cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #2226 from open-keychain/multi-passphrase

Browse Source 
Handle decryption with multiple candidate keys
This commit is contained in:
Vincent Breitmoser
2018-01-12 15:10:25 +01:00
committed by GitHub
parent 4baa08b341 3bfb04f990
commit 510d7aa796
10 changed files with 262 additions and 172 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpDecryptVerifyOperation.java
View File

@@ -78,6 +78,7 @@ import org.sufficientlysecure.keychain.provider.KeyWritableRepository;
import org.sufficientlysecure.keychain.provider.KeychainContract.KeyRings;
import org.sufficientlysecure.keychain.service.input.CryptoInputParcel;
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel;
import org.sufficientlysecure.keychain.service.input.RequiredInputParcel.RequireAnyDecryptPassphraseBuilder;
import org.sufficientlysecure.keychain.ui.util.KeyFormattingUtils;
import org.sufficientlysecure.keychain.util.CharsetVerifier;
import org.sufficientlysecure.keychain.util.FileHelper;
@@ -581,6 +582,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
Iterator<?> it = enc.getEncryptedDataObjects();
RequireAnyDecryptPassphraseBuilder requirePassphraseBuilder = new RequireAnyDecryptPassphraseBuilder();
// go through all objects and find one we can decrypt
while (it.hasNext()) {
Object obj = it.next();
@@ -644,7 +647,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
passphrase = null;
} else if (secretKeyType == SecretKeyType.PASSPHRASE_EMPTY) {
passphrase = new Passphrase("");
} else if (cryptoInput.hasPassphrase()) {
} else if (cryptoInput.hasPassphraseForSubkey(subKeyId)) {
passphrase = cryptoInput.getPassphrase();
} else {
// if no passphrase was explicitly set try to get it from the cache service
@@ -660,9 +663,8 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
// if passphrase was not cached, return here indicating that a passphrase is missing!
if (passphrase == null) {
log.add(LogType.MSG_DC_PENDING_PASSPHRASE, indent + 1);
return result.with(new DecryptVerifyResult(log,
RequiredInputParcel.createRequiredDecryptPassphrase(masterKeyId, subKeyId),
cryptoInput));
requirePassphraseBuilder.add(masterKeyId, subKeyId);
continue;
}
}
@@ -708,7 +710,7 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
// if no passphrase is given, return here
// indicating that a passphrase is missing!
if (!cryptoInput.hasPassphrase()) {
if (!cryptoInput.hasPassphraseForSymmetric()) {
try {
passphrase = getCachedPassphrase(key.symmetric);
@@ -736,6 +738,10 @@ public class PgpDecryptVerifyOperation extends BaseOperation<PgpDecryptVerifyInp
}
}
if (!asymmetricPacketFound && !requirePassphraseBuilder.isEmpty()) {
return result.with(new DecryptVerifyResult(log, requirePassphraseBuilder.build(), cryptoInput));
}
// More data, just acknowledge and ignore.
while (it.hasNext()) {
Object obj = it.next();

4
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
View File

@@ -453,7 +453,7 @@ public class PgpKeyOperation {
}
// Do we require a passphrase? If so, pass it along
if (!isDivertToCard(masterSecretKey) && !cryptoInput.hasPassphrase()) {
if (!isDivertToCard(masterSecretKey) && !cryptoInput.hasPassphraseForSubkey(masterSecretKey.getKeyID())) {
log.add(LogType.MSG_MF_REQUIRE_PASSPHRASE, indent);
return new PgpEditKeyResult(log, RequiredInputParcel.createRequiredSignPassphrase(
masterSecretKey.getKeyID(), masterSecretKey.getKeyID(),
@@ -1276,7 +1276,7 @@ public class PgpKeyOperation {
return new PgpEditKeyResult(PgpEditKeyResult.RESULT_ERROR, log, null);
}
if (!cryptoInput.hasPassphrase()) {
if (!cryptoInput.hasPassphraseForSubkey(nonDummy.getKeyID())) {
log.add(LogType.MSG_MF_REQUIRE_PASSPHRASE, indent);
return new PgpEditKeyResult(log, RequiredInputParcel.createRequiredSignPassphrase(