mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-29 07:22:07 +01:00
OpenPGP: Bump Pgpainless to 0.0.1-alpha7
Also unify how new Security Providers are installed. Thanks to Paul Schaub for helping with this.
This commit is contained in:
parent
b86d088926
commit
8da954f7a4
9 changed files with 78 additions and 27 deletions
|
@ -0,0 +1,53 @@
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* Copyright 2019 Florian Schmaus.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.jivesoftware.smack.util;
|
||||||
|
|
||||||
|
import java.lang.reflect.InvocationTargetException;
|
||||||
|
import java.security.Provider;
|
||||||
|
import java.security.Security;
|
||||||
|
|
||||||
|
import org.jxmpp.util.cache.LruCache;
|
||||||
|
|
||||||
|
public class SecurityUtil {
|
||||||
|
|
||||||
|
private static final LruCache<Class<? extends Provider>, Void> INSERTED_PROVIDERS_CACHE = new LruCache<>(8);
|
||||||
|
|
||||||
|
public static void ensureProviderAtFirstPosition(Class<? extends Provider> providerClass) {
|
||||||
|
if (INSERTED_PROVIDERS_CACHE.containsKey(providerClass)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
Provider provider;
|
||||||
|
try {
|
||||||
|
provider = providerClass.getDeclaredConstructor().newInstance();
|
||||||
|
} catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException
|
||||||
|
| NoSuchMethodException | SecurityException e) {
|
||||||
|
throw new IllegalArgumentException(e);
|
||||||
|
}
|
||||||
|
|
||||||
|
String providerName = provider.getName();
|
||||||
|
|
||||||
|
int installedPosition ;
|
||||||
|
synchronized (Security.class) {
|
||||||
|
Security.removeProvider(providerName);
|
||||||
|
installedPosition = Security.insertProviderAt(provider, 1);
|
||||||
|
}
|
||||||
|
assert installedPosition == 1;
|
||||||
|
|
||||||
|
INSERTED_PROVIDERS_CACHE.put(providerClass, null);
|
||||||
|
}
|
||||||
|
}
|
|
@ -35,7 +35,6 @@ import static org.jivesoftware.smackx.hashes.HashManager.ALGORITHM.SHA_512;
|
||||||
|
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.Security;
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
@ -43,7 +42,7 @@ import java.util.WeakHashMap;
|
||||||
|
|
||||||
import org.jivesoftware.smack.Manager;
|
import org.jivesoftware.smack.Manager;
|
||||||
import org.jivesoftware.smack.XMPPConnection;
|
import org.jivesoftware.smack.XMPPConnection;
|
||||||
|
import org.jivesoftware.smack.util.SecurityUtil;
|
||||||
import org.jivesoftware.smackx.disco.ServiceDiscoveryManager;
|
import org.jivesoftware.smackx.disco.ServiceDiscoveryManager;
|
||||||
import org.jivesoftware.smackx.hashes.element.HashElement;
|
import org.jivesoftware.smackx.hashes.element.HashElement;
|
||||||
|
|
||||||
|
@ -58,7 +57,9 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
public final class HashManager extends Manager {
|
public final class HashManager extends Manager {
|
||||||
|
|
||||||
static {
|
static {
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
// Remove any BC providers and add a fresh one.
|
||||||
|
// This is done, since older Android versions ship with a crippled BC provider.
|
||||||
|
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
public static final String PREFIX_NS_ALGO = "urn:xmpp:hash-function-text-names:";
|
public static final String PREFIX_NS_ALGO = "urn:xmpp:hash-function-text-names:";
|
||||||
|
|
|
@ -17,6 +17,9 @@
|
||||||
package org.jivesoftware.smackx.omemo;
|
package org.jivesoftware.smackx.omemo;
|
||||||
|
|
||||||
import org.jivesoftware.smack.initializer.UrlInitializer;
|
import org.jivesoftware.smack.initializer.UrlInitializer;
|
||||||
|
import org.jivesoftware.smack.util.SecurityUtil;
|
||||||
|
|
||||||
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initializer class that registers omemo providers.
|
* Initializer class that registers omemo providers.
|
||||||
|
@ -26,6 +29,12 @@ import org.jivesoftware.smack.initializer.UrlInitializer;
|
||||||
@SuppressWarnings("unused")
|
@SuppressWarnings("unused")
|
||||||
public class OmemoInitializer extends UrlInitializer {
|
public class OmemoInitializer extends UrlInitializer {
|
||||||
|
|
||||||
|
static {
|
||||||
|
// Remove any BC providers and add a fresh one.
|
||||||
|
// This is done, since older Android versions ship with a crippled BC provider.
