New Passphrase class for safer passphrase handling in memory

author: Dominik Schürmann <dominik@dominikschuermann.de> 2015-03-19 03:03:46 +0100
committer: Dominik Schürmann <dominik@dominikschuermann.de> 2015-03-19 03:03:46 +0100
commit: 9c9f95c7acb92aad1f02e65271610fb3dca6c0dd (patch)
tree: 75660812ee2e08ad0f8761e87168228ca2cadea7 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp
parent: dbcb7a9e10ec4418337e0dce1b4227cbc3b7bd4a (diff)
download: open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.tar.gz
open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.tar.bz2
open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.zip
7 files changed, 39 insertions, 31 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
index ab91d7747..6ce77394c 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedSecretKey.java
@@ -41,6 +41,7 @@ import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.pgp.exception.PgpKeyNotFoundException;
 import org.sufficientlysecure.keychain.util.Log;
+import org.sufficientlysecure.keychain.util.Passphrase;
 
 import java.util.ArrayList;
 import java.util.Date;
@@ -149,7 +150,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
     /**
      * Returns true on right passphrase
      */
-    public boolean unlock(String passphrase) throws PgpGeneralException {
+    public boolean unlock(Passphrase passphrase) throws PgpGeneralException {
         // handle keys on OpenPGP cards like they were unlocked
         if (mSecretKey.getS2K() != null
                 && mSecretKey.getS2K().getType() == S2K.GNU_DUMMY_S2K
@@ -161,7 +162,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
         // try to extract keys using the passphrase
         try {
             PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
-                    Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
+                    Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
             mPrivateKey = mSecretKey.extractPrivateKey(keyDecryptor);
             mPrivateKeyState = PRIVATE_KEY_STATE_UNLOCKED;
         } catch (PGPException e) {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java
index 0066bd23e..88ccccc6a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java
@@ -18,14 +18,16 @@
 
 package org.sufficientlysecure.keychain.pgp;
 
+import org.sufficientlysecure.keychain.util.Passphrase;
+
 public interface PassphraseCacheInterface {
     public static class NoSecretKeyException extends Exception {
         public NoSecretKeyException() {
         }
     }
 
-    public String getCachedPassphrase(long subKeyId) throws NoSecretKeyException;
+    public Passphrase getCachedPassphrase(long subKeyId) throws NoSecretKeyException;
 
-    public String getCachedPassphrase(long masterKeyId, long subKeyId) throws NoSecretKeyException;
+    public Passphrase getCachedPassphrase(long masterKeyId, long subKeyId) throws NoSecretKeyException;
 
 }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index 14bc56538..364a1067d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -60,6 +60,7 @@ import org.sufficientlysecure.keychain.provider.ProviderHelper;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.InputData;
 import org.sufficientlysecure.keychain.util.Log;
+import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
 
 import java.io.BufferedInputStream;
@@ -83,7 +84,7 @@ public class PgpDecryptVerify extends BaseOperation {
     private OutputStream mOutStream;
 
     private boolean mAllowSymmetricDecryption;
-    private String mPassphrase;
+    private Passphrase mPassphrase;
     private Set<Long> mAllowedKeyIds;
     private boolean mDecryptMetadataOnly;
     private byte[] mDecryptedSessionKey;
@@ -118,7 +119,7 @@ public class PgpDecryptVerify extends BaseOperation {
         private OutputStream mOutStream = null;
         private Progressable mProgressable = null;
         private boolean mAllowSymmetricDecryption = true;
-        private String mPassphrase = null;
+        private Passphrase mPassphrase = null;
         private Set<Long> mAllowedKeyIds = null;
         private boolean mDecryptMetadataOnly = false;
         private byte[] mDecryptedSessionKey = null;
@@ -159,7 +160,7 @@ public class PgpDecryptVerify extends BaseOperation {
             return this;
         }
 
-        public Builder setPassphrase(String passphrase) {
+        public Builder setPassphrase(Passphrase passphrase) {
             mPassphrase = passphrase;
             return this;
         }
@@ -572,7 +573,7 @@ public class PgpDecryptVerify extends BaseOperation {
                     .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build();
             PBEDataDecryptorFactory decryptorFactory = new JcePBEDataDecryptorFactoryBuilder(
                     digestCalcProvider).setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
-                    mPassphrase.toCharArray());
+                    mPassphrase.getCharArray());
 
             clear = encryptedDataSymmetric.getDataStream(decryptorFactory);
             encryptedData = encryptedDataSymmetric;
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index 8fb5392e3..b3bf92364 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -57,6 +57,7 @@ import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
 import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
 import org.sufficientlysecure.keychain.util.IterableIterator;
 import org.sufficientlysecure.keychain.util.Log;
+import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.Primes;
 import org.sufficientlysecure.keychain.util.ProgressScaler;
 
@@ -316,7 +317,7 @@ public class PgpKeyOperation {
                     masterSecretKey.getEncoded(), new JcaKeyFingerprintCalculator());
 
             subProgressPush(50, 100);
-            return internal(sKR, masterSecretKey, add.mFlags, add.mExpiry, saveParcel, "", log);
+            return internal(sKR, masterSecretKey, add.mFlags, add.mExpiry, saveParcel, new Passphrase(), log);
 
