Crypto Provider implementation start

1 files changed, 43 insertions, 1 deletions

diff --git a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/PassphraseCacheService.java b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
index eb1232769..f29514e79 100644
--- a/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
+++ b/OpenPGP-Keychain/src/org/sufficientlysecure/keychain/service/PassphraseCacheService.java
@@ -19,8 +19,12 @@ package org.sufficientlysecure.keychain.service;
 import java.util.Date;
 import java.util.HashMap;
 
+import org.spongycastle.openpgp.PGPException;
+import org.spongycastle.openpgp.PGPPrivateKey;
 import org.spongycastle.openpgp.PGPSecretKey;
 import org.spongycastle.openpgp.PGPSecretKeyRing;
+import org.spongycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.Id;
 import org.sufficientlysecure.keychain.helper.PgpHelper;
@@ -102,7 +106,14 @@ public class PassphraseCacheService extends Service {
         // get cached passphrase
         String cachedPassphrase = mPassphraseCache.get(masterKeyId);
         if (cachedPassphrase == null) {
-            return null;
+            // check if secret key has a passphrase
+            if (!hasPassphrase(context, masterKeyId)) {
+                // cache empty passphrase
+                addCachedPassphrase(context, masterKeyId, "");
+                return "";
+            } else {
+                return null;
+            }
         }
         // set it again to reset the cache life cycle
         Log.d(TAG, "Cache passphrase again when getting it!");
@@ -112,6 +123,37 @@ public class PassphraseCacheService extends Service {
     }
 
     /**
+     * Checks if key has a passphrase.
+     * 
+     * @param secretKeyId
+     * @return true if it has a passphrase
+     */
+    public static boolean hasPassphrase(Context context, long secretKeyId) {
+        // check if the key has no passphrase
+        try {
+            PGPSecretKey secretKey = PgpHelper.getMasterKey(ProviderHelper
+                    .getPGPSecretKeyRingByKeyId(context, secretKeyId));
+
+            Log.d(Constants.TAG, "Check if key has no passphrase...");
+            PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
+                    "SC").build("".toCharArray());
+            PGPPrivateKey testKey = secretKey.extractPrivateKey(keyDecryptor);
+            if (testKey != null) {
+                Log.d(Constants.TAG, "Key has no passphrase! Caches empty passphrase!");
+
+                // cache empty passphrase
+                PassphraseCacheService.addCachedPassphrase(context, secretKey.getKeyID(), "");
+
+                return false;
+            }
+        } catch (PGPException e) {
+            // silently catch
+        }
+
+        return true;
+    }
+
+    /**
      * Register BroadcastReceiver that is unregistered when service is destroyed. This
      * BroadcastReceiver hears on intents with ACTION_PASSPHRASE_CACHE_SERVICE to then timeout
      * specific passphrases in memory.