FlowCrypt
diff --git a/‎FlowCrypt/build.gradle.kts‎
Lines changed: 1 addition & 1 deletion b/‎FlowCrypt/build.gradle.kts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/WkdClientTest.kt‎
Lines changed: 1 addition & 1 deletion b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/WkdClientTest.kt‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/ComposeScreenReloadPublicKeyFlowTest.kt‎
Lines changed: 2 additions & 2 deletions b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/ComposeScreenReloadPublicKeyFlowTest.kt‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/SubmitPublicKeyToAttesterForImportedKeyDuringSetupFlowTest.kt‎
Lines changed: 4 additions & 3 deletions b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/SubmitPublicKeyToAttesterForImportedKeyDuringSetupFlowTest.kt‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/base/BaseGmailApiTest.kt‎
Lines changed: 16 additions & 11 deletions b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/base/BaseGmailApiTest.kt‎
Lines changed: 16 additions & 11 deletions
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/base/BasePublicKeyDetailsTest.kt‎
Lines changed: 2 additions & 2 deletions b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/base/BasePublicKeyDetailsTest.kt‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/fragment/isolation/incontainer/PrivateKeysListFragmentInIsolationTest.kt‎
Lines changed: 10 additions & 4 deletions b/‎FlowCrypt/src/androidTest/java/com/flowcrypt/email/ui/fragment/isolation/incontainer/PrivateKeysListFragmentInIsolationTest.kt‎
Lines changed: 10 additions & 4 deletions
diff --git a/‎FlowCrypt/src/main/java/com/flowcrypt/email/FlowCryptApplication.kt‎
Lines changed: 22 additions & 19 deletions b/‎FlowCrypt/src/main/java/com/flowcrypt/email/FlowCryptApplication.kt‎
Lines changed: 22 additions & 19 deletions
diff --git a/‎FlowCrypt/src/main/java/com/flowcrypt/email/extensions/org/bouncycastle/openpgp/OpenPGPCertificateExt.kt‎
Lines changed: 18 additions & 0 deletions b/‎FlowCrypt/src/main/java/com/flowcrypt/email/extensions/org/bouncycastle/openpgp/OpenPGPCertificateExt.kt‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎FlowCrypt/src/main/java/com/flowcrypt/email/extensions/org/bouncycastle/openpgp/PGPKeyRingExt.kt‎
Lines changed: 12 additions & 5 deletions b/‎FlowCrypt/src/main/java/com/flowcrypt/email/extensions/org/bouncycastle/openpgp/PGPKeyRingExt.kt‎
Lines changed: 12 additions & 5 deletions
@@ -514,7 +514,7 @@ dependencies {
   //kotlinx-serialization-core added to fix runtime issue with dependencies conflict.
   //Maybe it will be removed in future.
   implementation("org.jetbrains.kotlinx:kotlinx-serialization-core:1.9.0")
-  implementation("org.pgpainless:pgpainless-core:1.7.6")
+  implementation("org.pgpainless:pgpainless-core:2.0.1")
   implementation("org.eclipse.angus:angus-mail:2.0.5")
   implementation("org.eclipse.angus:gimap:2.0.5")
   implementation("commons-io:commons-io:2.20.0")
 
@@ -53,7 +53,7 @@ class WkdClientTest {
           genLookupUrlPath(EXISTING_EMAIL) -> {
             return MockResponse().setResponseCode(HttpURLConnection.HTTP_OK)
               .setBody(
-                PGPainless.generateKeyRing().simpleEcKeyRing(EXISTING_EMAIL).publicKey.armor()
+                PGPainless.getInstance().generateKey().simpleEcKeyRing(EXISTING_EMAIL).armor()
               )
           }
 
 
@@ -59,8 +59,8 @@ class ComposeScreenReloadPublicKeyFlowTest : BaseComposeScreenTest() {
   override val activityScenario: ActivityScenario<*>?
     get() = activityScenarioRule.scenario
 
