cthrace/open-keychain
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use new HashSet<>(Arrays.asList()) instead of static

Browse Source
This commit is contained in:
Dominik Schürmann
2015-09-04 13:39:03 +02:00
parent c63d000252
commit e9836372b4
1 changed files with 36 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/PgpSecurityConstants.java
View File

@@ -23,6 +23,7 @@ import org.spongycastle.bcpg.HashAlgorithmTags;
import org.spongycastle.bcpg.PublicKeyAlgorithmTags; import org.spongycastle.bcpg.PublicKeyAlgorithmTags;
import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags; import org.spongycastle.bcpg.SymmetricKeyAlgorithmTags;
import java.util.Arrays;
import java.util.HashSet; import java.util.HashSet;
/** /**
@@ -42,24 +43,23 @@ public class PgpSecurityConstants {
* Whitelist of accepted symmetric encryption algorithms * Whitelist of accepted symmetric encryption algorithms
* all other algorithms are rejected with OpenPgpDecryptionResult.RESULT_INSECURE * all other algorithms are rejected with OpenPgpDecryptionResult.RESULT_INSECURE
*/ */
private static HashSet<Integer> sSymmetricAlgorithmsWhitelist = new HashSet<>(); private static HashSet<Integer> sSymmetricAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
static { // General remarks: We try to keep the whitelist short to reduce attack surface
// General remarks: We try to keep the whitelist short to reduce attack surface // TODO: block IDEA?: Bad key schedule (weak keys), implementation difficulties (easy to make errors)
// TODO: block IDEA?: Bad key schedule (weak keys), implementation difficulties (easy to make errors) SymmetricKeyAlgorithmTags.IDEA,
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.IDEA); SymmetricKeyAlgorithmTags.TRIPLE_DES, // a MUST in RFC
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.TRIPLE_DES); // a MUST in RFC SymmetricKeyAlgorithmTags.CAST5, // default in many gpg, pgp versions, 128 bit key
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.CAST5); // default in many gpg, pgp versions, 128 bit key // BLOWFISH: Twofish is the successor
// BLOWFISH: Twofish is the successor // SAFER: not used widely
// SAFER: not used widely // DES: < 128 bit security
// DES: < 128 bit security SymmetricKeyAlgorithmTags.AES_128,
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_128); SymmetricKeyAlgorithmTags.AES_192,
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_192); SymmetricKeyAlgorithmTags.AES_256,
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.AES_256); SymmetricKeyAlgorithmTags.TWOFISH // 128 bit
sSymmetricAlgorithmsWhitelist.add(SymmetricKeyAlgorithmTags.TWOFISH); // 128 bit // CAMELLIA_128: not used widely
// CAMELLIA_128: not used widely // CAMELLIA_192: not used widely
// CAMELLIA_192: not used widely // CAMELLIA_256: not used widely
// CAMELLIA_256: not used widely ));
}
public static boolean isSecureSymmetricAlgorithm(int id) { public static boolean isSecureSymmetricAlgorithm(int id) {
return sSymmetricAlgorithmsWhitelist.contains(id); return sSymmetricAlgorithmsWhitelist.contains(id);
@@ -77,20 +77,19 @@ public class PgpSecurityConstants {
* ((collision resistance of 112-bits)) * ((collision resistance of 112-bits))
* Implementations SHOULD NOT sign SHA-256 hashes. They MUST NOT default to signing SHA-256 hashes. * Implementations SHOULD NOT sign SHA-256 hashes. They MUST NOT default to signing SHA-256 hashes.
*/ */
private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(); private static HashSet<Integer> sHashAlgorithmsWhitelist = new HashSet<>(Arrays.asList(
static { // MD5: broken
// MD5: broken // SHA1: broken
// SHA1: broken // RIPEMD160: same security properties as SHA1
// RIPEMD160: same security properties as SHA1 // DOUBLE_SHA: not used widely
// DOUBLE_SHA: not used widely // MD2: not used widely
// MD2: not used widely // TIGER_192: not used widely
// TIGER_192: not used widely // HAVAL_5_160: not used widely
// HAVAL_5_160: not used widely HashAlgorithmTags.SHA256, // compatibility for old Mailvelope versions
sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA256); // compatibility for old Mailvelope versions HashAlgorithmTags.SHA384,
sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA384); HashAlgorithmTags.SHA512
sHashAlgorithmsWhitelist.add(HashAlgorithmTags.SHA512); // SHA224: Not used widely, Yahoo argues against it
// SHA224: Not used widely, Yahoo argues against it ));
}
public static boolean isSecureHashAlgorithm(int id) { public static boolean isSecureHashAlgorithm(int id) {
return sHashAlgorithmsWhitelist.contains(id); return sHashAlgorithmsWhitelist.contains(id);
@@ -106,12 +105,11 @@ public class PgpSecurityConstants {
* bitlength less than 1023 bits. * bitlength less than 1023 bits.
* Implementations MUST NOT accept any RSA keys with bitlength less than 2047 bits after January 1, 2016. * Implementations MUST NOT accept any RSA keys with bitlength less than 2047 bits after January 1, 2016.
*/ */
private static HashSet<String> sCurveWhitelist = new HashSet<>(); private static HashSet<String> sCurveWhitelist = new HashSet<>(Arrays.asList(
static { NISTNamedCurves.getOID("P-256").getId(),
sCurveWhitelist.add(NISTNamedCurves.getOID("P-256").getId()); NISTNamedCurves.getOID("P-384").getId(),
sCurveWhitelist.add(NISTNamedCurves.getOID("P-384").getId()); NISTNamedCurves.getOID("P-521").getId()
sCurveWhitelist.add(NISTNamedCurves.getOID("P-521").getId()); ));
}
public static boolean isSecureKey(CanonicalizedPublicKey key) { public static boolean isSecureKey(CanonicalizedPublicKey key) {
switch (key.getAlgorithm()) { switch (key.getAlgorithm()) {