diff options
Diffstat (limited to 'pg/src/main/java/org/bouncycastle/openpgp/operator/bc')
17 files changed, 0 insertions, 1704 deletions
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcImplProvider.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcImplProvider.java deleted file mode 100644 index 357634f4..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcImplProvider.java +++ /dev/null @@ -1,174 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import org.bouncycastle.bcpg.HashAlgorithmTags; -import org.bouncycastle.bcpg.PublicKeyAlgorithmTags; -import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; -import org.bouncycastle.crypto.AsymmetricBlockCipher; -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.crypto.Signer; -import org.bouncycastle.crypto.Wrapper; -import org.bouncycastle.crypto.digests.MD2Digest; -import org.bouncycastle.crypto.digests.MD5Digest; -import org.bouncycastle.crypto.digests.RIPEMD160Digest; -import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.crypto.digests.SHA224Digest; -import org.bouncycastle.crypto.digests.SHA256Digest; -import org.bouncycastle.crypto.digests.SHA384Digest; -import org.bouncycastle.crypto.digests.SHA512Digest; -import org.bouncycastle.crypto.digests.TigerDigest; -import org.bouncycastle.crypto.encodings.PKCS1Encoding; -import org.bouncycastle.crypto.engines.AESEngine; -import org.bouncycastle.crypto.engines.AESFastEngine; -import org.bouncycastle.crypto.engines.BlowfishEngine; -import org.bouncycastle.crypto.engines.CAST5Engine; -import org.bouncycastle.crypto.engines.CamelliaEngine; -import org.bouncycastle.crypto.engines.DESEngine; -import org.bouncycastle.crypto.engines.DESedeEngine; -import org.bouncycastle.crypto.engines.ElGamalEngine; -import org.bouncycastle.crypto.engines.IDEAEngine; -import org.bouncycastle.crypto.engines.RFC3394WrapEngine; -import org.bouncycastle.crypto.engines.RSABlindedEngine; -import org.bouncycastle.crypto.engines.TwofishEngine; -import org.bouncycastle.crypto.signers.DSADigestSigner; -import org.bouncycastle.crypto.signers.DSASigner; -import org.bouncycastle.crypto.signers.ECDSASigner; -import org.bouncycastle.crypto.signers.RSADigestSigner; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKey; - -class BcImplProvider -{ - static Digest createDigest(int algorithm) - throws PGPException - { - switch (algorithm) - { - case HashAlgorithmTags.SHA1: - return new SHA1Digest(); - case HashAlgorithmTags.SHA224: - return new SHA224Digest(); - case HashAlgorithmTags.SHA256: - return new SHA256Digest(); - case HashAlgorithmTags.SHA384: - return new SHA384Digest(); - case HashAlgorithmTags.SHA512: - return new SHA512Digest(); - case HashAlgorithmTags.MD2: - return new MD2Digest(); - case HashAlgorithmTags.MD5: - return new MD5Digest(); - case HashAlgorithmTags.RIPEMD160: - return new RIPEMD160Digest(); - case HashAlgorithmTags.TIGER_192: - return new TigerDigest(); - default: - throw new PGPException("cannot recognise digest"); - } - } - - static Signer createSigner(int keyAlgorithm, int hashAlgorithm) - throws PGPException - { - switch(keyAlgorithm) - { - case PublicKeyAlgorithmTags.RSA_GENERAL: - case PublicKeyAlgorithmTags.RSA_SIGN: - return new RSADigestSigner(createDigest(hashAlgorithm)); - case PublicKeyAlgorithmTags.DSA: - return new DSADigestSigner(new DSASigner(), createDigest(hashAlgorithm)); - case PublicKeyAlgorithmTags.ECDSA: - return new DSADigestSigner(new ECDSASigner(), createDigest(hashAlgorithm)); - default: - throw new PGPException("cannot recognise keyAlgorithm: " + keyAlgorithm); - } - } - - static BlockCipher createBlockCipher(int encAlgorithm) - throws PGPException - { - BlockCipher engine; - - switch (encAlgorithm) - { - case SymmetricKeyAlgorithmTags.AES_128: - case SymmetricKeyAlgorithmTags.AES_192: - case SymmetricKeyAlgorithmTags.AES_256: - engine = new AESEngine(); - break; - case SymmetricKeyAlgorithmTags.CAMELLIA_128: - case SymmetricKeyAlgorithmTags.CAMELLIA_192: - case SymmetricKeyAlgorithmTags.CAMELLIA_256: - engine = new CamelliaEngine(); - break; - case SymmetricKeyAlgorithmTags.BLOWFISH: - engine = new BlowfishEngine(); - break; - case SymmetricKeyAlgorithmTags.CAST5: - engine = new CAST5Engine(); - break; - case SymmetricKeyAlgorithmTags.DES: - engine = new DESEngine(); - break; - case SymmetricKeyAlgorithmTags.IDEA: - engine = new IDEAEngine(); - break; - case SymmetricKeyAlgorithmTags.TWOFISH: - engine = new TwofishEngine(); - break; - case SymmetricKeyAlgorithmTags.TRIPLE_DES: - engine = new DESedeEngine(); - break; - default: - throw new PGPException("cannot recognise cipher"); - } - - return engine; - } - - static Wrapper createWrapper(int encAlgorithm) - throws PGPException - { - switch (encAlgorithm) - { - case SymmetricKeyAlgorithmTags.AES_128: - case SymmetricKeyAlgorithmTags.AES_192: - case SymmetricKeyAlgorithmTags.AES_256: - return new RFC3394WrapEngine(new AESFastEngine()); - case SymmetricKeyAlgorithmTags.CAMELLIA_128: - case SymmetricKeyAlgorithmTags.CAMELLIA_192: - case SymmetricKeyAlgorithmTags.CAMELLIA_256: - return new RFC3394WrapEngine(new CamelliaEngine()); - default: - throw new PGPException("unknown wrap algorithm: " + encAlgorithm); - } - } - - static AsymmetricBlockCipher createPublicKeyCipher(int encAlgorithm) - throws PGPException - { - AsymmetricBlockCipher c; - - switch (encAlgorithm) - { - case PGPPublicKey.RSA_ENCRYPT: - case PGPPublicKey.RSA_GENERAL: - c = new PKCS1Encoding(new RSABlindedEngine()); - break; - case PGPPublicKey.ELGAMAL_ENCRYPT: - case PGPPublicKey.ELGAMAL_GENERAL: - c = new PKCS1Encoding(new ElGamalEngine()); - break; - case PGPPublicKey.DSA: - throw new PGPException("Can't use DSA for encryption."); - case PGPPublicKey.ECDSA: - throw new PGPException("Can't use ECDSA for encryption."); - case PGPPublicKey.ECDH: - throw new PGPException("Not implemented."); - default: - throw new PGPException("unknown asymmetric algorithm: " + encAlgorithm); - } - - return c; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java deleted file mode 100644 index bb201cac..