1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-11-29 07:42:06 +01:00

Allow different providers than BC

This commit is contained in:
Paul Schaub 2019-04-02 21:11:16 +02:00
parent 90649a5882
commit 36c871f198
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
7 changed files with 23 additions and 29 deletions

View file

@ -40,6 +40,9 @@ The entry point to the API is the `PGPainless` class. Here you can find methods
The first thing you probably want to do is generate you some nice tasty Key Pairs. The most straight forward way to do so is by calling The first thing you probably want to do is generate you some nice tasty Key Pairs. The most straight forward way to do so is by calling
```java ```java
// Add a suitable cryptographic provider
Security.insertProviderAt(new BouncyCastleProvider(), 1);
PGPSecretKeyRing keyRing = PGPainless.generateKeyRing() PGPSecretKeyRing keyRing = PGPainless.generateKeyRing()
.simpleRsaKeyRing("Juliet <juliet@montague.lit>", RsaLength._4096); .simpleRsaKeyRing("Juliet <juliet@montague.lit>", RsaLength._4096);
``` ```

View file

@ -16,7 +16,7 @@ buildscript {
} }
plugins { plugins {
id 'ru.vyarus.animalsniffer' version '1.4.3' id 'ru.vyarus.animalsniffer' version '1.5.0'
} }
apply from: 'version.gradle' apply from: 'version.gradle'

View file

@ -1,12 +1,16 @@
ext {
bcVersion = "1.60"
}
dependencies { dependencies {
testCompile group: 'junit', name: 'junit', version: '4.12' testCompile group: 'junit', name: 'junit', version: '4.12'
/* /*
compile 'org.bouncycastle:bcprov-debug-jdk15on:1.60' compile "org.bouncycastle:bcprov-debug-jdk15on:$bcVersion"
/*/ /*/
compile 'org.bouncycastle:bcprov-jdk15on:1.60' compile "org.bouncycastle:bcprov-jdk15on:$bcVersion"
//*/ //*/
compile 'org.bouncycastle:bcpg-jdk15on:1.60' compile "org.bouncycastle:bcpg-jdk15on:$bcVersion"
// https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305 // https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305
compile group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2' compile group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'

View file

@ -22,13 +22,11 @@ import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair; import java.security.KeyPair;
import java.security.KeyPairGenerator; import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPEncryptedData; import org.bouncycastle.openpgp.PGPEncryptedData;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair; import org.bouncycastle.openpgp.PGPKeyPair;
@ -73,11 +71,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* @return {@link PGPSecretKeyRing} containing the KeyPair. * @return {@link PGPSecretKeyRing} containing the KeyPair.
* @throws PGPException * @throws PGPException
* @throws NoSuchAlgorithmException * @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException * @throws InvalidAlgorithmParameterException
*/ */
public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length) public PGPKeyRing simpleRsaKeyRing(@Nonnull String userId, @Nonnull RsaLength length)
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return withMasterKey( return withMasterKey(
KeySpec.getBuilder(RSA_GENERAL.withLength(length)) KeySpec.getBuilder(RSA_GENERAL.withLength(length))
.withDefaultKeyFlags() .withDefaultKeyFlags()
@ -96,11 +93,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
* @return {@link PGPSecretKeyRing} containing the key pairs. * @return {@link PGPSecretKeyRing} containing the key pairs.
* @throws PGPException * @throws PGPException
* @throws NoSuchAlgorithmException * @throws NoSuchAlgorithmException
* @throws NoSuchProviderException
* @throws InvalidAlgorithmParameterException * @throws InvalidAlgorithmParameterException
*/ */
public PGPKeyRing simpleEcKeyRing(@Nonnull String userId) public PGPKeyRing simpleEcKeyRing(@Nonnull String userId)
throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException { throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
return withSubKey( return withSubKey(
KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256)) KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
.withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS) .withKeyFlags(KeyFlag.ENCRYPT_STORAGE, KeyFlag.ENCRYPT_COMMS)
@ -160,12 +156,11 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
class BuildImpl implements Build { class BuildImpl implements Build {
@Override @Override
public PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException, public PGPKeyRing build() throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException { InvalidAlgorithmParameterException {
// Hash Calculator // Hash Calculator
PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder() PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build() .build()
.get(HashAlgorithm.SHA1.getAlgorithmId()); .get(HashAlgorithm.SHA1.getAlgorithmId());
@ -173,7 +168,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
PBESecretKeyEncryptor encryptor = passphrase == null ? PBESecretKeyEncryptor encryptor = passphrase == null ?
null : // unencrypted key pair, otherwise AES-256 encrypted null : // unencrypted key pair, otherwise AES-256 encrypted
new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, calculator) new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, calculator)
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build(passphrase != null ? passphrase.getChars() : null); .build(passphrase != null ? passphrase.getChars() : null);
if (passphrase != null) { if (passphrase != null) {
@ -190,8 +184,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
// Signer for creating self-signature // Signer for creating self-signature
PGPContentSignerBuilder signer = new JcaPGPContentSignerBuilder( PGPContentSignerBuilder signer = new JcaPGPContentSignerBuilder(
certKey.getPublicKey().getAlgorithm(), HashAlgorithm.SHA512.getAlgorithmId()) certKey.getPublicKey().getAlgorithm(), HashAlgorithm.SHA512.getAlgorithmId());
.setProvider(BouncyCastleProvider.PROVIDER_NAME);
PGPSignatureSubpacketVector hashedSubPackets = certKeySpec.getSubpackets(); PGPSignatureSubpacketVector hashedSubPackets = certKeySpec.getSubpackets();
@ -220,11 +213,10 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
} }
private PGPKeyPair generateKeyPair(KeySpec spec) private PGPKeyPair generateKeyPair(KeySpec spec)
throws NoSuchProviderException, NoSuchAlgorithmException, PGPException, throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException { InvalidAlgorithmParameterException {
KeyType type = spec.getKeyType(); KeyType type = spec.getKeyType();
KeyPairGenerator certKeyGenerator = KeyPairGenerator.getInstance( KeyPairGenerator certKeyGenerator = KeyPairGenerator.getInstance(type.getName());
type.getName(), BouncyCastleProvider.PROVIDER_NAME);
certKeyGenerator.initialize(type.getAlgorithmSpec()); certKeyGenerator.initialize(type.getAlgorithmSpec());
// Create raw Key Pair // Create raw Key Pair

