Merge branch 'master' of https://github.com/dhedberg/open-keychain into dhedberg-master
This commit is contained in:
commit
c899e5ef2d
|
@ -7,12 +7,14 @@
|
||||||
|
|
||||||
package org.bouncycastle.openpgp.operator.jcajce;
|
package org.bouncycastle.openpgp.operator.jcajce;
|
||||||
|
|
||||||
|
import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPPrivateKey;
|
import org.bouncycastle.openpgp.PGPPrivateKey;
|
||||||
import org.bouncycastle.openpgp.operator.PGPContentSigner;
|
import org.bouncycastle.openpgp.operator.PGPContentSigner;
|
||||||
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
|
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
|
||||||
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
|
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
|
||||||
|
|
||||||
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.OutputStream;
|
import java.io.OutputStream;
|
||||||
import java.nio.ByteBuffer;
|
import java.nio.ByteBuffer;
|
||||||
import java.security.Provider;
|
import java.security.Provider;
|
||||||
|
@ -93,6 +95,10 @@ public class NfcSyncPGPContentSignerBuilder
|
||||||
public PGPContentSigner build(final int signatureType, final long keyID)
|
public PGPContentSigner build(final int signatureType, final long keyID)
|
||||||
throws PGPException
|
throws PGPException
|
||||||
{
|
{
|
||||||
|
if (keyAlgorithm == PublicKeyAlgorithmTags.EDDSA) {
|
||||||
|
return buildEdDSASigner(signatureType, keyID);
|
||||||
|
}
|
||||||
|
|
||||||
final PGPDigestCalculator digestCalculator = digestCalculatorProviderBuilder.build().get(hashAlgorithm);
|
final PGPDigestCalculator digestCalculator = digestCalculatorProviderBuilder.build().get(hashAlgorithm);
|
||||||
|
|
||||||
return new PGPContentSigner()
|
return new PGPContentSigner()
|
||||||
|
@ -139,4 +145,56 @@ public class NfcSyncPGPContentSignerBuilder
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public PGPContentSigner buildEdDSASigner(final int signatureType, final long keyID)
|
||||||
|
throws PGPException
|
||||||
|
{
|
||||||
|
final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
|
||||||
|
|
||||||
|
return new PGPContentSigner()
|
||||||
|
{
|
||||||
|
public int getType()
|
||||||
|
{
|
||||||
|
return signatureType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getHashAlgorithm()
|
||||||
|
{
|
||||||
|
return hashAlgorithm;
|
||||||
|
}
|
||||||
|
|
||||||
|
public int getKeyAlgorithm()
|
||||||
|
{
|
||||||
|
return keyAlgorithm;
|
||||||
|
}
|
||||||
|
|
||||||
|
public long getKeyID()
|
||||||
|
{
|
||||||
|
return keyID;
|
||||||
|
}
|
||||||
|
|
||||||
|
public OutputStream getOutputStream()
|
||||||
|
{
|
||||||
|
return outputStream;
|
||||||
|
}
|
||||||
|
|
||||||
|
public byte[] getSignature() {
|
||||||
|
byte[] rawData = outputStream.toByteArray();
|
||||||
|
|
||||||
|
ByteBuffer buf = ByteBuffer.wrap(rawData);
|
||||||
|
if (signedHashes.containsKey(buf)) {
|
||||||
|
return (byte[]) signedHashes.get(buf);
|
||||||
|
}
|
||||||
|
// catch this when signatureGenerator.generate() is executed and divert to card,
|
||||||
|
// when doing the operation again reuse creationTimestamp (this will be hashed)
|
||||||
|
throw new NfcInteractionNeeded(rawData, getHashAlgorithm());
|
||||||
|
}
|
||||||
|
|
||||||
|
public byte[] getDigest()
|
||||||
|
{
|
||||||
|
return outputStream.toByteArray();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -255,7 +255,9 @@ public class CanonicalizedSecretKey extends CanonicalizedPublicKey {
|
||||||
|
|
||||||
private PGPContentSignerBuilder getAuthenticationContentSignerBuilder(int hashAlgorithm, Map<ByteBuffer,
|
