From d46671e37e17e988ae4345aa8f947704f3b19e19 Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Thu, 12 Jul 2018 23:16:30 +0200 Subject: [PATCH] Use passphrase for symmetric encryption --- src/main/java/org/pgpainless/pgpainless/PGPainless.java | 5 +++-- .../SymmetricEncryptorDecryptor.java | 9 +++++---- .../java/org/pgpainless/pgpainless/SymmetricTest.java | 6 ++++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/main/java/org/pgpainless/pgpainless/PGPainless.java b/src/main/java/org/pgpainless/pgpainless/PGPainless.java index 5465b6e1..4bf2a8cf 100644 --- a/src/main/java/org/pgpainless/pgpainless/PGPainless.java +++ b/src/main/java/org/pgpainless/pgpainless/PGPainless.java @@ -25,6 +25,7 @@ import org.pgpainless.pgpainless.encryption_signing.EncryptionStream; import org.pgpainless.pgpainless.key.parsing.KeyRingReader; import org.pgpainless.pgpainless.key.generation.KeyRingBuilder; import org.pgpainless.pgpainless.symmetric_encryption.SymmetricEncryptorDecryptor; +import org.pgpainless.pgpainless.util.Passphrase; import java.io.IOException; @@ -72,7 +73,7 @@ public class PGPainless { * @throws IOException IO is dangerous. * @throws PGPException PGP is brittle. */ - public static byte[] encryptWithPassword(byte[] data, char[] password, SymmetricKeyAlgorithm algorithm) throws IOException, PGPException { + public static byte[] encryptWithPassword(byte[] data, Passphrase password, SymmetricKeyAlgorithm algorithm) throws IOException, PGPException { return SymmetricEncryptorDecryptor.symmetricallyEncrypt(data, password, algorithm, CompressionAlgorithm.UNCOMPRESSED); } @@ -87,7 +88,7 @@ public class PGPainless { * @throws IOException IO is dangerous. * @throws PGPException PGP is brittle. */ - public static byte[] decryptWithPassword(byte[] data, char[] password) throws IOException, PGPException { + public static byte[] decryptWithPassword(byte[] data, Passphrase password) throws IOException, PGPException { return SymmetricEncryptorDecryptor.symmetricallyDecrypt(data, password); } } diff --git a/src/main/java/org/pgpainless/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java b/src/main/java/org/pgpainless/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java index 5d6d03ff..ae5c2dc7 100644 --- a/src/main/java/org/pgpainless/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java +++ b/src/main/java/org/pgpainless/pgpainless/symmetric_encryption/SymmetricEncryptorDecryptor.java @@ -41,6 +41,7 @@ import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder; import org.bouncycastle.util.io.Streams; import org.pgpainless.pgpainless.algorithm.CompressionAlgorithm; import org.pgpainless.pgpainless.algorithm.SymmetricKeyAlgorithm; +import org.pgpainless.pgpainless.util.Passphrase; /** * Stolen from @@ -62,7 +63,7 @@ public class SymmetricEncryptorDecryptor { * @throws PGPException OpenPGP is brittle */ public static byte[] symmetricallyEncrypt(byte[] data, - char[] password, + Passphrase password, SymmetricKeyAlgorithm encryptionAlgorithm, CompressionAlgorithm compressionAlgorithm) throws IOException, PGPException { @@ -77,7 +78,7 @@ public class SymmetricEncryptorDecryptor { .setSecureRandom(new SecureRandom()) .setProvider("BC")); - encGen.addMethod(new JcePBEKeyEncryptionMethodGenerator(password).setProvider("BC")); + encGen.addMethod(new JcePBEKeyEncryptionMethodGenerator(password.getChars()).setProvider("BC")); OutputStream encOut = encGen.open(bOut, compressedData.length); @@ -98,7 +99,7 @@ public class SymmetricEncryptorDecryptor { * @throws IOException IO is dangerous * @throws PGPException OpenPGP is brittle */ - public static byte[] symmetricallyDecrypt(byte[] data, char[] password) throws IOException, PGPException { + public static byte[] symmetricallyDecrypt(byte[] data, Passphrase password) throws IOException, PGPException { InputStream in = new BufferedInputStream(new ByteArrayInputStream(data)); in = PGPUtil.getDecoderStream(in); @@ -115,7 +116,7 @@ public class SymmetricEncryptorDecryptor { PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0); InputStream clear = pbe.getDataStream(new BcPBEDataDecryptorFactory( - password, new BcPGPDigestCalculatorProvider())); + password.getChars(), new BcPGPDigestCalculatorProvider())); BcPGPObjectFactory pgpFact = new BcPGPObjectFactory(clear); diff --git a/src/test/java/org/pgpainless/pgpainless/SymmetricTest.java b/src/test/java/org/pgpainless/pgpainless/SymmetricTest.java index 50f67c67..82d2f735 100644 --- a/src/test/java/org/pgpainless/pgpainless/SymmetricTest.java +++ b/src/test/java/org/pgpainless/pgpainless/SymmetricTest.java @@ -27,6 +27,7 @@ import org.bouncycastle.bcpg.ArmoredOutputStream; import org.bouncycastle.openpgp.PGPException; import org.junit.Test; import org.pgpainless.pgpainless.algorithm.SymmetricKeyAlgorithm; +import org.pgpainless.pgpainless.util.Passphrase; public class SymmetricTest extends AbstractPGPainlessTest { @@ -45,7 +46,8 @@ public class SymmetricTest extends AbstractPGPainlessTest { @Test public void testSymmetricEncryptionDecryption() throws IOException, PGPException { byte[] plain = message.getBytes(); - byte[] enc = PGPainless.encryptWithPassword(plain, "choose_a_better_password_please".toCharArray(), SymmetricKeyAlgorithm.AES_128); + Passphrase passphrase = new Passphrase("choose_a_better_password_please".toCharArray()); + byte[] enc = PGPainless.encryptWithPassword(plain, passphrase, SymmetricKeyAlgorithm.AES_128); ByteArrayOutputStream out = new ByteArrayOutputStream(); ArmoredOutputStream armor = new ArmoredOutputStream(out); armor.write(enc); @@ -55,7 +57,7 @@ public class SymmetricTest extends AbstractPGPainlessTest { // Print cipher text for validation with GnuPG. LOGGER.log(Level.INFO, new String(out.toByteArray())); - byte[] plain2 = PGPainless.decryptWithPassword(enc, "choose_a_better_password_please".toCharArray()); + byte[] plain2 = PGPainless.decryptWithPassword(enc, passphrase); assertTrue(Arrays.equals(plain, plain2)); } }