API

bcgit · Dec 3, 2024 · c5856b5 · c5856b5
1 parent be6d005
commit c5856b5
Show file tree

Hide file tree

Showing 31 changed files with 9,107 additions and 1 deletion.
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureException.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureException.java
@@ -0,0 +1,15 @@
+package org.bouncycastle.openpgp;
+
+public class PGPSignatureException
+        extends PGPException
+{
+    public PGPSignatureException(String message)
+    {
+        super(message);
+    }
+
+    public PGPSignatureException(String message, Exception cause)
+    {
+        super(message, cause);
+    }
+}
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/api/BcOpenPGPImplementation.java b/pg/src/main/java/org/bouncycastle/openpgp/api/BcOpenPGPImplementation.java
@@ -0,0 +1,109 @@
+package org.bouncycastle.openpgp.api;
+
+import org.bouncycastle.bcpg.S2K;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPObjectFactory;
+import org.bouncycastle.openpgp.PGPPrivateKey;
+import org.bouncycastle.openpgp.PGPPublicKey;
+import org.bouncycastle.openpgp.PGPSessionKey;
+import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
+import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptorBuilderProvider;
+import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilderProvider;
+import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
+import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.SessionKeyDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.bc.BcPBEDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.bc.BcPBEKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilderProvider;
+import org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.bc.BcPGPContentVerifierBuilderProvider;
+import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
+import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
+import org.bouncycastle.openpgp.operator.bc.BcPublicKeyDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.bc.BcPublicKeyKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.bc.BcSessionKeyDataDecryptorFactory;
+
+import java.io.InputStream;
+
+public class BcOpenPGPImplementation
+        extends OpenPGPImplementation
+{
+    @Override
+    public PGPObjectFactory pgpObjectFactory(InputStream packetInputStream)
+    {
+        return new BcPGPObjectFactory(packetInputStream);
+    }
+
+    @Override
+    public PGPContentVerifierBuilderProvider pgpContentVerifierBuilderProvider()
+    {
+        return new BcPGPContentVerifierBuilderProvider();
+    }
+
+    @Override
+    public PBESecretKeyDecryptorBuilderProvider pbeSecretKeyDecryptorBuilderProvider()
+    {
+        return new BcPBESecretKeyDecryptorBuilderProvider();
+    }
+
+    @Override
+    public PGPDataEncryptorBuilder pgpDataEncryptorBuilder(int symmetricKeyAlgorithm)
+    {
+        return new BcPGPDataEncryptorBuilder(symmetricKeyAlgorithm);
+    }
+
+    @Override
+    public PublicKeyKeyEncryptionMethodGenerator publicKeyKeyEncryptionMethodGenerator(PGPPublicKey encryptionSubkey)
+    {
+        return new BcPublicKeyKeyEncryptionMethodGenerator(encryptionSubkey);
+    }
+
+    @Override
+    public PBEKeyEncryptionMethodGenerator pbeKeyEncryptionMethodGenerator(char[] messagePassphrase)
+    {
+        return new BcPBEKeyEncryptionMethodGenerator(messagePassphrase);
+    }
+
+    @Override
+    public PBEKeyEncryptionMethodGenerator pbeKeyEncryptionMethodGenerator(char[] messagePassphrase, S2K.Argon2Params argon2Params)
+    {
+        return new BcPBEKeyEncryptionMethodGenerator(messagePassphrase, argon2Params);
+    }
+
+    @Override
+    public PGPContentSignerBuilder pgpContentSignerBuilder(int publicKeyAlgorithm, int hashAlgorithm)
+    {
+        return new BcPGPContentSignerBuilder(publicKeyAlgorithm, hashAlgorithm);
+    }
+
+    @Override
+    public PBEDataDecryptorFactory pbeDataDecryptorFactory(char[] messagePassphrase)
+            throws PGPException
+    {
+        return new BcPBEDataDecryptorFactory(messagePassphrase, pgpDigestCalculatorProvider());
+    }
+
+    @Override
+    public SessionKeyDataDecryptorFactory sessionKeyDataDecryptorFactory(PGPSessionKey sessionKey)
+    {
+        return new BcSessionKeyDataDecryptorFactory(sessionKey);
+    }
+
+    @Override
+    public PublicKeyDataDecryptorFactory publicKeyDataDecryptorFactory(PGPPrivateKey decryptionKey)
+    {
+        return new BcPublicKeyDataDecryptorFactory(decryptionKey);
+    }
+
+    @Override
+    public PGPDigestCalculatorProvider pgpDigestCalculatorProvider()
+            throws PGPException
+    {
+        return new BcPGPDigestCalculatorProvider();
+    }
+}
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/api/EncryptedDataPacketType.java b/pg/src/main/java/org/bouncycastle/openpgp/api/EncryptedDataPacketType.java
@@ -0,0 +1,37 @@
+package org.bouncycastle.openpgp.api;
+
+/**
+ * Encryption Mode.