-  private val pgpKeyRingDetails = PGPainless.generateKeyRing()
-    .simpleEcKeyRing(RECIPIENT, TestConstants.DEFAULT_PASSWORD).toPgpKeyRingDetails()
+  private val pgpKeyRingDetails = PGPainless.getInstance().generateKey()
+    .simpleEcKeyRing(RECIPIENT, TestConstants.DEFAULT_PASSWORD).pgpKeyRing.toPgpKeyRingDetails()
 
   private val addRecipientsToDatabaseRule = AddRecipientsToDatabaseRule(
     listOf(
 
@@ -78,10 +78,11 @@ class SubmitPublicKeyToAttesterForImportedKeyDuringSetupFlowTest : BaseSignTest(
 
   @Before
   fun prepareResources() {
-    val generatedKey = PGPainless.generateKeyRing().simpleEcKeyRing(
-      UserId.nameAndEmail(USER_ENFORCE_ATTESTER_SUBMIT, USER_ENFORCE_ATTESTER_SUBMIT),
+    val generatedKey = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
+        UserId.nameAndEmail(USER_ENFORCE_ATTESTER_SUBMIT, USER_ENFORCE_ATTESTER_SUBMIT),
       TestConstants.DEFAULT_STRONG_PASSWORD
-    ).toPgpKeyRingDetails()
+      ).pgpKeyRing.toPgpKeyRingDetails()
 
     privateKey = requireNotNull(generatedKey.privateKey)
     fileWithPrivateKey = TestGeneralUtil.createFileWithTextContent(
 
@@ -1766,26 +1766,31 @@ abstract class BaseGmailApiTest(val accountEntity: AccountEntity = BASE_ACCOUNT_
     const val DEFAULT_CC_RECIPIENT = "Cc <default_cc@flowcrypt.test>"
     const val DEFAULT_BCC_RECIPIENT = "Bcc <default_bcc@flowcrypt.test>"
 
-    val existingCcPgpKeyDetails = PGPainless.generateKeyRing().simpleEcKeyRing(
+    val existingCcPgpKeyDetails = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
       EXISTING_MESSAGE_CC_RECIPIENT,
       TestConstants.DEFAULT_PASSWORD
-    ).toPgpKeyRingDetails()
-    val defaultFromPgpKeyDetails = PGPainless.generateKeyRing().simpleEcKeyRing(
+      ).pgpKeyRing.toPgpKeyRingDetails()
+    val defaultFromPgpKeyDetails = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
       DEFAULT_FROM_RECIPIENT,
       TestConstants.DEFAULT_PASSWORD
-    ).toPgpKeyRingDetails()
-    val defaultToPgpKeyDetails = PGPainless.generateKeyRing().simpleEcKeyRing(
+      ).pgpKeyRing.toPgpKeyRingDetails()
+    val defaultToPgpKeyDetails = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
       DEFAULT_TO_RECIPIENT,
       TestConstants.DEFAULT_PASSWORD
-    ).toPgpKeyRingDetails()
-    val defaultCcPgpKeyDetails = PGPainless.generateKeyRing().simpleEcKeyRing(
+      ).pgpKeyRing.toPgpKeyRingDetails()
+    val defaultCcPgpKeyDetails = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
       DEFAULT_CC_RECIPIENT,
       TestConstants.DEFAULT_PASSWORD
-    ).toPgpKeyRingDetails()
-    val defaultBccPgpKeyDetails = PGPainless.generateKeyRing().simpleEcKeyRing(
+      ).pgpKeyRing.toPgpKeyRingDetails()
+    val defaultBccPgpKeyDetails = PGPainless.getInstance().generateKey()
+      .simpleEcKeyRing(
       DEFAULT_BCC_RECIPIENT,
       TestConstants.DEFAULT_PASSWORD
-    ).toPgpKeyRingDetails()
+      ).pgpKeyRing.toPgpKeyRingDetails()
 
