Merge branch '1857-5-aead-reencrypt' into 'main'

Add AEADProtectedPGPSecretKeyTest.reencryptKey, PublicKeyUtils, and update PGPSecretKey

See merge request root/bc-java!49

Author: dghgit

pg/src/main/java/org/bouncycastle/bcpg/PublicKeyUtils.java

@@ -0,0 +1,56 @@
+package org.bouncycastle.bcpg;
+
+/**
+ * Utility methods related to OpenPGP public key algorithms.
+ */
+public class PublicKeyUtils
+{
+
+    /**
+     * Return true, if the public key algorithm that corresponds to the given ID is capable of signing.
+     *
+     * @param publicKeyAlgorithm public key algorithm id
+     * @return true if algorithm can sign
+     */
+    public static boolean isSigningAlgorithm(int publicKeyAlgorithm)
+    {
+        switch (publicKeyAlgorithm)
+        {
+        case PublicKeyAlgorithmTags.RSA_GENERAL:
+        case PublicKeyAlgorithmTags.RSA_SIGN:
+        case PublicKeyAlgorithmTags.DSA:
+        case PublicKeyAlgorithmTags.ECDSA:
+        case PublicKeyAlgorithmTags.ELGAMAL_GENERAL:
+        case PublicKeyAlgorithmTags.EDDSA_LEGACY:
+        case PublicKeyAlgorithmTags.Ed25519:
+        case PublicKeyAlgorithmTags.Ed448:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+//    /**
+//     * Return true, if the public key algorithm that corresponds to the given ID is capable of encryption.
+//     *
+//     * @param publicKeyAlgorithm public key algorithm id
+//     * @return true if algorithm can encrypt
+//     */
+//    public static boolean isEncryptionAlgorithm(int publicKeyAlgorithm)
+//    {
+//        switch (publicKeyAlgorithm)
+//        {
+//        case PublicKeyAlgorithmTags.RSA_GENERAL:
+//        case PublicKeyAlgorithmTags.RSA_ENCRYPT:
+//        case PublicKeyAlgorithmTags.ELGAMAL_ENCRYPT:
+//        case PublicKeyAlgorithmTags.ECDH:
+//        case PublicKeyAlgorithmTags.ELGAMAL_GENERAL:
+//        case PublicKeyAlgorithmTags.DIFFIE_HELLMAN:
+//        case PublicKeyAlgorithmTags.X25519:
+//        case PublicKeyAlgorithmTags.X448:
+//            return true;
+//        default:
+//            return false;
+//        }
+//    }
+}

pg/src/main/java/org/bouncycastle/openpgp/PGPSecretKey.java

@@ -22,6 +22,7 @@
 import org.bouncycastle.bcpg.KeyIdentifier;
 import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
 import org.bouncycastle.bcpg.PublicKeyPacket;
+import org.bouncycastle.bcpg.PublicKeyUtils;
 import org.bouncycastle.bcpg.PublicSubkeyPacket;
 import org.bouncycastle.bcpg.RSASecretBCPGKey;
 import org.bouncycastle.bcpg.S2K;
@@ -418,11 +419,7 @@ private static PGPPublicKey certifiedPublicKey(
      */
     public boolean isSigningKey()
     {
-        int algorithm = pub.getAlgorithm();
-
-        return ((algorithm == PGPPublicKey.RSA_GENERAL) || (algorithm == PGPPublicKey.RSA_SIGN)
-            || (algorithm == PGPPublicKey.DSA) || (algorithm == PGPPublicKey.ECDSA) || (algorithm == PGPPublicKey.EDDSA_LEGACY)
-            || (algorithm == PGPPublicKey.ELGAMAL_GENERAL) || (algorithm == PGPPublicKey.Ed448) || (algorithm == PGPPublicKey.Ed25519));
+        return PublicKeyUtils.isSigningAlgorithm(pub.getAlgorithm());
     }
 