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java +++ /dev/null @@ -1,68 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.IOException; - -import org.bouncycastle.bcpg.BCPGKey; -import org.bouncycastle.bcpg.MPInteger; -import org.bouncycastle.bcpg.PublicKeyPacket; -import org.bouncycastle.bcpg.RSAPublicBCPGKey; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.crypto.digests.MD5Digest; -import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator; - -public class BcKeyFingerprintCalculator - implements KeyFingerPrintCalculator -{ - public byte[] calculateFingerprint(PublicKeyPacket publicPk) - throws PGPException - { - BCPGKey key = publicPk.getKey(); - Digest digest; - - if (publicPk.getVersion() <= 3) - { - RSAPublicBCPGKey rK = (RSAPublicBCPGKey)key; - - try - { - digest = new MD5Digest(); - - byte[] bytes = new MPInteger(rK.getModulus()).getEncoded(); - digest.update(bytes, 2, bytes.length - 2); - - bytes = new MPInteger(rK.getPublicExponent()).getEncoded(); - digest.update(bytes, 2, bytes.length - 2); - } - catch (IOException e) - { - throw new PGPException("can't encode key components: " + e.getMessage(), e); - } - } - else - { - try - { - byte[] kBytes = publicPk.getEncodedContents(); - - digest = new SHA1Digest(); - - digest.update((byte)0x99); - digest.update((byte)(kBytes.length >> 8)); - digest.update((byte)kBytes.length); - digest.update(kBytes, 0, kBytes.length); - } - catch (IOException e) - { - throw new PGPException("can't encode key components: " + e.getMessage(), e); - } - } - - byte[] digBuf = new byte[digest.getDigestSize()]; - - digest.doFinal(digBuf, 0); - - return digBuf; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEDataDecryptorFactory.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEDataDecryptorFactory.java deleted file mode 100644 index fdc143b7..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEDataDecryptorFactory.java +++ /dev/null @@ -1,68 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory; -import org.bouncycastle.openpgp.operator.PGPDataDecryptor; - -/** - * A {@link PBEDataDecryptorFactory} for handling PBE decryption operations using the Bouncy Castle - * lightweight API to implement cryptographic primitives. - */ -public class BcPBEDataDecryptorFactory - extends PBEDataDecryptorFactory -{ - /** - * Base constructor. - * - * @param pass the passphrase to use as the primary source of key material. - * @param calculatorProvider a digest calculator provider to provide calculators to support the key generation calculation required. - */ - public BcPBEDataDecryptorFactory(char[] pass, BcPGPDigestCalculatorProvider calculatorProvider) - { - super(pass, calculatorProvider); - } - - public byte[] recoverSessionData(int keyAlgorithm, byte[] key, byte[] secKeyData) - throws PGPException - { - try - { - if (secKeyData != null && secKeyData.length > 0) - { - BlockCipher engine = BcImplProvider.createBlockCipher(keyAlgorithm); - BufferedBlockCipher cipher = BcUtil.createSymmetricKeyWrapper(false, engine, key, new byte[engine.getBlockSize()]); - - byte[] out = new byte[secKeyData.length]; - - int len = cipher.processBytes(secKeyData, 0, secKeyData.length, out, 0); - - len += cipher.doFinal(out, len); - - return out; - } - else - { - byte[] keyBytes = new byte[key.length + 1]; - - keyBytes[0] = (byte)keyAlgorithm; - System.arraycopy(key, 0, keyBytes, 1, key.length); - - return keyBytes; - } - } - catch (Exception e) - { - throw new PGPException("Exception recovering session info", e); - } - } - - public PGPDataDecryptor createDataDecryptor(boolean withIntegrityPacket, int encAlgorithm, byte[] key) - throws PGPException - { - BlockCipher engine = BcImplProvider.createBlockCipher(encAlgorithm); - - return BcUtil.createDataDecryptor(withIntegrityPacket, engine, key); - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEKeyEncryptionMethodGenerator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEKeyEncryptionMethodGenerator.java deleted file mode 100644 index 17aa28cc..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBEKeyEncryptionMethodGenerator.java +++ /dev/null @@ -1,95 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.security.SecureRandom; - -import org.bouncycastle.bcpg.S2K; -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; - -/** - * A BC lightweight method generator for supporting PBE based encryption operations. - */ -public class BcPBEKeyEncryptionMethodGenerator - extends PBEKeyEncryptionMethodGenerator -{ - /** - * Create a PBE encryption method generator using the provided digest and the default S2K count - * for key generation. - * - * @param passPhrase the passphrase to use as the primary source of key material. - * @param s2kDigestCalculator the digest calculator to use for key calculation. - */ - public BcPBEKeyEncryptionMethodGenerator(char[] passPhrase, PGPDigestCalculator s2kDigestCalculator) - { - super(passPhrase, s2kDigestCalculator); - } - - /** - * Create a PBE encryption method generator using the default SHA-1 digest and the default S2K - * count for key generation. - * - * @param passPhrase the passphrase to use as the primary source of key material. - */ - public BcPBEKeyEncryptionMethodGenerator(char[] passPhrase) - { - this(passPhrase, new SHA1PGPDigestCalculator()); - } - - /** - * Create a PBE encryption method generator using the provided calculator and S2K count for key - * generation. - * - * @param passPhrase the passphrase to use as the primary source of key material. - * @param s2kDigestCalculator the digest calculator to use for key calculation. - * @param s2kCount the single byte {@link S2K} count to use. - */ - public BcPBEKeyEncryptionMethodGenerator(char[] passPhrase, PGPDigestCalculator s2kDigestCalculator, int s2kCount) - { - super(passPhrase, s2kDigestCalculator, s2kCount); - } - - /** - * Create a PBE encryption method generator using the default SHA-1 digest calculator and a S2K - * count other than the default for key generation. - * - * @param passPhrase the passphrase to use as the primary source of key material. - * @param s2kCount the single byte {@link S2K} count to use. - */ - public BcPBEKeyEncryptionMethodGenerator(char[] passPhrase, int s2kCount) - { - super(passPhrase, new SHA1PGPDigestCalculator(), s2kCount); - } - - public PBEKeyEncryptionMethodGenerator setSecureRandom(SecureRandom random) - { - super.setSecureRandom(random); - - return this; - } - - protected byte[] encryptSessionInfo(int encAlgorithm, byte[] key, byte[] sessionInfo) - throws PGPException - { - try - { - BlockCipher engine = BcImplProvider.createBlockCipher(encAlgorithm); - BufferedBlockCipher cipher = BcUtil.createSymmetricKeyWrapper(true, engine, key, new byte[engine.getBlockSize()]); - - byte[] out = new byte[sessionInfo.length]; - - int len = cipher.processBytes(sessionInfo, 0, sessionInfo.length, out, 0); - - len += cipher.doFinal(out, len); - - return out; - } - catch (InvalidCipherTextException e) - { - throw new PGPException("encryption failed: " + e.getMessage(), e); - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyDecryptorBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyDecryptorBuilder.java deleted file mode 100644 index decf032f..