         } catch (PGPException e) {
             log.add(LogType.MSG_CR_ERROR_INTERNAL_PGP, indent);
@@ -348,7 +349,7 @@ public class PgpKeyOperation {
      *
      */
     public PgpEditKeyResult modifySecretKeyRing(CanonicalizedSecretKeyRing wsKR, SaveKeyringParcel saveParcel,
-                                               String passphrase) {
+                                                Passphrase passphrase) {
 
         OperationLog log = new OperationLog();
         int indent = 0;
@@ -404,7 +405,7 @@ public class PgpKeyOperation {
 
     private PgpEditKeyResult internal(PGPSecretKeyRing sKR, PGPSecretKey masterSecretKey,
                                      int masterKeyFlags, long masterKeyExpiry,
-                                     SaveKeyringParcel saveParcel, String passphrase,
+                                     SaveKeyringParcel saveParcel, Passphrase passphrase,
                                      OperationLog log) {
 
         int indent = 1;
@@ -420,7 +421,7 @@ public class PgpKeyOperation {
         {
             try {
                 PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
-                        Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
+                        Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
                 masterPrivateKey = masterSecretKey.extractPrivateKey(keyDecryptor);
             } catch (PGPException e) {
                 log.add(LogType.MSG_MF_UNLOCK_ERROR, indent + 1);
@@ -839,7 +840,7 @@ public class PgpKeyOperation {
                     PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
                             PgpConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
                             PgpConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
-                            .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
+                            .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
 
                     PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
                             .build().get(PgpConstants.SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO);
@@ -967,7 +968,7 @@ public class PgpKeyOperation {
             PGPSecretKeyRing sKR,
             PGPPublicKey masterPublicKey,
             PGPPrivateKey masterPrivateKey,
-            String passphrase,
+            Passphrase passphrase,
             ChangeUnlockParcel newUnlock,
             OperationLog log, int indent) throws PGPException {
 
@@ -1051,20 +1052,20 @@ public class PgpKeyOperation {
     private static PGPSecretKeyRing applyNewPassphrase(
             PGPSecretKeyRing sKR,
             PGPPublicKey masterPublicKey,
-            String passphrase,
-            String newPassphrase,
+            Passphrase passphrase,
+            Passphrase newPassphrase,
             OperationLog log, int indent) throws PGPException {
 
         PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder().build()
                 .get(PgpConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
         PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
-                Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.toCharArray());
+                Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
         // Build key encryptor based on new passphrase
         PBESecretKeyEncryptor keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
                 PgpConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
                 PgpConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
-                        newPassphrase.toCharArray());
+                        newPassphrase.getCharArray());
 
         // noinspection unchecked
         for (PGPSecretKey sKey : new IterableIterator<PGPSecretKey>(sKR.getSecretKeys())) {
@@ -1295,11 +1296,11 @@ public class PgpKeyOperation {
 
     private static PGPSignature generateSubkeyBindingSignature(
             PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey,
-            PGPSecretKey sKey, PGPPublicKey pKey, int flags, long expiry, String passphrase)
+            PGPSecretKey sKey, PGPPublicKey pKey, int flags, long expiry, Passphrase passphrase)
             throws IOException, PGPException, SignatureException {
         PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder()
                 .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
-                        passphrase.toCharArray());
+                        passphrase.getCharArray());
         PGPPrivateKey subPrivateKey = sKey.extractPrivateKey(keyDecryptor);
         return generateSubkeyBindingSignature(masterPublicKey, masterPrivateKey, subPrivateKey,
                 pKey, flags, expiry);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptInput.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptInput.java
index 2dec4b9c2..4a920685a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptInput.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptInput.java
@@ -20,6 +20,7 @@ package org.sufficientlysecure.keychain.pgp;
 
 import org.spongycastle.bcpg.CompressionAlgorithmTags;
 import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.util.Passphrase;
 
 import java.util.Date;
 
@@ -29,12 +30,12 @@ public class PgpSignEncryptInput {
     protected boolean mEnableAsciiArmorOutput = false;
     protected int mCompressionId = CompressionAlgorithmTags.UNCOMPRESSED;
     protected long[] mEncryptionMasterKeyIds = null;
-    protected String mSymmetricPassphrase = null;
+    protected Passphrase mSymmetricPassphrase = null;
     protected int mSymmetricEncryptionAlgorithm = PgpConstants.OpenKeychainSymmetricKeyAlgorithmTags.USE_PREFERRED;
     protected long mSignatureMasterKeyId = Constants.key.none;
     protected Long mSignatureSubKeyId = null;
     protected int mSignatureHashAlgorithm = PgpConstants.OpenKeychainHashAlgorithmTags.USE_PREFERRED;
-    protected String mSignaturePassphrase = null;
+    protected Passphrase mSignaturePassphrase = null;
     protected long mAdditionalEncryptId = Constants.key.none;
     protected byte[] mNfcSignedHash = null;
     protected Date mNfcCreationTimestamp = null;
@@ -73,11 +74,11 @@ public class PgpSignEncryptInput {
         return this;
     }
 
