1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
|
/**
* Copyright (c) 2013-2014 Philipp Jakubeit, Signe Rüsch, Dominik Schürmann
* Copyright (c) 2000-2013 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org)
*
* Licensed under the Bouncy Castle License (MIT license). See LICENSE file for details.
*/
package org.bouncycastle.openpgp.operator.jcajce;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.operator.PGPContentSigner;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.Provider;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
/**
* This class is based on JcaPGPContentSignerBuilder.
*
* Instead of using a Signature object based on a privateKey, this class only calculates the digest
* of the output stream and gives the result back using a RuntimeException.
*/
public class NfcSyncPGPContentSignerBuilder
implements PGPContentSignerBuilder
{
private JcaPGPDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaPGPDigestCalculatorProviderBuilder();
private int hashAlgorithm;
private int keyAlgorithm;
private long keyID;
private Map signedHashes;
public static class NfcInteractionNeeded extends RuntimeException
{
public byte[] hashToSign;
public int hashAlgo;
public NfcInteractionNeeded(byte[] hashToSign, int hashAlgo)
{
super("NFC interaction required!");
this.hashToSign = hashToSign;
this.hashAlgo = hashAlgo;
}
}
public NfcSyncPGPContentSignerBuilder(int keyAlgorithm, int hashAlgorithm, long keyID, Map signedHashes)
{
this.keyAlgorithm = keyAlgorithm;
this.hashAlgorithm = hashAlgorithm;
this.keyID = keyID;
this.signedHashes = signedHashes;
}
public NfcSyncPGPContentSignerBuilder setProvider(Provider provider)
{
digestCalculatorProviderBuilder.setProvider(provider);
return this;
}
public NfcSyncPGPContentSignerBuilder setProvider(String providerName)
{
digestCalculatorProviderBuilder.setProvider(providerName);
return this;
}
public NfcSyncPGPContentSignerBuilder setDigestProvider(Provider provider)
{
digestCalculatorProviderBuilder.setProvider(provider);
return this;
}
public NfcSyncPGPContentSignerBuilder setDigestProvider(String providerName)
{
digestCalculatorProviderBuilder.setProvider(providerName);
return this;
}
public PGPContentSigner build(final int signatureType, PGPPrivateKey privateKey)
throws PGPException {
// NOTE: privateKey is null in this case!
return build(signatureType, keyID);
}
public PGPContentSigner build(final int signatureType, final long keyID)
throws PGPException
{
final PGPDigestCalculator digestCalculator = digestCalculatorProviderBuilder.build().get(hashAlgorithm);
return new PGPContentSigner()
{
public int getType()
{
return signatureType;
}
public int getHashAlgorithm()
{
return hashAlgorithm;
}
public int getKeyAlgorithm()
{
return keyAlgorithm;
}
public long getKeyID()
{
return keyID;
}
public OutputStream getOutputStream()
{
return digestCalculator.getOutputStream();
}
public byte[] getSignature() {
byte[] digest = digestCalculator.getDigest();
ByteBuffer buf = ByteBuffer.wrap(digest);
if (signedHashes.containsKey(buf)) {
return (byte[]) signedHashes.get(buf);
}
// catch this when signatureGenerator.generate() is executed and divert digest to card,
// when doing the operation again reuse creationTimestamp (this will be hashed)
throw new NfcInteractionNeeded(digest, getHashAlgorithm());
}
public byte[] getDigest()
{
return digestCalculator.getDigest();
}
};
}
}
|
