use upstream bouncycastle provider

2020-01-23 14:10:39 +01:00
parent a697d7e623
commit 4a4093854d
13 changed files with 68 additions and 66 deletions
--- a/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/EdDsaAuthenticationContentSignerBuilder.java
+++ b/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/EdDsaAuthenticationContentSignerBuilder.java
@@ -1,17 +1,19 @@
 package org.bouncycastle.openpgp.operator.jcajce;

-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.EdDSAEngine;
-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSANamedCurveTable;
-import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSAParameterSpec;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPrivateKey;
 import org.bouncycastle.openpgp.PGPRuntimeOperationException;
 import org.bouncycastle.openpgp.operator.PGPContentSigner;
 import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculator;

-import java.io.ByteArrayOutputStream;
 import java.io.OutputStream;
-import java.security.*;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.Signature;
+import java.security.SignatureException;

 public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSignerBuilder {
    private JcaPGPKeyConverter keyConverter = new JcaPGPKeyConverter();
@@ -33,9 +35,8 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
        return this;
    }

-    private Signature createSignature() throws NoSuchAlgorithmException {
-        EdDSAParameterSpec spec = EdDSANamedCurveTable.getByName("Ed25519");
-        return new EdDSAEngine(MessageDigest.getInstance(spec.getHashAlgorithm()));
+    private Signature createSignature() throws PGPException {
+        return new OperatorHelper(new DefaultJcaJceHelper()).createSignature(keyAlgorithm, hashAlgorithm);
    }

    public PGPContentSigner build(final int signatureType, final long keyID, final PrivateKey privateKey)
@@ -43,12 +44,12 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
        Signature signatureEdDsa;
        try {
            signatureEdDsa = createSignature();
-        } catch (NoSuchAlgorithmException e) {
+        } catch (PGPException e) {
            throw new PGPException("unable to create Signature.", e);
        }
        final Signature signature = signatureEdDsa;

-        final ByteArrayOutputStream dataOutputStream = new ByteArrayOutputStream();
+        final PGPDigestCalculator digestCalculator = new JcaPGPDigestCalculatorProviderBuilder().build().get(hashAlgorithm);

        try {
            signature.initSign(privateKey);
@@ -74,11 +75,12 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
            }

            public OutputStream getOutputStream() {
-                return new SignatureOutputStream(signature);
+                return digestCalculator.getOutputStream();
            }

            public byte[] getSignature() {
                try {
+                    signature.update(digestCalculator.getDigest());
                    return signature.sign();
                } catch (SignatureException e) {
                    throw new PGPRuntimeOperationException("Unable to create signature: " + e.getMessage(), e);
@@ -86,7 +88,7 @@ public class EdDsaAuthenticationContentSignerBuilder implements PGPContentSigner
            }

            public byte[] getDigest() {
-                return null;
+                return digestCalculator.getDigest();
            }
        };
    }
--- a/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/SessionKeySecretKeyDecryptorBuilder.java
+++ b/OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/SessionKeySecretKeyDecryptorBuilder.java
@@ -7,6 +7,15 @@
 package org.bouncycastle.openpgp.operator.jcajce;


+import org.bouncycastle.bcpg.S2K;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
+import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPUtil;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
+
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.Provider;
@@ -15,13 +24,6 @@ import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
 import javax.crypto.spec.IvParameterSpec;
-import org.bouncycastle.bcpg.S2K;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
-import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;


 /** This is a builder for a special PBESecretKeyDecryptor which is parametrized by a
@@ -90,7 +92,7 @@ public class SessionKeySecretKeyDecryptorBuilder
                {
                    Cipher c = helper.createCipher(PGPUtil.getSymmetricCipherName(encAlgorithm) + "/CFB/NoPadding");

-                    c.init(Cipher.DECRYPT_MODE, PGPUtil.makeSymmetricKey(encAlgorithm, key), new IvParameterSpec(iv));
+                    c.init(Cipher.DECRYPT_MODE, JcaJcePGPUtil.makeSymmetricKey(encAlgorithm, key), new IvParameterSpec(iv));

                    return c.doFinal(keyData, keyOff, keyLen);
                }