private PGPContentSignerBuilder getAuthenticationContentSignerBuilder(int hashAlgorithm, Map<ByteBuffer,
|
||||||
byte[]> signedHashes) {
|
byte[]> signedHashes) {
|
||||||
if (getAlgorithm() == PublicKeyAlgorithmTags.EDDSA) {
|
if (
|
||||||
|
getAlgorithm() == PublicKeyAlgorithmTags.EDDSA
|
||||||
|
&& mPrivateKeyState != PRIVATE_KEY_STATE_DIVERT_TO_CARD) {
|
||||||
// content signer feeding the input directly into the signature engine,
|
// content signer feeding the input directly into the signature engine,
|
||||||
// since EdDSA hashes the input anyway
|
// since EdDSA hashes the input anyway
|
||||||
return new EdDsaAuthenticationContentSignerBuilder(
|
return new EdDsaAuthenticationContentSignerBuilder(
|
||||||
|
|
|
@ -19,11 +19,13 @@ package org.sufficientlysecure.keychain.pgp;
|
||||||
|
|
||||||
import org.bouncycastle.bcpg.DSAPublicBCPGKey;
|
import org.bouncycastle.bcpg.DSAPublicBCPGKey;
|
||||||
import org.bouncycastle.bcpg.ECPublicBCPGKey;
|
import org.bouncycastle.bcpg.ECPublicBCPGKey;
|
||||||
|
import org.bouncycastle.bcpg.EdDSAPublicBCPGKey;
|
||||||
import org.bouncycastle.bcpg.RSAPublicBCPGKey;
|
import org.bouncycastle.bcpg.RSAPublicBCPGKey;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
import org.sufficientlysecure.keychain.pgp.exception.PgpGeneralException;
|
||||||
import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
|
import org.sufficientlysecure.keychain.ssh.key.SshDSAPublicKey;
|
||||||
import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
|
import org.sufficientlysecure.keychain.ssh.key.SshECDSAPublicKey;
|
||||||
|
import org.sufficientlysecure.keychain.ssh.key.SshEd25519PublicKey;
|
||||||
import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
|
import org.sufficientlysecure.keychain.ssh.key.SshRSAPublicKey;
|
||||||
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;
|
import org.sufficientlysecure.keychain.ssh.utils.SshUtils;
|
||||||
|
|
||||||
|
@ -46,9 +48,8 @@ public class SshPublicKey {
|
||||||
return encodeRSAKey(key);
|
return encodeRSAKey(key);
|
||||||
case PGPPublicKey.ECDSA:
|
case PGPPublicKey.ECDSA:
|
||||||
return encodeECKey(key);
|
return encodeECKey(key);
|
||||||
// TODO
|
case PGPPublicKey.EDDSA:
|
||||||
// case PGPPublicKey.EDDSA:
|
return encodeEdDSAKey(key);
|
||||||
// return encodeEdDSAKey(key);
|
|
||||||
case PGPPublicKey.DSA:
|
case PGPPublicKey.DSA:
|
||||||
return encodeDSAKey(key);
|
return encodeDSAKey(key);
|
||||||
default:
|
default:
|
||||||
|
@ -73,15 +74,13 @@ public class SshPublicKey {
|
||||||
return sshECDSAPublicKey.getPublicKeyBlob();
|
return sshECDSAPublicKey.getPublicKeyBlob();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private String encodeEdDSAKey(PGPPublicKey publicKey) {
|
||||||
|
EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
||||||
|
|
||||||
|
SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
|
||||||
|
|
||||||
// private String encodeEdDSAKey(PGPPublicKey publicKey) {
|
return pubkey.getPublicKeyBlob();
|
||||||
// EdDSAPublicBCPGKey publicBCPGKey = (EdDSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
}
|
||||||
//
|
|
||||||
// SshEd25519PublicKey pubkey = new SshEd25519PublicKey(publicBCPGKey.getEdDSAEncodedPoint());
|
|
||||||
//
|
|
||||||
// return pubkey.getPublicKeyBlob();
|
|
||||||
// }
|
|
||||||
|
|
||||||
private String encodeDSAKey(PGPPublicKey publicKey) {
|
private String encodeDSAKey(PGPPublicKey publicKey) {
|
||||||
DSAPublicBCPGKey publicBCPGKey = (DSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
DSAPublicBCPGKey publicBCPGKey = (DSAPublicBCPGKey) publicKey.getPublicKeyPacket().getKey();
|
||||||
|
|
Loading…
Reference in New Issue