     val secretKeyRingProtector = SecretKeyRingProtector.unlockAnyKeyWith(
       Passphrase.fromPassword(TestConstants.DEFAULT_PASSWORD)
@@ -1836,4 +1841,4 @@ abstract class BaseGmailApiTest(val accountEntity: AccountEntity = BASE_ACCOUNT_
       ), useAPI = true, useCustomerFesUrl = true
     )
   }
-}
+}
@@ -59,7 +59,7 @@ abstract class BasePublicKeyDetailsTest : BaseTest(), AddAccountToDatabaseRuleIn
       )
 
     val bitStrength =
-      if (keyRingInfo.publicKey.bitStrength != -1) keyRingInfo.publicKey.bitStrength else null
+      if (keyRingInfo.primaryKey.pgpPublicKey.bitStrength != -1) keyRingInfo.primaryKey.pgpPublicKey.bitStrength else null
     val algoWithBits = keyRingInfo.algorithm.name + (bitStrength?.let { "/$it" } ?: "")
 
     onView(withId(R.id.textViewPrimaryKeyAlgorithm))
@@ -251,4 +251,4 @@ abstract class BasePublicKeyDetailsTest : BaseTest(), AddAccountToDatabaseRuleIn
         )
     }
   }
-}
+}
@@ -1,13 +1,19 @@
 /*
  * © 2016-present FlowCrypt a.s. Limitations apply. Contact human@flowcrypt.com
- * Contributors: DenBond7
+ * Contributors: denbond7
  */
 
 package com.flowcrypt.email.ui.fragment.isolation.incontainer
 
 import androidx.test.espresso.Espresso.onView
 import androidx.test.espresso.assertion.ViewAssertions.matches
-import androidx.test.espresso.matcher.ViewMatchers.*
+import androidx.test.espresso.matcher.ViewMatchers.Visibility
+import androidx.test.espresso.matcher.ViewMatchers.hasSibling
+import androidx.test.espresso.matcher.ViewMatchers.isDisplayed
+import androidx.test.espresso.matcher.ViewMatchers.withChild
+import androidx.test.espresso.matcher.ViewMatchers.withEffectiveVisibility
+import androidx.test.espresso.matcher.ViewMatchers.withId
+import androidx.test.espresso.matcher.ViewMatchers.withText
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import androidx.test.filters.MediumTest
 import com.flowcrypt.email.R
@@ -219,9 +225,9 @@ class PrivateKeysListFragmentInIsolationTest : BaseTest() {
       ),
       statusLabelText = getResString(R.string.valid),
       statusLabelIconResId = R.drawable.ic_baseline_gpp_good_16,
-      statusLabelTintColorResId = R.color.colorAccent,
+      statusLabelTintColorResId = R.color.gray,
       usableForEncryption = false,
-      usableForSigning = true
+      usableForSigning = false
     )
   }
 
 
@@ -42,6 +42,7 @@ import org.acra.data.StringFormat
 import org.acra.ktx.initAcra
 import org.acra.sender.HttpSender
 import org.pgpainless.PGPainless
+import org.pgpainless.policy.Policy
 import org.pgpainless.policy.Policy.HashAlgorithmPolicy
 import java.util.Calendar
 import java.util.concurrent.TimeUnit
@@ -84,10 +85,12 @@ class FlowCryptApplication : Application(), Configuration.Provider {
   }
 
   private fun setupPGPainless() {
-    enableDeprecatedSHA1ForPGPainlessPolicy()
-
-    //https://github.com/FlowCrypt/flowcrypt-android/issues/2111
-    PGPainless.getPolicy().enableKeyParameterValidation = true
+    PGPainless.setInstance(
+      PGPainless(algorithmPolicy = generatePGPainlessPolicy().apply {
+        //https://github.com/FlowCrypt/flowcrypt-android/issues/2111
+        PGPainless.getInstance().algorithmPolicy.enableKeyParameterValidation = true
+      })
+    )
   }
 