+ */
+public enum EncryptedDataPacketType
+{
+    /**
+     * Symmetrically-Encrypted Data packet.
+     * This method is deprecated, as it does not protect against malleability.
+     *
+     * @deprecated
+     */
+    @Deprecated
+    SED, // deprecated
+    /**
+     * Symmetrically-Encrypted-Integrity-Protected Data packet version 1.
+     * This method protects the message using symmetric encryption as specified in RFC4880.
+     * Support for this encryption mode is signalled using
+     * {@link org.bouncycastle.bcpg.sig.Features#FEATURE_MODIFICATION_DETECTION}.
+     */
+    SEIPDv1, // v4
+
+    /**
+     * Symmetrically-Encrypted-Integrity-Protected Data packet version 2.
+     * This method protects the message using an AEAD encryption scheme specified in RFC9580.
+     * Support for this feature is signalled using {@link org.bouncycastle.bcpg.sig.Features#FEATURE_SEIPD_V2}.
+     */
+    SEIPDv2, // v6
+
+    /**
+     * LibrePGP OCB-Encrypted Data packet.
+     * This method protects the message using an AEAD encryption scheme specified in LibrePGP.
+     * Support for this feature is signalled using {@link org.bouncycastle.bcpg.sig.Features#FEATURE_AEAD_ENCRYPTED_DATA}.
+     */
+    LIBREPGP_OED // "v5"
+}
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/api/JcaOpenPGPImplementation.java b/pg/src/main/java/org/bouncycastle/openpgp/api/JcaOpenPGPImplementation.java
@@ -0,0 +1,157 @@
+package org.bouncycastle.openpgp.api;
+
+import org.bouncycastle.bcpg.S2K;
+import org.bouncycastle.crypto.CryptoServicesRegistrar;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPObjectFactory;
+import org.bouncycastle.openpgp.PGPPrivateKey;
+import org.bouncycastle.openpgp.PGPPublicKey;
+import org.bouncycastle.openpgp.PGPSessionKey;
+import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
+import org.bouncycastle.openpgp.operator.PBEDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.PBEKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptorBuilderProvider;
+import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.PGPContentVerifierBuilderProvider;
+import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder;
+import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
+import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.SessionKeyDataDecryptorFactory;
+import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
+import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcePBEDataDecryptorFactoryBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilderProvider;
+import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator;
+import org.bouncycastle.openpgp.operator.jcajce.JceSessionKeyDataDecryptorFactoryBuilder;
+
+import java.io.InputStream;
+import java.security.Provider;
+import java.security.SecureRandom;
+
+public class JcaOpenPGPImplementation
+        extends OpenPGPImplementation
+{
+    private final Provider provider;
+    private final SecureRandom secureRandom;
+
+    public JcaOpenPGPImplementation()
+    {
+        this(new BouncyCastleProvider(), CryptoServicesRegistrar.getSecureRandom());
+    }
+
+    public JcaOpenPGPImplementation(Provider provider, SecureRandom secureRandom)
+    {
+        this.provider = provider;
+        this.secureRandom = secureRandom;
+    }
+
+    @Override
+    public PGPObjectFactory pgpObjectFactory(InputStream packetInputStream)
+    {
+        return new JcaPGPObjectFactory(packetInputStream);
+    }
+
+    @Override
+    public PGPContentVerifierBuilderProvider pgpContentVerifierBuilderProvider()
