Add EdECObjectIdentifiers.id_X25519 to Bc/JcePublicKeyKeyEncryptionMethodGenerator. Remove providedKeyAlgorithm from PGPSignatureGenerator and PGPV3SignatureGenerator.

Author: gefeili

pg/src/main/java/org/bouncycastle/openpgp/PGPSignatureGenerator.java

@@ -28,7 +28,7 @@ public class PGPSignatureGenerator
     private SignatureSubpacket[] hashed = new SignatureSubpacket[0];
     private PGPContentSignerBuilder contentSignerBuilder;
     private PGPContentSigner contentSigner;
-    private int providedKeyAlgorithm = -1;
+    //private int providedKeyAlgorithm = -1;
 
     /**
      * Create a signature generator built on the passed in contentSignerBuilder.
@@ -58,10 +58,10 @@ public void init(
         sigType = contentSigner.getType();
         lastb = 0;
 
-        if (providedKeyAlgorithm >= 0 && providedKeyAlgorithm != contentSigner.getKeyAlgorithm())
-        {
-            throw new PGPException("key algorithm mismatch");
-        }
+//        if (providedKeyAlgorithm >= 0 && providedKeyAlgorithm != contentSigner.getKeyAlgorithm())
+//        {
+//            throw new PGPException("key algorithm mismatch");
+//        }
     }
 
     public void setHashedSubpackets(
@@ -167,34 +167,35 @@ public PGPSignature generate()
             throw new PGPException("exception encoding hashed data.", e);
         }
 
-
         byte[] trailer = sOut.toByteArray();
 
         blockUpdate(trailer, 0, trailer.length);
-
-        if (contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.RSA_SIGN
-            || contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.RSA_GENERAL)    // an RSA signature
+        switch (contentSigner.getKeyAlgorithm())
+        {
+        case PublicKeyAlgorithmTags.RSA_SIGN:
+        case PublicKeyAlgorithmTags.RSA_GENERAL:
         {
             sigValues = new MPInteger[1];
             sigValues[0] = new MPInteger(new BigInteger(1, contentSigner.getSignature()));
+            break;
         }
-        else if (contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.EDDSA_LEGACY)
+        case PublicKeyAlgorithmTags.EDDSA_LEGACY:
         {
             byte[] enc = contentSigner.getSignature();
             sigValues = new MPInteger[]{
                 new MPInteger(new BigInteger(1, Arrays.copyOfRange(enc, 0, enc.length / 2))),
                 new MPInteger(new BigInteger(1, Arrays.copyOfRange(enc, enc.length / 2, enc.length)))
             };
+            break;
         }
-        else if (contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.Ed25519 ||
-            contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.Ed448)
-        {
+        case PublicKeyAlgorithmTags.Ed25519:
+        case PublicKeyAlgorithmTags.Ed448:
             // Contrary to EDDSA_LEGACY, the new PK algorithms Ed25519, Ed448 do not use MPI encoding
             sigValues = null;
-        }
-        else
-        {
+            break;
+        default:
             sigValues = PGPUtil.dsaSigToMpi(contentSigner.getSignature());
+            break;
         }
 
         byte[] digest = contentSigner.getDigest();
@@ -206,13 +207,13 @@ else if (contentSigner.getKeyAlgorithm() == PublicKeyAlgorithmTags.Ed25519 ||
         if (sigValues != null)
         {
             return new PGPSignature(new SignaturePacket(sigType, contentSigner.getKeyID(), contentSigner.getKeyAlgorithm(),
-                    contentSigner.getHashAlgorithm(), hPkts, unhPkts, fingerPrint, sigValues));
+                contentSigner.getHashAlgorithm(), hPkts, unhPkts, fingerPrint, sigValues));
         }
         else
         {
             // Ed25519, Ed448 use raw encoding instead of MPI
             return new PGPSignature(new SignaturePacket(4, sigType, contentSigner.getKeyID(), contentSigner.getKeyAlgorithm(),
-                    contentSigner.getHashAlgorithm(), hPkts, unhPkts, fingerPrint, contentSigner.getSignature()));
+                contentSigner.getHashAlgorithm(), hPkts, unhPkts, fingerPrint, contentSigner.getSignature()));
         }
     }
 

