diff options
Diffstat (limited to 'OpenKeychain/src/main/java/org/spongycastle/openpgp')
2 files changed, 27 insertions, 24 deletions
diff --git a/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPGPContentSignerBuilder.java b/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPGPContentSignerBuilder.java index e0286ec15..0344b2173 100644 --- a/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPGPContentSignerBuilder.java +++ b/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPGPContentSignerBuilder.java @@ -14,8 +14,12 @@ import org.spongycastle.openpgp.operator.PGPContentSignerBuilder; import org.spongycastle.openpgp.operator.PGPDigestCalculator; import java.io.OutputStream; +import java.nio.ByteBuffer; import java.security.Provider; import java.util.Date; +import java.util.HashMap; +import java.util.Map; + /** * This class is based on JcaPGPContentSignerBuilder. @@ -31,31 +35,27 @@ public class NfcSyncPGPContentSignerBuilder private int keyAlgorithm; private long keyID; - private byte[] signedHash; - private Date creationTimestamp; + private Map signedHashes; public static class NfcInteractionNeeded extends RuntimeException { public byte[] hashToSign; - public Date creationTimestamp; public int hashAlgo; - public NfcInteractionNeeded(byte[] hashToSign, int hashAlgo, Date creationTimestamp) + public NfcInteractionNeeded(byte[] hashToSign, int hashAlgo) { super("NFC interaction required!"); this.hashToSign = hashToSign; this.hashAlgo = hashAlgo; - this.creationTimestamp = creationTimestamp; } } - public NfcSyncPGPContentSignerBuilder(int keyAlgorithm, int hashAlgorithm, long keyID, byte[] signedHash, Date creationTimestamp) + public NfcSyncPGPContentSignerBuilder(int keyAlgorithm, int hashAlgorithm, long keyID, Map signedHashes) { this.keyAlgorithm = keyAlgorithm; this.hashAlgorithm = hashAlgorithm; this.keyID = keyID; - this.signedHash = signedHash; - this.creationTimestamp = creationTimestamp; + this.signedHashes = signedHashes; } public NfcSyncPGPContentSignerBuilder setProvider(Provider provider) @@ -125,14 +125,14 @@ public class NfcSyncPGPContentSignerBuilder } public byte[] getSignature() { - if (signedHash != null) { - // we already have the signed hash from a previous execution, return this! - return signedHash; - } else { - // catch this when signatureGenerator.generate() is executed and divert digest to card, - // when doing the operation again reuse creationTimestamp (this will be hashed) - throw new NfcInteractionNeeded(digestCalculator.getDigest(), getHashAlgorithm(), creationTimestamp); + byte[] digest = digestCalculator.getDigest(); + ByteBuffer buf = ByteBuffer.wrap(digest); + if (signedHashes.containsKey(buf)) { + return (byte[]) signedHashes.get(buf); } + // catch this when signatureGenerator.generate() is executed and divert digest to card, + // when doing the operation again reuse creationTimestamp (this will be hashed) + throw new NfcInteractionNeeded(digest, getHashAlgorithm()); } public byte[] getDigest() diff --git a/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPublicKeyDataDecryptorFactoryBuilder.java b/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPublicKeyDataDecryptorFactoryBuilder.java index ffa154876..067bb3e19 100644 --- a/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPublicKeyDataDecryptorFactoryBuilder.java +++ b/OpenKeychain/src/main/java/org/spongycastle/openpgp/operator/jcajce/NfcSyncPublicKeyDataDecryptorFactoryBuilder.java @@ -15,7 +15,10 @@ import org.spongycastle.openpgp.PGPPublicKey; import org.spongycastle.openpgp.operator.PGPDataDecryptor; import org.spongycastle.openpgp.operator.PublicKeyDataDecryptorFactory; +import java.nio.ByteBuffer; import java.security.Provider; +import java.util.Map; + /** * This class is based on JcePublicKeyDataDecryptorFactoryBuilder @@ -88,7 +91,7 @@ public class NfcSyncPublicKeyDataDecryptorFactoryBuilder return this; } - public PublicKeyDataDecryptorFactory build(final byte[] nfcDecrypted) { + public PublicKeyDataDecryptorFactory build(final Map<ByteBuffer,byte[]> nfcDecryptedMap) { return new PublicKeyDataDecryptorFactory() { public byte[] recoverSessionData(int keyAlgorithm, byte[][] secKeyData) @@ -99,7 +102,7 @@ public class NfcSyncPublicKeyDataDecryptorFactoryBuilder throw new PGPException("ECDH not supported!"); } - return decryptSessionData(keyAlgorithm, secKeyData, nfcDecrypted); + return decryptSessionData(keyAlgorithm, secKeyData, nfcDecryptedMap); } public PGPDataDecryptor createDataDecryptor(boolean withIntegrityPacket, int encAlgorithm, byte[] key) @@ -197,8 +200,9 @@ public class NfcSyncPublicKeyDataDecryptorFactoryBuilder // } // } - private byte[] decryptSessionData(int keyAlgorithm, byte[][] secKeyData, byte[] nfcDecrypted) - throws PGPException + private byte[] decryptSessionData(int keyAlgorithm, byte[][] secKeyData, + Map<ByteBuffer,byte[]> nfcDecryptedMap) + throws PGPException { // Cipher c1 = helper.createPublicKeyCipher(keyAlgorithm); // @@ -214,15 +218,14 @@ public class NfcSyncPublicKeyDataDecryptorFactoryBuilder if (keyAlgorithm == PGPPublicKey.RSA_ENCRYPT || keyAlgorithm == PGPPublicKey.RSA_GENERAL) { - byte[] bi = secKeyData[0]; // encoded MPI + ByteBuffer bi = ByteBuffer.wrap(secKeyData[0]); // encoded MPI - if (nfcDecrypted != null) { - // we already have the decrypted bytes from a previous execution, return this! - return nfcDecrypted; + if (nfcDecryptedMap.containsKey(bi)) { + return nfcDecryptedMap.get(bi); } else { // catch this when decryptSessionData() is executed and divert digest to card, // when doing the operation again reuse nfcDecrypted - throw new NfcInteractionNeeded(bi); + throw new NfcInteractionNeeded(bi.array()); } // c1.update(bi, 2, bi.length - 2); |