Refactor on BcPublicKeyDataDecryptorFactory

Author: gefeili

pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyDataDecryptorFactory.java

@@ -19,6 +19,7 @@
 import org.bouncycastle.crypto.BlockCipher;
 import org.bouncycastle.crypto.BufferedAsymmetricBlockCipher;
 import org.bouncycastle.crypto.InvalidCipherTextException;
+import org.bouncycastle.crypto.RawAgreement;
 import org.bouncycastle.crypto.Wrapper;
 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
 import org.bouncycastle.crypto.agreement.X25519Agreement;
@@ -67,11 +68,27 @@ public byte[] recoverSessionData(int keyAlgorithm, byte[][] secKeyData, int pkes
 
             if (keyAlgorithm == PublicKeyAlgorithmTags.X25519)
             {
-                return recoverX25519SessionData(secKeyData, privKey, containsSKAlg);
+                return getSessionData(secKeyData[0], privKey, X25519PublicBCPGKey.LENGTH, HashAlgorithmTags.SHA256,
+                    SymmetricKeyAlgorithmTags.AES_128, new X25519Agreement(), "X25519", new PublicKeyParametersOperation()
+                    {
+                        @Override
+                        public AsymmetricKeyParameter getPublicKeyParameters(byte[] pEnc, int pEncOff)
+                        {
+                            return new X25519PublicKeyParameters(pEnc, 0);
+                        }
+                    });
             }
             else if (keyAlgorithm == PublicKeyAlgorithmTags.X448)
             {
-                return recoverX448SessionData(secKeyData, privKey, containsSKAlg);
+                return getSessionData(secKeyData[0], privKey, X448PublicBCPGKey.LENGTH, HashAlgorithmTags.SHA512,
+                    SymmetricKeyAlgorithmTags.AES_256, new X448Agreement(), "X448", new PublicKeyParametersOperation()
+                    {
+                        @Override
+                        public AsymmetricKeyParameter getPublicKeyParameters(byte[] pEnc, int pEncOff)
+                        {
+                            return new X448PublicKeyParameters(pEnc, 0);
+                        }
+                    });
             }
             else if (keyAlgorithm == PublicKeyAlgorithmTags.ECDH)
             {
@@ -113,20 +130,19 @@ private byte[] recoverElgamalSessionData(int keyAlgorithm,
         byte[] tmp = new byte[size];
 
         byte[] bi = secKeyData[0]; // encoded MPI
-        if (bi.length - 2 > size)  // leading Zero? Shouldn't happen but...
-        {
-            c1.processBytes(bi, 3, bi.length - 3);
-        }
-        else
-        {
-            System.arraycopy(bi, 2, tmp, tmp.length - (bi.length - 2), bi.length - 2);
-            c1.processBytes(tmp, 0, tmp.length);
-        }
+        procoessBytesFromElgamalSessionData(c1, size, tmp, bi);
 
         bi = secKeyData[1];  // encoded MPI
         Arrays.fill(tmp, (byte)0);
 
-        if (bi.length - 2 > size) // leading Zero? Shouldn't happen but...
+        procoessBytesFromElgamalSessionData(c1, size, tmp, bi);
+
+        return c1.doFinal();
+    }
+
+    private void procoessBytesFromElgamalSessionData(BufferedAsymmetricBlockCipher c1, int size, byte[] tmp, byte[] bi)
+    {
+        if (bi.length - 2 > size)  // leading Zero? Shouldn't happen but...
         {
             c1.processBytes(bi, 3, bi.length - 3);
         }
@@ -135,8 +151,6 @@ private byte[] recoverElgamalSessionData(int keyAlgorithm,
             System.arraycopy(bi, 2, tmp, tmp.length - (bi.length - 2), bi.length - 2);
             c1.processBytes(tmp, 0, tmp.length);
         }
-
-        return c1.doFinal();
     }
 
     private byte[] recoverRSASessionData(int keyAlgorithm,
@@ -217,56 +231,6 @@ else if (ecPubKey.getCurveOID().equals(EdECObjectIdentifiers.id_X448))
         return PGPPad.unpadSessionData(unwrapSessionData(keyEnc, symmetricKeyAlgorithm, key));
     }
 