pg/src/main/java/org/bouncycastle/openpgp/PGPV3SignatureGenerator.java

@@ -19,7 +19,7 @@ public class PGPV3SignatureGenerator
 {
     private PGPContentSignerBuilder contentSignerBuilder;
     private PGPContentSigner contentSigner;
-    private int              providedKeyAlgorithm = -1;
+//    private int              providedKeyAlgorithm = -1;
 
     /**
      * Create a signature generator built on the passed in contentSignerBuilder.
@@ -49,10 +49,10 @@ public void init(
         sigType = contentSigner.getType();
         lastb = 0;
 
-        if (providedKeyAlgorithm >= 0 && providedKeyAlgorithm != contentSigner.getKeyAlgorithm())
-        {
-            throw new PGPException("key algorithm mismatch");
-        }
+//        if (providedKeyAlgorithm >= 0 && providedKeyAlgorithm != contentSigner.getKeyAlgorithm())
+//        {
+//            throw new PGPException("key algorithm mismatch");
+//        }
     }
 
     /**

pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPublicKeyKeyEncryptionMethodGenerator.java

@@ -32,6 +32,7 @@
 import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
 import org.bouncycastle.crypto.params.X448KeyGenerationParameters;
 import org.bouncycastle.crypto.params.X448PublicKeyParameters;
+import org.bouncycastle.internal.asn1.edec.EdECObjectIdentifiers;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.operator.PGPPad;
@@ -85,7 +86,7 @@ protected byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionInfo)
             {
                 ECDHPublicBCPGKey ecPubKey = (ECDHPublicBCPGKey)pubKeyPacket.getKey();
                 byte[] userKeyingMaterial = RFC6637Utils.createUserKeyingMaterial(pubKeyPacket, new BcKeyFingerprintCalculator());
-                if (ecPubKey.getCurveOID().equals(CryptlibObjectIdentifiers.curvey25519))
+                if (ecPubKey.getCurveOID().equals(CryptlibObjectIdentifiers.curvey25519) || ecPubKey.getCurveOID().equals(EdECObjectIdentifiers.id_X25519))
                 {
                     AsymmetricCipherKeyPair ephKp = getAsymmetricCipherKeyPair(new X25519KeyPairGenerator(), new X25519KeyGenerationParameters(random));
 

pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcePublicKeyKeyEncryptionMethodGenerator.java

@@ -25,6 +25,7 @@
 import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
 import org.bouncycastle.bcpg.PublicKeyPacket;
 import org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags;
+import org.bouncycastle.internal.asn1.edec.EdECObjectIdentifiers;
 import org.bouncycastle.jcajce.spec.HybridValueParameterSpec;
 import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
 import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
@@ -100,7 +101,7 @@ protected byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionInfo)
                 ECDHPublicBCPGKey ecKey = (ECDHPublicBCPGKey)pubKey.getPublicKeyPacket().getKey();
                 String keyEncryptionOID = RFC6637Utils.getKeyEncryptionOID(ecKey.getSymmetricKeyAlgorithm()).getId();
                 PublicKeyPacket pubKeyPacket = pubKey.getPublicKeyPacket();
-                if (ecKey.getCurveOID().equals(CryptlibObjectIdentifiers.curvey25519))
+                if (ecKey.getCurveOID().equals(CryptlibObjectIdentifiers.curvey25519) || ecKey.getCurveOID().equals(EdECObjectIdentifiers.id_X25519))
                 {
                     return getEncryptSessionInfo(pubKeyPacket, "X25519", cryptoPublicKey, keyEncryptionOID,
                         ecKey.getSymmetricKeyAlgorithm(), sessionInfo, RFC6637Utils.getXDHAlgorithm(pubKeyPacket),