC_P256, ECC_P384, ECC_P521
     }
@@ -57,7 +54,6 @@ public class CreateSecurityTokenAlgorithmFragment extends Fragment {
     private Spinner mDecKeySpinner;
     private Spinner mAuthKeySpinner;
 
-
     /**
      * Creates new instance of this fragment
      */
@@ -75,8 +71,8 @@ public class CreateSecurityTokenAlgorithmFragment extends Fragment {
         final FragmentActivity context = getActivity();
         View view = inflater.inflate(R.layout.create_yubi_key_algorithm_fragment, container, false);
 
-        mBackButton = (TextView) view.findViewById(R.id.create_key_back_button);
-        mNextButton = (TextView) view.findViewById(R.id.create_key_next_button);
+        mBackButton = view.findViewById(R.id.create_key_back_button);
+        mNextButton = view.findViewById(R.id.create_key_next_button);
 
         mBackButton.setOnClickListener(new View.OnClickListener() {
             @Override
@@ -154,19 +150,17 @@ public class CreateSecurityTokenAlgorithmFragment extends Fragment {
     }
 
     private void nextClicked() {
-        mCreateKeyActivity.mSecurityTokenSign = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>)mSignKeySpinner.getSelectedItem()).getId(), false);
-        mCreateKeyActivity.mSecurityTokenDec = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>)mDecKeySpinner.getSelectedItem()).getId(), true);
-        mCreateKeyActivity.mSecurityTokenAuth = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>)mAuthKeySpinner.getSelectedItem()).getId(), false);
+        mCreateKeyActivity.mSecurityTokenSign = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>) mSignKeySpinner.getSelectedItem()).getId(), false);
+        mCreateKeyActivity.mSecurityTokenDec = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>) mDecKeySpinner.getSelectedItem()).getId(), true);
+        mCreateKeyActivity.mSecurityTokenAuth = KeyFormat.fromCreationKeyType(((Choice<SupportedKeyType>) mAuthKeySpinner.getSelectedItem()).getId(), false);
 
         CreateKeyFinalFragment frag = CreateKeyFinalFragment.newInstance();
         mCreateKeyActivity.loadFragment(frag, FragAction.TO_RIGHT);
     }
 
 
-
-
     private class TwoLineArrayAdapter extends ArrayAdapter<Choice<SupportedKeyType>> {
-        public TwoLineArrayAdapter(Context context, int resource, List<Choice<SupportedKeyType>> objects) {
+        TwoLineArrayAdapter(Context context, int resource, List<Choice<SupportedKeyType>> objects) {
             super(context, resource, objects);
         }
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ImportKeysListFragment.java

@@ -52,7 +52,7 @@ import org.sufficientlysecure.keychain.ui.util.PermissionsUtil;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
 import org.sufficientlysecure.keychain.util.Preferences.CloudSearchPrefs;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.util.ArrayList;
 

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/OrbotRequiredDialogActivity.java

@@ -35,7 +35,7 @@ import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
 import org.sufficientlysecure.keychain.ui.util.ThemeChanger;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 /**
  * Simply encapsulates a dialog. If orbot is not installed, it shows an install dialog, else a

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/SettingsActivity.java

@@ -56,7 +56,7 @@ import org.sufficientlysecure.keychain.ui.util.ThemeChanger;
 import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.util.Log;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.security.KeyStore;
 import java.security.KeyStoreException;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/ViewKeyKeybaseFragment.java

@@ -53,10 +53,10 @@ import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
 import org.sufficientlysecure.keychain.ui.base.LoaderFragment;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpKeybaseClient;
+import org.sufficientlysecure.keychain.network.OkHttpKeybaseClient;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.util.ArrayList;
 import java.util.Hashtable;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/base/BaseSecurityTokenActivity.java

@@ -46,7 +46,7 @@ import org.sufficientlysecure.keychain.securitytoken.CardException;
 import org.sufficientlysecure.keychain.securitytoken.NfcTransport;
 import org.sufficientlysecure.keychain.securitytoken.SecurityTokenHelper;
 import org.sufficientlysecure.keychain.securitytoken.Transport;
-import org.sufficientlysecure.keychain.util.UsbConnectionDispatcher;
+import org.sufficientlysecure.keychain.securitytoken.UsbConnectionDispatcher;
 import org.sufficientlysecure.keychain.securitytoken.usb.UsbTransport;
 import org.sufficientlysecure.keychain.ui.CreateKeyActivity;
 import org.sufficientlysecure.keychain.ui.PassphraseDialogActivity;

