commit
5d104b9c17
|
@ -533,6 +533,7 @@ public abstract class OperationResult implements Parcelable {
|
|||
MSG_CR_ERROR_FLAGS_DSA (LogLevel.ERROR, R.string.msg_cr_error_flags_dsa),
|
||||
MSG_CR_ERROR_FLAGS_ELGAMAL (LogLevel.ERROR, R.string.msg_cr_error_flags_elgamal),
|
||||
MSG_CR_ERROR_FLAGS_ECDSA (LogLevel.ERROR, R.string.msg_cr_error_flags_ecdsa),
|
||||
MSG_CR_ERROR_FLAGS_EDDSA (LogLevel.ERROR, R.string.msg_cr_error_flags_eddsa),
|
||||
MSG_CR_ERROR_FLAGS_ECDH (LogLevel.ERROR, R.string.msg_cr_error_flags_ecdh),
|
||||
|
||||
// secret key modify
|
||||
|
|
|
@ -209,6 +209,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
|||
mPrivateKey = mSecretKey.extractPrivateKey(keyDecryptor);
|
||||
mPrivateKeyState = PRIVATE_KEY_STATE_UNLOCKED;
|
||||
} catch (PGPException e) {
|
||||
Log.e(Constants.TAG, "Error extracting private key!", e);
|
||||
return false;
|
||||
}
|
||||
if (mPrivateKey == null) {
|
||||
|
|
|
@ -45,6 +45,7 @@ import org.bouncycastle.bcpg.S2K;
|
|||
import org.bouncycastle.bcpg.sig.Features;
|
||||
import org.bouncycastle.bcpg.sig.KeyFlags;
|
||||
import org.bouncycastle.bcpg.sig.RevocationReasonTags;
|
||||
import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSAGenParameterSpec;
|
||||
import org.bouncycastle.jce.spec.ElGamalParameterSpec;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPKeyFlags;
|
||||
|
@ -174,7 +175,7 @@ public class PgpKeyOperation {
|
|||
log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
} else if (add.getAlgorithm() != Algorithm.EDDSA) {
|
||||
if (add.getKeySize() == null) {
|
||||
log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
||||
return null;
|
||||
|
@ -241,6 +242,21 @@ public class PgpKeyOperation {
|
|||
break;
|
||||
}
|
||||
|
||||
case EDDSA: {
|
||||
if ((add.getFlags() & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_eddsa, 30);
|
||||
EdDSAGenParameterSpec edParamSpec =
|
||||
new EdDSAGenParameterSpec("ed25519");
|
||||
keyGen = KeyPairGenerator.getInstance("EdDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
keyGen.initialize(edParamSpec, new SecureRandom());
|
||||
|
||||
algorithm = PGPPublicKey.EDDSA;
|
||||
break;
|
||||
}
|
||||
|
||||
case ECDH: {
|
||||
// make sure there are no sign or certify flags set
|
||||
if ((add.getFlags() & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||
|
|
|
@ -174,6 +174,9 @@ public class PgpSecurityConstants {
|
|||
}
|
||||
return null;
|
||||
}
|
||||
case PublicKeyAlgorithmTags.EDDSA: {
|
||||
return null;
|
||||
}
|
||||
// ELGAMAL_GENERAL: deprecated in RFC 4880, use ELGAMAL_ENCRYPT
|
||||
// DIFFIE_HELLMAN: unsure
|
||||
// TODO specialize all cases!
|
||||
|
|
|
@ -250,6 +250,7 @@ public class UncachedKeyRing {
|
|||
PublicKeyAlgorithmTags.ECDSA, // 19
|
||||
PublicKeyAlgorithmTags.ELGAMAL_GENERAL, // 20
|
||||
// PublicKeyAlgorithmTags.DIFFIE_HELLMAN, // 21
|
||||
PublicKeyAlgorithmTags.EDDSA, // 22
|
||||
};
|
||||
|
||||
/** "Canonicalizes" a public key, removing inconsistencies in the process.