|
||||||
|
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected String getProvidersUri() {
|
protected String getProvidersUri() {
|
||||||
return "classpath:org.jivesoftware.smackx.omemo/omemo.providers";
|
return "classpath:org.jivesoftware.smackx.omemo/omemo.providers";
|
||||||
|
|
|
@ -22,7 +22,6 @@ import static org.jivesoftware.smackx.omemo.util.OmemoConstants.Crypto.KEYTYPE;
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.InvalidKeyException;
|
import java.security.InvalidKeyException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.Security;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
@ -45,7 +44,6 @@ import org.jivesoftware.smack.XMPPException;
|
||||||
import org.jivesoftware.smack.packet.Message;
|
import org.jivesoftware.smack.packet.Message;
|
||||||
import org.jivesoftware.smack.packet.Stanza;
|
import org.jivesoftware.smack.packet.Stanza;
|
||||||
import org.jivesoftware.smack.packet.StanzaError;
|
import org.jivesoftware.smack.packet.StanzaError;
|
||||||
|
|
||||||
import org.jivesoftware.smackx.carbons.packet.CarbonExtension;
|
import org.jivesoftware.smackx.carbons.packet.CarbonExtension;
|
||||||
import org.jivesoftware.smackx.mam.MamManager;
|
import org.jivesoftware.smackx.mam.MamManager;
|
||||||
import org.jivesoftware.smackx.muc.MultiUserChat;
|
import org.jivesoftware.smackx.muc.MultiUserChat;
|
||||||
|
@ -80,7 +78,6 @@ import org.jivesoftware.smackx.pubsub.PayloadItem;
|
||||||
import org.jivesoftware.smackx.pubsub.PubSubException;
|
import org.jivesoftware.smackx.pubsub.PubSubException;
|
||||||
import org.jivesoftware.smackx.pubsub.PubSubManager;
|
import org.jivesoftware.smackx.pubsub.PubSubManager;
|
||||||
|
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
||||||
import org.jxmpp.jid.BareJid;
|
import org.jxmpp.jid.BareJid;
|
||||||
import org.jxmpp.jid.EntityBareJid;
|
import org.jxmpp.jid.EntityBareJid;
|
||||||
import org.jxmpp.jid.Jid;
|
import org.jxmpp.jid.Jid;
|
||||||
|
@ -102,10 +99,6 @@ import org.jxmpp.jid.Jid;
|
||||||
public abstract class OmemoService<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph>
|
public abstract class OmemoService<T_IdKeyPair, T_IdKey, T_PreKey, T_SigPreKey, T_Sess, T_Addr, T_ECPub, T_Bundle, T_Ciph>
|
||||||
implements OmemoCarbonCopyStanzaReceivedListener, OmemoMessageStanzaReceivedListener {
|
implements OmemoCarbonCopyStanzaReceivedListener, OmemoMessageStanzaReceivedListener {
|
||||||
|
|
||||||
static {
|
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
|
||||||
}
|
|
||||||
|
|
||||||
protected static final Logger LOGGER = Logger.getLogger(OmemoService.class.getName());
|
protected static final Logger LOGGER = Logger.getLogger(OmemoService.class.getName());
|
||||||
|
|
||||||
private static final long MILLIS_PER_HOUR = 1000L * 60 * 60;
|
private static final long MILLIS_PER_HOUR = 1000L * 60 * 60;
|
||||||
|
|
|
@ -25,21 +25,20 @@ import static org.junit.Assert.assertFalse;
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
|
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.Security;
|
|
||||||
|
|
||||||
|
import org.jivesoftware.smack.test.util.SmackTestSuite;
|
||||||
import org.jivesoftware.smackx.omemo.element.OmemoElement;
|
import org.jivesoftware.smackx.omemo.element.OmemoElement;
|
||||||
import org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException;
|
import org.jivesoftware.smackx.omemo.exceptions.CryptoFailedException;
|
||||||
import org.jivesoftware.smackx.omemo.internal.CipherAndAuthTag;
|
import org.jivesoftware.smackx.omemo.internal.CipherAndAuthTag;
|
||||||
import org.jivesoftware.smackx.omemo.internal.CiphertextTuple;
|
import org.jivesoftware.smackx.omemo.internal.CiphertextTuple;
|
||||||
import org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder;
|
import org.jivesoftware.smackx.omemo.util.OmemoMessageBuilder;
|
||||||
|
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test the identityKeyWrapper.
|
* Test the identityKeyWrapper.
