use upstream bouncycastle provider

2020-01-23 14:10:39 +01:00
parent a697d7e623
commit 4a4093854d
13 changed files with 68 additions and 66 deletions
--- a/OpenKeychain/build.gradle
+++ b/OpenKeychain/build.gradle
@@ -56,11 +56,13 @@ dependencies {
    implementation project(':openpgp-api-lib')
    implementation project(':nfcsweetspot')
    implementation project(':sshauthentication-api')
-    implementation project(':extern:bouncycastle:core')
-    implementation project(':extern:bouncycastle:pg')
-    implementation project(':extern:bouncycastle:prov')
    implementation project(':extern:MaterialChipsInput')

+    // implementation project(':openkeychain:extern:bouncycastle:core')
+    implementation 'org.bouncycastle:bcprov-jdk15on:1.65'
+    implementation project(':extern:bouncycastle:pg')
+    // implementation project(':openkeychain:extern:bouncycastle:prov')
+
    implementation 'androidx.work:work-runtime:2.2.0'

    // Unit tests in the local JVM with Robolectric
--- a/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/EdDsaAuthenticationContentSignerBuilder.java
+++ b/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/EdDsaAuthenticationContentSignerBuilder.java
@@ -1,17 +1,19 @@
 package org.bouncycastle.openpgp.operator.jcajce;

-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.EdDSAEngine;
-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSANamedCurveTable;
-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSAParameterSpec;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPrivateKey;
 import org.bouncycastle.openpgp.PGPRuntimeOperationException;
 import org.bouncycastle.openpgp.operator.PGPContentSigner;
 import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculator;

-import java.io.ByteArrayOutputStream;
 import java.io.OutputStream;
-import java.security.*;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Signature;
+import java.security.SignatureException;

 public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSignerBuilder {
    private JcaPGPKeyConverter keyConverter = new JcaPGPKeyConverter();
@@ -33,9 +35,8 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
        return this;
    }

-    private Signature createSignature() throws NoSuchAlgorithmException {
-        EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName("Ed25519");
-        return new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm()));
+    private Signature createSignature() throws PGPException {
+        return new OperatorHelper(new DefaultJcaJceHelper()).createSignature(keyAlgorithm, hashAlgorithm);
    }

    public PGPContentSigner build(final int signatureType, final long keyID, final PrivateKey privateKey)
@@ -43,12 +44,12 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
        Signature signatureEdDsa;
        try {
            signatureEdDsa = createSignature();
-        } catch (NoSuchAlgorithmException e) {
+        } catch (PGPException e) {
            throw new PGPException("unable to create Signature.", e);
        }
        final Signature signature = signatureEdDsa;

-        final ByteArrayOutputStream dataOutputStream = new ByteArrayOutputStream();
+        final PGPDigestCalculator digestCalculator = new JcaPGPDigestCalculatorProviderBuilder().build().get(hashAlgorithm);

        try {
            signature.initSign(privateKey);
@@ -74,11 +75,12 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
            }

            public OutputStream getOutputStream() {
-                return new SignatureOutputStream(signature);
+                return digestCalculator.getOutputStream();
            }

            public byte[] getSignature() {
                try {
+                    signature.update(digestCalculator.getDigest());
                    return signature.sign();
                } catch (SignatureException e) {
                    throw new PGPRuntimeOperationException("Unable to create signature: " + e.getMessage(), e);
@@ -86,7 +88,7 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
            }

            public byte[] getDigest() {
-                return null;
+                return digestCalculator.getDigest();
            }
        };
    }
--- a/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/SessionKeySecretKeyDecryptorBuilder.java
+++ b/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/SessionKeySecretKeyDecryptorBuilder.java
@@ -7,6 +7,15 @@
 package org.bouncycastle.openpgp.operator.jcajce;


+import org.bouncycastle.bcpg.S2K;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
+import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPUtil;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
+
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Provider;
@@ -15,13 +24,6 @@ import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.spec.IvParameterSpec;
-import org.bouncycastle.bcpg.S2K;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
-import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;


 /** This is a builder for a special PBESecretKeyDecryptor which is parametrized by a
@@ -90,7 +92,7 @@ public class SessionKeySecretKeyDecryptorBuilder
                {
                    Cipher c = helper.createCipher(PGPUtil.getSymmetricCipherName(encAlgorithm) + "/CFB/NoPadding");

-                    c.init(Cipher.DECRYPT_MODE, PGPUtil.makeSymmetricKey(encAlgorithm, key), new IvParameterSpec(iv));
+                    c.init(Cipher.DECRYPT_MODE, JcaJcePGPUtil.makeSymmetricKey(encAlgorithm, key), new IvParameterSpec(iv));

                    return c.doFinal(keyData, keyOff, keyLen);
                }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpKeyOperation.java
@@ -22,6 +22,7 @@ import java.io.IOException;
 import java.math.BigInteger;
 import java.nio.ByteBuffer;
 import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
@@ -46,7 +47,11 @@ import org.bouncycastle.bcpg.S2K;
 import org.bouncycastle.bcpg.sig.Features;
 import org.bouncycastle.bcpg.sig.KeyFlags;
 import org.bouncycastle.bcpg.sig.RevocationReasonTags;
-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSAGenParameterSpec;
+import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
+import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
+import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
+import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
 import org.bouncycastle.jce.spec.ElGamalParameterSpec;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPKeyFlags;
@@ -250,10 +255,8 @@ public class PgpKeyOperation {
                        return null;
                    }
                    progress(R.string.progress_generating_eddsa, 30);
-                    EdDSAGenParameterSpec edParamSpec =
-                            new EdDSAGenParameterSpec("ed25519");
-                    keyGen = KeyPairGenerator.getInstance("EdDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
-                    keyGen.initialize(edParamSpec, new SecureRandom());
+                    keyGen = KeyPairGenerator.getInstance("ED25519", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
+                    keyGen.initialize(256, new SecureRandom());

                    algorithm = PGPPublicKey.EDDSA;
                    break;
@@ -281,7 +284,8 @@ public class PgpKeyOperation {
            }