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyDecryptorBuilder.java +++ /dev/null @@ -1,43 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; -import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider; - -public class BcPBESecretKeyDecryptorBuilder -{ - private PGPDigestCalculatorProvider calculatorProvider; - - public BcPBESecretKeyDecryptorBuilder(PGPDigestCalculatorProvider calculatorProvider) - { - this.calculatorProvider = calculatorProvider; - } - - public PBESecretKeyDecryptor build(char[] passPhrase) - { - return new PBESecretKeyDecryptor(passPhrase, calculatorProvider) - { - public byte[] recoverKeyData(int encAlgorithm, byte[] key, byte[] iv, byte[] keyData, int keyOff, int keyLen) - throws PGPException - { - try - { - BufferedBlockCipher c = BcUtil.createSymmetricKeyWrapper(false, BcImplProvider.createBlockCipher(encAlgorithm), key, iv); - - byte[] out = new byte[keyLen]; - int outLen = c.processBytes(keyData, keyOff, keyLen, out, 0); - - outLen += c.doFinal(out, outLen); - - return out; - } - catch (InvalidCipherTextException e) - { - throw new PGPException("decryption failed: " + e.getMessage(), e); - } - } - }; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyEncryptorBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyEncryptorBuilder.java deleted file mode 100644 index 2258484e..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPBESecretKeyEncryptorBuilder.java +++ /dev/null @@ -1,142 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.security.SecureRandom; - -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; - -public class BcPBESecretKeyEncryptorBuilder -{ - private int encAlgorithm; - private PGPDigestCalculator s2kDigestCalculator; - private SecureRandom random; - private int s2kCount = 0x60; - - public BcPBESecretKeyEncryptorBuilder(int encAlgorithm) - { - this(encAlgorithm, new SHA1PGPDigestCalculator()); - } - - /** - * Create an SecretKeyEncryptorBuilder with the S2K count different to the default of 0x60. - * - * @param encAlgorithm encryption algorithm to use. - * @param s2kCount iteration count to use for S2K function. - */ - public BcPBESecretKeyEncryptorBuilder(int encAlgorithm, int s2kCount) - { - this(encAlgorithm, new SHA1PGPDigestCalculator(), s2kCount); - } - - /** - * Create a builder which will make encryptors using the passed in digest calculator. If a MD5 calculator is - * passed in the builder will assume the encryptors are for use with version 3 keys. - * - * @param encAlgorithm encryption algorithm to use. - * @param s2kDigestCalculator digest calculator to use. - */ - public BcPBESecretKeyEncryptorBuilder(int encAlgorithm, PGPDigestCalculator s2kDigestCalculator) - { - this(encAlgorithm, s2kDigestCalculator, 0x60); - } - - /** - * Create an SecretKeyEncryptorBuilder with the S2k count different to the default of 0x60, and the S2K digest - * different from SHA-1. - * - * @param encAlgorithm encryption algorithm to use. - * @param s2kDigestCalculator digest calculator to use. - * @param s2kCount iteration count to use for S2K function. - */ - public BcPBESecretKeyEncryptorBuilder(int encAlgorithm, PGPDigestCalculator s2kDigestCalculator, int s2kCount) - { - this.encAlgorithm = encAlgorithm; - this.s2kDigestCalculator = s2kDigestCalculator; - - if (s2kCount < 0 || s2kCount > 0xff) - { - throw new IllegalArgumentException("s2KCount value outside of range 0 to 255."); - } - - this.s2kCount = s2kCount; - } - - /** - * Provide a user defined source of randomness. - * - * @param random the secure random to be used. - * @return the current builder. - */ - public BcPBESecretKeyEncryptorBuilder setSecureRandom(SecureRandom random) - { - this.random = random; - - return this; - } - - public PBESecretKeyEncryptor build(char[] passPhrase) - { - if (this.random == null) - { - this.random = new SecureRandom(); - } - - return new PBESecretKeyEncryptor(encAlgorithm, s2kDigestCalculator, s2kCount, this.random, passPhrase) - { - private byte[] iv; - - public byte[] encryptKeyData(byte[] key, byte[] keyData, int keyOff, int keyLen) - throws PGPException - { - return encryptKeyData(key, null, keyData, keyOff, keyLen); - } - - public byte[] encryptKeyData(byte[] key, byte[] iv, byte[] keyData, int keyOff, int keyLen) - throws PGPException - { - try - { - BlockCipher engine = BcImplProvider.createBlockCipher(this.encAlgorithm); - - if (iv != null) - { // to deal with V3 key encryption - this.iv = iv; - } - else - { - if (this.random == null) - { - this.random = new SecureRandom(); - } - - this.iv = iv = new byte[engine.getBlockSize()]; - - this.random.nextBytes(iv); - } - - BufferedBlockCipher c = BcUtil.createSymmetricKeyWrapper(true, engine, key, iv); - - byte[] out = new byte[keyLen]; - int outLen = c.processBytes(keyData, keyOff, keyLen, out, 0); - - outLen += c.doFinal(out, outLen); - - return out; - } - catch (InvalidCipherTextException e) - { - throw new PGPException("decryption failed: " + e.getMessage(), e); - } - } - - public byte[] getCipherIV() - { - return iv; - } - }; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentSignerBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentSignerBuilder.java deleted file mode 100644 index 384727ef..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentSignerBuilder.java +++ /dev/null @@ -1,98 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.OutputStream; -import java.security.SecureRandom; - -import org.bouncycastle.crypto.CryptoException; -import org.bouncycastle.crypto.Signer; -import org.bouncycastle.crypto.params.ParametersWithRandom; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.operator.PGPContentSigner; -import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; -import org.bouncycastle.util.io.TeeOutputStream; - -public class BcPGPContentSignerBuilder - implements PGPContentSignerBuilder -{ - private BcPGPDigestCalculatorProvider digestCalculatorProvider = new BcPGPDigestCalculatorProvider(); - private BcPGPKeyConverter keyConverter = new BcPGPKeyConverter(); - private int hashAlgorithm; - private SecureRandom random; - private int keyAlgorithm; - - public BcPGPContentSignerBuilder(int keyAlgorithm, int hashAlgorithm) - { - this.keyAlgorithm = keyAlgorithm; - this.hashAlgorithm = hashAlgorithm; - } - - public BcPGPContentSignerBuilder setSecureRandom(SecureRandom