crypto-pgpainless: prepare for error handling (#1877)

6 files changed, 98 insertions, 44 deletions

diff --git a/app/src/main/java/dev/msfjarvis/aps/data/crypto/CryptoRepository.kt b/app/src/main/java/dev/msfjarvis/aps/data/crypto/CryptoRepository.kt
index 2923b117..0e262e7a 100644
--- a/app/src/main/java/dev/msfjarvis/aps/data/crypto/CryptoRepository.kt
+++ b/app/src/main/java/dev/msfjarvis/aps/data/crypto/CryptoRepository.kt
@@ -5,7 +5,6 @@
 
 package dev.msfjarvis.aps.data.crypto
 
-import com.github.michaelbull.result.runCatching
 import com.github.michaelbull.result.unwrap
 import dev.msfjarvis.aps.crypto.PGPKeyManager
 import dev.msfjarvis.aps.crypto.PGPainlessCryptoHandler
@@ -42,9 +41,7 @@ constructor(
   ) {
     val keys = pgpKeyManager.getAllKeys().unwrap()
     // Iterates through the keys until the first successful decryption, then returns.
-    keys.firstOrNull { key ->
-      runCatching { pgpCryptoHandler.decrypt(key, password, message, out) }.isOk()
-    }
+    keys.firstOrNull { key -> pgpCryptoHandler.decrypt(key, password, message, out).isOk() }
   }
 
   private suspend fun encryptPgp(content: ByteArrayInputStream, out: ByteArrayOutputStream) {
diff --git a/build-logic/kotlin-plugins/src/main/kotlin/com.github.android-password-store.kotlin-library.gradle.kts b/build-logic/kotlin-plugins/src/main/kotlin/com.github.android-password-store.kotlin-library.gradle.kts
index ecd7f23e..516f5e4f 100644
--- a/build-logic/kotlin-plugins/src/main/kotlin/com.github.android-password-store.kotlin-library.gradle.kts
+++ b/build-logic/kotlin-plugins/src/main/kotlin/com.github.android-password-store.kotlin-library.gradle.kts
@@ -10,10 +10,8 @@ plugins { id("com.github.android-password-store.kotlin-common") }
 
 tasks.withType<KotlinCompile>().configureEach {
   kotlinOptions {
-    if (project.providers.gradleProperty("android.injected.invoked.from.ide").orNull != "true") {
-      if (!name.contains("test", ignoreCase = true)) {
-        freeCompilerArgs = freeCompilerArgs + listOf("-Xexplicit-api=strict")
-      }
+    if (!name.contains("test", ignoreCase = true)) {
+      freeCompilerArgs += listOf("-Xexplicit-api=strict")
     }
   }
 }
diff --git a/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/CryptoHandler.kt b/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/CryptoHandler.kt
index fc4c500d..e8e9f995 100644
--- a/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/CryptoHandler.kt
+++ b/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/CryptoHandler.kt
@@ -5,6 +5,8 @@
 
 package dev.msfjarvis.aps.crypto
 
+import com.github.michaelbull.result.Result
+import dev.msfjarvis.aps.crypto.errors.CryptoHandlerException
 import java.io.InputStream
 import java.io.OutputStream
 
@@ -13,24 +15,27 @@ public interface CryptoHandler<Key> {
 
   /**
    * Decrypt the given [ciphertextStream] using a [privateKey] and [passphrase], and writes the
-   * resultant plaintext to [outputStream].
+   * resultant plaintext to [outputStream]. The returned [Result] should be checked to ensure it is
+   * **not** an instance of [com.github.michaelbull.result.Err] before the contents of
+   * [outputStream] are used.
    */
   public fun decrypt(
     privateKey: Key,
     passphrase: String,
     ciphertextStream: InputStream,
     outputStream: OutputStream,
-  )
+  ): Result<Unit, CryptoHandlerException>
 
   /**
    * Encrypt the given [plaintextStream] to the provided [keys], and writes the encrypted ciphertext
-   * to [outputStream].
+   * to [outputStream]. The returned [Result] should be checked to ensure it is **not** an instance
+   * of [com.github.michaelbull.result.Err] before the contents of [outputStream] are used.
    */
   public fun encrypt(
     keys: List<Key>,
     plaintextStream: InputStream,
     outputStream: OutputStream,
-  )
+  ): Result<Unit, CryptoHandlerException>
 