|
||||
|
|
|
@ -223,7 +223,8 @@ public class UncachedPublicKey {
|
|||
|
||||
public boolean isEC() {
|
||||
return getAlgorithm() == PGPPublicKey.ECDH
|
||||
|| getAlgorithm() == PGPPublicKey.ECDSA;
|
||||
|| getAlgorithm() == PGPPublicKey.ECDSA
|
||||
|| getAlgorithm() == PGPPublicKey.EDDSA;
|
||||
}
|
||||
|
||||
public byte[] getFingerprint() {
|
||||
|
|
|
@ -290,7 +290,7 @@ public abstract class SaveKeyringParcel implements Parcelable {
|
|||
|
||||
// All supported algorithms
|
||||
public enum Algorithm {
|
||||
RSA, DSA, ELGAMAL, ECDSA, ECDH
|
||||
RSA, DSA, ELGAMAL, ECDSA, ECDH, EDDSA
|
||||
}
|
||||
|
||||
// All curves defined in the standard
|
||||
|
|
|
@ -62,7 +62,7 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
}
|
||||
|
||||
public enum SupportedKeyType {
|
||||
RSA_2048, RSA_3072, RSA_4096, ECC_P256, ECC_P521
|
||||
RSA_2048, RSA_3072, RSA_4096, ECC_P256, ECC_P521, EDDSA
|
||||
}
|
||||
|
||||
private static final String ARG_WILL_BE_MASTER_KEY = "will_be_master_key";
|
||||
|
@ -158,6 +158,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
R.string.ecc_p256), getResources().getString(R.string.ecc_p256_description_html)));
|
||||
choices.add(new Choice<>(SupportedKeyType.ECC_P521, getResources().getString(
|
||||
R.string.ecc_p521), getResources().getString(R.string.ecc_p521_description_html)));
|
||||
choices.add(new Choice<>(SupportedKeyType.EDDSA, getResources().getString(
|
||||
R.string.ecc_eddsa), getResources().getString(R.string.ecc_eddsa_description_html)));
|
||||
TwoLineArrayAdapter adapter = new TwoLineArrayAdapter(context,
|
||||
android.R.layout.simple_spinner_item, choices);
|
||||
mKeyTypeSpinner.setAdapter(adapter);
|
||||
|
@ -198,6 +200,9 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
if (mWillBeMasterKey) {
|
||||
mUsageEncrypt.setEnabled(false);
|
||||
}
|
||||
} else if (keyType == SupportedKeyType.EDDSA) {
|
||||
mUsageSignAndEncrypt.setEnabled(false);
|
||||
mUsageEncrypt.setEnabled(false);
|
||||
} else {
|
||||
// need to enable if previously disabled for ECC masterkey
|
||||
mUsageEncrypt.setEnabled(true);
|
||||
|
@ -275,6 +280,9 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
}
|
||||
break;
|
||||
}
|
||||
case EDDSA: {
|
||||
algorithm = Algorithm.EDDSA;
|
||||
}
|
||||
}
|
||||
|
||||
// set flags
|
||||
|
|
|
@ -110,6 +110,10 @@ public class KeyFormattingUtils {
|
|||
return "ECDH (" + oidName + ")";
|
||||
}
|
||||
|
||||
case PublicKeyAlgorithmTags.EDDSA: {
|
||||
return "EdDSA";
|
||||
}
|
||||
|
||||
default: {
|
||||
if (context != null) {
|
||||
algorithmStr = context.getResources().getString(R.string.unknown);
|
||||
|
|
|
@ -315,6 +315,8 @@
|
|||
<string name="ecc_p384_description_html">"very tiny file size, considered secure until 2040 <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="ecc_p521">"ECC P-521"</string>
|
||||
<string name="ecc_p521_description_html">"tiny file size, considered secure until 2040+ <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="ecc_eddsa">"ECC EdDSA"</string>
|
||||
<string name="ecc_eddsa_description_html">"tiny file size, considered secure until 2040+ <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="usage_none">"None (subkey binding only)"</string>
|
||||
<string name="usage_sign">"Sign"</string>
|
||||
<string name="usage_encrypt">"Encrypt"</string>
|
||||
|
@ -452,6 +454,7 @@
|
|||
<string name="progress_generating_dsa">"generating new DSA key…"</string>
|
||||
<string name="progress_generating_elgamal">"generating new ElGamal key…"</string>
|
||||
<string name="progress_generating_ecdsa">"generating new ECDSA key…"</string>
|
||||
<string name="progress_generating_eddsa">"generating new EdDSA key…"</string>
|
||||
<string name="progress_generating_ecdh">"generating new ECDH key…"</string>
|
||||
|
||||
<string name="progress_modify">"modifying keyring…"</string>
|
||||
|
@ -1084,6 +1087,7 @@
|
|||
<string name="msg_cr_error_flags_dsa">"Bad key flags selected, DSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_elgamal">"Bad key flags selected, ElGamal cannot be used for signing!"</string>
|
||||
<string name="msg_cr_error_flags_ecdsa">"Bad key flags selected, ECDSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_eddsa">"Bad key flags selected, EdDSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_ecdh">"Bad key flags selected, ECDH cannot be used for signing!"</string>
|
||||
|
||||
<!-- modifySecretKeyRing -->
|
||||
|
|
|
@ -42,9 +42,7 @@ public class OpaqueKeyTest {
|
|||
|
||||
@Test
|
||||
public void testOpaqueSubKey__canonicalize__shouldFail() throws Exception {
|
||||
// key from GnuPG's test suite, sample msg generated using GnuPG v2.1.18
|
||||
// TODO use for actual tests once eddsa is supported!
