Don't hash the data to sign when using EDDSA
This commit is contained in:
parent
3fb4771602
commit
6d4f37b154
|
@ -7,12 +7,14 @@
|
|||
|
||||
package org.bouncycastle.openpgp.operator.jcajce;
|
||||
|
||||
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPPrivateKey;
|
||||
import org.bouncycastle.openpgp.operator.PGPContentSigner;
|
||||
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
|
||||
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.security.Provider;
|
||||
|
@ -93,6 +95,10 @@ public class NfcSyncPGPContentSignerBuilder
|
|||
public PGPContentSigner build(final int signatureType, final long keyID)
|
||||
throws PGPException
|
||||
{
|
||||
if (keyAlgorithm == PublicKeyAlgorithmTags.EDDSA) {
|
||||
return buildEdDSASigner(signatureType, keyID);
|
||||
}
|
||||
|
||||
final PGPDigestCalculator digestCalculator = digestCalculatorProviderBuilder.build().get(hashAlgorithm);
|
||||
|
||||
return new PGPContentSigner()
|
||||
|
@ -139,4 +145,56 @@ public class NfcSyncPGPContentSignerBuilder
|
|||
}
|
||||
};
|
||||
}
|
||||
|
||||
public PGPContentSigner buildEdDSASigner(final int signatureType, final long keyID)
|
||||
throws PGPException
|
||||
{
|
||||
final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
|
||||
|
||||
return new PGPContentSigner()
|
||||
{
|
||||
public int getType()
|
||||
{
|
||||
return signatureType;
|
||||
}
|
||||
|
||||
public int getHashAlgorithm()
|
||||
{
|
||||
return hashAlgorithm;
|
||||
}
|
||||
|
||||
public int getKeyAlgorithm()
|
||||
{
|
||||
return keyAlgorithm;
|
||||
}
|
||||
|
||||
public long getKeyID()
|
||||
{
|
||||
return keyID;
|
||||
}
|
||||
|
||||
public OutputStream getOutputStream()
|
||||
{
|
||||
return outputStream;
|
||||
}
|
||||
|
||||
public byte[] getSignature() {
|
||||
byte[] rawData = outputStream.toByteArray();
|
||||
|
||||
ByteBuffer buf = ByteBuffer.wrap(rawData);
|
||||
if (signedHashes.containsKey(buf)) {
|
||||
return (byte[]) signedHashes.get(buf);
|
||||
}
|
||||
// catch this when signatureGenerator.generate() is executed and divert to card,
|
||||
// when doing the operation again reuse creationTimestamp (this will be hashed)
|
||||
throw new NfcInteractionNeeded(rawData, getHashAlgorithm());
|
||||
}
|
||||
|
||||
public byte[] getDigest()
|
||||
{
|
||||
return outputStream.toByteArray();
|
||||
}
|
||||
};
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
@ -255,7 +255,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
|||
|
||||
private PGPContentSignerBuilder getAuthenticationContentSignerBuilder(int hashAlgorithm, Map<ByteBuffer,
|
||||
byte[]> signedHashes) {
|
||||
if (getAlgorithm() == PublicKeyAlgorithmTags.EDDSA) {
|
||||
if (
|
||||
getAlgorithm() == PublicKeyAlgorithmTags.EDDSA
|
||||
&& mPrivateKeyState != PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
|
||||
// content signer feeding the input directly into the signature engine,
|
||||
// since EdDSA hashes the input anyway
|
||||
return new EdDsaAuthenticationContentSignerBuilder(
|
||||
|
|
Loading…
Reference in a new issue