   /** Given a [fileName], return whether this instance can handle it. */
   public fun canHandle(fileName: String): Boolean
diff --git a/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/errors/CryptoException.kt b/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/errors/CryptoException.kt
index 5e911c35..0fb75691 100644
--- a/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/errors/CryptoException.kt
+++ b/crypto-common/src/main/kotlin/dev/msfjarvis/aps/crypto/errors/CryptoException.kt
@@ -2,7 +2,8 @@ package dev.msfjarvis.aps.crypto.errors
 
 import dev.msfjarvis.aps.crypto.KeyManager
 
-public sealed class CryptoException(message: String? = null) : Exception(message)
+public sealed class CryptoException(message: String? = null, cause: Throwable? = null) :
+  Exception(message, cause)
 
 /** Sealed exception types for [KeyManager]. */
 public sealed class KeyManagerException(message: String? = null) : CryptoException(message)
@@ -28,3 +29,13 @@ public class KeyNotFoundException(keyId: String) :
 /** Attempting to add another key for [keyId] without requesting a replace. */
 public class KeyAlreadyExistsException(keyId: String) :
   KeyManagerException("Pre-existing key was found for $keyId")
+
+/** Sealed exception types for [CryptoHandler]. */
+public sealed class CryptoHandlerException(message: String? = null, cause: Throwable? = null) :
+  CryptoException(message, cause)
+
+/** The passphrase provided for decryption was incorrect. */
+public class IncorrectPassphraseException(cause: Throwable) : CryptoHandlerException(null, cause)
+
+/** An unexpected error that cannot be mapped to a known type. */
+public class UnknownError(cause: Throwable) : CryptoHandlerException(null, cause)
diff --git a/crypto-pgpainless/src/main/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandler.kt b/crypto-pgpainless/src/main/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandler.kt
index 637c8586..416f4bb4 100644
--- a/crypto-pgpainless/src/main/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandler.kt
+++ b/crypto-pgpainless/src/main/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandler.kt
@@ -5,6 +5,12 @@
 
 package dev.msfjarvis.aps.crypto
 
+import com.github.michaelbull.result.Result
+import com.github.michaelbull.result.mapError
+import com.github.michaelbull.result.runCatching
+import dev.msfjarvis.aps.crypto.errors.CryptoHandlerException
+import dev.msfjarvis.aps.crypto.errors.IncorrectPassphraseException
+import dev.msfjarvis.aps.crypto.errors.UnknownError
 import java.io.ByteArrayInputStream
 import java.io.InputStream
 import java.io.OutputStream
@@ -15,6 +21,7 @@ import org.pgpainless.PGPainless
 import org.pgpainless.decryption_verification.ConsumerOptions
 import org.pgpainless.encryption_signing.EncryptionOptions
 import org.pgpainless.encryption_signing.ProducerOptions
+import org.pgpainless.exception.WrongPassphraseException
 import org.pgpainless.key.protection.PasswordBasedSecretKeyRingProtector
 import org.pgpainless.util.Passphrase
 
@@ -25,44 +32,56 @@ public class PGPainlessCryptoHandler @Inject constructor() : CryptoHandler<PGPKe
     passphrase: String,
     ciphertextStream: InputStream,
     outputStream: OutputStream,
-  ) {
-    val pgpSecretKeyRing = PGPainless.readKeyRing().secretKeyRing(privateKey.contents)
-    val keyringCollection = PGPSecretKeyRingCollection(listOf(pgpSecretKeyRing))
-    val protector =
-      PasswordBasedSecretKeyRingProtector.forKey(
-        pgpSecretKeyRing,
-        Passphrase.fromPassword(passphrase)
-      )
-    PGPainless.decryptAndOrVerify()
-      .onInputStream(ciphertextStream)
-      .withOptions(
-        ConsumerOptions()
-          .addDecryptionKeys(keyringCollection, protector)
-          .addDecryptionPassphrase(Passphrase.fromPassword(passphrase))
-      )
-      .use { decryptionStream -> decryptionStream.copyTo(outputStream) }
-  }
+  ): Result<Unit, CryptoHandlerException> =
+    runCatching {
+        val pgpSecretKeyRing = PGPainless.readKeyRing().secretKeyRing(privateKey.contents)
+        val keyringCollection = PGPSecretKeyRingCollection(listOf(pgpSecretKeyRing))
+        val protector =
+          PasswordBasedSecretKeyRingProtector.forKey(
+            pgpSecretKeyRing,
+            Passphrase.fromPassword(passphrase)
+          )
+        PGPainless.decryptAndOrVerify()
+          .onInputStream(ciphertextStream)
+          .withOptions(
+            ConsumerOptions()
+              .addDecryptionKeys(keyringCollection, protector)
+              .addDecryptionPassphrase(Passphrase.fromPassword(passphrase))
+          )
+          .use { decryptionStream -> decryptionStream.copyTo(outputStream) }
+        return@runCatching
+      }
+      .mapError { error ->
+        when (error) {
+          is WrongPassphraseException -> IncorrectPassphraseException(error)
+          else -> UnknownError(error)
+        }
+      }
 
