From 9f062ebd7932f04c1e1861866911394ef53cbf48 Mon Sep 17 00:00:00 2001 From: Florian Schmaus Date: Sun, 28 Jul 2019 12:25:00 +0200 Subject: [PATCH] Remove no longer reuired KeyRingSubKeyFix since we are using BouncyCastle 1.62 now. --- .../key/generation/KeyRingBuilder.java | 4 - .../main/java/org/pgpainless/util/BCUtil.java | 4 +- .../org/pgpainless/util/KeyRingSubKeyFix.java | 111 ------------------ .../org/pgpainless/KeyRingSubKeyFixTest.java | 52 -------- 4 files changed, 1 insertion(+), 170 deletions(-) delete mode 100644 pgpainless-core/src/main/java/org/pgpainless/util/KeyRingSubKeyFix.java delete mode 100644 pgpainless-core/src/test/java/org/pgpainless/KeyRingSubKeyFixTest.java diff --git a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java index 9cad42de..7cc25d93 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java +++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java @@ -51,7 +51,6 @@ import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.RSA_GENERAL; import org.pgpainless.key.generation.type.curve.EllipticCurve; import org.pgpainless.key.generation.type.length.RsaLength; -import org.pgpainless.util.KeyRingSubKeyFix; import org.pgpainless.util.Passphrase; public class KeyRingBuilder implements KeyRingBuilderInterface { @@ -206,9 +205,6 @@ public class KeyRingBuilder implements KeyRingBuilderInterface { PGPPublicKeyRing publicKeys = ringGenerator.generatePublicKeyRing(); PGPSecretKeyRing secretKeys = ringGenerator.generateSecretKeyRing(); - // TODO: Remove once BC 1.61 is released - secretKeys = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null); - return new PGPKeyRing(publicKeys, secretKeys); } diff --git a/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java b/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java index bacb199c..65558e3f 100644 --- a/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java +++ b/pgpainless-core/src/main/java/org/pgpainless/util/BCUtil.java @@ -65,10 +65,8 @@ public class BCUtil { public static PGPPublicKeyRing publicKeyRingFromSecretKeyRing(@Nonnull PGPSecretKeyRing secretKeys) throws PGPException, IOException { - PGPSecretKeyRing fixedSecretKeys = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null); - ByteArrayOutputStream buffer = new ByteArrayOutputStream(512); - for (PGPSecretKey secretKey : fixedSecretKeys) { + for (PGPSecretKey secretKey : secretKeys) { PGPPublicKey publicKey = secretKey.getPublicKey(); if (publicKey != null) { publicKey.encode(buffer, false); diff --git a/pgpainless-core/src/main/java/org/pgpainless/util/KeyRingSubKeyFix.java b/pgpainless-core/src/main/java/org/pgpainless/util/KeyRingSubKeyFix.java deleted file mode 100644 index dbda65e7..00000000 --- a/pgpainless-core/src/main/java/org/pgpainless/util/KeyRingSubKeyFix.java +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright 2018 Paul Schaub. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.pgpainless.util; - -import javax.annotation.Nonnull; -import javax.annotation.Nullable; -import java.lang.reflect.Field; -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.logging.Level; -import java.util.logging.Logger; - -import org.bouncycastle.bcpg.HashAlgorithmTags; -import org.bouncycastle.bcpg.PublicKeyPacket; -import org.bouncycastle.bcpg.PublicSubkeyPacket; -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPrivateKey; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.PGPSecretKey; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor; -import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor; -import org.bouncycastle.openpgp.operator.PGPDigestCalculator; -import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider; - -public class KeyRingSubKeyFix { - - private static final Logger LOGGER = Logger.getLogger(KeyRingSubKeyFix.class.getName()); - - /** - * This method makes sure, that sub keys do consist of sub key packets. - * Bouncycastle versions up to and including 1.60 created {@link PGPSecretKeyRing}s which