   private fun setupGlobalSettingsForJavaMail() {
@@ -106,21 +109,20 @@ class FlowCryptApplication : Application(), Configuration.Provider {
    * More details here https://github.com/FlowCrypt/flowcrypt-android/issues/1478 and here
    * https://github.com/pgpainless/pgpainless/issues/158
    */
-  private fun enableDeprecatedSHA1ForPGPainlessPolicy() {
-    @Suppress("KotlinConstantConditions")
-    if (BuildConfig.FLAVOR == Constants.FLAVOR_NAME_ENTERPRISE) {
-      PGPainless.getPolicy().dataSignatureHashAlgorithmPolicy =
-        HashAlgorithmPolicy.static2022SignatureHashAlgorithmPolicy()
-
-      PGPainless.getPolicy().certificationSignatureHashAlgorithmPolicy =
-        HashAlgorithmPolicy.static2022SignatureHashAlgorithmPolicy()
-    } else {
-      PGPainless.getPolicy().dataSignatureHashAlgorithmPolicy =
-        HashAlgorithmPolicy.static2022RevocationSignatureHashAlgorithmPolicy()
-
-      PGPainless.getPolicy().certificationSignatureHashAlgorithmPolicy =
-        HashAlgorithmPolicy.static2022RevocationSignatureHashAlgorithmPolicy()
-    }
+  @Suppress("KotlinConstantConditions")
+  private fun generatePGPainlessPolicy(): Policy {
+    val isEnterpriseBuild = BuildConfig.FLAVOR == Constants.FLAVOR_NAME_ENTERPRISE
+    val strongPolicySince2022 = HashAlgorithmPolicy.static2022SignatureHashAlgorithmPolicy()
+    val policyBefore2022Standard =
+      HashAlgorithmPolicy.static2022RevocationSignatureHashAlgorithmPolicy()
+    return Policy.Builder(PGPainless.getInstance().algorithmPolicy)
+      .withDataSignatureHashAlgorithmPolicy(
+        if (isEnterpriseBuild) strongPolicySince2022 else policyBefore2022Standard
+      )
+      .withCertificationSignatureHashAlgorithmPolicy(
+        if (isEnterpriseBuild) strongPolicySince2022 else policyBefore2022Standard
+      )
+      .build()
   }
 
   private fun setupKeysStorage() {
@@ -134,6 +136,7 @@ class FlowCryptApplication : Application(), Configuration.Provider {
     }
   }
 
+  @Suppress("KotlinConstantConditions")
   private fun initACRA() {
     if (GeneralUtil.isDebugBuild()) {
       val isAcraEnabled = SharedPreferencesHelper.getBoolean(
 
