revert the wrong commit #1768 Implement message decryption using SEIPDv2 and PKESKv6 packets

Author: gefeili

pg/src/main/java/org/bouncycastle/bcpg/PublicKeyEncSessionPacket.java

@@ -60,23 +60,12 @@ else if (version == VERSION_6)
                 // anon recipient
                 keyVersion = 0;
                 keyFingerprint = new byte[0];
-                keyID = 0L;
             }
             else
             {
                 keyVersion = in.read();
                 keyFingerprint = new byte[keyInfoLen - 1];
                 in.readFully(keyFingerprint);
-                // Derived key-ID from fingerprint
-                // TODO: Replace with getKeyIdentifier
-                if (keyVersion == PublicKeyPacket.VERSION_4)
-                {
-                    keyID = FingerprintUtil.keyIdFromV4Fingerprint(keyFingerprint);
-                }
-                else
-                {
-                    keyID = FingerprintUtil.keyIdFromV6Fingerprint(keyFingerprint);
-                }
             }
         }
         else

pg/src/main/java/org/bouncycastle/openpgp/PGPPublicKeyEncryptedData.java

@@ -72,13 +72,13 @@ public int getSymmetricAlgorithm(
     {
         if (keyData.getVersion() == PublicKeyEncSessionPacket.VERSION_3)
         {
-            byte[] plain = dataDecryptorFactory.recoverSessionData(keyData, encData);
+            byte[] plain = dataDecryptorFactory.recoverSessionData(keyData.getAlgorithm(), keyData.getEncSessionKey());
             // symmetric cipher algorithm is stored in first octet of session data
             return plain[0];
         }
         else if (keyData.getVersion() == PublicKeyEncSessionPacket.VERSION_6)
         {
-            // PKESK v6 stores the cipher algorithm in the SEIPD v2 packet fields.
+            // PKESK v5 stores the cipher algorithm in the SEIPD v2 packet fields.
             return ((SymmetricEncIntegrityPacket)encData).getCipherAlgorithm();
         }
         else
@@ -98,57 +98,16 @@ public PGPSessionKey getSessionKey(
         PublicKeyDataDecryptorFactory dataDecryptorFactory)
         throws PGPException
     {
-        byte[] sessionInfo = dataDecryptorFactory.recoverSessionData(keyData, encData);
-
-        // Confirm and discard checksum
-        if (containsChecksum(keyData.getAlgorithm()))
-        {
-            if (!confirmCheckSum(sessionInfo))
-            {
-                throw new PGPException("Key checksum failed.");
-            }
-            sessionInfo = Arrays.copyOf(sessionInfo, sessionInfo.length - 2);
-        }
-
-        byte[] sessionKey = Arrays.copyOfRange(sessionInfo, 1, sessionInfo.length);
-        int algorithm;
-
-        // OCB (LibrePGP v5 style AEAD)
-        if (encData instanceof AEADEncDataPacket)
+        byte[] sessionData = dataDecryptorFactory.recoverSessionData(keyData.getAlgorithm(), keyData.getEncSessionKey());
+        if (keyData.getAlgorithm() == PublicKeyAlgorithmTags.X25519 || keyData.getAlgorithm() == PublicKeyAlgorithmTags.X448)
         {
-            algorithm = ((AEADEncDataPacket) encData).getAlgorithm();
-        }
-
-        // SEIPD (OpenPGP v4 / OpenPGP v6)
-        else if (encData instanceof SymmetricEncIntegrityPacket)
-        {
-            SymmetricEncIntegrityPacket seipd = (SymmetricEncIntegrityPacket) encData;
-            if (seipd.getVersion() == SymmetricEncIntegrityPacket.VERSION_1)
-            {
-                algorithm = sessionInfo[0];
-            }
-            else if (seipd.getVersion() == SymmetricEncIntegrityPacket.VERSION_2)
-            {
-                algorithm = seipd.getCipherAlgorithm();
-            }
-            else
-            {
-                throw new UnsupportedPacketVersionException("Unsupported SEIPD packet version: " + seipd.getVersion());
-            }
+            return new PGPSessionKey(sessionData[0] & 0xff, Arrays.copyOfRange(sessionData, 1, sessionData.length));
         }
-        // SED (Legacy, no integrity protection!)
-        else
+        if (!confirmCheckSum(sessionData))
         {
-            algorithm = sessionInfo[0];
+            throw new PGPKeyValidationException("key checksum failed");
         }
-
-        return new PGPSessionKey(algorithm & 0xff, sessionKey);
-    }
-
-    private boolean containsChecksum(int algorithm)
-    {
-        return algorithm != PublicKeyAlgorithmTags.X25519 &&
-                algorithm != PublicKeyAlgorithmTags.X448;
+        return new PGPSessionKey(sessionData[0] & 0xff, Arrays.copyOfRange(sessionData, 1, sessionData.length - 2));
     }
 