+    {
+        JcaPGPContentVerifierBuilderProvider p = new JcaPGPContentVerifierBuilderProvider();
+        p.setProvider(provider);
+        return p;
+    }
+
+    @Override
+    public PBESecretKeyDecryptorBuilderProvider pbeSecretKeyDecryptorBuilderProvider()
+    {
+        JcaPGPDigestCalculatorProviderBuilder dp = new JcaPGPDigestCalculatorProviderBuilder();
+        dp.setProvider(provider);
+        JcePBESecretKeyDecryptorBuilderProvider p = new JcePBESecretKeyDecryptorBuilderProvider(dp);
+        return p;
+    }
+
+    @Override
+    public PGPDataEncryptorBuilder pgpDataEncryptorBuilder(int symmetricKeyAlgorithm)
+    {
+        JcePGPDataEncryptorBuilder b = new JcePGPDataEncryptorBuilder(symmetricKeyAlgorithm);
+        b.setProvider(provider);
+        b.setSecureRandom(secureRandom);
+        return b;
+    }
+
+    @Override
+    public PublicKeyKeyEncryptionMethodGenerator publicKeyKeyEncryptionMethodGenerator(PGPPublicKey encryptionSubkey)
+    {
+        JcePublicKeyKeyEncryptionMethodGenerator g = new JcePublicKeyKeyEncryptionMethodGenerator(encryptionSubkey);
+        g.setProvider(provider);
+        g.setSecureRandom(secureRandom);
+        return g;
+    }
+
+    @Override
+    public PBEKeyEncryptionMethodGenerator pbeKeyEncryptionMethodGenerator(char[] messagePassphrase)
+    {
+        JcePBEKeyEncryptionMethodGenerator g = new JcePBEKeyEncryptionMethodGenerator(messagePassphrase);
+        g.setProvider(provider);
+        g.setSecureRandom(secureRandom);
+        return g;
+    }
+
+    @Override
+    public PBEKeyEncryptionMethodGenerator pbeKeyEncryptionMethodGenerator(char[] messagePassphrase, S2K.Argon2Params argon2Params)
+    {
+        JcePBEKeyEncryptionMethodGenerator g = new JcePBEKeyEncryptionMethodGenerator(messagePassphrase, argon2Params);
+        g.setProvider(provider);
+        g.setSecureRandom(secureRandom);
+        return g;
+    }
+
+    @Override
+    public PGPContentSignerBuilder pgpContentSignerBuilder(int publicKeyAlgorithm, int hashAlgorithm)
+    {
+        JcaPGPContentSignerBuilder b = new JcaPGPContentSignerBuilder(publicKeyAlgorithm, hashAlgorithm);
+        b.setProvider(provider);
+        b.setDigestProvider(provider);
+        b.setSecureRandom(secureRandom);
+        return b;
+    }
+
+    @Override
+    public PBEDataDecryptorFactory pbeDataDecryptorFactory(char[] messagePassphrase)
+            throws PGPException
+    {
+        return new JcePBEDataDecryptorFactoryBuilder(pgpDigestCalculatorProvider())
+                .setProvider(provider)
+                .build(messagePassphrase);
+    }
+
+    @Override
+    public SessionKeyDataDecryptorFactory sessionKeyDataDecryptorFactory(PGPSessionKey sessionKey)
+    {
+        return new JceSessionKeyDataDecryptorFactoryBuilder()
+                .setProvider(provider)
+                .build(sessionKey);
+    }
+
+    @Override
+    public PublicKeyDataDecryptorFactory publicKeyDataDecryptorFactory(PGPPrivateKey decryptionKey)
+    {
+        return new JcePublicKeyDataDecryptorFactoryBuilder()
+                .setProvider(provider)
+                .setContentProvider(provider)
+                .build(decryptionKey);
+    }
+
+    @Override
+    public PGPDigestCalculatorProvider pgpDigestCalculatorProvider()
+            throws PGPException
+    {
+        return new JcaPGPDigestCalculatorProviderBuilder()
+                .setProvider(provider)
+                .build();
+    }
+}