|
||||
UncachedKeyRing ring = readRingFromResource("/test-keys/eddsa-sample-1-pub.asc");
|
||||
UncachedKeyRing ring = readRingFromResource("/test-keys/unknown-sample-1.pub");
|
||||
|
||||
OperationLog log = new OperationLog();
|
||||
ring.canonicalize(log, 0);
|
||||
|
@ -61,12 +59,12 @@ public class OpaqueKeyTest {
|
|||
OperationLog log = new OperationLog();
|
||||
ring.canonicalize(log, 0);
|
||||
|
||||
assertTrue(log.containsType(LogType.MSG_KC_ERROR_MASTER_ALGO));
|
||||
assertTrue(log.containsType(LogType.MSG_KC_SUB_BAD));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testOpaqueSubKey__canonicalize__shouldStrip() throws Exception {
|
||||
UncachedKeyRing ring = readRingFromResource("/test-keys/eddsa-subkey.pub.asc");
|
||||
UncachedKeyRing ring = readRingFromResource("/test-keys/unknown-subkey.pub.asc");
|
||||
|
||||
OperationLog log = new OperationLog();
|
||||
CanonicalizedKeyRing canonicalizedKeyRing = ring.canonicalize(log, 0);
|
||||
|
@ -78,7 +76,7 @@ public class OpaqueKeyTest {
|
|||
@Test
|
||||
public void testOpaqueSubKey__reencode__shouldBeIdentical() throws Exception {
|
||||
byte[] rawKeyData = TestDataUtil.readFully(
|
||||
OpaqueKeyTest.class.getResourceAsStream("/test-keys/eddsa-subkey.pub.asc"));
|
||||
OpaqueKeyTest.class.getResourceAsStream("/test-keys/unknown-subkey.pub.asc"));
|
||||
|
||||
UncachedKeyRing ring = UncachedKeyRing.decodeFromData(rawKeyData);
|
||||
|
||||
|
|
|
@ -0,0 +1,130 @@
|
|||
/*
|
||||
* Copyright (C) 2014 Dominik Schürmann <dominik@dominikschuermann.de>
|
||||
* Copyright (C) 2014 Vincent Breitmoser <v.breitmoser@mugenguild.com>
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation, either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package org.sufficientlysecure.keychain.provider;
|
||||
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.InputStream;
|
||||
|
||||
import android.app.Application;
|
||||
|
||||
import org.bouncycastle.bcpg.sig.KeyFlags;
|
||||
import org.junit.Before;
|
||||
import org.junit.BeforeClass;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.openintents.openpgp.OpenPgpSignatureResult;
|
||||
import org.robolectric.RuntimeEnvironment;
|
||||
import org.robolectric.shadows.ShadowLog;
|
||||
import org.robolectric.util.Util;
|
||||
import org.sufficientlysecure.keychain.KeychainTestRunner;
|
||||
import org.sufficientlysecure.keychain.operations.results.DecryptVerifyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.OperationResult.OperationLog;
|
||||
import org.sufficientlysecure.keychain.operations.results.PgpEditKeyResult;
|
||||
import org.sufficientlysecure.keychain.operations.results.SaveKeyringResult;
|
||||
import org.sufficientlysecure.keychain.pgp.CanonicalizedKeyRing;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyInputParcel;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpDecryptVerifyOperation;
|
||||
import org.sufficientlysecure.keychain.pgp.PgpKeyOperation;
|
||||
import org.sufficientlysecure.keychain.pgp.UncachedKeyRing;
|
||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel;
|
||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.Algorithm;
|
||||
import org.sufficientlysecure.keychain.service.SaveKeyringParcel.SubkeyAdd;
|
||||
|
||||
import static junit.framework.Assert.assertEquals;
|
||||
import static junit.framework.Assert.assertFalse;
|
||||
import static junit.framework.Assert.assertNotNull;
|
||||
import static junit.framework.Assert.assertTrue;
|
||||
|
||||
|
||||
@SuppressWarnings("WeakerAccess")
|
||||
@RunWith(KeychainTestRunner.class)
|
||||
public class EddsaTest {
|
||||
private KeyWritableRepository keyRepository;
|
||||
private Application context;
|
||||
|
||||
|
||||
@BeforeClass
|
||||
public static void setUpOnce() throws Exception {
|
||||
ShadowLog.stream = System.out;
