add EdDSA support
This commit is contained in:
parent
dfdfd733f3
commit
8551440316
|
@ -533,6 +533,7 @@ public abstract class OperationResult implements Parcelable {
|
|||
MSG_CR_ERROR_FLAGS_DSA (LogLevel.ERROR, R.string.msg_cr_error_flags_dsa),
|
||||
MSG_CR_ERROR_FLAGS_ELGAMAL (LogLevel.ERROR, R.string.msg_cr_error_flags_elgamal),
|
||||
MSG_CR_ERROR_FLAGS_ECDSA (LogLevel.ERROR, R.string.msg_cr_error_flags_ecdsa),
|
||||
MSG_CR_ERROR_FLAGS_EDDSA (LogLevel.ERROR, R.string.msg_cr_error_flags_eddsa),
|
||||
MSG_CR_ERROR_FLAGS_ECDH (LogLevel.ERROR, R.string.msg_cr_error_flags_ecdh),
|
||||
|
||||
// secret key modify
|
||||
|
|
|
@ -209,6 +209,7 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
|||
mPrivateKey = mSecretKey.extractPrivateKey(keyDecryptor);
|
||||
mPrivateKeyState = PRIVATE_KEY_STATE_UNLOCKED;
|
||||
} catch (PGPException e) {
|
||||
Log.e(Constants.TAG, "Error extracting private key!", e);
|
||||
return false;
|
||||
}
|
||||
if (mPrivateKey == null) {
|
||||
|
|
|
@ -45,6 +45,7 @@ import org.bouncycastle.bcpg.S2K;
|
|||
import org.bouncycastle.bcpg.sig.Features;
|
||||
import org.bouncycastle.bcpg.sig.KeyFlags;
|
||||
import org.bouncycastle.bcpg.sig.RevocationReasonTags;
|
||||
import org.bouncycastle.jcajce.provider.asymmetric.eddsa.spec.EdDSAGenParameterSpec;
|
||||
import org.bouncycastle.jce.spec.ElGamalParameterSpec;
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPKeyFlags;
|
||||
|
@ -174,7 +175,7 @@ public class PgpKeyOperation {
|
|||
log.add(LogType.MSG_CR_ERROR_NO_CURVE, indent);
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
} else if (add.getAlgorithm() != Algorithm.EDDSA) {
|
||||
if (add.getKeySize() == null) {
|
||||
log.add(LogType.MSG_CR_ERROR_NO_KEYSIZE, indent);
|
||||
return null;
|
||||
|
@ -241,6 +242,21 @@ public class PgpKeyOperation {
|
|||
break;
|
||||
}
|
||||
|
||||
case EDDSA: {
|
||||
if ((add.getFlags() & (PGPKeyFlags.CAN_ENCRYPT_COMMS | PGPKeyFlags.CAN_ENCRYPT_STORAGE)) > 0) {
|
||||
log.add(LogType.MSG_CR_ERROR_FLAGS_ECDSA, indent);
|
||||
return null;
|
||||
}
|
||||
progress(R.string.progress_generating_eddsa, 30);
|
||||
EdDSAGenParameterSpec edParamSpec =
|
||||
new EdDSAGenParameterSpec("ed25519");
|
||||
keyGen = KeyPairGenerator.getInstance("EdDSA", Constants.BOUNCY_CASTLE_PROVIDER_NAME);
|
||||
keyGen.initialize(edParamSpec, new SecureRandom());
|
||||
|
||||
algorithm = PGPPublicKey.EDDSA;
|
||||
break;
|
||||
}
|
||||
|
||||
case ECDH: {
|
||||
// make sure there are no sign or certify flags set
|
||||
if ((add.getFlags() & (PGPKeyFlags.CAN_SIGN | PGPKeyFlags.CAN_CERTIFY)) > 0) {
|
||||
|
|
|
@ -174,6 +174,9 @@ public class PgpSecurityConstants {
|
|||
}
|
||||
return null;
|
||||
}
|
||||
case PublicKeyAlgorithmTags.EDDSA: {
|
||||
return null;
|
||||
}
|
||||
// ELGAMAL_GENERAL: deprecated in RFC 4880, use ELGAMAL_ENCRYPT
|
||||
// DIFFIE_HELLMAN: unsure
|
||||
// TODO specialize all cases!
|
||||
|
|
|
@ -250,6 +250,7 @@ public class UncachedKeyRing {
|
|||
PublicKeyAlgorithmTags.ECDSA, // 19
|
||||
PublicKeyAlgorithmTags.ELGAMAL_GENERAL, // 20
|
||||
// PublicKeyAlgorithmTags.DIFFIE_HELLMAN, // 21
|
||||
PublicKeyAlgorithmTags.EDDSA, // 22
|
||||
};
|
||||
|
||||
/** "Canonicalizes" a public key, removing inconsistencies in the process.
