1 files changed, 55 insertions, 29 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
index fd3d41f93..4651f12d4 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java
@@ -40,11 +40,10 @@ import org.spongycastle.openpgp.PGPUtil;
 import org.spongycastle.openpgp.jcajce.JcaPGPObjectFactory;
 import org.spongycastle.openpgp.operator.PBEDataDecryptorFactory;
 import org.spongycastle.openpgp.operator.PGPDigestCalculatorProvider;
-import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
+import org.spongycastle.openpgp.operator.jcajce.CachingDataDecryptorFactory;
 import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
 import org.spongycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
 import org.spongycastle.openpgp.operator.jcajce.JcePBEDataDecryptorFactoryBuilder;
-import org.spongycastle.openpgp.operator.jcajce.NfcSyncPublicKeyDataDecryptorFactoryBuilder;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.operations.BaseOperation;
@@ -538,24 +537,33 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
             currentProgress += 2;
             updateProgress(R.string.progress_preparing_streams, currentProgress, 100);
 
-            try {
-                PublicKeyDataDecryptorFactory decryptorFactory
-                        = secretEncryptionKey.getDecryptorFactory(cryptoInput);
-                try {
-                    clear = encryptedDataAsymmetric.getDataStream(decryptorFactory);
-                } catch (PGPKeyValidationException | ArrayIndexOutOfBoundsException e) {
-                    log.add(LogType.MSG_DC_ERROR_CORRUPT_DATA, indent + 1);
-                    return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
-                }
+            CachingDataDecryptorFactory decryptorFactory
+                    = secretEncryptionKey.getCachingDecryptorFactory(cryptoInput);
+
+            // special case: if the decryptor does not have a session key cached for this encrypted
+            // data, and can't actually decrypt on its own, return a pending intent
+            if (!decryptorFactory.canDecrypt()
+                    && !decryptorFactory.hasCachedSessionData(encryptedDataAsymmetric)) {
 
-                symmetricEncryptionAlgo = encryptedDataAsymmetric.getSymmetricAlgorithm(decryptorFactory);
-            } catch (NfcSyncPublicKeyDataDecryptorFactoryBuilder.NfcInteractionNeeded e) {
                 log.add(LogType.MSG_DC_PENDING_NFC, indent + 1);
                 return new DecryptVerifyResult(log, RequiredInputParcel.createNfcDecryptOperation(
                         secretEncryptionKey.getRing().getMasterKeyId(),
-                        secretEncryptionKey.getKeyId(), e.encryptedSessionKey
+                        secretEncryptionKey.getKeyId(), encryptedDataAsymmetric.getSessionKey()[0]
                 ));
+
             }
+
+            try {
+                clear = encryptedDataAsymmetric.getDataStream(decryptorFactory);
+            } catch (PGPKeyValidationException | ArrayIndexOutOfBoundsException e) {
+                log.add(LogType.MSG_DC_ERROR_CORRUPT_DATA, indent + 1);
+                return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
+            }
+
+            symmetricEncryptionAlgo = encryptedDataAsymmetric.getSymmetricAlgorithm(decryptorFactory);
+
+            cryptoInput.addCryptoData(decryptorFactory.getCachedSessionKeys());
+
             encryptedData = encryptedDataAsymmetric;
         } else {
             // there wasn't even any useful data
@@ -662,9 +670,6 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
 
             PGPLiteralData literalData = (PGPLiteralData) dataChunk;
 
-            // reported size may be null if partial packets are involved (highly unlikely though)
-            Long originalSize = literalData.getDataLengthIfAvailable();
-
             String originalFilename = literalData.getFileName();
             String mimeType = null;
             if (literalData.getFormat() == PGPLiteralData.TEXT
@@ -687,12 +692,6 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
                 }
             }
 
-            metadata = new OpenPgpMetadata(
-                    originalFilename,
-                    mimeType,
-                    literalData.getModificationTime().getTime(),
-                    originalSize == null ? 0 : originalSize);
-
             if (!"".equals(originalFilename)) {
                 log.add(LogType.MSG_DC_CLEAR_META_FILE, indent + 1, originalFilename);
             }
@@ -700,15 +699,26 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
                     mimeType);
             log.add(LogType.MSG_DC_CLEAR_META_TIME, indent + 1,
                     new Date(literalData.getModificationTime().getTime()).toString());
-            if (originalSize != null) {
-                log.add(LogType.MSG_DC_CLEAR_META_SIZE, indent + 1,
-                        Long.toString(originalSize));
-            } else {
-                log.add(LogType.MSG_DC_CLEAR_META_SIZE_UNKNOWN, indent + 1);
-            }
 
             // return here if we want to decrypt the metadata only
             if (input.isDecryptMetadataOnly()) {
+
+                // this operation skips the entire stream to find the data length!
+                Long originalSize = literalData.findDataLength();
+
+                if (originalSize != null) {
+                    log.add(LogType.MSG_DC_CLEAR_META_SIZE, indent + 1,
+                            Long.toString(originalSize));
+                } else {
+                    log.add(LogType.MSG_DC_CLEAR_META_SIZE_UNKNOWN, indent + 1);
+                }
+
+                metadata = new OpenPgpMetadata(
+                        originalFilename,
+                        mimeType,
+                        literalData.getModificationTime().getTime(),
+                        originalSize == null ? 0 : originalSize);
+
                 log.add(LogType.MSG_DC_OK_META_ONLY, indent);
                 DecryptVerifyResult result =
                         new DecryptVerifyResult(DecryptVerifyResult.RESULT_OK, log);
@@ -757,6 +767,21 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
                 // TODO: slow annealing to fake a progress?
             }
 
+            // after going through the stream, size should be available
+            Long originalSize = literalData.getDataLengthIfAvailable();
+            if (originalSize != null) {
+                log.add(LogType.MSG_DC_CLEAR_META_SIZE, indent + 1,
+                        Long.toString(originalSize));
+            } else {
+                log.add(LogType.MSG_DC_CLEAR_META_SIZE_UNKNOWN, indent + 1);
+            }
+
+            metadata = new OpenPgpMetadata(
+                    originalFilename,
+                    mimeType,
+                    literalData.getModificationTime().getTime(),
+                    originalSize == null ? 0 : originalSize);
+
             if (signature != null) {
                 updateProgress(R.string.progress_verifying_signature, 90, 100);
                 log.add(LogType.MSG_DC_CLEAR_SIGNATURE_CHECK, indent);
@@ -818,6 +843,7 @@ public class PgpDecryptVerify extends BaseOperation<PgpDecryptVerifyInputParcel>
         // Return a positive result, with metadata and verification info
         DecryptVerifyResult result =
                 new DecryptVerifyResult(DecryptVerifyResult.RESULT_OK, log);
+        result.setCachedCryptoInputParcel(cryptoInput);
         result.setDecryptMetadata(metadata);
         result.setSignatureResult(signatureResultBuilder.build());
         result.setCharset(charset);