fix: check if passphrase is necessary before asking for it

Updates #2836
author: Harsh Shandilya <me@msfjarvis.dev> 2023-12-25 15:36:01 +0530
committer: Harsh Shandilya <me@msfjarvis.dev> 2023-12-25 15:36:01 +0530
commit: d8f76b33e9ea74eb567a115dd63559f6b27b2fce (patch)
tree: 7a54e2d061100edf374204125add9cf3345e296e
parent: 4c09adbe36889b6f4ec784861cbd59c569ed43c7 (diff)
5 files changed, 33 insertions, 1 deletions
diff --git a/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt b/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt
index 0ce4b3e3..be3f8da3 100644
--- a/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt
+++ b/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt
@@ -45,6 +45,10 @@ constructor(
     out: ByteArrayOutputStream,
   ) = withContext(dispatcherProvider.io()) { decryptPgp(password, identities, message, out) }
 
+  fun isPasswordProtected(message: ByteArrayInputStream): Boolean {
+    return pgpCryptoHandler.isPassphraseProtected(message)
+  }
+
   suspend fun encrypt(
     identities: List<PGPIdentifier>,
     content: ByteArrayInputStream,
diff --git a/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt b/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt
index 9fb20af2..56ac1fc0 100644
--- a/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt
+++ b/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt
@@ -177,7 +177,7 @@ class DecryptActivity : BasePGPActivity() {
     }
   }
 
-  private fun askPassphrase(
+  private suspend fun askPassphrase(
     isError: Boolean,
     gpgIdentifiers: List<PGPIdentifier>,
     authResult: Result,
@@ -187,6 +187,14 @@ class DecryptActivity : BasePGPActivity() {
     } else {
       finish()
     }
+    if (
+      !repository.isPasswordProtected(
+        withContext(dispatcherProvider.io()) { File(fullPath).readBytes().inputStream() }
+      )
+    ) {
+      decryptWithPassphrase(password = "", gpgIdentifiers = gpgIdentifiers)
+      return
+    }
     val dialog = PasswordDialog()
     if (isError) {
       dialog.setError()
diff --git a/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt b/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt
index 898cf058..20a4d1d9 100644
--- a/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt
+++ b/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt
@@ -41,4 +41,10 @@ public interface CryptoHandler<Key, EncOpts : CryptoOptions, DecryptOpts : Crypt
 
   /** Given a [fileName], return whether this instance can handle it. */
   public fun canHandle(fileName: String): Boolean
+
+  /**
+   * Inspects the given encrypted [message] to notify user if a passphrase is necessary to decrypt
+   * it.
+   */
+  public fun isPassphraseProtected(message: InputStream): Boolean
 }
diff --git a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
index 8aa11803..41a797b6 100644
--- a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
+++ b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPKeyManager.kt
@@ -139,6 +139,14 @@ constructor(
   /** @see KeyManager.getKeyById */
   override suspend fun getKeyId(key: PGPKey): PGPIdentifier? = tryGetId(key)
 
+  public suspend fun isPasswordProtected(key: PGPKey): Boolean {
+    val keyring = tryParseKeyring(key)
+    if (keyring is PGPSecretKeyRing) {
+      keyring.secretKey.keyEncryptionAlgorithm
+    }
+    return false
+  }
+
   /** Checks if [keyDir] exists and attempts to create it if not. */
   private fun keyDirExists(): Boolean {
     return keyDir.exists() || keyDir.mkdirs()
diff --git a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt
index a7087acf..72baa81a 100644
--- a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt
+++ b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt
@@ -22,6 +22,7 @@ import org.bouncycastle.openpgp.PGPSecretKeyRingCollection
 import org.bouncycastle.util.io.Streams
 import org.pgpainless.PGPainless
 import org.pgpainless.decryption_verification.ConsumerOptions
+import org.pgpainless.decryption_verification.MessageInspector
 import org.pgpainless.encryption_signing.EncryptionOptions
 import org.pgpainless.encryption_signing.ProducerOptions
 import org.pgpainless.exception.WrongPassphraseException
@@ -136,4 +137,9 @@ public class PGPainlessCryptoHandler @Inject constructor() :
   public override fun canHandle(fileName: String): Boolean {
     return fileName.substringAfterLast('.', "") == "gpg"
   }
+
+  public override fun isPassphraseProtected(message: InputStream): Boolean {
+    val info = MessageInspector.determineEncryptionInfoForMessage(message)
+    return info.isPassphraseEncrypted
+  }
 }
author	Harsh Shandilya <me@msfjarvis.dev>	2023-12-25 15:36:01 +0530
committer	Harsh Shandilya <me@msfjarvis.dev>	2023-12-25 15:36:01 +0530
commit	d8f76b33e9ea74eb567a115dd63559f6b27b2fce (patch)
tree	7a54e2d061100edf374204125add9cf3345e296e
parent	4c09adbe36889b6f4ec784861cbd59c569ed43c7 (diff)