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/AddEditKeyserverDialogFragment.java

@@ -48,11 +48,11 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.keyimport.ParcelableHkpKeyserver;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.OkHttpClientFactory;
+import org.sufficientlysecure.keychain.network.OkHttpClientFactory;
 import org.sufficientlysecure.keychain.util.ParcelableProxy;
 import org.sufficientlysecure.keychain.util.Preferences;
-import org.sufficientlysecure.keychain.util.TlsHelper;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.TlsCertificatePinning;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 import java.io.IOException;
 import java.net.MalformedURLException;
@@ -367,7 +367,7 @@ public class AddEditKeyserverDialogFragment extends DialogFragment implements On
 
             // check TLS pinning only for non-Tor keyservers
             if (onlyTrustedKeyserver
-                    && TlsHelper.getPinnedSslSocketFactory(keyserverUriHttp.toURL()) == null) {
+                    && TlsCertificatePinning.getPinnedSslSocketFactory(keyserverUriHttp.toURL()) == null) {
                 Log.w(Constants.TAG, "No pinned certificate for this host in OpenKeychain's assets.");
                 reason = VerifyReturn.NO_PINNED_CERTIFICATE;
                 return reason;
@@ -385,7 +385,7 @@ public class AddEditKeyserverDialogFragment extends DialogFragment implements On
                         keyserverUriOnion.toURL(), proxy.getProxy());
                 clientTor.newCall(new Request.Builder().url(keyserverUriOnion.toURL()).build()).execute();
             }
-        } catch (TlsHelper.TlsHelperException e) {
+        } catch (TlsCertificatePinning.TlsCertificatePinningException e) {
             reason = VerifyReturn.CONNECTION_FAILED;
         } catch (MalformedURLException | URISyntaxException e) {
             Log.w(Constants.TAG, "Invalid keyserver URL entered by user.");

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/dialog/OrbotStartDialogFragment.java

@@ -36,7 +36,7 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.ui.util.ThemeChanger;
 import org.sufficientlysecure.keychain.util.Log;
-import org.sufficientlysecure.keychain.util.orbot.OrbotHelper;
+import org.sufficientlysecure.keychain.network.orbot.OrbotHelper;
 
 /**
  * displays a dialog asking the user to enable Tor

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/NfcHelper.java

@@ -38,6 +38,7 @@ import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.provider.KeychainContract;
 import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.ui.util.Notify;
+import org.sufficientlysecure.keychain.util.Log;
 
 import java.lang.ref.WeakReference;
 

OpenKeychain/src/test/java/org/sufficientlysecure/keychain/securitytoken/Iso7816TLVTest.java

@@ -13,20 +13,19 @@
  * limitations under the License.
  */
 
-package org.sufficientlysecure.keychain.util;
+package org.sufficientlysecure.keychain.securitytoken;
 
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.robolectric.RobolectricGradleTestRunner;
-import org.robolectric.RobolectricTestRunner;
 import org.robolectric.annotation.Config;
 import org.robolectric.shadows.ShadowLog;
 import org.bouncycastle.util.encoders.Hex;
-import org.sufficientlysecure.keychain.BuildConfig;
 import org.sufficientlysecure.keychain.WorkaroundBuildConfig;
-import org.sufficientlysecure.keychain.util.Iso7816TLV.Iso7816CompositeTLV;
+import org.sufficientlysecure.keychain.securitytoken.Iso7816TLV;
+import org.sufficientlysecure.keychain.securitytoken.Iso7816TLV.Iso7816CompositeTLV;
 
 @RunWith(RobolectricGradleTestRunner.class)
 @Config(constants = WorkaroundBuildConfig.class, sdk = 23, manifest = "src/main/AndroidManifest.xml")

OpenKeychain/src/test/java/org/sufficientlysecure/keychain/securitytoken/SecurityTokenUtilsTest.java

@@ -30,7 +30,6 @@ import org.robolectric.annotation.Config;
 import org.robolectric.shadows.ShadowLog;
 import org.sufficientlysecure.keychain.WorkaroundBuildConfig;
 import org.sufficientlysecure.keychain.securitytoken.usb.UsbTransportException;
-import org.sufficientlysecure.keychain.util.SecurityTokenUtils;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;