1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
/**
* Copyright (c) 2016 Vincent Breitmoser
*
* Licensed under the Bouncy Castle License (MIT license). See LICENSE file for details.
*/
package org.bouncycastle.openpgp.operator.jcajce;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Provider;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.spec.IvParameterSpec;
import org.bouncycastle.bcpg.S2K;
import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
/** This is a builder for a special PBESecretKeyDecryptor which is parametrized by a
* fixed session key, which is used in place of the one obtained from a passphrase.
*/
public class SessionKeySecretKeyDecryptorBuilder
{
private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
private PGPDigestCalculatorProvider calculatorProvider;
private JcaPGPDigestCalculatorProviderBuilder calculatorProviderBuilder;
public SessionKeySecretKeyDecryptorBuilder()
{
this.calculatorProviderBuilder = new JcaPGPDigestCalculatorProviderBuilder();
}
public SessionKeySecretKeyDecryptorBuilder(PGPDigestCalculatorProvider calculatorProvider)
{
this.calculatorProvider = calculatorProvider;
}
public SessionKeySecretKeyDecryptorBuilder setProvider(Provider provider)
{
this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
if (calculatorProviderBuilder != null)
{
calculatorProviderBuilder.setProvider(provider);
}
return this;
}
public SessionKeySecretKeyDecryptorBuilder setProvider(String providerName)
{
this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
if (calculatorProviderBuilder != null)
{
calculatorProviderBuilder.setProvider(providerName);
}
return this;
}
public PBESecretKeyDecryptor build(final byte[] sessionKey)
throws PGPException
{
if (calculatorProvider == null)
{
calculatorProvider = calculatorProviderBuilder.build();
}
return new PBESecretKeyDecryptor(null, calculatorProvider)
{
@Override
public byte[] makeKeyFromPassPhrase(int keyAlgorithm, S2K s2k) throws PGPException {
return sessionKey;
}
public byte[] recoverKeyData(int encAlgorithm, byte[] key, byte[] iv, byte[] keyData, int keyOff, int keyLen)
throws PGPException
{
try
{
Cipher c = helper.createCipher(PGPUtil.getSymmetricCipherName(encAlgorithm) + "/CFB/NoPadding");
c.init(Cipher.DECRYPT_MODE, PGPUtil.makeSymmetricKey(encAlgorithm, key), new IvParameterSpec(iv));
return c.doFinal(keyData, keyOff, keyLen);
}
catch (IllegalBlockSizeException e)
{
throw new PGPException("illegal block size: " + e.getMessage(), e);
}
catch (BadPaddingException e)
{
throw new PGPException("bad padding: " + e.getMessage(), e);
}
catch (InvalidAlgorithmParameterException e)
{
throw new PGPException("invalid parameter: " + e.getMessage(), e);
}
catch (InvalidKeyException e)
{
throw new PGPException("invalid key: " + e.getMessage(), e);
}
}
};
}
}
|