@@ -0,0 +1,18 @@
+/*
+ * © 2016-present FlowCrypt a.s. Limitations apply. Contact human@flowcrypt.com
+ * Contributors: denbond7
+ */
+
+package com.flowcrypt.email.extensions.org.bouncycastle.openpgp
+
+import com.flowcrypt.email.security.SecurityUtils
+import org.bouncycastle.openpgp.api.OpenPGPCertificate
+import org.pgpainless.bouncycastle.extensions.encode
+import java.io.IOException
+
+/**
+ * @author Denys Bondarenko
+ */
+@Throws(IOException::class)
+fun OpenPGPCertificate.armor(hideArmorMeta: Boolean = false): String =
+  SecurityUtils.armor(hideArmorMeta) { this.encode(it) }
@@ -39,7 +39,8 @@ import java.time.Instant
 @WorkerThread
 fun PGPKeyRing.toPgpKeyRingDetails(hideArmorMeta: Boolean = false): PgpKeyRingDetails {
   if (containsHashAlgorithmWithSHA1()) {
-    val sigHashAlgoPolicy = PGPainless.getPolicy().certificationSignatureHashAlgorithmPolicy
+    val sigHashAlgoPolicy =
+      PGPainless.getInstance().algorithmPolicy.certificationSignatureHashAlgorithmPolicy
     if (!sigHashAlgoPolicy.isAcceptable(HashAlgorithm.SHA1)) {
       throw PGPException("Unsupported signature(HashAlgorithm = SHA1)")
     }
@@ -50,7 +51,11 @@ fun PGPKeyRing.toPgpKeyRingDetails(hideArmorMeta: Boolean = false): PgpKeyRingDe
   val algo = Algo(
     algorithm = keyRingInfo.algorithm.name,
     algorithmId = keyRingInfo.algorithm.algorithmId,
-    bits = if (keyRingInfo.publicKey.bitStrength != -1) keyRingInfo.publicKey.bitStrength else 0,
+    bits = if (keyRingInfo.primaryKey.pgpPublicKey.bitStrength != -1) {
+      keyRingInfo.primaryKey.pgpPublicKey.bitStrength
+    } else {
+      0
+    },
     curve = runCatching { publicKey.getCurveName() }.getOrNull()
   )
 
@@ -85,11 +90,13 @@ fun PGPKeyRing.toPgpKeyRingDetails(hideArmorMeta: Boolean = false): PgpKeyRingDe
     lastModified = keyRingInfo.lastModified.time,
     expiration = keyRingInfo.primaryKeyExpirationDate?.time,
     algo = algo,
-    primaryKeyId = keyRingInfo.keyId,
+    primaryKeyId = keyRingInfo.keyIdentifier.keyId,
     possibilities = mutableSetOf<Int>().apply {
       addAll(
-        keyRingInfo.publicKeys.flatMap { keyRingInfo.getKeyFlagsOf(it.keyID) }.toSet()
-          .map { it.flag })
+        keyRingInfo.publicKeys.flatMap { openPGPComponentKey ->
+          keyRingInfo.getKeyFlagsOf(openPGPComponentKey.keyIdentifier)
+        }.toSet().map { it.flag }
+      )
     }
   )
 }
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ class WkdClientTest {`
`53`	`53`	`genLookupUrlPath(EXISTING_EMAIL) -> {`
`54`	`54`	`return MockResponse().setResponseCode(HttpURLConnection.HTTP_OK)`
`55`	`55`	`.setBody(`
`56`		`- PGPainless.generateKeyRing().simpleEcKeyRing(EXISTING_EMAIL).publicKey.armor()`
	`56`	`+ PGPainless.getInstance().generateKey().simpleEcKeyRing(EXISTING_EMAIL).armor()`
`57`	`57`	`)`
`58`	`58`	`}`
`59`	`59`
Original file line number	Diff line number	Diff line change
`@@ -59,7 +59,7 @@ abstract class BasePublicKeyDetailsTest : BaseTest(), AddAccountToDatabaseRuleIn`
`59`	`59`	`)`
`60`	`60`
`61`	`61`	`val bitStrength =`
`62`		`- if (keyRingInfo.publicKey.bitStrength != -1) keyRingInfo.publicKey.bitStrength else null`
	`62`	`+ if (keyRingInfo.primaryKey.pgpPublicKey.bitStrength != -1) keyRingInfo.primaryKey.pgpPublicKey.bitStrength else null`
`63`	`63`	`val algoWithBits = keyRingInfo.algorithm.name + (bitStrength?.let { "/$it" } ?: "")`
`64`	`64`
`65`	`65`	`onView(withId(R.id.textViewPrimaryKeyAlgorithm))`
`@@ -251,4 +251,4 @@ abstract class BasePublicKeyDetailsTest : BaseTest(), AddAccountToDatabaseRuleIn`
`251`	`251`	`)`
`252`	`252`	`}`
`253`	`253`	`}`
`254`		`-}`
	`254`	`+}`