[BUG] No keys are provided to decrypt a file located in subdirectories that contain their own .gpg-id.
OlehKopeykin opened this issue · 2 comments
OlehKopeykin commented
Describe the bug
When decrypting a file located in subdirectories that have their own .gpg-id, the APS fails to obtain the appropriate PGP identifiers.
Steps to reproduce
Case 1: Decrypting a file within APS.
- Download the pass-test repository to APS.
- Add the public key john@doe.org.pub (fingerprint 36A07AF3971BCD932FB3D4DFB950AE2813841585) to the Key Manager.
- Add the secret key john@doe.org.sec (fingerprint 36A07AF3971BCD932FB3D4DFB950AE2813841585) to the Key Manager.
- Open the file subdir_with_fingerprint/test_with_fingerprint.
- Enter the passphrase 12345678.
- APS returns an error message saying "Passphrase is invalid" and prompts you to try again.
APS catches the following exception and logs it:
2024-04-17 09:40:39.142 6757-6757 DecryptActivity app.passwordstore.debug E NoKeysProvidedException
at app.passwordstore.crypto.PGPainlessCryptoHandler.decrypt-iWd_AH8(PGPainlessCryptoHandler.kt:52)
at app.passwordstore.data.crypto.CryptoRepository.decryptPgp-iWd_AH8(CryptoRepository.kt:62)
at app.passwordstore.data.crypto.CryptoRepository.access$decryptPgp-iWd_AH8(CryptoRepository.kt:26)
at app.passwordstore.data.crypto.CryptoRepository$decrypt$2.invokeSuspend(CryptoRepository.kt:46)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:104)
at kotlinx.coroutines.internal.LimitedDispatcher$Worker.run(LimitedDispatcher.kt:111)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:99)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:584)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:811)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:715)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:702)
Case 2: Decrypting within autofilling
- Download the pass-test repository to the APS.
- Add the public key john@doe.org.pub (fingerprint 36A07AF3971BCD932FB3D4DFB950AE2813841585) to the Key Manager.
- Add the secret key john@doe.org.sec (fingerprint 36A07AF3971BCD932FB3D4DFB950AE2813841585) to the Key Manager.
- Open a Login/Pass form.
- Choose Autofill.
- Find a file subdir_with_fingerprint/test_with_fingerprint.
- Enter passphrase 12345678
- APS return empty string as pass
The method repository.decrypt returns a NoKeysProvidedException, but this error is not being handled by APS and is not visible in the log.
Expected behavior
When decrypting a file located in subdirectories that have their own .gpg-id, the APS obtains the appropriate PGP identifiers and decrypts the file.
How to solve the issue
- Improve the DecryptActivity.kt file by adding the path to the subdirectory that contains the encrypted file as a parameter to the "getPGPIdentifiers" method.
- Improve the AutofillDecryptActivity.kt file by obtaining the PGP identifiers in the "decrypt" method by calling "getPGPIdentifiers" with the path to the subdirectory that contains the encrypted file, and passing them as parameters to all subsequent methods that require them.
Device information
- Device: Xiaomi Mi 10T
- OS: Android S
- App version: 2.0.0, branch develop, commit 8f68b8730f0443f342062a648bd6b06c33392016
OlehKopeykin commented
I have fixed the bug as described above and I am ready to submit a pull request.
msfjarvis commented
Thanks for the detailed bug report! Your fix looks reasonable, please send in the PR.