|
||||
}
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
context = RuntimeEnvironment.application;
|
||||
keyRepository = KeyWritableRepository.createDatabaseReadWriteInteractor(context);
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGpgSampleSignature() throws Exception {
|
||||
// key from GnuPG's test suite, sample msg generated using GnuPG v2.1.18
|
||||
UncachedKeyRing ring = loadKeyringFromResource("/test-keys/eddsa-sample-1-pub.asc");
|
||||
|
||||
byte[] signedText = readBytesFromResource("/test-keys/eddsa-sample-msg.asc");
|
||||
PgpDecryptVerifyInputParcel pgpDecryptVerifyInputParcel = PgpDecryptVerifyInputParcel.builder()
|
||||
.setInputBytes(signedText).build();
|
||||
|
||||
PgpDecryptVerifyOperation decryptVerifyOperation = new PgpDecryptVerifyOperation(context, keyRepository, null);
|
||||
DecryptVerifyResult result = decryptVerifyOperation.execute(pgpDecryptVerifyInputParcel, null);
|
||||
|
||||
assertTrue(result.success());
|
||||
assertEquals(OpenPgpSignatureResult.RESULT_VALID_KEY_UNCONFIRMED, result.getSignatureResult().getResult());
|
||||
assertEquals(ring.getMasterKeyId(), result.getSignatureResult().getKeyId());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCreateEddsa() throws Exception {
|
||||
SaveKeyringParcel.Builder builder = SaveKeyringParcel.buildNewKeyringParcel();
|
||||
builder.addSubkeyAdd(SubkeyAdd.createSubkeyAdd(
|
||||
Algorithm.EDDSA, 0, null, KeyFlags.CERTIFY_OTHER, 0L));
|
||||
builder.addUserId("ed");
|
||||
|
||||
PgpKeyOperation op = new PgpKeyOperation(null);
|
||||
PgpEditKeyResult result = op.createSecretKeyRing(builder.build());
|
||||
|
||||
assertTrue("initial test key creation must succeed", result.success());
|
||||
assertNotNull("initial test key creation must succeed", result.getRing());
|
||||
|
||||
CanonicalizedKeyRing canonicalizedKeyRing = result.getRing().canonicalize(new OperationLog(), 0);
|
||||
assertNotNull(canonicalizedKeyRing);
|
||||
}
|
||||
|
||||
private UncachedKeyRing loadKeyringFromResource(String name) throws Exception {
|
||||
UncachedKeyRing ring = readRingFromResource(name);
|
||||
SaveKeyringResult saveKeyringResult = keyRepository.savePublicKeyRing(ring);
|
||||
assertTrue(saveKeyringResult.success());
|
||||
assertFalse(saveKeyringResult.getLog().containsWarnings());
|
||||
return ring;
|
||||
}
|
||||
|
||||
private byte[] readBytesFromResource(String name) throws Exception {
|
||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||
InputStream input = EddsaTest.class.getResourceAsStream(name);
|
||||
|
||||
Util.copy(input, baos);
|
||||
|
||||
return baos.toByteArray();
|
||||
}
|
||||
|
||||
UncachedKeyRing readRingFromResource(String name) throws Exception {
|
||||
return UncachedKeyRing.fromStream(EddsaTest.class.getResourceAsStream(name)).next();
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA256
|
||||
|
||||
eddsa sample signed msg
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iHUEARYIAB0WIQTJWb26+jKi+JoVO2eM/eEhl5ZamgUCWJ+tFQAKCRCM/eEhl5Za
|
||||
miuCAQCGGkrsyYxv1PkQM7GH8mMwqdHd5YAOQw6qNjTjVAQ+FgD7B7AhHQ0nFgWx
|
||||
oXDm7HDBLRidPJ9u+Tb0yUid7NfyxQg=
|
||||
=K4E/
|
||||
-----END PGP SIGNATURE-----
|
BIN
OpenKeychain/src/test/resources/test-keys/unknown-sample-1.pub
Normal file
BIN
OpenKeychain/src/test/resources/test-keys/unknown-sample-1.pub
Normal file
Binary file not shown.
BIN
OpenKeychain/src/test/resources/test-keys/unknown-subkey.pub.asc
Normal file
BIN
OpenKeychain/src/test/resources/test-keys/unknown-subkey.pub.asc
Normal file
Binary file not shown.
2
extern/bouncycastle
vendored
2
extern/bouncycastle
vendored
|
@ -1 +1 @@
|
|||
Subproject commit 2f4b5a448c051ad980a437d7efbf4402b593f929
|
||||
Subproject commit 1c44d1e9f5fd52dd515552ae000e44be5ee9f4a4
|
Loading…
Reference in a new issue