Browse Source

Allow different providers than BC

tags/0.0.1-alpha5
Paul Schaub 4 months ago
parent
commit
36c871f198
Signed by: Paul Schaub <vanitasvitae@fsfe.org> GPG Key ID: 62BEE9264BF17311

+ 3
- 0
README.md View File

@@ -40,6 +40,9 @@ The entry point to the API is the `PGPainless` class. Here you can find methods
The first thing you probably want to do is generate you some nice tasty Key Pairs. The most straight forward way to do so is by calling

```java
// Add a suitable cryptographic provider
Security.insertProviderAt(new BouncyCastleProvider(), 1);

PGPSecretKeyRing keyRing = PGPainless.generateKeyRing()
.simpleRsaKeyRing("Juliet <juliet@montague.lit>", RsaLength._4096);
```

+ 1
- 1
build.gradle View File

@@ -16,7 +16,7 @@ buildscript {
}

plugins {
id 'ru.vyarus.animalsniffer' version '1.4.3'
id 'ru.vyarus.animalsniffer' version '1.5.0'
}

apply from: 'version.gradle'

+ 7
- 3
pgpainless-core/build.gradle View File

@@ -1,12 +1,16 @@
ext {
bcVersion = "1.60"
}


dependencies {
testCompile group: 'junit', name: 'junit', version: '4.12'
/*
compile 'org.bouncycastle:bcprov-debug-jdk15on:1.60'
compile "org.bouncycastle:bcprov-debug-jdk15on:$bcVersion"
/*/
compile 'org.bouncycastle:bcprov-jdk15on:1.60'
compile "org.bouncycastle:bcprov-jdk15on:$bcVersion"
//*/
compile 'org.bouncycastle:bcpg-jdk15on:1.60'
compile "org.bouncycastle:bcpg-jdk15on:$bcVersion"

// https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305
compile group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'

+ 6
- 14
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java View File

@@ -22,13 +22,11 @@ import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
@@ -73,11 +71,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* @return {@link PGPSecretKeyRing} containing the KeyPair.
* @throws PGPException
* @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException
*/
public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length)
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return withMasterKey(
KeySpec.getBuilder(RSA_GENERAL.withLength(length))
.withDefaultKeyFlags()
@@ -96,11 +93,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* @return {@link PGPSecretKeyRing} containing the key pairs.
* @throws PGPException
* @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException
*/
public PGPKeyRing simpleEcKeyRing(@Nonnull String userId)
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return withSubKey(
KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
.withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
@@ -160,12 +156,11 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
class BuildImpl implements Build {

@Override
public PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
public PGPKeyRing build() throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException {

// Hash Calculator
PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build()
.get(HashAlgorithm.SHA1.getAlgorithmId());

@@ -173,7 +168,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
PBESecretKeyEncryptor encryptor = passphrase == null ?
null : // unencrypted key pair, otherwise AES-256 encrypted
new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, calculator)
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build(passphrase != null ? passphrase.getChars() : null);

if (passphrase != null) {
@@ -190,8 +184,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {

// Signer for creating self-signature
PGPContentSignerBuilder signer = new JcaPGPContentSignerBuilder(
certKey.getPublicKey().getAlgorithm(), HashAlgorithm.SHA512.getAlgorithmId())
.setProvider(BouncyCastleProvider.PROVIDER_NAME);
certKey.getPublicKey().getAlgorithm(), HashAlgorithm.SHA512.getAlgorithmId());

PGPSignatureSubpacketVector hashedSubPackets = certKeySpec.getSubpackets();

@@ -220,11 +213,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
}

private PGPKeyPair generateKeyPair(KeySpec spec)
throws NoSuchProviderException, NoSuchAlgorithmException, PGPException,
throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException {
KeyType type = spec.getKeyType();
KeyPairGenerator certKeyGenerator = KeyPairGenerator.getInstance(
type.getName(), BouncyCastleProvider.PROVIDER_NAME);
KeyPairGenerator certKeyGenerator = KeyPairGenerator.getInstance(type.getName());
certKeyGenerator.initialize(type.getAlgorithmSpec());

// Create raw Key Pair

+ 1
- 2
pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilderInterface.java View File

@@ -18,7 +18,6 @@ package org.pgpainless.key.generation;
import javax.annotation.Nonnull;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;

import org.bouncycastle.openpgp.PGPException;
import org.pgpainless.key.collection.PGPKeyRing;
@@ -47,7 +46,7 @@ public interface KeyRingBuilderInterface {

interface Build {

PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException,
PGPKeyRing build() throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException;

}

+ 1
- 1
pgpainless-core/src/test/java/org/pgpainless/AbstractPGPainlessTest.java View File

@@ -24,6 +24,6 @@ public abstract class AbstractPGPainlessTest {

@BeforeClass
public static void registerProvider() {
Security.addProvider(new BouncyCastleProvider());
Security.insertProviderAt(new BouncyCastleProvider(), 1);
}
}

+ 4
- 8
pgpainless-core/src/test/java/org/pgpainless/BouncycastleExportSubkeys.java View File

@@ -19,7 +19,6 @@ import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Date;

import org.bouncycastle.bcpg.CompressionAlgorithmTags;
@@ -28,7 +27,6 @@ import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
import org.bouncycastle.bcpg.sig.Features;
import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair;
@@ -47,13 +45,13 @@ import org.junit.Test;
public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {

@Test
public void testExportImport() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, PGPException {
public void testExportImport() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, PGPException {
KeyPairGenerator generator;
KeyPair pair;

// Generate master key

generator = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
generator = KeyPairGenerator.getInstance("ECDSA");
generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));

pair = generator.generateKeyPair();
@@ -79,7 +77,7 @@ public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {

// Generate sub key

generator = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME);
generator = KeyPairGenerator.getInstance("ECDH");
generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));

pair = generator.generateKeyPair();
@@ -88,13 +86,11 @@ public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {
// Assemble key

PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build()
.get(HashAlgorithmTags.SHA1);

PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
pgpMasterKey.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512)
.setProvider(BouncyCastleProvider.PROVIDER_NAME);
pgpMasterKey.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512);

PGPKeyRingGenerator pgpGenerator = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION,
pgpMasterKey, "alice@wonderland.lit", calculator, subPackets.generate(), null,

Loading…
Cancel
Save