Change optSymAlgId from byte[] to byte. Change lambda to anonymous function from JcePublicKeyKeyEncryptionMethodGenerator.

Author: gefeili

pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedDataGenerator.java

@@ -394,7 +394,7 @@ private void writeOpenPGPv4ESKPacket(PGPKeyEncryptionMethodGenerator m, byte[] s
         else if (m instanceof PublicKeyKeyEncryptionMethodGenerator)
         {
             PublicKeyKeyEncryptionMethodGenerator mGen = (PublicKeyKeyEncryptionMethodGenerator) m;
-            pOut.writePacket(mGen.generateV3(defAlgorithm, sessionInfo));
+            pOut.writePacket(mGen.generateV3(sessionInfo));
         }
     }
 
@@ -423,7 +423,7 @@ private void writeOpenPGPv5ESKPacket(PGPKeyEncryptionMethodGenerator m, byte[] s
         else if (m instanceof PublicKeyKeyEncryptionMethodGenerator)
         {
             PublicKeyKeyEncryptionMethodGenerator mGen = (PublicKeyKeyEncryptionMethodGenerator) m;
-            pOut.writePacket(mGen.generateV3(defAlgorithm, sessionInfo));
+            pOut.writePacket(mGen.generateV3(sessionInfo));
         }
     }
 

pg/src/main/java/org/bouncycastle/openpgp/operator/PublicKeyKeyEncryptionMethodGenerator.java

@@ -155,8 +155,8 @@ private byte[] convertToEncodedMPI(byte[] encryptedSessionInfo)
         }
     }
 
-    public ContainedPacket generateV3(int encAlgorithm, byte[] sessionInfo)
-            throws PGPException
+    public ContainedPacket generateV3(byte[] sessionInfo)
+        throws PGPException
     {
         long keyId;
         if (useWildcardRecipient)
@@ -167,7 +167,7 @@ public ContainedPacket generateV3(int encAlgorithm, byte[] sessionInfo)
         {
             keyId = pubKey.getKeyID();
         }
-        byte[] encryptedSessionInfo = encryptSessionInfoV3(pubKey, sessionInfo);
+        byte[] encryptedSessionInfo = encryptSessionInfo(pubKey, sessionInfo, sessionInfo, sessionInfo[0]);
         byte[][] encodedEncSessionInfo = encodeEncryptedSessionInfo(encryptedSessionInfo);
         return PublicKeyEncSessionPacket.createV3PKESKPacket(keyId, pubKey.getAlgorithm(), encodedEncSessionInfo);
     }
@@ -187,91 +187,75 @@ public ContainedPacket generateV6(byte[] sessionInfo)
             keyFingerprint = pubKey.getFingerprint();
             keyVersion = pubKey.getVersion();
         }
-        byte[] encryptedSessionInfo = encryptSessionInfoV6(pubKey, sessionInfo);
+        // In V6, do not include the symmetric-key algorithm in the session-info
+        byte[] sessionInfoWithoutAlgId = new byte[sessionInfo.length - 1];
+        System.arraycopy(sessionInfo, 1, sessionInfoWithoutAlgId, 0, sessionInfoWithoutAlgId.length);
+
+        byte[] encryptedSessionInfo =  encryptSessionInfo(pubKey, sessionInfo, sessionInfoWithoutAlgId, (byte)0);
         byte[][] encodedEncSessionInfo = encodeEncryptedSessionInfo(encryptedSessionInfo);
         return PublicKeyEncSessionPacket.createV6PKESKPacket(keyVersion, keyFingerprint, pubKey.getAlgorithm(), encodedEncSessionInfo);
     }
 
     /**
      * Encrypt a session key using the recipients public key.
-     * @param pubKey recipients public key
-     * @param fullSessionInfo full session info (sym-alg-id + session-key + 2 octet checksum)
+     *
+     * @param pubKey               recipients public key
+     * @param fullSessionInfo      full session info (sym-alg-id + session-key + 2 octet checksum)
      * @param sessionInfoToEncrypt for v3: full session info; for v6: just the session-key
-     * @param optSymAlgId for v3: session key algorithm ID; for v6: empty array
+     * @param optSymAlgId          for v3: session key algorithm ID; for v6: empty array
      * @return encrypted session info
      * @throws PGPException
      */
     protected abstract byte[] encryptSessionInfo(PGPPublicKey pubKey,
                                                  byte[] fullSessionInfo,
                                                  byte[] sessionInfoToEncrypt,
-                                                 byte[] optSymAlgId)
+                                                 byte optSymAlgId)
         throws PGPException;
 
