1
0
Fork 0
mirror of https://codeberg.org/Mercury-IM/Smack synced 2024-11-24 15:22:07 +01:00

OpenPGP: Bump Pgpainless to 0.0.1-alpha7

Also unify how new Security Providers are installed.

Thanks to Paul Schaub for helping with this.
This commit is contained in:
Florian Schmaus 2019-07-25 09:56:46 +02:00
parent b86d088926
commit 8da954f7a4
9 changed files with 78 additions and 27 deletions

View file

@ -0,0 +1,53 @@
/**
*
* Copyright 2019 Florian Schmaus.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.jivesoftware.smack.util;
import java.lang.reflect.InvocationTargetException;
import java.security.Provider;
import java.security.Security;
import org.jxmpp.util.cache.LruCache;
public class SecurityUtil {
private static final LruCache<Class<? extends Provider>, Void> INSERTED_PROVIDERS_CACHE = new LruCache<>(8);
public static void ensureProviderAtFirstPosition(Class<? extends Provider> providerClass) {
if (INSERTED_PROVIDERS_CACHE.containsKey(providerClass)) {
return;
}
Provider provider;
try {
provider = providerClass.getDeclaredConstructor().newInstance();
} catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException
| NoSuchMethodException | SecurityException e) {
throw new IllegalArgumentException(e);
}
String providerName = provider.getName();
int installedPosition ;
synchronized (Security.class) {
Security.removeProvider(providerName);
installedPosition = Security.insertProviderAt(provider, 1);
}
assert installedPosition == 1;
INSERTED_PROVIDERS_CACHE.put(providerClass, null);
}
}

View file

@ -35,7 +35,6 @@ import static org.jivesoftware.smackx.hashes.HashManager.ALGORITHM.SHA_512;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
@ -43,7 +42,7 @@ import java.util.WeakHashMap;
import org.jivesoftware.smack.Manager; import org.jivesoftware.smack.Manager;
import org.jivesoftware.smack.XMPPConnection; import org.jivesoftware.smack.XMPPConnection;
import org.jivesoftware.smack.util.SecurityUtil;
import org.jivesoftware.smackx.disco.ServiceDiscoveryManager; import org.jivesoftware.smackx.disco.ServiceDiscoveryManager;
import org.jivesoftware.smackx.hashes.element.HashElement; import org.jivesoftware.smackx.hashes.element.HashElement;
@ -58,7 +57,9 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
public final class HashManager extends Manager { public final class HashManager extends Manager {
static { static {
Security.addProvider(new BouncyCastleProvider()); // Remove any BC providers and add a fresh one.
// This is done, since older Android versions ship with a crippled BC provider.
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
} }
public static final String PREFIX_NS_ALGO = "urn:xmpp:hash-function-text-names:"; public static final String PREFIX_NS_ALGO = "urn:xmpp:hash-function-text-names:";

View file

@ -17,6 +17,9 @@
package org.jivesoftware.smackx.omemo; package org.jivesoftware.smackx.omemo;
import org.jivesoftware.smack.initializer.UrlInitializer; import org.jivesoftware.smack.initializer.UrlInitializer;
import org.jivesoftware.smack.util.SecurityUtil;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
/** /**
* Initializer class that registers omemo providers. * Initializer class that registers omemo providers.
@ -26,6 +29,12 @@ import org.jivesoftware.smack.initializer.UrlInitializer;
@SuppressWarnings("unused") @SuppressWarnings("unused")
public class OmemoInitializer extends UrlInitializer { public class OmemoInitializer extends UrlInitializer {
static {
// Remove any BC providers and add a fresh one.
// This is done, since older Android versions ship with a crippled BC provider.
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
}
@Override @Override
protected String getProvidersUri() { protected String getProvidersUri() {
return "classpath:org.jivesoftware.smackx.omemo/omemo.providers"; return "classpath:org.jivesoftware.smackx.omemo/omemo.providers";

View file

@ -22,7 +22,6 @@ import static org.jivesoftware.smackx.omemo.util.OmemoConstants.Crypto.KEYTYPE;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException; import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
@ -45,7 +44,6 @@ import org.jivesoftware.smack.XMPPException;
import org.jivesoftware.smack.packet.Message; import org.jivesoftware.smack.packet.Message;
import org.jivesoftware.smack.packet.Stanza; import org.jivesoftware.smack.packet.Stanza;
import org.jivesoftware.smack.packet.StanzaError; import org.jivesoftware.smack.packet.StanzaError;
import org.jivesoftware.smackx.carbons.packet.CarbonExtension; import org.jivesoftware.smackx.carbons.packet.CarbonExtension;
import org.jivesoftware.smackx.mam.MamManager; import org.jivesoftware.smackx.mam.MamManager;
import org.jivesoftware.smackx.muc.MultiUserChat; import org.jivesoftware.smackx.muc.MultiUserChat;
@ -80,7 +78,6 @@ import org.jivesoftware.smackx.pubsub.PayloadItem;
import org.jivesoftware.smackx.pubsub.PubSubException; import org.jivesoftware.smackx.pubsub.PubSubException;
import org.jivesoftware.smackx.pubsub.PubSubManager; import org.jivesoftware.smackx.pubsub.PubSubManager;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jxmpp.jid.BareJid; import org.jxmpp.jid.BareJid;
import org.jxmpp.jid.EntityBareJid; import org.jxmpp.jid.EntityBareJid;
import org.jxmpp.jid.Jid; import org.jxmpp.jid.Jid;
@ -102,10 +99,6 @@ import org.jxmpp.jid.Jid;
public abstract class OmemoService<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph> public abstract class OmemoService<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph>
implements OmemoCarbonCopyStanzaReceivedListener, OmemoMessageStanzaReceivedListener { implements OmemoCarbonCopyStanzaReceivedListener, OmemoMessageStanzaReceivedListener {
static {
Security.addProvider(new BouncyCastleProvider());
}
protected static final Logger LOGGER = Logger.getLogger(OmemoService.class.getName()); protected static final Logger LOGGER = Logger.getLogger(OmemoService.class.getName());
private static final long MILLIS_PER_HOUR = 1000L * 60 * 60; private static final long MILLIS_PER_HOUR = 1000L * 60 * 60;