-    public String getSignaturePassphrase() {
+    public Passphrase getSignaturePassphrase() {
         return mSignaturePassphrase;
     }
 
-    public PgpSignEncryptInput setSignaturePassphrase(String signaturePassphrase) {
+    public PgpSignEncryptInput setSignaturePassphrase(Passphrase signaturePassphrase) {
         mSignaturePassphrase = signaturePassphrase;
         return this;
     }
@@ -118,11 +119,11 @@ public class PgpSignEncryptInput {
         return this;
     }
 
-    public String getSymmetricPassphrase() {
+    public Passphrase getSymmetricPassphrase() {
         return mSymmetricPassphrase;
     }
 
-    public PgpSignEncryptInput setSymmetricPassphrase(String symmetricPassphrase) {
+    public PgpSignEncryptInput setSymmetricPassphrase(Passphrase symmetricPassphrase) {
         mSymmetricPassphrase = symmetricPassphrase;
         return this;
     }
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
index 94e04060d..bd3c31d3a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -243,7 +243,7 @@ public class PgpSignEncryptOperation extends BaseOperation {
                 log.add(LogType.MSG_PSE_SYMMETRIC, indent);
 
                 JcePBEKeyEncryptionMethodGenerator symmetricEncryptionGenerator =
-                        new JcePBEKeyEncryptionMethodGenerator(input.getSymmetricPassphrase().toCharArray());
+                        new JcePBEKeyEncryptionMethodGenerator(input.getSymmetricPassphrase().getCharArray());
                 cPk.addMethod(symmetricEncryptionGenerator);
             } else {
                 log.add(LogType.MSG_PSE_ASYMMETRIC, indent);
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SignEncryptParcel.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SignEncryptParcel.java
index 8e71e8815..975548c95 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SignEncryptParcel.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SignEncryptParcel.java
@@ -22,6 +22,8 @@ import android.net.Uri;
 import android.os.Parcel;
 import android.os.Parcelable;
 
+import org.sufficientlysecure.keychain.util.Passphrase;
+
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -57,12 +59,12 @@ public class SignEncryptParcel extends PgpSignEncryptInput implements Parcelable
         mEnableAsciiArmorOutput  = src.readInt() == 1;
         mCompressionId = src.readInt();
         mEncryptionMasterKeyIds = src.createLongArray();
-        mSymmetricPassphrase = src.readString();
+        mSymmetricPassphrase = src.readParcelable(Passphrase.class.getClassLoader());
         mSymmetricEncryptionAlgorithm = src.readInt();
         mSignatureMasterKeyId = src.readLong();
         mSignatureSubKeyId = src.readInt() == 1 ? src.readLong() : null;
         mSignatureHashAlgorithm = src.readInt();
-        mSignaturePassphrase = src.readString();
+        mSignaturePassphrase = src.readParcelable(Passphrase.class.getClassLoader());
         mAdditionalEncryptId = src.readLong();
         mNfcSignedHash = src.createByteArray();
         mNfcCreationTimestamp = src.readInt() == 1 ? new Date(src.readLong()) : null;
@@ -112,7 +114,7 @@ public class SignEncryptParcel extends PgpSignEncryptInput implements Parcelable
         dest.writeInt(mEnableAsciiArmorOutput ? 1 : 0);
         dest.writeInt(mCompressionId);
         dest.writeLongArray(mEncryptionMasterKeyIds);
-        dest.writeString(mSymmetricPassphrase);
+        dest.writeParcelable(mSymmetricPassphrase, flags);
         dest.writeInt(mSymmetricEncryptionAlgorithm);
         dest.writeLong(mSignatureMasterKeyId);
         if (mSignatureSubKeyId != null) {
@@ -122,7 +124,7 @@ public class SignEncryptParcel extends PgpSignEncryptInput implements Parcelable
             dest.writeInt(0);
         }
         dest.writeInt(mSignatureHashAlgorithm);
-        dest.writeString(mSignaturePassphrase);
+        dest.writeParcelable(mSignaturePassphrase, flags);
         dest.writeLong(mAdditionalEncryptId);
         dest.writeByteArray(mNfcSignedHash);
         if (mNfcCreationTimestamp != null) {
author	Dominik Schürmann <dominik@dominikschuermann.de>	2015-03-19 03:03:46 +0100
committer	Dominik Schürmann <dominik@dominikschuermann.de>	2015-03-19 03:03:46 +0100
commit	9c9f95c7acb92aad1f02e65271610fb3dca6c0dd (patch)
tree	75660812ee2e08ad0f8761e87168228ca2cadea7 /OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp
parent	dbcb7a9e10ec4418337e0dce1b4227cbc3b7bd4a (diff)
download	open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.tar.gz open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.tar.bz2 open-keychain-9c9f95c7acb92aad1f02e65271610fb3dca6c0dd.zip