View file

@ -18,7 +18,6 @@ package org.pgpainless.key.generation;
import javax.annotation.Nonnull; import javax.annotation.Nonnull;
import java.security.InvalidAlgorithmParameterException; import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.pgpainless.key.collection.PGPKeyRing; import org.pgpainless.key.collection.PGPKeyRing;
@ -47,7 +46,7 @@ public interface KeyRingBuilderInterface {
interface Build { interface Build {
PGPKeyRing build() throws NoSuchAlgorithmException, PGPException, NoSuchProviderException, PGPKeyRing build() throws NoSuchAlgorithmException, PGPException,
InvalidAlgorithmParameterException; InvalidAlgorithmParameterException;
} }

View file

@ -24,6 +24,6 @@ public abstract class AbstractPGPainlessTest {
@BeforeClass @BeforeClass
public static void registerProvider() { public static void registerProvider() {
Security.addProvider(new BouncyCastleProvider()); Security.insertProviderAt(new BouncyCastleProvider(), 1);
} }
} }

View file

@ -19,7 +19,6 @@ import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair; import java.security.KeyPair;
import java.security.KeyPairGenerator; import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Date; import java.util.Date;
import org.bouncycastle.bcpg.CompressionAlgorithmTags; import org.bouncycastle.bcpg.CompressionAlgorithmTags;
@ -28,7 +27,6 @@ import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags; import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
import org.bouncycastle.bcpg.sig.Features; import org.bouncycastle.bcpg.sig.Features;
import org.bouncycastle.bcpg.sig.KeyFlags; import org.bouncycastle.bcpg.sig.KeyFlags;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec; import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
import org.bouncycastle.openpgp.PGPException; import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPKeyPair; import org.bouncycastle.openpgp.PGPKeyPair;
@ -47,13 +45,13 @@ import org.junit.Test;
public class BouncycastleExportSubkeys extends AbstractPGPainlessTest { public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {
@Test @Test
public void testExportImport() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, PGPException { public void testExportImport() throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, PGPException {
KeyPairGenerator generator; KeyPairGenerator generator;
KeyPair pair; KeyPair pair;
// Generate master key // Generate master key
generator = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME); generator = KeyPairGenerator.getInstance("ECDSA");
generator.initialize(new ECNamedCurveGenParameterSpec("P-256")); generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));
pair = generator.generateKeyPair(); pair = generator.generateKeyPair();
@ -79,7 +77,7 @@ public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {
// Generate sub key // Generate sub key
generator = KeyPairGenerator.getInstance("ECDH", BouncyCastleProvider.PROVIDER_NAME); generator = KeyPairGenerator.getInstance("ECDH");
generator.initialize(new ECNamedCurveGenParameterSpec("P-256")); generator.initialize(new ECNamedCurveGenParameterSpec("P-256"));
pair = generator.generateKeyPair(); pair = generator.generateKeyPair();
@ -88,13 +86,11 @@ public class BouncycastleExportSubkeys extends AbstractPGPainlessTest {
// Assemble key // Assemble key
PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder() PGPDigestCalculator calculator = new JcaPGPDigestCalculatorProviderBuilder()
.setProvider(BouncyCastleProvider.PROVIDER_NAME)
.build() .build()
.get(HashAlgorithmTags.SHA1); .get(HashAlgorithmTags.SHA1);
PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder( PGPContentSignerBuilder signerBuilder = new JcaPGPContentSignerBuilder(
pgpMasterKey.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512) pgpMasterKey.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA512);
.setProvider(BouncyCastleProvider.PROVIDER_NAME);
PGPKeyRingGenerator pgpGenerator = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, PGPKeyRingGenerator pgpGenerator = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION,
pgpMasterKey, "alice@wonderland.lit", calculator, subPackets.generate(), null, pgpMasterKey, "alice@wonderland.lit", calculator, subPackets.generate(), null,