     /**
@@ -210,38 +169,13 @@ private InputStream getDataStream(
                 }
                 else
                 {
+                    boolean withIntegrityPacket = encData instanceof SymmetricEncIntegrityPacket;
 
-                    if (encData instanceof SymmetricEncIntegrityPacket)
-                    {
-                        SymmetricEncIntegrityPacket seipd = (SymmetricEncIntegrityPacket) encData;
-                        // SEIPD v1 (OpenPGP v4)
-                        if (seipd.getVersion() == SymmetricEncIntegrityPacket.VERSION_1)
-                        {
-                            PGPDataDecryptor dataDecryptor = dataDecryptorFactory.createDataDecryptor(true, sessionKey.getAlgorithm(), sessionKey.getKey());
-
-                            BCPGInputStream encIn = encData.getInputStream();
+                    PGPDataDecryptor dataDecryptor = dataDecryptorFactory.createDataDecryptor(withIntegrityPacket, sessionKey.getAlgorithm(), sessionKey.getKey());
 
-                            processSymmetricEncIntegrityPacketDataStream(true, dataDecryptor, encIn);
-                        }
-                        // SEIPD v2 (OpenPGP v6 AEAD)
-                        else
-                        {
-                            PGPDataDecryptor dataDecryptor = dataDecryptorFactory.createDataDecryptor(seipd, sessionKey);
-
-                            BCPGInputStream encIn = encData.getInputStream();
-
-                            encStream = new BCPGInputStream(dataDecryptor.getInputStream(encIn));
-                        }
-                    }
-                    // SED (Symmetrically Encrypted Data without Integrity Protection; Deprecated)
-                    else
-                    {
-                        PGPDataDecryptor dataDecryptor = dataDecryptorFactory.createDataDecryptor(false, sessionKey.getAlgorithm(), sessionKey.getKey());
-
-                        BCPGInputStream encIn = encData.getInputStream();
+                    BCPGInputStream encIn = encData.getInputStream();
 
-                        processSymmetricEncIntegrityPacketDataStream(false, dataDecryptor, encIn);
-                    }
+                    processSymmetricEncIntegrityPacketDataStream(withIntegrityPacket, dataDecryptor, encIn);
 
                     //
                     // some versions of PGP appear to produce 0 for the extra

pg/src/main/java/org/bouncycastle/openpgp/operator/AbstractPublicKeyDataDecryptorFactory.java

@@ -1,39 +1,10 @@
 package org.bouncycastle.openpgp.operator;
 
-import org.bouncycastle.bcpg.InputStreamPacket;
-import org.bouncycastle.bcpg.PublicKeyEncSessionPacket;
 import org.bouncycastle.openpgp.PGPException;
 
 public interface PublicKeyDataDecryptorFactory
     extends PGPDataDecryptorFactory
 {
-    /**
-     * Recover the plain session info by decrypting the encrypted session key.
-     * The session info ALWAYS has the symmetric algorithm ID prefixed, so the return value is:
-     * <pre>[sym-alg][session-key][checksum]?</pre>
-     *
-     * @param pkesk public-key encrypted session-key packet
-     * @param encData encrypted data (sed/seipd/oed) packet
-     * @return decrypted session info
-     * @throws PGPException
-     */
-    byte[] recoverSessionData(PublicKeyEncSessionPacket pkesk, InputStreamPacket encData)
+    byte[] recoverSessionData(int keyAlgorithm, byte[][] secKeyData)
             throws PGPException;
-
-    /**
-     * Recover the plain session info by decrypting the encrypted session key.
-     * This method returns the decrypted session info as-is (without prefixing missing cipher algorithm),
-     * so the return value is:
-     * <pre>[sym-alg]?[session-key][checksum]?</pre>
-     *
-     * @deprecated use {@link #recoverSessionData(PublicKeyEncSessionPacket, InputStreamPacket)} instead.
-     * @param keyAlgorithm public key algorithm
-     * @param secKeyData encrypted session key data
-     * @param pkeskVersion version of the PKESK packet
-     * @return decrypted session info
-     * @throws PGPException
-     */
-    byte[] recoverSessionData(int keyAlgorithm, byte[][] secKeyData, int pkeskVersion)
-            throws PGPException;
-
 }