-    /**
-     * Encrypt a session key for a v3 PKESK.
-     * @param pubKey recipients public key
-     * @param sessionInfo session info (sym-alg-id + session-key + 2 octet checksum)
-     * @return encrypted session info
-     * @throws PGPException
-     */
-    protected byte[] encryptSessionInfoV3(PGPPublicKey pubKey, byte[] sessionInfo)
-        throws PGPException
-    {
-        return encryptSessionInfo(pubKey, sessionInfo, sessionInfo, new byte[]{sessionInfo[0]});
-    }
-
-    /**
-     * Encrypt a session key for a v6 PKESK.
-     * @param pubKey recipients public key
-     * @param sessionInfo session info (sym-alg-id + session-key + 2 octet checksum)
-     * @return encrypted session info
-     * @throws PGPException
-     */
-    protected byte[] encryptSessionInfoV6(PGPPublicKey pubKey, byte[] sessionInfo)
-        throws PGPException
-    {
-        // In V6, do not include the symmetric-key algorithm in the session-info
-        byte[] sessionInfoWithoutAlgId = new byte[sessionInfo.length - 1];
-        System.arraycopy(sessionInfo, 1, sessionInfoWithoutAlgId, 0, sessionInfoWithoutAlgId.length);
-
-        return encryptSessionInfo(pubKey, sessionInfo, sessionInfoWithoutAlgId, new byte[0]);
-    }
 
     protected static byte[] concatECDHEphKeyWithWrappedSessionKey(byte[] ephPubEncoding, byte[] wrappedSessionKey)
         throws IOException
     {
         // https://www.rfc-editor.org/rfc/rfc9580.html#section-11.5-16
 
         byte[] mpiEncodedEphemeralKey = new MPInteger(new BigInteger(1, ephPubEncoding))
-                .getEncoded();
+            .getEncoded();
         byte[] out = new byte[mpiEncodedEphemeralKey.length + 1 + wrappedSessionKey.length];
         // eph key
         System.arraycopy(mpiEncodedEphemeralKey, 0, out, 0, mpiEncodedEphemeralKey.length);
         // enc session-key len
-        out[mpiEncodedEphemeralKey.length] = (byte) wrappedSessionKey.length;
+        out[mpiEncodedEphemeralKey.length] = (byte)wrappedSessionKey.length;
         // enc session-key
         System.arraycopy(wrappedSessionKey, 0, out, mpiEncodedEphemeralKey.length + 1, wrappedSessionKey.length);
 
         return out;
     }
 
-//    private static byte[] getSessionInfo(byte[] ephPubEncoding, int symmetricKeyAlgorithm, byte[] c)
-//    {
-//        return getSessionInfo(ephPubEncoding, new byte[]{(byte) symmetricKeyAlgorithm}, c);
-//    }
-
-    protected static byte[] getSessionInfo(byte[] ephPubEncoding, byte[] optSymKeyAlgorithm, byte[] wrappedSessionKey)
+    protected static byte[] getSessionInfo(byte[] ephPubEncoding, byte optSymKeyAlgorithm, byte[] wrappedSessionKey)
     {
-        int len = ephPubEncoding.length + 1 + optSymKeyAlgorithm.length + wrappedSessionKey.length;
+        int len = ephPubEncoding.length + 1 + wrappedSessionKey.length;
+        if (optSymKeyAlgorithm != 0)
+        {
+            len++;
+        }
         byte[] out = new byte[len];
         // ephemeral pub key
         System.arraycopy(ephPubEncoding, 0, out, 0, ephPubEncoding.length);
         // len of two/one next fields
-        out[ephPubEncoding.length] = (byte) (wrappedSessionKey.length + optSymKeyAlgorithm.length);
+        out[ephPubEncoding.length] = (byte)(wrappedSessionKey.length + 1);
         // (optional) sym key alg
-        System.arraycopy(optSymKeyAlgorithm, 0, out, ephPubEncoding.length + 1, optSymKeyAlgorithm.length);
-        // wrapped session key
-        System.arraycopy(wrappedSessionKey, 0, out, ephPubEncoding.length + 1 + optSymKeyAlgorithm.length, wrappedSessionKey.length);
+        if (optSymKeyAlgorithm != 0)
+        {
+            out[ephPubEncoding.length + 1] = optSymKeyAlgorithm;
+            // wrapped session key
+            System.arraycopy(wrappedSessionKey, 0, out, ephPubEncoding.length + 1 + 1, wrappedSessionKey.length);
+        }
+        else
+        {
+            // wrapped session key
+            System.arraycopy(wrappedSessionKey, 0, out, ephPubEncoding.length + 1, wrappedSessionKey.length);
+        }
+
         return out;
     }
 }

pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyKeyEncryptionMethodGenerator.java

@@ -74,7 +74,7 @@ public BcPublicKeyKeyEncryptionMethodGenerator setSecureRandom(SecureRandom rand
     }
 
     @Override
-    protected byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] fullSessionInfo, byte[] sessionInfoToEncrypt, byte[] optSymAlgId)
+    protected byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] fullSessionInfo, byte[] sessionInfoToEncrypt, byte optSymAlgId)
         throws PGPException
     {
         try
@@ -231,7 +231,7 @@ private byte[] encryptSessionInfoWithX25519X448Key(PublicKeyPacket pubKeyPacket,
                                                        AsymmetricKeyParameter cryptoPublicKey,
                                                        int keySize,
                                                        EphPubEncodingOperation ephPubEncodingOperation,
-                                                       byte[] optSymAlgId)
+                                                       byte optSymAlgId)
             throws PGPException
     {
         AsymmetricCipherKeyPair ephKp = getAsymmetricCipherKeyPair(gen, parameters);

pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcePublicKeyKeyEncryptionMethodGenerator.java

@@ -91,7 +91,7 @@ public JcePublicKeyKeyEncryptionMethodGenerator setSecureRandom(SecureRandom ran
     protected byte[] encryptSessionInfo(PGPPublicKey pubKey,
                                         byte[] fullSessionInfo,
                                         byte[] sessionInfoToEncrypt,
-                                        byte[] optSymAlgId)
+                                        byte optSymAlgId)
         throws PGPException
     {
         try
@@ -109,53 +109,92 @@ protected byte[] encryptSessionInfo(PGPPublicKey pubKey,
                 if (JcaJcePGPUtil.isX25519(ecKey.getCurveOID()))
                 {
                     return encryptSessionInfoWithECDHKey(pubKeyPacket, "X25519", cryptoPublicKey, keyEncryptionOID,
-                            ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getXDHAlgorithm(pubKeyPacket),
-                            (kpGen) -> kpGen.initialize(255, random),
-                            (ephPubEncoding) -> Arrays.prepend(ephPubEncoding, X_HDR));
+                        ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getXDHAlgorithm(pubKeyPacket),
+                        new KeyPairGeneratorOperation()
+                        {
+                            @Override
+                            public void initialize(KeyPairGenerator kpGen)
+                                throws GeneralSecurityException, IOException
+                            {
+                                kpGen.initialize(255, random);
+                            }
+                        },
+                        new EphPubEncoding()
+                        {
+                            @Override
+                            public byte[] getEphPubEncoding(byte[] publicKeyData)
+                            {
+                                return Arrays.prepend(publicKeyData, X_HDR);
+                            }
+                        });
                 }
 