   public override fun encrypt(
     keys: List<PGPKey>,
     plaintextStream: InputStream,
     outputStream: OutputStream,
-  ) {
-    val armoredKeys = keys.map { key -> key.contents.decodeToString() }
-    val pubKeysStream = ByteArrayInputStream(armoredKeys.joinToString("\n").toByteArray())
-    val publicKeyRingCollection =
-      pubKeysStream.use {
-        ArmoredInputStream(it).use { armoredInputStream ->
-          PGPainless.readKeyRing().publicKeyRingCollection(armoredInputStream)
+  ): Result<Unit, CryptoHandlerException> =
+    runCatching {
+        val armoredKeys = keys.map { key -> key.contents.decodeToString() }
+        val pubKeysStream = ByteArrayInputStream(armoredKeys.joinToString("\n").toByteArray())
+        val publicKeyRingCollection =
+          pubKeysStream.use {
+            ArmoredInputStream(it).use { armoredInputStream ->
+              PGPainless.readKeyRing().publicKeyRingCollection(armoredInputStream)
+            }
+          }
+        val encOpt =
+          EncryptionOptions().apply { publicKeyRingCollection.forEach { addRecipient(it) } }
+        val prodOpt = ProducerOptions.encrypt(encOpt).setAsciiArmor(true)
+        PGPainless.encryptAndOrSign().onOutputStream(outputStream).withOptions(prodOpt).use {
+          encryptionStream ->
+          plaintextStream.copyTo(encryptionStream)
         }
+        return@runCatching
       }
-    val encOpt = EncryptionOptions().apply { publicKeyRingCollection.forEach { addRecipient(it) } }
-    val prodOpt = ProducerOptions.encrypt(encOpt).setAsciiArmor(true)
-    PGPainless.encryptAndOrSign().onOutputStream(outputStream).withOptions(prodOpt).use {
-      encryptionStream ->
-      plaintextStream.copyTo(encryptionStream)
-    }
-  }
+      .mapError { error -> UnknownError(error) }
 
   public override fun canHandle(fileName: String): Boolean {
     return fileName.split('.').lastOrNull() == "gpg"
diff --git a/crypto-pgpainless/src/test/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandlerTest.kt b/crypto-pgpainless/src/test/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandlerTest.kt
index 9b4cb664..a9484317 100644
--- a/crypto-pgpainless/src/test/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandlerTest.kt
+++ b/crypto-pgpainless/src/test/kotlin/dev/msfjarvis/aps/crypto/PGPainlessCryptoHandlerTest.kt
@@ -5,10 +5,14 @@
 
 package dev.msfjarvis.aps.crypto
 
+import com.github.michaelbull.result.Err
+import com.github.michaelbull.result.getError
+import dev.msfjarvis.aps.crypto.errors.IncorrectPassphraseException
 import java.io.ByteArrayOutputStream
 import kotlin.test.Test
 import kotlin.test.assertEquals
 import kotlin.test.assertFalse
+import kotlin.test.assertIs
 import kotlin.test.assertTrue
 
 class PGPainlessCryptoHandlerTest {
@@ -36,6 +40,26 @@ class PGPainlessCryptoHandlerTest {
   }
 
   @Test
+  fun decryptWithWrongPassphrase() {
+    val ciphertextStream = ByteArrayOutputStream()
+    cryptoHandler.encrypt(
+      listOf(publicKey),
+      CryptoConstants.PLAIN_TEXT.byteInputStream(Charsets.UTF_8),
+      ciphertextStream,
+    )
+    val plaintextStream = ByteArrayOutputStream()
+    val result =
+      cryptoHandler.decrypt(
+        privateKey,
+        "very incorrect passphrase",
+        ciphertextStream.toByteArray().inputStream(),
+        plaintextStream,
+      )
+    assertIs<Err<Throwable>>(result)
+    assertIs<IncorrectPassphraseException>(result.getError())
+  }
+
+  @Test
   fun canHandleFiltersFormats() {
     assertFalse { cryptoHandler.canHandle("example.com") }
     assertTrue { cryptoHandler.canHandle("example.com.gpg") }