feat(pgpainless): add detection for passphrase-less messages (#3069)

* WIP: feat(pgpainless): add detection for passphrase-less messages * refactor: test keys instead of the message This makes more logical sense
2024-05-27 20:59:20 +05:30 · 2024-05-27 20:59:20 +05:30 · 0f9540a645
commit 0f9540a645
parent 1877c6ab5a
6 changed files with 51 additions and 2 deletions
--- a/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt
+++ b/app/src/main/java/app/passwordstore/data/crypto/CryptoRepository.kt
@ -45,6 +45,11 @@ constructor(
    out: ByteArrayOutputStream,
  ) = withContext(dispatcherProvider.io()) { decryptPgp(password, identities, message, out) }

+  suspend fun isPasswordProtected(identifiers: List<PGPIdentifier>): Boolean {
+    val keys = identifiers.map { pgpKeyManager.getKeyById(it) }.filterValues()
+    return pgpCryptoHandler.isPassphraseProtected(keys)
+  }
+
  suspend fun encrypt(
    identities: List<PGPIdentifier>,
    content: ByteArrayInputStream,
--- a/app/src/main/java/app/passwordstore/ui/autofill/AutofillDecryptActivity.kt
+++ b/app/src/main/java/app/passwordstore/ui/autofill/AutofillDecryptActivity.kt
@ -131,12 +131,16 @@ class AutofillDecryptActivity : BasePGPActivity() {
    }
  }

-  private fun askPassphrase(
+  private suspend fun askPassphrase(
    filePath: String,
    identifiers: List<PGPIdentifier>,
    clientState: Bundle,
    action: AutofillAction,
  ) {
+    if (!repository.isPasswordProtected(identifiers)) {
+      decryptWithPassphrase(File(filePath), identifiers, clientState, action, password = "")
+      return
+    }
    val dialog = PasswordDialog()
    dialog.show(supportFragmentManager, "PASSWORD_DIALOG")
    dialog.setFragmentResultListener(PasswordDialog.PASSWORD_RESULT_KEY) { key, bundle ->
--- a/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt
+++ b/app/src/main/java/app/passwordstore/ui/crypto/DecryptActivity.kt
@ -179,7 +179,7 @@ class DecryptActivity : BasePGPActivity() {
    }
  }

-  private fun askPassphrase(
+  private suspend fun askPassphrase(
    isError: Boolean,
    gpgIdentifiers: List<PGPIdentifier>,
    authResult: BiometricResult,
@ -189,6 +189,10 @@ class DecryptActivity : BasePGPActivity() {
    } else {
      finish()
    }
+    if (!repository.isPasswordProtected(gpgIdentifiers)) {
+      decryptWithPassphrase(passphrase = "", gpgIdentifiers, authResult)
+      return
+    }
    val dialog = PasswordDialog()
    if (isError) {
      dialog.setError()
--- a/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt
+++ b/crypto/common/src/main/kotlin/app/passwordstore/crypto/CryptoHandler.kt
@ -41,4 +41,9 @@ public interface CryptoHandler<Key, EncOpts : CryptoOptions, DecryptOpts : Crypt

  /** Given a [fileName], return whether this instance can handle it. */
  public fun canHandle(fileName: String): Boolean
+
+  /**
+   * Inspects the given [keys] and returns `false` if none of them require a passphrase to decrypt.
+   */
+  public fun isPassphraseProtected(keys: List<Key>): Boolean
 }
--- a/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt
+++ b/crypto/pgpainless/src/main/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandler.kt
@ -11,6 +11,7 @@ import app.passwordstore.crypto.errors.NoKeysProvidedException
 import app.passwordstore.crypto.errors.NonStandardAEAD
 import app.passwordstore.crypto.errors.UnknownError
 import com.github.michaelbull.result.Result
+import com.github.michaelbull.result.mapBoth
 import com.github.michaelbull.result.mapError
 import com.github.michaelbull.result.runCatching
 import java.io.InputStream
@ -140,4 +141,14 @@ public class PGPainlessCryptoHandler @Inject constructor() :
  public override fun canHandle(fileName: String): Boolean {
    return fileName.substringAfterLast('.', "") == "gpg"
  }
+
+  public override fun isPassphraseProtected(keys: List<PGPKey>): Boolean =
+    keys
+      .mapNotNull { key -> PGPainless.readKeyRing().secretKeyRing(key.contents) }
+      .map(::keyringHasPassphrase)
+      .all { it }
+
+  internal fun keyringHasPassphrase(keyRing: PGPSecretKeyRing) =
+    runCatching { keyRing.secretKey.extractPrivateKey(null) }
+      .mapBoth(success = { false }, failure = { true })
 }
--- a/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt
+++ b/crypto/pgpainless/src/test/kotlin/app/passwordstore/crypto/PGPainlessCryptoHandlerTest.kt
@ -155,6 +155,26 @@ class PGPainlessCryptoHandlerTest {
    assertIs<NonStandardAEAD>(res.error, message = "${res.error.cause}")
  }

+  @Test
+  fun detectsKeysWithPassphrase() {
+    assertTrue(cryptoHandler.isPassphraseProtected(listOf(PGPKey(TestUtils.getArmoredSecretKey()))))
+    assertTrue(
+      cryptoHandler.isPassphraseProtected(
+        listOf(PGPKey(TestUtils.getArmoredSecretKeyWithMultipleIdentities()))
+      )
+    )
+  }
+
+  @Test
+  fun detectsKeysWithoutPassphrase() {
+    // Uses the internal method instead of the public API because GnuPG seems to have made it
+    // impossible to generate a key without a passphrase and I can't care to find a magical
+    // incantation to convince it I am smarter than whatever they are protecting against.
+    assertFalse(
+      cryptoHandler.keyringHasPassphrase(PGPainless.generateKeyRing().modernKeyRing("John Doe"))
+    )
+  }
+
  @Test
  fun canHandleFiltersFormats() {
    assertFalse { cryptoHandler.canHandle("example.com") }