-    private byte[] recoverX25519SessionData(byte[][] secKeyData, AsymmetricKeyParameter privKey, boolean includesSesKeyAlg)
-            throws PGPException, InvalidCipherTextException
-    {
-        byte[] enc = secKeyData[0];
-        // 32 octets ephemeral key
-        int pLen = X25519PublicBCPGKey.LENGTH;
-        byte[] ephemeralKey = Arrays.copyOf(enc, pLen);
-
-        // size of following fields
-        int size = enc[pLen] & 0xff;
-        checkRange(pLen + 1 + size, enc);
-
-        // encrypted session key
-        int sesKeyLen = size - (includesSesKeyAlg ? 1 : 0);
-        int sesKeyOff = pLen + 1 + (includesSesKeyAlg ? 1 : 0);
-        byte[] keyEnc = Arrays.copyOfRange(enc, sesKeyOff, sesKeyOff + sesKeyLen);
-
-        byte[] secret = BcUtil.getSecret(new X25519Agreement(), privKey, new X25519PublicKeyParameters(ephemeralKey, 0));
-
-        byte[] hkdfOut = RFC6637KDFCalculator.createKey(HashAlgorithmTags.SHA256, SymmetricKeyAlgorithmTags.AES_128,
-                Arrays.concatenate(ephemeralKey, pgpPrivKey.getPublicKeyPacket().getKey().getEncoded(), secret),
-                "OpenPGP X25519");
-
-        return unwrapSessionData(keyEnc, SymmetricKeyAlgorithmTags.AES_128, new KeyParameter(hkdfOut));
-    }
-
-    private byte[] recoverX448SessionData(byte[][] secKeyData, AsymmetricKeyParameter privKey, boolean includesSesKeyAlg)
-            throws PGPException, InvalidCipherTextException
-    {
-        byte[] enc = secKeyData[0];
-        // 56 octets ephemeral key
-        int pLen = X448PublicBCPGKey.LENGTH;
-        byte[] ephemeralKey = Arrays.copyOf(enc, pLen);
-
-        // size of the following fields
-        int size = enc[pLen] & 0xff;
-        checkRange(pLen + 1 + size, enc);
-
-        // encrypted session key
-        int sesKeyLen = size - (includesSesKeyAlg ? 1 : 0);
-        int sesKeyOff = pLen + 1 + (includesSesKeyAlg ? 1 : 0);
-        byte[] encSesKey = Arrays.copyOfRange(enc, sesKeyOff, sesKeyOff + sesKeyLen);
-
-        byte[] secret = BcUtil.getSecret(new X448Agreement(), privKey, new X448PublicKeyParameters(ephemeralKey, 0));
-        KeyParameter key = new KeyParameter(RFC6637KDFCalculator.createKey(HashAlgorithmTags.SHA512, SymmetricKeyAlgorithmTags.AES_256,
-                Arrays.concatenate(ephemeralKey, pgpPrivKey.getPublicKeyPacket().getKey().getEncoded(), secret), "OpenPGP X448"));
-
-        return unwrapSessionData(encSesKey, SymmetricKeyAlgorithmTags.AES_256, key);
-    }
-
     // OpenPGP v4
     @Override
     public PGPDataDecryptor createDataDecryptor(boolean withIntegrityPacket, int encAlgorithm, byte[] key)
@@ -293,6 +257,30 @@ public PGPDataDecryptor createDataDecryptor(SymmetricEncIntegrityPacket seipd, P
         return BcAEADUtil.createOpenPgpV6DataDecryptor(seipd, sessionKey);
     }
 
+    @FunctionalInterface
+    private interface PublicKeyParametersOperation
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(byte[] pEnc, int pEncOff);
+    }
+
+    private byte[] getSessionData(byte[] enc, AsymmetricKeyParameter privKey, int pLen, int hashAlgorithm, int symmetricKeyAlgorithm,
+                                  RawAgreement agreement, String algorithmName, PublicKeyParametersOperation pkp)
+        throws PGPException, InvalidCipherTextException
+    {
+        byte[] pEnc = new byte[pLen];
+        byte[] keyEnc;
+        System.arraycopy(enc, 0, pEnc, 0, pLen);
+        int keyLen = enc[pLen] & 0xff;
+        checkRange(pLen + 1 + keyLen, enc);
+        keyEnc = new byte[keyLen - 1];
+        System.arraycopy(enc, pLen + 2, keyEnc, 0, keyEnc.length);
+        byte[] secret = BcUtil.getSecret(agreement, privKey, pkp.getPublicKeyParameters(pEnc, 0));
+        KeyParameter key = new KeyParameter(RFC6637KDFCalculator.createKey(hashAlgorithm, symmetricKeyAlgorithm,
+            Arrays.concatenate(pEnc, pgpPrivKey.getPublicKeyPacket().getKey().getEncoded(), secret), "OpenPGP " + algorithmName));
+
+        return Arrays.prepend(unwrapSessionData(keyEnc, symmetricKeyAlgorithm, key), enc[pLen + 1]);
+    }
+
     private static byte[] unwrapSessionData(byte[] keyEnc, int symmetricKeyAlgorithm, KeyParameter key)
         throws PGPException, InvalidCipherTextException
     {