|
||||
|
|
|
@ -223,7 +223,8 @@ public class UncachedPublicKey {
|
|||
|
||||
public boolean isEC() {
|
||||
return getAlgorithm() == PGPPublicKey.ECDH
|
||||
|| getAlgorithm() == PGPPublicKey.ECDSA;
|
||||
|| getAlgorithm() == PGPPublicKey.ECDSA
|
||||
|| getAlgorithm() == PGPPublicKey.EDDSA;
|
||||
}
|
||||
|
||||
public byte[] getFingerprint() {
|
||||
|
|
|
@ -290,7 +290,7 @@ public abstract class SaveKeyringParcel implements Parcelable {
|
|||
|
||||
// All supported algorithms
|
||||
public enum Algorithm {
|
||||
RSA, DSA, ELGAMAL, ECDSA, ECDH
|
||||
RSA, DSA, ELGAMAL, ECDSA, ECDH, EDDSA
|
||||
}
|
||||
|
||||
// All curves defined in the standard
|
||||
|
|
|
@ -62,7 +62,7 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
}
|
||||
|
||||
public enum SupportedKeyType {
|
||||
RSA_2048, RSA_3072, RSA_4096, ECC_P256, ECC_P521
|
||||
RSA_2048, RSA_3072, RSA_4096, ECC_P256, ECC_P521, EDDSA
|
||||
}
|
||||
|
||||
private static final String ARG_WILL_BE_MASTER_KEY = "will_be_master_key";
|
||||
|
@ -158,6 +158,8 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
R.string.ecc_p256), getResources().getString(R.string.ecc_p256_description_html)));
|
||||
choices.add(new Choice<>(SupportedKeyType.ECC_P521, getResources().getString(
|
||||
R.string.ecc_p521), getResources().getString(R.string.ecc_p521_description_html)));
|
||||
choices.add(new Choice<>(SupportedKeyType.EDDSA, getResources().getString(
|
||||
R.string.ecc_eddsa), getResources().getString(R.string.ecc_eddsa_description_html)));
|
||||
TwoLineArrayAdapter adapter = new TwoLineArrayAdapter(context,
|
||||
android.R.layout.simple_spinner_item, choices);
|
||||
mKeyTypeSpinner.setAdapter(adapter);
|
||||
|
@ -198,6 +200,9 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
if (mWillBeMasterKey) {
|
||||
mUsageEncrypt.setEnabled(false);
|
||||
}
|
||||
} else if (keyType == SupportedKeyType.EDDSA) {
|
||||
mUsageSignAndEncrypt.setEnabled(false);
|
||||
mUsageEncrypt.setEnabled(false);
|
||||
} else {
|
||||
// need to enable if previously disabled for ECC masterkey
|
||||
mUsageEncrypt.setEnabled(true);
|
||||
|
@ -275,6 +280,9 @@ public class AddSubkeyDialogFragment extends DialogFragment {
|
|||
}
|
||||
break;
|
||||
}
|
||||
case EDDSA: {
|
||||
algorithm = Algorithm.EDDSA;
|
||||
}
|
||||
}
|
||||
|
||||
// set flags
|
||||
|
|
|
@ -110,6 +110,10 @@ public class KeyFormattingUtils {
|
|||
return "ECDH (" + oidName + ")";
|
||||
}
|
||||
|
||||
case PublicKeyAlgorithmTags.EDDSA: {
|
||||
return "EdDSA";
|
||||
}
|
||||
|
||||
default: {
|
||||
if (context != null) {
|
||||
algorithmStr = context.getResources().getString(R.string.unknown);
|
||||
|
|
|
@ -315,6 +315,8 @@
|
|||
<string name="ecc_p384_description_html">"very tiny file size, considered secure until 2040 <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="ecc_p521">"ECC P-521"</string>
|
||||
<string name="ecc_p521_description_html">"tiny file size, considered secure until 2040+ <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="ecc_eddsa">"ECC EdDSA"</string>
|
||||
<string name="ecc_eddsa_description_html">"tiny file size, considered secure until 2040+ <br/> <u>experimental and not supported by all implementations</u>"</string>
|
||||
<string name="usage_none">"None (subkey binding only)"</string>
|
||||
<string name="usage_sign">"Sign"</string>
|
||||
<string name="usage_encrypt">"Encrypt"</string>
|
||||
|
@ -452,6 +454,7 @@
|
|||
<string name="progress_generating_dsa">"generating new DSA key…"</string>
|
||||
<string name="progress_generating_elgamal">"generating new ElGamal key…"</string>
|
||||
<string name="progress_generating_ecdsa">"generating new ECDSA key…"</string>
|
||||
<string name="progress_generating_eddsa">"generating new EdDSA key…"</string>
|
||||
<string name="progress_generating_ecdh">"generating new ECDH key…"</string>
|
||||
|
||||
<string name="progress_modify">"modifying keyring…"</string>
|
||||
|
@ -1084,6 +1087,7 @@
|
|||
<string name="msg_cr_error_flags_dsa">"Bad key flags selected, DSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_elgamal">"Bad key flags selected, ElGamal cannot be used for signing!"</string>
|
||||
<string name="msg_cr_error_flags_ecdsa">"Bad key flags selected, ECDSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_eddsa">"Bad key flags selected, EdDSA cannot be used for encryption!"</string>
|
||||
<string name="msg_cr_error_flags_ecdh">"Bad key flags selected, ECDH cannot be used for signing!"</string>
|
||||
|
||||
<!-- modifySecretKeyRing -->
|
||||
|
|
2
extern/bouncycastle
vendored
2
extern/bouncycastle
vendored
|
@ -1 +1 @@
|
|||
Subproject commit 2f4b5a448c051ad980a437d7efbf4402b593f929
|
||||
Subproject commit 1c44d1e9f5fd52dd515552ae000e44be5ee9f4a4
|
Loading…
Reference in a new issue