View file

@ -25,21 +25,20 @@ import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.Security;
import org.jivesoftware.smack.test.util.SmackTestSuite;
import org.jivesoftware.smackx.omemo.element.OmemoElement; import org.jivesoftware.smackx.omemo.element.OmemoElement;
import org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException; import org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException;
import org.jivesoftware.smackx.omemo.internal.CipherAndAuthTag; import org.jivesoftware.smackx.omemo.internal.CipherAndAuthTag;
import org.jivesoftware.smackx.omemo.internal.CiphertextTuple; import org.jivesoftware.smackx.omemo.internal.CiphertextTuple;
import org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder; import org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.junit.Test; import org.junit.Test;
/** /**
* Test the identityKeyWrapper. * Test the identityKeyWrapper.
*/ */
public class WrapperObjectsTest { public class WrapperObjectsTest extends SmackTestSuite {
@Test @Test
public void ciphertextTupleTest() { public void ciphertextTupleTest() {
@ -56,7 +55,6 @@ public class WrapperObjectsTest {
@Test @Test
public void cipherAndAuthTagTest() throws NoSuchAlgorithmException, CryptoFailedException { public void cipherAndAuthTagTest() throws NoSuchAlgorithmException, CryptoFailedException {
Security.addProvider(new BouncyCastleProvider());
byte[] key = OmemoMessageBuilder.generateKey(KEYTYPE, KEYLENGTH); byte[] key = OmemoMessageBuilder.generateKey(KEYTYPE, KEYLENGTH);
byte[] iv = OmemoMessageBuilder.generateIv(); byte[] iv = OmemoMessageBuilder.generateIv();
byte[] authTag = OmemoMessageBuilder.generateIv(); byte[] authTag = OmemoMessageBuilder.generateIv();

View file

@ -12,7 +12,7 @@ dependencies {
compile project(':smack-extensions') compile project(':smack-extensions')
compile project(':smack-experimental') compile project(':smack-experimental')
compile 'org.pgpainless:pgpainless-core:0.0.1-alpha4' compile 'org.pgpainless:pgpainless-core:0.0.1-alpha7'
testCompile project(path: ":smack-core", configuration: "testRuntime") testCompile project(path: ":smack-core", configuration: "testRuntime")
testCompile project(path: ":smack-core", configuration: "archives") testCompile project(path: ":smack-core", configuration: "archives")

View file

@ -19,7 +19,6 @@ package org.jivesoftware.smackx.ox.crypto;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.security.Security;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collection; import java.util.Collection;
import java.util.logging.Level; import java.util.logging.Level;
@ -38,7 +37,6 @@ import org.jivesoftware.smackx.ox.element.SignElement;
import org.jivesoftware.smackx.ox.element.SigncryptElement; import org.jivesoftware.smackx.ox.element.SigncryptElement;
import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore; import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
@ -53,13 +51,6 @@ public class PainlessOpenPgpProvider implements OpenPgpProvider {
private static final Logger LOGGER = Logger.getLogger(PainlessOpenPgpProvider.class.getName()); private static final Logger LOGGER = Logger.getLogger(PainlessOpenPgpProvider.class.getName());
static {
// Remove any BC providers and add a fresh one.
// This is done, since older Android versions ship with a crippled BC provider.
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
Security.addProvider(new BouncyCastleProvider());
}
private final XMPPConnection connection; private final XMPPConnection connection;
private final OpenPgpStore store; private final OpenPgpStore store;

View file

@ -17,12 +17,21 @@
package org.jivesoftware.smackx.ox.util; package org.jivesoftware.smackx.ox.util;
import org.jivesoftware.smack.initializer.UrlInitializer; import org.jivesoftware.smack.initializer.UrlInitializer;
import org.jivesoftware.smack.util.SecurityUtil;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
/** /**
* Initializer class which registers ExtensionElementProviders on startup. * Initializer class which registers ExtensionElementProviders on startup.
*/ */
public class OpenPgpInitializer extends UrlInitializer { public class OpenPgpInitializer extends UrlInitializer {
static {
// Remove any BC providers and add a fresh one.
// This is done, since older Android versions ship with a crippled BC provider.
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
}
@Override @Override
protected String getProvidersUri() { protected String getProvidersUri() {
return "classpath:org.jivesoftware.smackx.ox/openpgp.providers"; return "classpath:org.jivesoftware.smackx.ox/openpgp.providers";

View file

@ -28,7 +28,6 @@ import java.io.IOException;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException; import java.security.NoSuchProviderException;
import java.security.Security;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.Collections; import java.util.Collections;
@ -45,7 +44,6 @@ import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
import org.jivesoftware.smackx.ox.store.definition.OpenPgpTrustStore; import org.jivesoftware.smackx.ox.store.definition.OpenPgpTrustStore;
import org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore; import org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
@ -81,7 +79,6 @@ public class OpenPgpStoreTest extends SmackTestSuite {
static { static {
storagePath = FileTestUtil.getTempDir("storeTest"); storagePath = FileTestUtil.getTempDir("storeTest");
Security.addProvider(new BouncyCastleProvider());
} }
@Parameterized.Parameters @Parameterized.Parameters