From d686c55a0a86ef845795fc03a8a5de44b5fe73cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Wed, 17 Sep 2014 13:45:16 +0200 Subject: Work on new result handling (WIP) --- .../keychain/pgp/PassphraseCacheInterface.java | 11 +++++ .../keychain/pgp/PgpDecryptVerify.java | 26 ++++-------- .../keychain/pgp/PgpSignEncrypt.java | 49 ++++++++++++++++------ 3 files changed, 55 insertions(+), 31 deletions(-) create mode 100644 OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java (limited to 'OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp') diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java new file mode 100644 index 000000000..433c4db00 --- /dev/null +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PassphraseCacheInterface.java @@ -0,0 +1,11 @@ +package org.sufficientlysecure.keychain.pgp; + +public interface PassphraseCacheInterface { + public static class NoSecretKeyException extends Exception { + public NoSecretKeyException() { + } + } + + public String getCachedPassphrase(long masterKeyId) throws NoSecretKeyException; + +} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java index 89e25b2e0..1d8ca1b54 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerify.java @@ -72,7 +72,7 @@ import java.util.Set; */ public class PgpDecryptVerify { private ProviderHelper mProviderHelper; - private PassphraseCache mPassphraseCache; + private PassphraseCacheInterface mPassphraseCache; private InputData mData; private OutputStream mOutStream; @@ -101,7 +101,7 @@ public class PgpDecryptVerify { public static class Builder { // mandatory parameter private ProviderHelper mProviderHelper; - private PassphraseCache mPassphraseCache; + private PassphraseCacheInterface mPassphraseCache; private InputData mData; private OutputStream mOutStream; @@ -113,12 +113,12 @@ public class PgpDecryptVerify { private boolean mDecryptMetadataOnly = false; private byte[] mDecryptedSessionKey = null; - public Builder(ProviderHelper providerHelper, PassphraseCache passphraseCache, + public Builder(ProviderHelper providerHelper, PassphraseCacheInterface passphraseCache, InputData data, OutputStream outStream) { - this.mProviderHelper = providerHelper; - this.mPassphraseCache = passphraseCache; - this.mData = data; - this.mOutStream = outStream; + mProviderHelper = providerHelper; + mPassphraseCache = passphraseCache; + mData = data; + mOutStream = outStream; } public Builder setProgressable(Progressable progressable) { @@ -176,16 +176,6 @@ public class PgpDecryptVerify { } } - public interface PassphraseCache { - public String getCachedPassphrase(long masterKeyId) - throws NoSecretKeyException; - } - - public static class NoSecretKeyException extends Exception { - public NoSecretKeyException() { - } - } - /** * Decrypts and/or verifies data based on parameters of class */ @@ -322,7 +312,7 @@ public class PgpDecryptVerify { // returns "" if key has no passphrase mPassphrase = mPassphraseCache.getCachedPassphrase(subKeyId); log.add(LogType.MSG_DC_PASS_CACHED, indent +1); - } catch (NoSecretKeyException e) { + } catch (PassphraseCacheInterface.NoSecretKeyException e) { log.add(LogType.MSG_DC_ERROR_NO_KEY, indent +1); return new DecryptVerifyResult(DecryptVerifyResult.RESULT_ERROR, log); } diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java index e06335104..25840495e 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncrypt.java @@ -59,6 +59,7 @@ import java.util.LinkedList; */ public class PgpSignEncrypt { private ProviderHelper mProviderHelper; + private PassphraseCacheInterface mPassphraseCache; private String mVersionHeader; private InputData mData; private OutputStream mOutStream; @@ -93,6 +94,7 @@ public class PgpSignEncrypt { private PgpSignEncrypt(Builder builder) { // private Constructor can only be called from Builder this.mProviderHelper = builder.mProviderHelper; + this.mPassphraseCache = builder.mPassphraseCache; this.mVersionHeader = builder.mVersionHeader; this.mData = builder.mData; this.mOutStream = builder.mOutStream; @@ -117,6 +119,7 @@ public class PgpSignEncrypt { public static class Builder { // mandatory parameter private ProviderHelper mProviderHelper; + private PassphraseCacheInterface mPassphraseCache; private InputData mData; private OutputStream mOutStream; @@ -138,8 +141,10 @@ public class PgpSignEncrypt { private byte[] mNfcSignedHash = null; private Date mNfcCreationTimestamp = null; - public Builder(ProviderHelper providerHelper, InputData data, OutputStream outStream) { + public Builder(ProviderHelper providerHelper, PassphraseCacheInterface passphraseCache, + InputData data, OutputStream outStream) { mProviderHelper = providerHelper; + mPassphraseCache = passphraseCache; mData = data; mOutStream = outStream; } @@ -290,20 +295,15 @@ public class PgpSignEncrypt { /* Get keys for signature generation for later usage */ CanonicalizedSecretKey signingKey = null; + long signKeyId; if (enableSignature) { - // If we weren't handed a passphrase, throw early - if (mSignaturePassphrase == null) { - log.add(LogType.MSG_SE_ERROR_NO_PASSPHRASE, indent); - return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log); - } - try { // fetch the indicated master key id (the one whose name we sign in) CanonicalizedSecretKeyRing signingKeyRing = mProviderHelper.getCanonicalizedSecretKeyRing(mSignatureMasterKeyId); // fetch the specific subkey to sign with, or just use the master key if none specified - long signKeyId = mSignatureSubKeyId != null ? mSignatureSubKeyId : mSignatureMasterKeyId; + signKeyId = mSignatureSubKeyId != null ? mSignatureSubKeyId : mSignatureMasterKeyId; signingKey = signingKeyRing.getSecretKey(signKeyId); // make sure it's a signing key alright! } catch (ProviderHelper.NotFoundException e) { @@ -317,6 +317,28 @@ public class PgpSignEncrypt { return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log); } + // if no passphrase was explicitly set try to get it from the cache service + if (mSignaturePassphrase == null) { + try { + // returns "" if key has no passphrase + mSignaturePassphrase = mPassphraseCache.getCachedPassphrase(signKeyId); + // TODO +// log.add(LogType.MSG_DC_PASS_CACHED, indent + 1); + } catch (PassphraseCacheInterface.NoSecretKeyException e) { + // TODO +// log.add(LogType.MSG_DC_ERROR_NO_KEY, indent + 1); + return new SignEncryptResult(SignEncryptResult.RESULT_ERROR, log); + } + + // if passphrase was not cached, return here indicating that a passphrase is missing! + if (mSignaturePassphrase == null) { + log.add(LogType.MSG_SE_PENDING_PASSPHRASE, indent + 1); + SignEncryptResult result = new SignEncryptResult(SignEncryptResult.RESULT_PENDING_PASSPHRASE, log); + result.setKeyIdPassphraseNeeded(signKeyId); + return result; + } + } + updateProgress(R.string.progress_extracting_signature_key, 0, 100); try { @@ -369,10 +391,10 @@ public class PgpSignEncrypt { log.add(LogType.MSG_SE_KEY_OK, indent + 1, PgpKeyHelper.convertKeyIdToHex(id)); } catch (PgpGeneralException e) { - log.add(LogType.MSG_SE_KEY_WARN, indent +1, + log.add(LogType.MSG_SE_KEY_WARN, indent + 1, PgpKeyHelper.convertKeyIdToHex(id)); } catch (ProviderHelper.NotFoundException e) { - log.add(LogType.MSG_SE_KEY_UNKNOWN, indent +1, + log.add(LogType.MSG_SE_KEY_UNKNOWN, indent + 1, PgpKeyHelper.convertKeyIdToHex(id)); } } @@ -407,9 +429,10 @@ public class PgpSignEncrypt { /* actual encryption */ updateProgress(R.string.progress_encrypting, 8, 100); log.add(enableSignature - ? LogType.MSG_SE_SIGCRYPTING - : LogType.MSG_SE_ENCRYPTING, - indent); + ? LogType.MSG_SE_SIGCRYPTING + : LogType.MSG_SE_ENCRYPTING, + indent + ); indent += 1; encryptionOut = cPk.open(out, new byte[1 << 16]); -- cgit v1.2.3