sub keys consisted of - * normal public key packets, which would result in lost keys when converting PGPSecretKeyRings to PGPPublicKeyRings. - * - * This method throws a {@link RuntimeException} of a {@link NoSuchFieldException} or {@link IllegalAccessException}. - * - * @see Bouncycastle Java bug report #381 - * - * @param secretKeys possibly faulty PGPSecretKeyRing - * @param decryptor decryptor in case the keys are encrypted (can be null) - * @param encryptor encryptor to re-encrypt the keys in case they are encrypted (can be null) - * - * @return fixed PGPSecretKeyRing - * - * @throws PGPException in case we cannot dismantle or reassemble the key. - */ - public static PGPSecretKeyRing repairSubkeyPackets(@Nonnull PGPSecretKeyRing secretKeys, - @Nullable PBESecretKeyDecryptor decryptor, - @Nullable PBESecretKeyEncryptor encryptor) - throws PGPException { - - PGPDigestCalculator calculator = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); - - List _secretKeys = new ArrayList<>(); - Iterator secretKeyIterator = secretKeys.iterator(); - try { - - while (secretKeyIterator.hasNext()) { - PGPSecretKey secSubKey = secretKeyIterator.next(); - - if (secSubKey.isMasterKey()) { - LOGGER.log(Level.FINER, Long.toHexString(secSubKey.getKeyID()) + " is master key. Skip."); - _secretKeys.add(secSubKey); - continue; - } - - PGPPublicKey pubSubKey = secSubKey.getPublicKey(); - - // check for public key packet type - - Field publicPk = pubSubKey.getClass().getDeclaredField("publicPk"); - publicPk.setAccessible(true); - PublicKeyPacket keyPacket = (PublicKeyPacket) publicPk.get(pubSubKey); - - if (keyPacket instanceof PublicSubkeyPacket) { - // Sub key is already sub key - _secretKeys.add(secSubKey); - continue; - } - - // Sub key is normal key -> fix - LOGGER.log(Level.FINER, "Subkey " + Long.toHexString(secSubKey.getKeyID()) + " does not have a subkey key packet. Convert it..."); - keyPacket = new PublicSubkeyPacket(pubSubKey.getAlgorithm(), pubSubKey.getCreationTime(), keyPacket.getKey()); - publicPk.set(pubSubKey, keyPacket); - - PGPPrivateKey privateKey = secSubKey.extractPrivateKey(decryptor); - - PGPSecretKey secretKey = new PGPSecretKey(privateKey, pubSubKey, calculator, false, encryptor); - _secretKeys.add(secretKey); - } - - return new PGPSecretKeyRing(_secretKeys); - } catch (NoSuchFieldException | IllegalAccessException e) { - throw new RuntimeException("Cannot apply fix due to an error while using reflections.", e); - } - } -} diff --git a/pgpainless-core/src/test/java/org/pgpainless/KeyRingSubKeyFixTest.java b/pgpainless-core/src/test/java/org/pgpainless/KeyRingSubKeyFixTest.java deleted file mode 100644 index 43bcfd45..00000000 --- a/pgpainless-core/src/test/java/org/pgpainless/KeyRingSubKeyFixTest.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2018 Paul Schaub. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.pgpainless; - -import static junit.framework.TestCase.assertTrue; - -import java.io.IOException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.NoSuchProviderException; -import java.util.Arrays; - -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.junit.Test; -import org.pgpainless.key.collection.PGPKeyRing; -import org.pgpainless.util.BCUtil; -import org.pgpainless.util.KeyRingSubKeyFix; - -public class KeyRingSubKeyFixTest extends AbstractPGPainlessTest { - - @Test - public void test() - throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, - IOException { - PGPKeyRing ring = PGPainless.generateKeyRing().simpleEcKeyRing("hallo@welt.de"); - PGPSecretKeyRing secretKeys = ring.getSecretKeys(); - PGPPublicKeyRing publicKeys = ring.getPublicKeys(); - - PGPSecretKeyRing fixed = KeyRingSubKeyFix.repairSubkeyPackets(secretKeys, null, null); - - assertTrue(Arrays.equals(secretKeys.getEncoded(), fixed.getEncoded())); - - PGPPublicKeyRing fixedPub = BCUtil.publicKeyRingFromSecretKeyRing(fixed); - - assertTrue(Arrays.equals(publicKeys.getEncoded(), fixedPub.getEncoded())); - } -}