Merge branch 'dhedberg-master'

This commit is contained in:
Dominik Schürmann 2021-03-16 15:47:36 +01:00
commit 39ef489a92
3 changed files with 70 additions and 11 deletions

View File

@ -7,12 +7,14 @@
package org.bouncycastle.openpgp.operator.jcajce;
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.operator.PGPContentSigner;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import java.io.ByteArrayOutputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.Provider;
@ -93,6 +95,10 @@ public class NfcSyncPGPContentSignerBuilder
public PGPContentSigner build(final int signatureType, final long keyID)
throws PGPException
{
if (keyAlgorithm == PublicKeyAlgorithmTags.EDDSA) {
return buildEdDSASigner(signatureType, keyID);
}
final PGPDigestCalculator digestCalculator = digestCalculatorProviderBuilder.build().get(hashAlgorithm);
return new PGPContentSigner()
@ -139,4 +145,56 @@ public class NfcSyncPGPContentSignerBuilder
}
};
}
public PGPContentSigner buildEdDSASigner(final int signatureType, final long keyID)
throws PGPException
{
final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
return new PGPContentSigner()
{
public int getType()
{
return signatureType;
}
public int getHashAlgorithm()
{
return hashAlgorithm;
}
public int getKeyAlgorithm()
{
return keyAlgorithm;
}
public long getKeyID()
{
return keyID;
}
public OutputStream getOutputStream()
{
return outputStream;
}
public byte[] getSignature() {
byte[] rawData = outputStream.toByteArray();
ByteBuffer buf = ByteBuffer.wrap(rawData);
if (signedHashes.containsKey(buf)) {
return (byte[]) signedHashes.get(buf);
}
// catch this when signatureGenerator.generate() is executed and divert to card,
// when doing the operation again reuse creationTimestamp (this will be hashed)
throw new NfcInteractionNeeded(rawData, getHashAlgorithm());
}
public byte[] getDigest()
{
return outputStream.toByteArray();
}
};
}
}

View File

@ -255,7 +255,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
private PGPContentSignerBuilder getAuthenticationContentSignerBuilder(int hashAlgorithm, Map<ByteBuffer,
byte[]> signedHashes) {
if (getAlgorithm() == PublicKeyAlgorithmTags.EDDSA) {
if (
getAlgorithm() == PublicKeyAlgorithmTags.EDDSA
&& mPrivateKeyState != PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
// content signer feeding the input directly into the signature engine,
// since EdDSA hashes the input anyway
return new EdDsaAuthenticationContentSignerBuilder(

View File

@ -19,11 +19,13 @@ package org.sufficientlysecure.keychain.pgp;
import org.bouncycastle.bcpg.DSAPublicBCPGKey;
import org.bouncycastle.bcpg.ECPublicBCPGKey;
import org.bouncycastle.bcpg.EdDSAPublicBCPGKey;
import org.bouncycastle.bcpg.RSAPublicBCPGKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshEd25519PublicKey;
import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;
@ -46,9 +48,8 @@ public class SshPublicKey {
return encodeRSAKey(key);
case PGPPublicKey.ECDSA:
return encodeECKey(key);
// TODO
// case PGPPublicKey.EDDSA:
// return encodeEdDSAKey(key);
case PGPPublicKey.EDDSA:
return encodeEdDSAKey(key);
case PGPPublicKey.DSA:
return encodeDSAKey(key);
default:
@ -73,15 +74,13 @@ public class SshPublicKey {
return sshECDSAPublicKey.getPublicKeyBlob();
}
private String encodeEdDSAKey(PGPPublicKey publicKey) {
EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
// private String encodeEdDSAKey(PGPPublicKey publicKey) {
// EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
//
// SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
//
// return pubkey.getPublicKeyBlob();
// }
return pubkey.getPublicKeyBlob();
}
private String encodeDSAKey(PGPPublicKey publicKey) {
DSAPublicBCPGKey publicBCPGKey = (DSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();