            // build new key pair
-            return new JcaPGPKeyPair(algorithm, keyGen.generateKeyPair(), creationTime);
+            KeyPair keyPair = keyGen.generateKeyPair();
+            return new JcaPGPKeyPair(algorithm, keyPair, creationTime);

        } catch(NoSuchProviderException | InvalidAlgorithmParameterException e) {
            throw new RuntimeException(e);
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSignEncryptOperation.java
@@ -48,10 +48,10 @@ import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPLiteralData;
 import org.bouncycastle.openpgp.PGPLiteralDataGenerator;
 import org.bouncycastle.openpgp.PGPSignatureGenerator;
+import org.bouncycastle.openpgp.PGPUtil;
 import org.bouncycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
 import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.jcajce.NfcSyncPGPContentSignerBuilder;
-import org.bouncycastle.openpgp.operator.jcajce.PGPUtil;
 import org.sufficientlysecure.keychain.Constants;
 import org.sufficientlysecure.keychain.R;
 import org.sufficientlysecure.keychain.daos.KeyRepository;
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SshPublicKey.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/SshPublicKey.java
@@ -19,13 +19,11 @@ package org.sufficientlysecure.keychain.pgp;

 import org.bouncycastle.bcpg.DSAPublicBCPGKey;
 import org.bouncycastle.bcpg.ECPublicBCPGKey;
-import org.bouncycastle.bcpg.EdDSAPublicBCPGKey;
 import org.bouncycastle.bcpg.RSAPublicBCPGKey;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
 import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
 import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
-import org.sufficientlysecure.keychain.ssh.key.SshEd25519PublicKey;
 import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
 import org.sufficientlysecure.keychain.ssh.utils.SshUtils;

@@ -48,8 +46,9 @@ public class SshPublicKey {
                return encodeRSAKey(key);
            case PGPPublicKey.ECDSA:
                return encodeECKey(key);
-            case PGPPublicKey.EDDSA:
-                return encodeEdDSAKey(key);
+            // TODO
+//            case PGPPublicKey.EDDSA:
+//                return encodeEdDSAKey(key);
            case PGPPublicKey.DSA:
                return encodeDSAKey(key);
            default:
@@ -76,13 +75,13 @@ public class SshPublicKey {



-    private String encodeEdDSAKey(PGPPublicKey publicKey) {
-        EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
-
-        SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
-
-        return pubkey.getPublicKeyBlob();
-    }
+//    private String encodeEdDSAKey(PGPPublicKey publicKey) {
+//        EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
+//
+//        SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
+//
+//        return pubkey.getPublicKeyBlob();
+//    }

    private String encodeDSAKey(PGPPublicKey publicKey) {
        DSAPublicBCPGKey publicBCPGKey = (DSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/UncachedKeyRing.java
@@ -672,7 +672,7 @@ public class UncachedKeyRing {
            }

            // If NO user ids remain, error out!
-            if (modified == null || !modified.getUserIDs().hasNext()) {
+            if (modified == null || !modified.getRawUserIDs().hasNext()) {
                log.add(LogType.MSG_KC_ERROR_NO_UID, indent);
                return null;
            }
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/operations/PsoDecryptTokenOp.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/securitytoken/operations/PsoDecryptTokenOp.java
@@ -18,21 +18,12 @@
 package org.sufficientlysecure.keychain.securitytoken.operations;


-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
 import androidx.annotation.NonNull;
 import androidx.annotation.VisibleForTesting;

-import javax.crypto.Cipher;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.SecretKeySpec;
+import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
 import org.bouncycastle.asn1.x9.ECNamedCurveTable;
 import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.ec.CustomNamedCurves;
 import org.bouncycastle.jcajce.util.MessageDigestUtils;
 import org.bouncycastle.math.ec.ECPoint;
 import org.bouncycastle.openpgp.PGPException;
@@ -48,6 +39,16 @@ import org.sufficientlysecure.keychain.securitytoken.KeyFormat;
 import org.sufficientlysecure.keychain.securitytoken.ResponseApdu;
 import org.sufficientlysecure.keychain.securitytoken.SecurityTokenConnection;

+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.SecretKeySpec;
+

 /** This class implements the PSO:DECIPHER operation, as specified in OpenPGP card spec / 7.2.11 (p52 in v3.0.1).
 *
@@ -196,7 +197,8 @@ public class PsoDecryptTokenOp {
    }

    private byte[] getEcDecipherPayload(ECKeyFormat eckf, byte[] encryptedPoint) throws CardException {
-        if (CustomNamedCurves.CV25519.equals(eckf.getCurveOID())) {
+        // TODO is this the right curve?
+        if (CryptlibObjectIdentifiers.curvey25519.equals(eckf.getCurveOID())) {
            return Arrays.copyOfRange(encryptedPoint, 1, 33);
        } else {
            X9ECParameters x9Params = ECNamedCurveTable.getByOID(eckf.getCurveOID());
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java
@@ -39,7 +39,7 @@ import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
 import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
 import org.bouncycastle.crypto.ec.CustomNamedCurves;
 import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.operator.jcajce.PGPUtil;
+import org.bouncycastle.openpgp.PGPUtil;
 import org.bouncycastle.util.encoders.Hex;
 import org.openintents.openpgp.OpenPgpDecryptionResult;
 import org.openintents.openpgp.OpenPgpSignatureResult;