fix secret key export compatibility with gnupg
This commit is contained in:
Vincent Breitmoser
parent
09f63e7f30
commit
85c058fe1d
2 changed files with 21 additions and 18 deletions
|
|
@ -35,6 +35,8 @@ import java.util.List;
|
|||
import java.util.Stack;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
|
||||
import android.support.annotation.Nullable;
|
||||
|
||||
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
|
||||
import org.bouncycastle.asn1.nist.NISTNamedCurves;
|
||||
import org.bouncycastle.bcpg.ECDHPublicBCPGKey;
|
||||
|
|
@ -338,18 +340,10 @@ public class PgpKeyOperation {
|
|||
|
||||
progress(R.string.progress_building_master_key, 40);
|
||||
|
||||
// Build key encrypter and decrypter based on passphrase
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO,
|
||||
encryptorHashCalc, PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build("".toCharArray());
|
||||
|
||||
PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(PgpSecurityConstants.SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO);
|
||||
PGPSecretKey masterSecretKey = new PGPSecretKey(keyPair.getPrivateKey(), keyPair.getPublicKey(),
|
||||
sha1Calc, true, keyEncryptor);
|
||||
sha1Calc, true, null);
|
||||
|
||||
PGPSecretKeyRing sKR = new PGPSecretKeyRing(
|
||||
masterSecretKey.getEncoded(), new JcaKeyFingerprintCalculator());
|
||||
|
|
@ -1073,14 +1067,7 @@ public class PgpKeyOperation {
|
|||
}
|
||||
|
||||
PGPSecretKey sKey; {
|
||||
// Build key encrypter and decrypter based on passphrase
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
PBESecretKeyEncryptor keyEncryptor = new JcePBESecretKeyEncryptorBuilder(
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO, encryptorHashCalc,
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME).build(
|
||||
cryptoInput.getPassphrase().getCharArray());
|
||||
PBESecretKeyEncryptor keyEncryptor = buildKeyEncryptorFromPassphrase(cryptoInput.getPassphrase());
|
||||
|
||||
PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build().get(PgpSecurityConstants.SECRET_KEY_SIGNATURE_CHECKSUM_HASH_ALGO);
|
||||
|
|
@ -1173,6 +1160,22 @@ public class PgpKeyOperation {
|
|||
|
||||
}
|
||||
|
||||
@Nullable
|
||||
private PBESecretKeyEncryptor buildKeyEncryptorFromPassphrase(Passphrase passphrase) throws PGPException {
|
||||
if (passphrase == null || passphrase.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
|
||||
PGPDigestCalculator encryptorHashCalc = new JcaPGPDigestCalculatorProviderBuilder()
|
||||
.build()
|
||||
.get(PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_HASH_ALGO);
|
||||
return new JcePBESecretKeyEncryptorBuilder(
|
||||
PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_SYMMETRIC_ALGO,
|
||||
encryptorHashCalc, PgpSecurityConstants.SECRET_KEY_ENCRYPTOR_S2K_COUNT)
|
||||
.setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME)
|
||||
.build(passphrase.getCharArray());
|
||||
}
|
||||
|
||||
/** This method does the actual modifications in a keyring just like internal, except it
|
||||
* supports only the subset of operations which require no passphrase, and will error
|
||||
* otherwise.
|
||||
|
|
|
|||
2
extern/bouncycastle
vendored
2
extern/bouncycastle
vendored
|
|
@ -1 +1 @@
|
|||
Subproject commit 3872e5ebe104985f85ebe3ab59bdd72939477913
|
||||
Subproject commit c260cecf0b80c986e7461f63d3c12aed72d4be4d
|
||||
Loading…
Add table
Reference in a new issue