1 files changed, 57 insertions, 4 deletions

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Passphrase.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Passphrase.java
index fe42c7a2c..b49b30d1d 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Passphrase.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/util/Passphrase.java
@@ -1,5 +1,6 @@
 /*
  * Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de>
+ * Copyright (C) 2016 Vincent Breitmoser <look@my.amazin.horse>
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -22,13 +23,23 @@ import android.os.Parcelable;
 import android.text.Editable;
 import android.widget.EditText;
 
+import org.bouncycastle.bcpg.S2K;
 import org.sufficientlysecure.keychain.Constants;
+import org.sufficientlysecure.keychain.pgp.ComparableS2K;
 
 import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map.Entry;
+
 
 /**
- * Passwords should not be stored as Strings in memory.
- * This class wraps a char[] that can be erased after it is no longer used.
+ * This class wraps a char[] array that is overwritten before the object is freed, to avoid
+ * keeping passphrases in memory as much as possible.
+ *
+ * In addition to the raw passphrases, this class can cache the session key output of an applied
+ * S2K algorithm for a given set of S2K parameters. Since S2K operations are very expensive, this
+ * mechanism should be used to cache session keys whenever possible.
+ *
  * See also:
  * <p/>
  * http://docs.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html#PBEEx
@@ -38,6 +49,7 @@ import java.util.Arrays;
  */
 public class Passphrase implements Parcelable {
     private char[] mPassphrase;
+    private HashMap<ComparableS2K, byte[]> mCachedSessionKeys;
 
     /**
      * According to http://stackoverflow.com/a/15844273 EditText is not using String internally
@@ -87,8 +99,24 @@ public class Passphrase implements Parcelable {
         return mPassphrase.length;
     }
 
-    public char charAt(int index) {
-        return mPassphrase[index];
+    /** @return A cached session key, or null if none exists for the given parameters. */
+    public byte[] getCachedSessionKeyForParameters(int keyEncryptionAlgorithm, S2K s2k) {
+        if (mCachedSessionKeys == null) {
+            return null;
+        }
+        return mCachedSessionKeys.get(new ComparableS2K(keyEncryptionAlgorithm, s2k));
+    }
+
+    /** Adds a session key for a set of s2k parameters to this Passphrase object's
+     * cache. The caller should make sure that the supplied session key is the result
+     * of an S2K operation applied to exactly the passphrase stored by this object
+     * with the given parameters.
+     */
+    public void addCachedSessionKeyForParameters(int keyEncryptionAlgorithm, S2K s2k, byte[] sessionKey) {
+        if (mCachedSessionKeys == null) {
+            mCachedSessionKeys = new HashMap<>();
+        }
+        mCachedSessionKeys.put(new ComparableS2K(keyEncryptionAlgorithm, s2k), sessionKey);
     }
 
     /**
@@ -98,6 +126,12 @@ public class Passphrase implements Parcelable {
         if (mPassphrase != null) {
             Arrays.fill(mPassphrase, ' ');
         }
+        if (mCachedSessionKeys == null) {
+            return;
+        }
+        for (byte[] cachedSessionKey : mCachedSessionKeys.values()) {
+            Arrays.fill(cachedSessionKey, (byte) 0);
+        }
     }
 
     @Override
@@ -144,10 +178,29 @@ public class Passphrase implements Parcelable {
 
     private Passphrase(Parcel source) {
         mPassphrase = source.createCharArray();
+        int size = source.readInt();
+        if (size == 0) {
+            return;
+        }
+        mCachedSessionKeys = new HashMap<>(size);
+        for (int i = 0; i < size; i++) {
+            ComparableS2K cachedS2K = source.readParcelable(getClass().getClassLoader());
+            byte[] cachedSessionKey = source.createByteArray();
+            mCachedSessionKeys.put(cachedS2K, cachedSessionKey);
+        }
     }
 
     public void writeToParcel(Parcel dest, int flags) {
         dest.writeCharArray(mPassphrase);
+        if (mCachedSessionKeys == null || mCachedSessionKeys.isEmpty()) {
+            dest.writeInt(0);
+            return;
+        }
+        dest.writeInt(mCachedSessionKeys.size());
+        for (Entry<ComparableS2K,byte[]> entry : mCachedSessionKeys.entrySet()) {
+            dest.writeParcelable(entry.getKey(), 0);
+            dest.writeByteArray(entry.getValue());
+        }
     }
 
     public static final Creator<Passphrase> CREATOR = new Creator<Passphrase>() {