random) - { - this.random = random; - - return this; - } - - public PGPContentSigner build(final int signatureType, final PGPPrivateKey privateKey) - throws PGPException - { - final PGPDigestCalculator digestCalculator = digestCalculatorProvider.get(hashAlgorithm); - final Signer signer = BcImplProvider.createSigner(keyAlgorithm, hashAlgorithm); - - if (random != null) - { - signer.init(true, new ParametersWithRandom(keyConverter.getPrivateKey(privateKey), random)); - } - else - { - signer.init(true, keyConverter.getPrivateKey(privateKey)); - } - - return new PGPContentSigner() - { - public int getType() - { - return signatureType; - } - - public int getHashAlgorithm() - { - return hashAlgorithm; - } - - public int getKeyAlgorithm() - { - return keyAlgorithm; - } - - public long getKeyID() - { - return privateKey.getKeyID(); - } - - public OutputStream getOutputStream() - { - return new TeeOutputStream(new SignerOutputStream(signer), digestCalculator.getOutputStream()); - } - - public byte[] getSignature() - { - try - { - return signer.generateSignature(); - } - catch (CryptoException e) - { // TODO: need a specific runtime exception for PGP operators. - throw new IllegalStateException("unable to create signature"); - } - } - - public byte[] getDigest() - { - return digestCalculator.getDigest(); - } - }; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentVerifierBuilderProvider.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentVerifierBuilderProvider.java deleted file mode 100644 index e13b8132..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPContentVerifierBuilderProvider.java +++ /dev/null @@ -1,75 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.OutputStream; - -import org.bouncycastle.crypto.Signer; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.operator.PGPContentVerifier; -import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilder; -import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilderProvider; - -public class BcPGPContentVerifierBuilderProvider - implements PGPContentVerifierBuilderProvider -{ - private BcPGPKeyConverter keyConverter = new BcPGPKeyConverter(); - - public BcPGPContentVerifierBuilderProvider() - { - } - - public PGPContentVerifierBuilder get(int keyAlgorithm, int hashAlgorithm) - throws PGPException - { - return new BcPGPContentVerifierBuilder(keyAlgorithm, hashAlgorithm); - } - - private class BcPGPContentVerifierBuilder - implements PGPContentVerifierBuilder - { - private int hashAlgorithm; - private int keyAlgorithm; - - public BcPGPContentVerifierBuilder(int keyAlgorithm, int hashAlgorithm) - { - this.keyAlgorithm = keyAlgorithm; - this.hashAlgorithm = hashAlgorithm; - } - - public PGPContentVerifier build(final PGPPublicKey publicKey) - throws PGPException - { - final Signer signer = BcImplProvider.createSigner(keyAlgorithm, hashAlgorithm); - - signer.init(false, keyConverter.getPublicKey(publicKey)); - - return new PGPContentVerifier() - { - public int getHashAlgorithm() - { - return hashAlgorithm; - } - - public int getKeyAlgorithm() - { - return keyAlgorithm; - } - - public long getKeyID() - { - return publicKey.getKeyID(); - } - - public boolean verify(byte[] expected) - { - return signer.verifySignature(expected); - } - - public OutputStream getOutputStream() - { - return new SignerOutputStream(signer); - } - }; - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDataEncryptorBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDataEncryptorBuilder.java deleted file mode 100644 index a47b3111..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDataEncryptorBuilder.java +++ /dev/null @@ -1,131 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.OutputStream; -import java.security.SecureRandom; - -import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.io.CipherOutputStream; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PGPDataEncryptor; -import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; - -/** - * {@link PGPDataEncryptorBuilder} implementation that uses the Bouncy Castle lightweight API to - * implement cryptographic primitives. - */ -public class BcPGPDataEncryptorBuilder - implements PGPDataEncryptorBuilder -{ - private SecureRandom random; - private boolean withIntegrityPacket; - private int encAlgorithm; - - /** - * Constructs a new data encryptor builder for a specified cipher type. - * - * @param encAlgorithm one of the {@link SymmetricKeyAlgorithmTags supported symmetric cipher - * algorithms}. May not be {@link SymmetricKeyAlgorithmTags#NULL}. - */ - public BcPGPDataEncryptorBuilder(int encAlgorithm) - { - this.encAlgorithm = encAlgorithm; - - if (encAlgorithm == 0) - { - throw new IllegalArgumentException("null cipher specified"); - } - } - - /** - * Sets whether or not the resulting encrypted data will be protected using an integrity packet. - * - * @param withIntegrityPacket true if an integrity packet is to be included, false otherwise. - * @return the current builder. - */ - public BcPGPDataEncryptorBuilder setWithIntegrityPacket(boolean withIntegrityPacket) - { - this.withIntegrityPacket = withIntegrityPacket; - - return this; - } - - /** - * Provide a user defined source of randomness. - * <p/> - * If no SecureRandom is configured, a default SecureRandom will be used. - * - * @param random the secure random to be used. - * @return the current builder. - */ - public BcPGPDataEncryptorBuilder setSecureRandom(SecureRandom random) - { - this.random = random; - - return this; - } - - public int getAlgorithm() - { - return encAlgorithm; - } - - public SecureRandom getSecureRandom() - { - if (random == null) - { - random = new SecureRandom(); - } - - return random; - } - - public PGPDataEncryptor build(byte[] keyBytes) - throws PGPException - { - return new MyPGPDataEncryptor(keyBytes); - } - - private class MyPGPDataEncryptor - implements PGPDataEncryptor - { - private final BufferedBlockCipher c; - - MyPGPDataEncryptor(byte[] keyBytes) - throws PGPException - { - BlockCipher engine = BcImplProvider.createBlockCipher(encAlgorithm); - - try - { - c = BcUtil.createStreamCipher(true, engine, withIntegrityPacket, keyBytes); - } - catch (IllegalArgumentException e) - { - throw new PGPException("invalid parameters: " + e.getMessage(), e); - } - } - - public OutputStream getOutputStream(OutputStream out) - { - return new CipherOutputStream(out, c); - } - - public PGPDigestCalculator getIntegrityCalculator() - { - if (withIntegrityPacket) - { - return new SHA1PGPDigestCalculator(); - } - - return null; - } - - public int getBlockSize() - { - return c.getBlockSize(); - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDigestCalculatorProvider.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDigestCalculatorProvider.java deleted file mode 100644 index 2fea1487..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDigestCalculatorProvider.java +++ /dev/null @@ -1,82 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.IOException; -import java.io.OutputStream; - -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; -import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider; - -public class BcPGPDigestCalculatorProvider - implements PGPDigestCalculatorProvider -{ - public PGPDigestCalculator get(final int algorithm) - throws PGPException - { - final Digest dig = BcImplProvider.createDigest(algorithm); - - final DigestOutputStream stream = new DigestOutputStream(dig); - - return new PGPDigestCalculator() - { - public int getAlgorithm() - { - return algorithm; - } - - public OutputStream getOutputStream() - { - return stream; - } - - public byte[] getDigest() - { - return stream.getDigest(); - } - - public void reset() - { - dig.reset(); - } - }; - } - - private class DigestOutputStream - extends OutputStream - { - private Digest dig; - - DigestOutputStream(Digest dig) - { - this.dig = dig; - } - - public void write(byte[] bytes, int off, int len) - throws IOException - { - dig.update(bytes, off, len); - } - - public void write(byte[] bytes) - throws IOException - { - dig.update(bytes, 0, bytes.length); - } - - public void write(int b) - throws IOException - { - dig.update((byte)b); - } - - byte[] getDigest() - { - byte[] d = new byte[dig.getDigestSize()]; - - dig.doFinal(d, 0); - - return d; - } - } -}
\ No newline at end of file diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyConverter.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyConverter.java deleted file mode 100644 index 5fa18c9c..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyConverter.java +++ /dev/null @@ -1,239 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.util.Date; - -import org.bouncycastle.asn1.x9.ECNamedCurveTable; -import org.bouncycastle.asn1.x9.X9ECParameters; -import org.bouncycastle.bcpg.BCPGKey; -import org.bouncycastle.bcpg.DSAPublicBCPGKey; -import org.bouncycastle.bcpg.DSASecretBCPGKey; -import org.bouncycastle.bcpg.ECDHPublicBCPGKey; -import org.bouncycastle.bcpg.ECDSAPublicBCPGKey; -import org.bouncycastle.bcpg.ECPublicBCPGKey; -import org.bouncycastle.bcpg.ECSecretBCPGKey; -import org.bouncycastle.bcpg.ElGamalPublicBCPGKey; -import org.bouncycastle.bcpg.ElGamalSecretBCPGKey; -import org.bouncycastle.bcpg.HashAlgorithmTags; -import org.bouncycastle.bcpg.PublicKeyAlgorithmTags; -import org.bouncycastle.bcpg.PublicKeyPacket; -import org.bouncycastle.bcpg.RSAPublicBCPGKey; -import org.bouncycastle.bcpg.RSASecretBCPGKey; -import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; -import org.bouncycastle.crypto.ec.CustomNamedCurves; -import org.bouncycastle.crypto.params.AsymmetricKeyParameter; -import org.bouncycastle.crypto.params.DSAParameters; -import org.bouncycastle.crypto.params.DSAPrivateKeyParameters; -import org.bouncycastle.crypto.params.DSAPublicKeyParameters; -import org.bouncycastle.crypto.params.ECNamedDomainParameters; -import org.bouncycastle.crypto.params.ECPrivateKeyParameters; -import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.ElGamalParameters; -import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; -import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters; -import org.bouncycastle.crypto.params.RSAKeyParameters; -import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPPublicKey; - -public class BcPGPKeyConverter -{ - /** - * Create a PGPPublicKey from the passed in JCA one. - * <p/> - * Note: the time passed in affects the value of the key's keyID, so you probably only want - * to do this once for a JCA key, or make sure you keep track of the time you used. - * - * @param algorithm asymmetric algorithm type representing the public key. - * @param pubKey actual public key to associate. - * @param time date of creation. - * @throws PGPException on key creation problem. - */ - public PGPPublicKey getPGPPublicKey(int algorithm, AsymmetricKeyParameter pubKey, Date time) - throws PGPException - { - BCPGKey bcpgKey; - - if (pubKey instanceof RSAKeyParameters) - { - RSAKeyParameters rK = (RSAKeyParameters)pubKey; - - bcpgKey = new RSAPublicBCPGKey(rK.getModulus(), rK.getExponent()); - } - else if (pubKey instanceof DSAPublicKeyParameters) - { - DSAPublicKeyParameters dK = (DSAPublicKeyParameters)pubKey; - DSAParameters dP = dK.getParameters(); - - bcpgKey = new DSAPublicBCPGKey(dP.getP(), dP.getQ(), dP.getG(), dK.getY()); - } - else if (pubKey instanceof ElGamalPublicKeyParameters) - { - ElGamalPublicKeyParameters eK = (ElGamalPublicKeyParameters)pubKey; - ElGamalParameters eS = eK.getParameters(); - - bcpgKey = new ElGamalPublicBCPGKey(eS.getP(), eS.getG(), eK.getY()); - } - else if (pubKey instanceof ECPublicKeyParameters) - { - ECPublicKeyParameters eK = (ECPublicKeyParameters)pubKey; - - if (algorithm == PGPPublicKey.EC) - { // TODO: KDF parameters setting - bcpgKey = new ECDHPublicBCPGKey(((ECNamedDomainParameters)eK.getParameters()).getName(), eK.getQ(), HashAlgorithmTags.SHA256, SymmetricKeyAlgorithmTags.AES_128); - } - else - { - bcpgKey = new ECDSAPublicBCPGKey(((ECNamedDomainParameters)eK.getParameters()).getName(), eK.getQ()); - } - } - else - { - throw new PGPException("unknown key class"); - } - - return new PGPPublicKey(new PublicKeyPacket(algorithm, time, bcpgKey), new BcKeyFingerprintCalculator()); - } - - public PGPPrivateKey getPGPPrivateKey(PGPPublicKey pubKey, AsymmetricKeyParameter privKey) - throws PGPException - { - BCPGKey privPk; - - switch (pubKey.getAlgorithm()) - { - case PGPPublicKey.RSA_ENCRYPT: - case PGPPublicKey.RSA_SIGN: - case PGPPublicKey.RSA_GENERAL: - RSAPrivateCrtKeyParameters rsK = (RSAPrivateCrtKeyParameters)privKey; - - privPk = new RSASecretBCPGKey(rsK.getExponent(), rsK.getP(), rsK.getQ()); - break; - case PGPPublicKey.DSA: - DSAPrivateKeyParameters dsK = (DSAPrivateKeyParameters)privKey; - - privPk = new DSASecretBCPGKey(dsK.getX()); - break; - case PGPPublicKey.ELGAMAL_ENCRYPT: - case PGPPublicKey.ELGAMAL_GENERAL: - ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters)privKey; - - privPk = new ElGamalSecretBCPGKey(esK.getX()); - break; - case PGPPublicKey.ECDH: - case PGPPublicKey.ECDSA: - ECPrivateKeyParameters ecK = (ECPrivateKeyParameters)privKey; - - privPk = new ECSecretBCPGKey(ecK.getD()); - break; - default: - throw new PGPException("unknown key class"); - } - return new PGPPrivateKey(pubKey.getKeyID(), pubKey.getPublicKeyPacket(), privPk); - } - - public AsymmetricKeyParameter getPublicKey(PGPPublicKey publicKey) - throws PGPException - { - PublicKeyPacket publicPk = publicKey.getPublicKeyPacket(); - - try - { - switch (publicPk.getAlgorithm()) - { - case PublicKeyAlgorithmTags.RSA_ENCRYPT: - case PublicKeyAlgorithmTags.RSA_GENERAL: - case PublicKeyAlgorithmTags.RSA_SIGN: - RSAPublicBCPGKey rsaK = (RSAPublicBCPGKey)publicPk.getKey(); - - return new RSAKeyParameters(false, rsaK.getModulus(), rsaK.getPublicExponent()); - case PublicKeyAlgorithmTags.DSA: - DSAPublicBCPGKey dsaK = (DSAPublicBCPGKey)publicPk.getKey(); - - return new DSAPublicKeyParameters(dsaK.getY(), new DSAParameters(dsaK.getP(), dsaK.getQ(), dsaK.getG())); - case PublicKeyAlgorithmTags.ELGAMAL_ENCRYPT: - case PublicKeyAlgorithmTags.ELGAMAL_GENERAL: - ElGamalPublicBCPGKey elK = (ElGamalPublicBCPGKey)publicPk.getKey(); - - return new ElGamalPublicKeyParameters(elK.getY(), new ElGamalParameters(elK.getP(), elK.getG())); - case PGPPublicKey.ECDH: - case PGPPublicKey.ECDSA: - ECPublicBCPGKey ecPub = (ECPublicBCPGKey)publicPk.getKey(); - - X9ECParameters x9 = CustomNamedCurves.getByOID(ecPub.getCurveOID()); - if (x9 == null) - { - x9 = ECNamedCurveTable.getByOID(ecPub.getCurveOID()); - } - - return new ECPublicKeyParameters(ecPub.getPoint(), - new ECNamedDomainParameters(ecPub.getCurveOID(), x9.getCurve(), x9.getG(), x9.getN(), x9.getH())); - default: - throw new PGPException("unknown public key algorithm encountered"); - } - } - catch (PGPException e) - { - throw e; - } - catch (Exception e) - { - throw new PGPException("exception constructing public key", e); - } - } - - public AsymmetricKeyParameter getPrivateKey(PGPPrivateKey privKey) - throws PGPException - { - PublicKeyPacket pubPk = privKey.getPublicKeyPacket(); - BCPGKey privPk = privKey.getPrivateKeyDataPacket(); - - try - { - switch (pubPk.getAlgorithm()) - { - case PGPPublicKey.RSA_ENCRYPT: - case PGPPublicKey.RSA_GENERAL: - case PGPPublicKey.RSA_SIGN: - RSAPublicBCPGKey rsaPub = (RSAPublicBCPGKey)pubPk.getKey(); - RSASecretBCPGKey rsaPriv = (RSASecretBCPGKey)privPk; - - return new RSAPrivateCrtKeyParameters(rsaPriv.getModulus(), rsaPub.getPublicExponent(), rsaPriv.getPrivateExponent(), rsaPriv.getPrimeP(), rsaPriv.getPrimeQ(), rsaPriv.getPrimeExponentP(), rsaPriv.getPrimeExponentQ(), rsaPriv.getCrtCoefficient()); - case PGPPublicKey.DSA: - DSAPublicBCPGKey dsaPub = (DSAPublicBCPGKey)pubPk.getKey(); - DSASecretBCPGKey dsaPriv = (DSASecretBCPGKey)privPk; - - return new DSAPrivateKeyParameters(dsaPriv.getX(), new DSAParameters(dsaPub.getP(), dsaPub.getQ(), dsaPub.getG())); - case PGPPublicKey.ELGAMAL_ENCRYPT: - case PGPPublicKey.ELGAMAL_GENERAL: - ElGamalPublicBCPGKey elPub = (ElGamalPublicBCPGKey)pubPk.getKey(); - ElGamalSecretBCPGKey elPriv = (ElGamalSecretBCPGKey)privPk; - - return new ElGamalPrivateKeyParameters(elPriv.getX(), new ElGamalParameters(elPub.getP(), elPub.getG())); - case PGPPublicKey.ECDH: - case PGPPublicKey.ECDSA: - ECPublicBCPGKey ecPub = (ECPublicBCPGKey)pubPk.getKey(); - ECSecretBCPGKey ecPriv = (ECSecretBCPGKey)privPk; - - X9ECParameters x9 = CustomNamedCurves.getByOID(ecPub.getCurveOID()); - if (x9 == null) - { - x9 = ECNamedCurveTable.getByOID(ecPub.getCurveOID()); - } - - return new ECPrivateKeyParameters(ecPriv.getX(), - new ECNamedDomainParameters(ecPub.getCurveOID(), x9.getCurve(), x9.getG(), x9.getN(), x9.getH())); - default: - throw new PGPException("unknown public key algorithm encountered"); - } - } - catch (PGPException e) - { - throw e; - } - catch (Exception e) - { - throw new PGPException("Exception constructing key", e); - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyPair.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyPair.java deleted file mode 100644 index 29460894..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPKeyPair.java +++ /dev/null @@ -1,33 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.util.Date; - -import org.bouncycastle.crypto.AsymmetricCipherKeyPair; -import org.bouncycastle.crypto.params.AsymmetricKeyParameter; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPKeyPair; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPPublicKey; - -public class BcPGPKeyPair - extends PGPKeyPair -{ - private static PGPPublicKey getPublicKey(int algorithm, AsymmetricKeyParameter pubKey, Date date) - throws PGPException - { - return new BcPGPKeyConverter().getPGPPublicKey(algorithm, pubKey, date); - } - - private static PGPPrivateKey getPrivateKey(PGPPublicKey pub, AsymmetricKeyParameter privKey) - throws PGPException - { - return new BcPGPKeyConverter().getPGPPrivateKey(pub, privKey); - } - - public BcPGPKeyPair(int algorithm, AsymmetricCipherKeyPair keyPair, Date date) - throws PGPException - { - this.pub = getPublicKey(algorithm, keyPair.getPublic(), date); - this.priv = getPrivateKey(this.pub, keyPair.getPrivate()); - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyDataDecryptorFactory.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyDataDecryptorFactory.java deleted file mode 100644 index 1d77ff09..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyDataDecryptorFactory.java +++ /dev/null @@ -1,139 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import org.bouncycastle.asn1.nist.NISTNamedCurves; -import org.bouncycastle.asn1.x9.X9ECParameters; -import org.bouncycastle.bcpg.ECDHPublicBCPGKey; -import org.bouncycastle.bcpg.ECSecretBCPGKey; -import org.bouncycastle.crypto.AsymmetricBlockCipher; -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedAsymmetricBlockCipher; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.crypto.Wrapper; -import org.bouncycastle.crypto.params.AsymmetricKeyParameter; -import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters; -import org.bouncycastle.crypto.params.KeyParameter; -import org.bouncycastle.math.ec.ECPoint; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.operator.PGPDataDecryptor; -import org.bouncycastle.openpgp.operator.PGPPad; -import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory; -import org.bouncycastle.openpgp.operator.RFC6637KDFCalculator; - -/** - * A decryptor factory for handling public key decryption operations. - */ -public class BcPublicKeyDataDecryptorFactory - implements PublicKeyDataDecryptorFactory -{ - private BcPGPKeyConverter keyConverter = new BcPGPKeyConverter(); - private PGPPrivateKey privKey; - - public BcPublicKeyDataDecryptorFactory(PGPPrivateKey privKey) - { - this.privKey = privKey; - } - - public byte[] recoverSessionData(int keyAlgorithm, byte[][] secKeyData) - throws PGPException - { - try - { - if (keyAlgorithm != PGPPublicKey.ECDH) - { - AsymmetricBlockCipher c = BcImplProvider.createPublicKeyCipher(keyAlgorithm); - - AsymmetricKeyParameter key = keyConverter.getPrivateKey(privKey); - - BufferedAsymmetricBlockCipher c1 = new BufferedAsymmetricBlockCipher(c); - - c1.init(false, key); - - if (keyAlgorithm == PGPPublicKey.RSA_ENCRYPT - || keyAlgorithm == PGPPublicKey.RSA_GENERAL) - { - byte[] bi = secKeyData[0]; - - c1.processBytes(bi, 2, bi.length - 2); - } - else - { - BcPGPKeyConverter converter = new BcPGPKeyConverter(); - ElGamalPrivateKeyParameters parms = (ElGamalPrivateKeyParameters)converter.getPrivateKey(privKey); - int size = (parms.getParameters().getP().bitLength() + 7) / 8; - byte[] tmp = new byte[size]; - - byte[] bi = secKeyData[0]; // encoded MPI - if (bi.length - 2 > size) // leading Zero? Shouldn't happen but... - { - c1.processBytes(bi, 3, bi.length - 3); - } - else - { - System.arraycopy(bi, 2, tmp, tmp.length - (bi.length - 2), bi.length - 2); - c1.processBytes(tmp, 0, tmp.length); - } - - bi = secKeyData[1]; // encoded MPI - for (int i = 0; i != tmp.length; i++) - { - tmp[i] = 0; - } - - if (bi.length - 2 > size) // leading Zero? Shouldn't happen but... - { - c1.processBytes(bi, 3, bi.length - 3); - } - else - { - System.arraycopy(bi, 2, tmp, tmp.length - (bi.length - 2), bi.length - 2); - c1.processBytes(tmp, 0, tmp.length); - } - } - - return c1.doFinal(); - } - else - { - ECDHPublicBCPGKey ecKey = (ECDHPublicBCPGKey)privKey.getPublicKeyPacket().getKey(); - X9ECParameters x9Params = NISTNamedCurves.getByOID(ecKey.getCurveOID()); - - byte[] enc = secKeyData[0]; - - int pLen = ((((enc[0] & 0xff) << 8) + (enc[1] & 0xff)) + 7) / 8; - byte[] pEnc = new byte[pLen]; - - System.arraycopy(enc, 2, pEnc, 0, pLen); - - byte[] keyEnc = new byte[enc[pLen + 2]]; - - System.arraycopy(enc, 2 + pLen + 1, keyEnc, 0, keyEnc.length); - - Wrapper c = BcImplProvider.createWrapper(ecKey.getSymmetricKeyAlgorithm()); - - ECPoint S = x9Params.getCurve().decodePoint(pEnc).multiply(((ECSecretBCPGKey)privKey.getPrivateKeyDataPacket()).getX()).normalize(); - - RFC6637KDFCalculator rfc6637KDFCalculator = new RFC6637KDFCalculator(new BcPGPDigestCalculatorProvider().get(ecKey.getHashAlgorithm()), ecKey.getSymmetricKeyAlgorithm()); - KeyParameter key = new KeyParameter(rfc6637KDFCalculator.createKey(ecKey.getCurveOID(), S, new BcKeyFingerprintCalculator().calculateFingerprint(privKey.getPublicKeyPacket()))); - - c.init(false, key); - - return PGPPad.unpadSessionData(c.unwrap(keyEnc, 0, keyEnc.length)); - } - } - catch (InvalidCipherTextException e) - { - throw new PGPException("exception encrypting session info: " + e.getMessage(), e); - } - - } - - public PGPDataDecryptor createDataDecryptor(boolean withIntegrityPacket, int encAlgorithm, byte[] key) - throws PGPException - { - BlockCipher engine = BcImplProvider.createBlockCipher(encAlgorithm); - - return BcUtil.createDataDecryptor(withIntegrityPacket, engine, key); - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyKeyEncryptionMethodGenerator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyKeyEncryptionMethodGenerator.java deleted file mode 100644 index b1fa548d..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyKeyEncryptionMethodGenerator.java +++ /dev/null @@ -1,139 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.IOException; -import java.math.BigInteger; -import java.security.SecureRandom; - -import org.bouncycastle.asn1.nist.NISTNamedCurves; -import org.bouncycastle.asn1.x9.X9ECParameters; -import org.bouncycastle.bcpg.ECDHPublicBCPGKey; -import org.bouncycastle.bcpg.MPInteger; -import org.bouncycastle.crypto.AsymmetricBlockCipher; -import org.bouncycastle.crypto.EphemeralKeyPair; -import org.bouncycastle.crypto.InvalidCipherTextException; -import org.bouncycastle.crypto.KeyEncoder; -import org.bouncycastle.crypto.Wrapper; -import org.bouncycastle.crypto.generators.ECKeyPairGenerator; -import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator; -import org.bouncycastle.crypto.params.AsymmetricKeyParameter; -import org.bouncycastle.crypto.params.ECDomainParameters; -import org.bouncycastle.crypto.params.ECKeyGenerationParameters; -import org.bouncycastle.crypto.params.ECPrivateKeyParameters; -import org.bouncycastle.crypto.params.ECPublicKeyParameters; -import org.bouncycastle.crypto.params.KeyParameter; -import org.bouncycastle.crypto.params.ParametersWithRandom; -import org.bouncycastle.math.ec.ECPoint; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.operator.PGPPad; -import org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator; -import org.bouncycastle.openpgp.operator.RFC6637KDFCalculator; - -/** - * A method generator for supporting public key based encryption operations. - */ -public class BcPublicKeyKeyEncryptionMethodGenerator - extends PublicKeyKeyEncryptionMethodGenerator -{ - private SecureRandom random; - private BcPGPKeyConverter keyConverter = new BcPGPKeyConverter(); - - /** - * Create a public key encryption method generator with the method to be based on the passed in key. - * - * @param key the public key to use for encryption. - */ - public BcPublicKeyKeyEncryptionMethodGenerator(PGPPublicKey key) - { - super(key); - } - - /** - * Provide a user defined source of randomness. - * - * @param random the secure random to be used. - * @return the current generator. - */ - public BcPublicKeyKeyEncryptionMethodGenerator setSecureRandom(SecureRandom random) - { - this.random = random; - - return this; - } - - protected byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionInfo) - throws PGPException - { - try - { - if (pubKey.getAlgorithm() != PGPPublicKey.ECDH) - { - AsymmetricBlockCipher c = BcImplProvider.createPublicKeyCipher(pubKey.getAlgorithm()); - - AsymmetricKeyParameter key = keyConverter.getPublicKey(pubKey); - - if (random == null) - { - random = new SecureRandom(); - } - - c.init(true, new ParametersWithRandom(key, random)); - - return c.processBlock(sessionInfo, 0, sessionInfo.length); - } - else - { - ECDHPublicBCPGKey ecKey = (ECDHPublicBCPGKey)pubKey.getPublicKeyPacket().getKey(); - X9ECParameters x9Params = NISTNamedCurves.getByOID(ecKey.getCurveOID()); - ECDomainParameters