|
||||||
*/
|
*/
|
||||||
public class WrapperObjectsTest {
|
public class WrapperObjectsTest extends SmackTestSuite {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void ciphertextTupleTest() {
|
public void ciphertextTupleTest() {
|
||||||
|
@ -56,7 +55,6 @@ public class WrapperObjectsTest {
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void cipherAndAuthTagTest() throws NoSuchAlgorithmException, CryptoFailedException {
|
public void cipherAndAuthTagTest() throws NoSuchAlgorithmException, CryptoFailedException {
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
|
||||||
byte[] key = OmemoMessageBuilder.generateKey(KEYTYPE, KEYLENGTH);
|
byte[] key = OmemoMessageBuilder.generateKey(KEYTYPE, KEYLENGTH);
|
||||||
byte[] iv = OmemoMessageBuilder.generateIv();
|
byte[] iv = OmemoMessageBuilder.generateIv();
|
||||||
byte[] authTag = OmemoMessageBuilder.generateIv();
|
byte[] authTag = OmemoMessageBuilder.generateIv();
|
||||||
|
|
|
@ -12,7 +12,7 @@ dependencies {
|
||||||
compile project(':smack-extensions')
|
compile project(':smack-extensions')
|
||||||
compile project(':smack-experimental')
|
compile project(':smack-experimental')
|
||||||
|
|
||||||
compile 'org.pgpainless:pgpainless-core:0.0.1-alpha4'
|
compile 'org.pgpainless:pgpainless-core:0.0.1-alpha7'
|
||||||
|
|
||||||
testCompile project(path: ":smack-core", configuration: "testRuntime")
|
testCompile project(path: ":smack-core", configuration: "testRuntime")
|
||||||
testCompile project(path: ":smack-core", configuration: "archives")
|
testCompile project(path: ":smack-core", configuration: "archives")
|
||||||
|
|
|
@ -19,7 +19,6 @@ package org.jivesoftware.smackx.ox.crypto;
|
||||||
import java.io.ByteArrayOutputStream;
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.security.Security;
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
|
@ -38,7 +37,6 @@ import org.jivesoftware.smackx.ox.element.SignElement;
|
||||||
import org.jivesoftware.smackx.ox.element.SigncryptElement;
|
import org.jivesoftware.smackx.ox.element.SigncryptElement;
|
||||||
import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
|
import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
|
||||||
|
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKey;
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||||
|
@ -53,13 +51,6 @@ public class PainlessOpenPgpProvider implements OpenPgpProvider {
|
||||||
|
|
||||||
private static final Logger LOGGER = Logger.getLogger(PainlessOpenPgpProvider.class.getName());
|
private static final Logger LOGGER = Logger.getLogger(PainlessOpenPgpProvider.class.getName());
|
||||||
|
|
||||||
static {
|
|
||||||
// Remove any BC providers and add a fresh one.
|
|
||||||
// This is done, since older Android versions ship with a crippled BC provider.
|
|
||||||
Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
|
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
|
||||||
}
|
|
||||||
|
|
||||||
private final XMPPConnection connection;
|
private final XMPPConnection connection;
|
||||||
private final OpenPgpStore store;
|
private final OpenPgpStore store;
|
||||||
|
|
||||||
|
|
|
@ -17,12 +17,21 @@
|
||||||
package org.jivesoftware.smackx.ox.util;
|
package org.jivesoftware.smackx.ox.util;
|
||||||
|
|
||||||
import org.jivesoftware.smack.initializer.UrlInitializer;
|
import org.jivesoftware.smack.initializer.UrlInitializer;
|
||||||
|
import org.jivesoftware.smack.util.SecurityUtil;
|
||||||
|
|
||||||
|
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initializer class which registers ExtensionElementProviders on startup.
|
* Initializer class which registers ExtensionElementProviders on startup.
|
||||||
*/
|
*/
|
||||||
public class OpenPgpInitializer extends UrlInitializer {
|
public class OpenPgpInitializer extends UrlInitializer {
|
||||||
|
|
||||||
|
static {
|
||||||
|
// Remove any BC providers and add a fresh one.
|
||||||
|
// This is done, since older Android versions ship with a crippled BC provider.
|
||||||
|
SecurityUtil.ensureProviderAtFirstPosition(BouncyCastleProvider.class);
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected String getProvidersUri() {
|
protected String getProvidersUri() {
|
||||||
return "classpath:org.jivesoftware.smackx.ox/openpgp.providers";
|
return "classpath:org.jivesoftware.smackx.ox/openpgp.providers";
|
||||||
|
|
|
@ -28,7 +28,6 @@ import java.io.IOException;
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.NoSuchProviderException;
|
import java.security.NoSuchProviderException;
|
||||||
import java.security.Security;
|
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
|
@ -45,7 +44,6 @@ import org.jivesoftware.smackx.ox.store.definition.OpenPgpStore;
|
||||||
import org.jivesoftware.smackx.ox.store.definition.OpenPgpTrustStore;
|
import org.jivesoftware.smackx.ox.store.definition.OpenPgpTrustStore;
|
||||||
import org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore;
|
import org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore;
|
||||||
|
|
||||||
import org.bouncycastle.jce.provider.BouncyCastleProvider;
|
|
||||||
import org.bouncycastle.openpgp.PGPException;
|
import org.bouncycastle.openpgp.PGPException;
|
||||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||||
|
@ -81,7 +79,6 @@ public class OpenPgpStoreTest extends SmackTestSuite {
|
||||||
|
|
||||||
static {
|
static {
|
||||||
storagePath = FileTestUtil.getTempDir("storeTest");
|
storagePath = FileTestUtil.getTempDir("storeTest");
|
||||||
Security.addProvider(new BouncyCastleProvider());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Parameterized.Parameters
|
@Parameterized.Parameters
|
||||||
|
|
Loading…
Reference in a new issue