Fix caching of empty passphrase before moving keys to card

2015-07-03 02:48:54 +02:00 · 2015-07-03 02:48:54 +02:00 · d6b4d4b4f2
parent f10785ec5a
commit d6b4d4b4f2
3 changed files with 24 additions and 14 deletions
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/EditKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/operations/EditKeyOperation.java
@ -131,13 +131,22 @@ public class EditKeyOperation extends BaseOperation<SaveKeyringParcel> {
        // There is a new passphrase - cache it
        if (saveParcel.mNewUnlock != null) {
            log.add(LogType.MSG_ED_CACHING_NEW, 1);
-            PassphraseCacheService.addCachedPassphrase(mContext,
-                    ring.getMasterKeyId(),
-                    ring.getMasterKeyId(),
-                    saveParcel.mNewUnlock.mNewPassphrase != null
-                            ? saveParcel.mNewUnlock.mNewPassphrase
-                            : saveParcel.mNewUnlock.mNewPin,
-                    ring.getPublicKey().getPrimaryUserIdWithFallback());
+
+            // NOTE: Don't cache empty passphrases! Important for MOVE_KEY_TO_CARD
+            if (saveParcel.mNewUnlock.mNewPassphrase != null
+                    && ( ! saveParcel.mNewUnlock.mNewPassphrase.isEmpty())) {
+                PassphraseCacheService.addCachedPassphrase(mContext,
+                        ring.getMasterKeyId(),
+                        ring.getMasterKeyId(),
+                        saveParcel.mNewUnlock.mNewPassphrase,
+                        ring.getPublicKey().getPrimaryUserIdWithFallback());
+            } else if (saveParcel.mNewUnlock.mNewPin != null) {
+                PassphraseCacheService.addCachedPassphrase(mContext,
+                        ring.getMasterKeyId(),
+                        ring.getMasterKeyId(),
+                        saveParcel.mNewUnlock.mNewPin,
+                        ring.getPublicKey().getPrimaryUserIdWithFallback());
+            }
        }

        updateProgress(R.string.progress_done, 100, 100);
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java
@ -41,7 +41,6 @@ import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
 import org.sufficientlysecure.keychain.ui.dialog.AddEmailDialogFragment;
 import org.sufficientlysecure.keychain.ui.util.Notify;
 import org.sufficientlysecure.keychain.ui.widget.EmailEditText;
-import org.sufficientlysecure.keychain.util.Passphrase;

 import java.util.ArrayList;
 import java.util.List;
@ -239,9 +238,6 @@ public class CreateKeyEmailFragment extends Fragment {
            if (createKeyActivity.mCreateYubiKey) {
                hideKeyboard();

-                // set empty passphrase
-                createKeyActivity.mPassphrase = new Passphrase();
-
                CreateYubiKeyPinFragment frag = CreateYubiKeyPinFragment.newInstance();
                mCreateKeyActivity.loadFragment(frag, FragAction.TO_RIGHT);
            } else {
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyFinalFragment.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyFinalFragment.java
@ -47,6 +47,7 @@ import org.sufficientlysecure.keychain.service.SaveKeyringParcel.ChangeUnlockPar
 import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction;
 import org.sufficientlysecure.keychain.ui.base.CryptoOperationHelper;
 import org.sufficientlysecure.keychain.util.Log;
+import org.sufficientlysecure.keychain.util.Passphrase;
 import org.sufficientlysecure.keychain.util.Preferences;

 import java.util.Iterator;
@ -187,6 +188,9 @@ public class CreateKeyFinalFragment extends Fragment {
                        2048, null, KeyFlags.AUTHENTICATION, 0L));
                mEditText.setText(R.string.create_key_custom);
                mEditButton.setEnabled(false);
+
+                // use empty passphrase
+                mSaveKeyringParcel.mNewUnlock = new ChangeUnlockParcel(new Passphrase(), null);
            } else {
                mSaveKeyringParcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(Algorithm.RSA,
                        4096, null, KeyFlags.CERTIFY_OTHER, 0L));
@ -194,6 +198,10 @@ public class CreateKeyFinalFragment extends Fragment {
                        4096, null, KeyFlags.SIGN_DATA, 0L));
                mSaveKeyringParcel.mAddSubKeys.add(new SaveKeyringParcel.SubkeyAdd(Algorithm.RSA,
                        4096, null, KeyFlags.ENCRYPT_COMMS | KeyFlags.ENCRYPT_STORAGE, 0L));
+
+                mSaveKeyringParcel.mNewUnlock = createKeyActivity.mPassphrase != null
+                        ? new ChangeUnlockParcel(createKeyActivity.mPassphrase, null)
+                        : null;
            }
            String userId = KeyRing.createUserId(
                    new KeyRing.UserId(createKeyActivity.mName, createKeyActivity.mEmail, null)
@ -209,9 +217,6 @@ public class CreateKeyFinalFragment extends Fragment {
                    mSaveKeyringParcel.mAddUserIds.add(thisUserId);
                }
            }
-            mSaveKeyringParcel.mNewUnlock = createKeyActivity.mPassphrase != null
-                    ? new ChangeUnlockParcel(createKeyActivity.mPassphrase, null)
-                    : null;
        }
    }