ecParams = new ECDomainParameters(x9Params.getCurve(), x9Params.getG(), x9Params.getN()); - - // Generate the ephemeral key pair - ECKeyPairGenerator gen = new ECKeyPairGenerator(); - gen.init(new ECKeyGenerationParameters(ecParams, random)); - - EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder() - { - public byte[] getEncoded(AsymmetricKeyParameter keyParameter) - { - return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(false); - } - }); - - EphemeralKeyPair ephKp = kGen.generate(); - - ECPrivateKeyParameters ephPriv = (ECPrivateKeyParameters)ephKp.getKeyPair().getPrivate(); - - ECPoint S = ecKey.getPoint().multiply(ephPriv.getD()).normalize(); - - RFC6637KDFCalculator rfc6637KDFCalculator = new RFC6637KDFCalculator(new BcPGPDigestCalculatorProvider().get(ecKey.getHashAlgorithm()), ecKey.getSymmetricKeyAlgorithm()); - - KeyParameter key = new KeyParameter(rfc6637KDFCalculator.createKey(ecKey.getCurveOID(), S, pubKey.getFingerprint())); - - Wrapper c = BcImplProvider.createWrapper(ecKey.getSymmetricKeyAlgorithm()); - - c.init(true, new ParametersWithRandom(key, random)); - - byte[] paddedSessionData = PGPPad.padSessionData(sessionInfo); - - byte[] C = c.wrap(paddedSessionData, 0, paddedSessionData.length); - byte[] VB = new MPInteger(new BigInteger(1, ephKp.getEncodedPublicKey())).getEncoded(); - - byte[] rv = new byte[VB.length + 1 + C.length]; - - System.arraycopy(VB, 0, rv, 0, VB.length); - rv[VB.length] = (byte)C.length; - System.arraycopy(C, 0, rv, VB.length + 1, C.length); - - return rv; - } - } - catch (InvalidCipherTextException e) - { - throw new PGPException("exception encrypting session info: " + e.getMessage(), e); - } - catch (IOException e) - { - throw new PGPException("exception encrypting session info: " + e.getMessage(), e); - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcUtil.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcUtil.java deleted file mode 100644 index ba55f34b..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcUtil.java +++ /dev/null @@ -1,75 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.InputStream; - -import org.bouncycastle.crypto.BlockCipher; -import org.bouncycastle.crypto.BufferedBlockCipher; -import org.bouncycastle.crypto.io.CipherInputStream; -import org.bouncycastle.crypto.modes.CFBBlockCipher; -import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher; -import org.bouncycastle.crypto.params.KeyParameter; -import org.bouncycastle.crypto.params.ParametersWithIV; -import org.bouncycastle.openpgp.operator.PGPDataDecryptor; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; - -class BcUtil -{ - static BufferedBlockCipher createStreamCipher(boolean forEncryption, BlockCipher engine, boolean withIntegrityPacket, byte[] key) - { - BufferedBlockCipher c; - - if (withIntegrityPacket) - { - c = new BufferedBlockCipher(new CFBBlockCipher(engine, engine.getBlockSize() * 8)); - } - else - { - c = new BufferedBlockCipher(new OpenPGPCFBBlockCipher(engine)); - } - - KeyParameter keyParameter = new KeyParameter(key); - - if (withIntegrityPacket) - { - c.init(forEncryption, new ParametersWithIV(keyParameter, new byte[engine.getBlockSize()])); - } - else - { - c.init(forEncryption, keyParameter); - } - - return c; - } - - public static PGPDataDecryptor createDataDecryptor(boolean withIntegrityPacket, BlockCipher engine, byte[] key) - { - final BufferedBlockCipher c = createStreamCipher(false, engine, withIntegrityPacket, key); - - return new PGPDataDecryptor() - { - public InputStream getInputStream(InputStream in) - { - return new CipherInputStream(in, c); - } - - public int getBlockSize() - { - return c.getBlockSize(); - } - - public PGPDigestCalculator getIntegrityCalculator() - { - return new SHA1PGPDigestCalculator(); - } - }; - } - - public static BufferedBlockCipher createSymmetricKeyWrapper(boolean forEncryption, BlockCipher engine, byte[] key, byte[] iv) - { - BufferedBlockCipher c = new BufferedBlockCipher(new CFBBlockCipher(engine, engine.getBlockSize() * 8)); - - c.init(forEncryption, new ParametersWithIV(new KeyParameter(key), iv)); - - return c; - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SHA1PGPDigestCalculator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SHA1PGPDigestCalculator.java deleted file mode 100644 index 979de84f..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SHA1PGPDigestCalculator.java +++ /dev/null @@ -1,68 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.IOException; -import java.io.OutputStream; - -import org.bouncycastle.bcpg.HashAlgorithmTags; -import org.bouncycastle.crypto.Digest; -import org.bouncycastle.crypto.digests.SHA1Digest; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; - -class SHA1PGPDigestCalculator - implements PGPDigestCalculator -{ - private Digest digest = new SHA1Digest(); - - public int getAlgorithm() - { - return HashAlgorithmTags.SHA1; - } - - public OutputStream getOutputStream() - { - return new DigestOutputStream(digest); - } - - public byte[] getDigest() - { - byte[] d = new byte[digest.getDigestSize()]; - - digest.doFinal(d, 0); - - return d; - } - - public void reset() - { - digest.reset(); - } - - private class DigestOutputStream - extends OutputStream - { - private Digest dig; - - DigestOutputStream(Digest dig) - { - this.dig = dig; - } - - public void write(byte[] bytes, int off, int len) - throws IOException - { - dig.update(bytes, off, len); - } - - public void write(byte[] bytes) - throws IOException - { - dig.update(bytes, 0, bytes.length); - } - - public void write(int b) - throws IOException - { - dig.update((byte)b); - } - } -} diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SignerOutputStream.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SignerOutputStream.java deleted file mode 100644 index f2bb4c97..00000000 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/SignerOutputStream.java +++ /dev/null @@ -1,35 +0,0 @@ -package org.bouncycastle.openpgp.operator.bc; - -import java.io.IOException; -import java.io.OutputStream; - -import org.bouncycastle.crypto.Signer; - -class SignerOutputStream - extends OutputStream -{ - private Signer sig; - - SignerOutputStream(Signer sig) - { - this.sig = sig; - } - - public void write(byte[] bytes, int off, int len) - throws IOException - { - sig.update(bytes, off, len); - } - - public void write(byte[] bytes) - throws IOException - { - sig.update(bytes, 0, bytes.length); - } - - public void write(int b) - throws IOException - { - sig.update((byte)b); - } -} |