aboutsummaryrefslogtreecommitdiffstats
path: root/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
diff options
context:
space:
mode:
Diffstat (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java')
-rw-r--r--OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java62
1 files changed, 42 insertions, 20 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
index d85652a51..ea7465209 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
@@ -48,7 +48,7 @@ import org.spongycastle.openpgp.PGPPBEEncryptedData;
import org.spongycastle.openpgp.PGPPublicKeyEncryptedData;
import org.spongycastle.openpgp.PGPSignatureList;
import org.spongycastle.openpgp.PGPUtil;
-import org.spongycastle.openpgp.jcajce.JcaPGPObjectFactory;
+import org.spongycastle.openpgp.jcajce.JcaSkipMarkerPGPObjectFactory;
import org.spongycastle.openpgp.operator.PBEDataDecryptorFactory;
import org.spongycastle.openpgp.operator.PGPDigestCalculatorProvider;
import org.spongycastle.openpgp.operator.jcajce.CachingDataDecryptorFactory;
@@ -87,6 +87,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
InputData inputData;
OutputStream outputStream;
+ long startTime = System.currentTimeMillis();
+
if (input.getInputBytes() != null) {
byte[] inputBytes = input.getInputBytes();
inputData = new InputData(new ByteArrayInputStream(inputBytes), inputBytes.length);
@@ -122,6 +124,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
result.setOutputBytes(outputData);
}
+ result.mOperationTime = System.currentTimeMillis() - startTime;
+ Log.d(Constants.TAG, "total time taken: " + String.format("%.2f", result.mOperationTime / 1000.0) + "s");
return result;
}
@@ -277,11 +281,11 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
OpenPgpDecryptionResultBuilder decryptionResultBuilder = new OpenPgpDecryptionResultBuilder();
- JcaPGPObjectFactory plainFact;
+ JcaSkipMarkerPGPObjectFactory plainFact;
Object dataChunk;
EncryptStreamResult esResult = null;
{ // resolve encrypted (symmetric and asymmetric) packets
- JcaPGPObjectFactory pgpF = new JcaPGPObjectFactory(in);
+ JcaSkipMarkerPGPObjectFactory pgpF = new JcaSkipMarkerPGPObjectFactory(in);
Object obj = pgpF.nextObject();
if (obj instanceof PGPEncryptedDataList) {
@@ -308,7 +312,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
decryptionResultBuilder.setInsecure(true);
}
- plainFact = new JcaPGPObjectFactory(esResult.cleartextStream);
+ plainFact = new JcaSkipMarkerPGPObjectFactory(esResult.cleartextStream);
dataChunk = plainFact.nextObject();
} else {
@@ -333,7 +337,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
PGPCompressedData compressedData = (PGPCompressedData) dataChunk;
- JcaPGPObjectFactory fact = new JcaPGPObjectFactory(compressedData.getDataStream());
+ JcaSkipMarkerPGPObjectFactory fact = new JcaSkipMarkerPGPObjectFactory(compressedData.getDataStream());
dataChunk = fact.nextObject();
plainFact = fact;
}
@@ -425,10 +429,12 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
InputStream dataIn = literalData.getInputStream();
+ long opTime, startTime = System.currentTimeMillis();
+
long alreadyWritten = 0;
long wholeSize = 0; // TODO inputData.getSize() - inputData.getStreamPosition();
int length;
- byte[] buffer = new byte[1 << 16];
+ byte[] buffer = new byte[8192];
byte[] firstBytes = new byte[48];
while ((length = dataIn.read(buffer)) > 0) {
// Log.d(Constants.TAG, "read bytes: " + length);
@@ -456,6 +462,20 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
}
}
+ if (signatureChecker.isInitialized()) {
+
+ Object o = plainFact.nextObject();
+ boolean signatureCheckOk = signatureChecker.verifySignatureOnePass(o, log, indent + 1);
+
+ if (!signatureCheckOk) {
+ return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
+ }
+
+ }
+
+ opTime = System.currentTimeMillis()-startTime;
+ Log.d(Constants.TAG, "decrypt time taken: " + String.format("%.2f", opTime / 1000.0) + "s");
+
// special treatment to detect pgp mime types
if (matchesPrefix(firstBytes, "-----BEGIN PGP PUBLIC KEY BLOCK-----")
|| matchesPrefix(firstBytes, "-----BEGIN PGP PRIVATE KEY BLOCK-----")) {
@@ -470,17 +490,6 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
metadata = new OpenPgpMetadata(
originalFilename, mimeType, literalData.getModificationTime().getTime(), alreadyWritten, charset);
- if (signatureChecker.isInitialized()) {
-
- Object o = plainFact.nextObject();
- boolean signatureCheckOk = signatureChecker.verifySignatureOnePass(o, log, indent + 1);
-
- if (!signatureCheckOk) {
- return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log);
- }
-
- }
-
indent -= 1;
if (esResult != null) {
@@ -513,6 +522,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
result.setSignatureResult(signatureChecker.getSignatureResult());
result.setDecryptionResult(decryptionResultBuilder.build());
result.setDecryptionMetadata(metadata);
+ result.mOperationTime = opTime;
return result;
@@ -581,6 +591,18 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
// get subkey which has been used for this encryption packet
secretEncryptionKey = secretKeyRing.getSecretKey(subKeyId);
+ if (!secretEncryptionKey.canEncrypt()) {
+ secretEncryptionKey = null;
+ log.add(LogType.MSG_DC_ASKIP_BAD_FLAGS, indent + 1);
+ continue;
+ }
+
+ if (!secretEncryptionKey.getSecretKeyType().isUsable()) {
+ secretEncryptionKey = null;
+ log.add(LogType.MSG_DC_ASKIP_UNAVAILABLE, indent + 1);
+ continue;
+ }
+
/* secret key exists in database and is allowed! */
asymmetricPacketFound = true;
@@ -817,7 +839,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
}
updateProgress(R.string.progress_processing_signature, 60, 100);
- JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(aIn);
+ JcaSkipMarkerPGPObjectFactory pgpFact = new JcaSkipMarkerPGPObjectFactory(aIn);
PgpSignatureChecker signatureChecker = new PgpSignatureChecker(mProviderHelper);
@@ -869,12 +891,12 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
InputStream detachedSigIn = new ByteArrayInputStream(input.getDetachedSignature());
detachedSigIn = PGPUtil.getDecoderStream(detachedSigIn);
- JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(detachedSigIn);
+ JcaSkipMarkerPGPObjectFactory pgpFact = new JcaSkipMarkerPGPObjectFactory(detachedSigIn);
Object o = pgpFact.nextObject();
if (o instanceof PGPCompressedData) {
PGPCompressedData c1 = (PGPCompressedData) o;
- pgpFact = new JcaPGPObjectFactory(c1.getDataStream());
+ pgpFact = new JcaSkipMarkerPGPObjectFactory(c1.getDataStream());
o = pgpFact.nextObject();
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 02:10:19 +0000