Fix: Identities and address book still available after the Clear Password icon is clicked

2011-03-16 22:10:00 +00:00
parent 82cb40e9bf
commit 63dc3ea208
6 changed files with 49 additions and 24 deletions
--- a/src/i2p/bote/I2PBote.java
+++ b/src/i2p/bote/I2PBote.java
@@ -496,8 +496,33 @@ public class I2PBote implements NetworkStatusSource {
        return null;
    }
    
-    public PasswordCache getPasswordCache() {
-        return passwordCache;
+    /**
+     * Tests if a password is correct and stores it in the cache if it is.
+     * If the password is not correct, a <code>PasswordException</code> is thrown.
+     * @param password
+     * @throws IOException
+     * @throws GeneralSecurityException
+     * @throws PasswordException
+     */
+    public void tryPassword(byte[] password) throws IOException, GeneralSecurityException, PasswordException  {
+        File passwordFile = I2PBote.getInstance().getConfiguration().getPasswordFile();
+        boolean correct = FileEncryptionUtil.isPasswordCorrect(password, passwordFile);
+        if (correct)
+            passwordCache.setPassword(password);
+        else
+            throw new PasswordException();
+    }
+    
+    /** Returns <code>true</code> if the password is currently cached. */
+    public boolean isPasswordInCache() {
+        return passwordCache.isPasswordInCache();
+    }
+    
+    /** Removes the password from the password cache. If there is no password in the cache, nothing happens. */
+    public void clearPassword() {
+        passwordCache.clear();
+        identities.clearPasswordProtectedData();
+        addressBook.clearPasswordProtectedData();
    }
    
    private Collection<EmailFolder> getEmailFolders() {
--- a/src/i2p/bote/addressbook/AddressBook.java
+++ b/src/i2p/bote/addressbook/AddressBook.java
@@ -170,6 +170,10 @@ public class AddressBook implements Iterable<Contact> {
            FileEncryptionUtil.changePassword(addressFile, oldPassword, newKey);
    }
    
+    public void clearPasswordProtectedData() {
+        contacts = null;
+    }
+    
    /**
     * Looks up an {@link Contact} by its Base64 key. If none is found,
     * <code>null</code> is returned.
--- a/src/i2p/bote/email/Identities.java
+++ b/src/i2p/bote/email/Identities.java
@@ -251,6 +251,11 @@ public class Identities implements Iterable<EmailIdentity> {
            FileEncryptionUtil.changePassword(identitiesFile, oldPassword, newKey);
    }
    
+    public void clearPasswordProtectedData() {
+        // TODO overwrite private keys
+        identities = null;
+    }
+    
    /**
     * Sets the default identity. Assumes this <code>Identities</code> already
     * contains <code>defaultIdentity</code>.
--- a/src/i2p/bote/fileencryption/PasswordCache.java
+++ b/src/i2p/bote/fileencryption/PasswordCache.java
@@ -147,10 +147,7 @@ public class PasswordCache extends I2PBoteThread implements PasswordHolder {
        lastReset = System.currentTimeMillis();
    }
    
-    /**
-     * Returns <code>true</code> if the password is being cached
-     * @return
-     */
+    /** Returns <code>true</code> if the password is currently cached. */
    public boolean isPasswordInCache() {
        return password != null;
    }
--- a/src/i2p/bote/web/ClearPasswordCacheTag.java
+++ b/src/i2p/bote/web/ClearPasswordCacheTag.java
@@ -29,6 +29,6 @@ public class ClearPasswordCacheTag extends SimpleTagSupport {
    
    @Override
    public void doTag() {
-        I2PBote.getInstance().getPasswordCache().clear();
+        I2PBote.getInstance().clearPassword();
    }
 }
--- a/src/i2p/bote/web/JSPHelper.java
+++ b/src/i2p/bote/web/JSPHelper.java
@@ -34,8 +34,6 @@ import i2p.bote.email.EmailAttribute;
 import i2p.bote.email.EmailDestination;
 import i2p.bote.email.EmailIdentity;
 import i2p.bote.email.Identities;
-import i2p.bote.fileencryption.FileEncryptionUtil;
-import i2p.bote.fileencryption.PasswordCache;
 import i2p.bote.fileencryption.PasswordException;
 import i2p.bote.folder.EmailFolder;
 import i2p.bote.folder.TrashFolder;
@@ -548,16 +546,18 @@ public class JSPHelper {
        return RandomSource.getInstance().nextLong();
    }
    
-    public static boolean tryPassword(String password) throws Exception {
+    public static boolean tryPassword(String password) throws IOException, GeneralSecurityException {
        byte[] passwordBytes = password.getBytes();
-        File passwordFile = I2PBote.getInstance().getConfiguration().getPasswordFile();
-        boolean correct = FileEncryptionUtil.isPasswordCorrect(passwordBytes, passwordFile);
-        if (correct)
-            I2PBote.getInstance().getPasswordCache().setPassword(passwordBytes);
-        return correct;
+        try {
+            I2PBote.getInstance().tryPassword(passwordBytes);
+            return true;
+        }
+        catch (PasswordException e) {
+            return false;
+        }
    }
    
-    public static String changePassword(String oldPassword, String newPassword, String confirmNewPassword) throws Exception {
+    public static String changePassword(String oldPassword, String newPassword, String confirmNewPassword) {
        try {
            return I2PBote.getInstance().changePassword(oldPassword.getBytes(), newPassword.getBytes(), confirmNewPassword.getBytes());
        }
@@ -568,18 +568,12 @@ public class JSPHelper {
        }
    }
    
-    /**
-     * @see {@link PasswordCache#isPasswordInCache()}
-     */
    public boolean isPasswordInCache() {
-        return I2PBote.getInstance().getPasswordCache().isPasswordInCache();
+        return I2PBote.getInstance().isPasswordInCache();
    }
    
-    /**
-     * @see {@link PasswordCache#clear()}
-     */
    public static void clearPassword() {
-        I2PBote.getInstance().getPasswordCache().clear();
+        I2PBote.getInstance().clearPassword();
    }
    
    public boolean isUpdateAvailable() {