From effa340c5ca045d39ea77437cb664b0d9d80a4af Mon Sep 17 00:00:00 2001
From: Vincent Breitmoser <look@my.amazin.horse>
Date: Thu, 27 Jun 2019 19:26:34 +0200
Subject: [PATCH] slightly improve PgpKeyOperation logic

---
 .../keychain/pgp/PgpKeyOperation.java          | 18 +++++-------------
 1 file changed, 5 insertions(+), 13 deletions(-)

diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
index ac56d5354..ede83699a 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -1161,7 +1161,7 @@ public class PgpKeyOperation {
     }
 
     @Nullable
-    private PBESecretKeyEncryptor buildKeyEncryptorFromPassphrase(Passphrase passphrase) throws PGPException {
+    private static PBESecretKeyEncryptor buildKeyEncryptorFromPassphrase(Passphrase passphrase) throws PGPException {
         if (passphrase == null || passphrase.isEmpty()) {
             return null;
         }
@@ -1344,19 +1344,11 @@ public class PgpKeyOperation {
             Passphrase newPassphrase,
             OperationLog log, int indent) throws PGPException {
 
-        PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder().build()
-                .get(PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
         PBESecretKeyDecryptor keyDecryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(
                 Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(passphrase.getCharArray());
         // Build key encryptor based on new passphrase
-        PBESecretKeyEncryptor keyEncryptorNew = null;
-        if (newPassphrase != null && !newPassphrase.isEmpty()) {
-            keyEncryptorNew = new JcePBESecretKeyEncryptorBuilder(
-                    PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
-                    PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
-                    .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME)
-                    .build(newPassphrase.getCharArray());
-        }
+        PBESecretKeyEncryptor keyEncryptor = buildKeyEncryptorFromPassphrase(newPassphrase);
+
         boolean keysModified = false;
 
         for (PGPSecretKey sKey : new IterableIterator<>(sKR.getSecretKeys())) {
@@ -1367,7 +1359,7 @@ public class PgpKeyOperation {
 
             try {
                 // try to set new passphrase
-                sKey = PGPSecretKey.copyWithNewPassword(sKey, keyDecryptor, keyEncryptorNew);
+                sKey = PGPSecretKey.copyWithNewPassword(sKey, keyDecryptor, keyEncryptor);
                 ok = true;
             } catch (PGPException e) {
 
@@ -1384,7 +1376,7 @@ public class PgpKeyOperation {
                     PBESecretKeyDecryptor emptyDecryptor =
                             new JcePBESecretKeyDecryptorBuilder().setProvider(
                                     Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
-                    sKey = PGPSecretKey.copyWithNewPassword(sKey, emptyDecryptor, keyEncryptorNew);
+                    sKey = PGPSecretKey.copyWithNewPassword(sKey, emptyDecryptor, keyEncryptor);
                     ok = true;
                 } catch (PGPException e2) {
                     // non-fatal but not ok, handled below