                 // Legacy X448
                 else if (ecKey.getCurveOID().equals(EdECObjectIdentifiers.id_X448))
                 {
                     return encryptSessionInfoWithECDHKey(pubKeyPacket, "X448", cryptoPublicKey, keyEncryptionOID,
-                            ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getXDHAlgorithm(pubKeyPacket),
-                            (kpGen) -> kpGen.initialize(448, random),
-                            (ephPubEncoding) -> Arrays.prepend(ephPubEncoding, X_HDR));
+                        ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getXDHAlgorithm(pubKeyPacket),
+                        new KeyPairGeneratorOperation()
+                        {
+                            @Override
+                            public void initialize(KeyPairGenerator kpGen)
+                                throws GeneralSecurityException, IOException
+                            {
+                                kpGen.initialize(448, random);
+                            }
+                        },
+                        new EphPubEncoding()
+                        {
+                            @Override
+                            public byte[] getEphPubEncoding(byte[] publicKeyData)
+                            {
+                                return Arrays.prepend(publicKeyData, X_HDR);
+                            }
+                        });
                 }
 
                 // Other ECDH curves
                 else
                 {
                     return encryptSessionInfoWithECDHKey(pubKeyPacket, "EC", cryptoPublicKey, keyEncryptionOID,
-                            ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getAgreementAlgorithm(pubKeyPacket),
-                            (kpGen) ->
+                        ecKey.getSymmetricKeyAlgorithm(), sessionInfoToEncrypt, RFC6637Utils.getAgreementAlgorithm(pubKeyPacket),
+                        new KeyPairGeneratorOperation()
+                        {
+                            @Override
+                            public void initialize(KeyPairGenerator kpGen)
+                                throws GeneralSecurityException, IOException
                             {
                                 AlgorithmParameters ecAlgParams = helper.createAlgorithmParameters("EC");
                                 ecAlgParams.init(new X962Parameters(ecKey.getCurveOID()).getEncoded());
                                 kpGen.initialize(ecAlgParams.getParameterSpec(AlgorithmParameterSpec.class), random);
-                            }, (ephPubEncoding) ->
+                            }
+                        }, new EphPubEncoding()
+                        {
+                            @Override
+                            public byte[] getEphPubEncoding(byte[] ephPubEncoding)
                             {
                                 if (null == ephPubEncoding || ephPubEncoding.length < 1 || ephPubEncoding[0] != 0x04)
                                 {
                                     ephPubEncoding = JcaJcePGPUtil.getX9Parameters(ecKey.getCurveOID()).getCurve().decodePoint(ephPubEncoding).getEncoded(false);
                                 }
                                 return ephPubEncoding;
-                            });
+                            }
+                        });
                 }
             }
 
             // X25519
             else if (pubKey.getAlgorithm() == PublicKeyAlgorithmTags.X25519)
             {
                 return encryptSessionInfoWithX25519X448Key(pubKey, "X25519", cryptoPublicKey, NISTObjectIdentifiers.id_aes128_wrap.getId(),
-                        SymmetricKeyAlgorithmTags.AES_128, fullSessionInfo, "X25519withSHA256HKDF", 255, optSymAlgId);
+                    SymmetricKeyAlgorithmTags.AES_128, fullSessionInfo, "X25519withSHA256HKDF", 255, optSymAlgId);
             }
 
             // X448
             else if (pubKey.getAlgorithm() == PublicKeyAlgorithmTags.X448)
             {
                 return encryptSessionInfoWithX25519X448Key(pubKey, "X448", cryptoPublicKey, NISTObjectIdentifiers.id_aes256_wrap.getId(),
-                        SymmetricKeyAlgorithmTags.AES_256, fullSessionInfo, "X448withSHA512HKDF", 448, optSymAlgId);
+                    SymmetricKeyAlgorithmTags.AES_256, fullSessionInfo, "X448withSHA512HKDF", 448, optSymAlgId);
             }
 
             // RSA / ElGamal etc.
@@ -236,7 +275,7 @@ private byte[] encryptSessionInfoWithECDHKey(PublicKeyPacket pubKeyPacket, Strin
      */
     private byte[] encryptSessionInfoWithX25519X448Key(PGPPublicKey pgpPublicKey, String algorithmName, PublicKey cryptoPublicKey, String keyEncryptionOID,
                                                        int symmetricKeyAlgorithm, byte[] sessionInfo, String agreementAlgorithmName, int keySize,
-                                                       byte[] optSymAlgId)
+                                                       byte optSymAlgId)
         throws GeneralSecurityException, IOException, PGPException
     {
         KeyPairGenerator kpGen = helper.createKeyPairGenerator(algorithmName);