cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

whitelist sec and brainpool curves

Browse Source
This commit is contained in:
Vincent Breitmoser
2017-04-24 17:08:16 +02:00
parent a380405c80
commit c313f45219
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
View File

@@ -18,10 +18,12 @@
package org.sufficientlysecure.keychain.pgp; package org.sufficientlysecure.keychain.pgp;
import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
import org.bouncycastle.bcpg.CompressionAlgorithmTags; import org.bouncycastle.bcpg.CompressionAlgorithmTags;
import org.bouncycastle.bcpg.HashAlgorithmTags; import org.bouncycastle.bcpg.HashAlgorithmTags;
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags; import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashSet; import java.util.HashSet;
@@ -108,7 +110,11 @@ public class PgpSecurityConstants {
private static HashSet<String> sCurveWhitelist = new HashSet<>(Arrays.asList( private static HashSet<String> sCurveWhitelist = new HashSet<>(Arrays.asList(
NISTNamedCurves.getOID("P-256").getId(), NISTNamedCurves.getOID("P-256").getId(),
NISTNamedCurves.getOID("P-384").getId(), NISTNamedCurves.getOID("P-384").getId(),
NISTNamedCurves.getOID("P-521").getId() NISTNamedCurves.getOID("P-521").getId(),
CustomNamedCurves.getOID("secp256k1").getId(),
TeleTrusTNamedCurves.getOID("brainpoolP256r1").getId(),
TeleTrusTNamedCurves.getOID("brainpoolP384r1").getId(),
TeleTrusTNamedCurves.getOID("brainpoolP512r1").getId()
)); ));
public static boolean isSecureKey(CanonicalizedPublicKey key) { public static boolean isSecureKey(CanonicalizedPublicKey key) {

5
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/util/KeyFormattingUtils.java
View File

@@ -35,6 +35,7 @@ import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTNamedCurves; import org.bouncycastle.asn1.nist.NISTNamedCurves;
import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves; import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags; import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.crypto.ec.CustomNamedCurves;
import org.bouncycastle.util.encoders.Hex; import org.bouncycastle.util.encoders.Hex;
import org.openintents.openpgp.OpenPgpDecryptionResult; import org.openintents.openpgp.OpenPgpDecryptionResult;
import org.openintents.openpgp.OpenPgpSignatureResult; import org.openintents.openpgp.OpenPgpSignatureResult;
@@ -210,6 +211,10 @@ public class KeyFormattingUtils {
if (name != null) { if (name != null) {
return name; return name;
} }
name = CustomNamedCurves.getName(oid);
if (name != null) {
return name;
}
if (context != null) { if (context != null) {
return context.getResources().getString(R.string.unknown); return context.getResources().getString(R.string.unknown);
} else { } else {