     /**
@@ -460,12 +457,13 @@ public int getKeyEncryptionAlgorithm()
     /**
      * Return the AEAD algorithm the key is encrypted with.
      * Returns <pre>0</pre> if no AEAD is used.
+     *
      * @return aead key encryption algorithm
      */
     public int getAEADKeyEncryptionAlgorithm()
     {
         return secret.getAeadAlgorithm();
-    }    
+    }
 
     /**
      * Return the keyID of the public key associated with this key.
@@ -499,6 +497,13 @@ public byte[] getFingerprint()
 
     /**
      * Return the S2K usage associated with this key.
+     * This value indicates, how the secret key material is protected:
+     * <ul>
+     *     <li>{@link SecretKeyPacket#USAGE_NONE}: Unprotected</li>
+     *     <li>{@link SecretKeyPacket#USAGE_CHECKSUM}: Password-protected using malleable CFB (deprecated)</li>
+     *     <li>{@link SecretKeyPacket#USAGE_SHA1}: Password-protected using CFB</li>
+     *     <li>{@link SecretKeyPacket#USAGE_AEAD}: Password-protected using AEAD (recommended)</li>
+     * </ul>
      *
      * @return the key's S2K usage
      */
@@ -992,7 +997,15 @@ public static PGPSecretKey copyWithNewPassword(
 
         SecretKeyPacket secret;
 
-        secret = generateSecretKeyPacket(!(key.secret instanceof SecretSubkeyPacket), key.secret.getPublicKeyPacket(), newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+        if (newKeyEncryptor!= null && newKeyEncryptor.getAeadAlgorithm() > 0)
+        {
+            s2kUsage = SecretKeyPacket.USAGE_AEAD;
+            secret = generateSecretKeyPacket(!(key.secret instanceof SecretSubkeyPacket), key.secret.getPublicKeyPacket(), newEncAlgorithm, newKeyEncryptor.getAeadAlgorithm(), s2kUsage, s2k, iv, keyData);
+        }
+        else
+        {
+            secret = generateSecretKeyPacket(!(key.secret instanceof SecretSubkeyPacket), key.secret.getPublicKeyPacket(), newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+        }
 
         return new PGPSecretKey(secret, key.pub);
     }

pg/src/test/java/org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.java

@@ -31,9 +31,12 @@
 import org.bouncycastle.openpgp.PGPSecretKey;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.bouncycastle.openpgp.bc.BcPGPObjectFactory;
+import org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor;
+import org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor;
 import org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider;
 import org.bouncycastle.openpgp.operator.bc.BcAEADSecretKeyEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder;
+import org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider;
 import org.bouncycastle.openpgp.operator.bc.BcPGPKeyPair;
 import org.bouncycastle.openpgp.operator.jcajce.JcaAEADSecretKeyEncryptorBuilder;
@@ -65,6 +68,8 @@ public void performTest()
 
         testUnlockKeyWithWrongPassphraseBc();
         testUnlockKeyWithWrongPassphraseJca();
+
+        reencryptKey();
     }
 
     private void unlockTestVector()
@@ -360,6 +365,58 @@ private void lockUnlockKeyJca(
             keyPair.getPrivateKey().getPrivateKeyDataPacket().getEncoded(), dec.getPrivateKeyDataPacket().getEncoded());
     }
 
+    private void reencryptKey() throws PGPException {
+        reencryptKeyBc();
+        reencryptKeyJca();
+    }
+
+    private void reencryptKeyJca()
+    {
+
+    }
+
+    private void reencryptKeyBc()
+            throws PGPException
+    {
+        Ed25519KeyPairGenerator gen = new Ed25519KeyPairGenerator();
+        gen.init(new Ed25519KeyGenerationParameters(new SecureRandom()));
+        AsymmetricCipherKeyPair kp = gen.generateKeyPair();
+        Date creationTime = currentTimeRounded();
+        String passphrase = "recycle";
+        PGPKeyPair keyPair = new BcPGPKeyPair(PublicKeyPacket.VERSION_6, PublicKeyAlgorithmTags.Ed25519, kp, creationTime);
+
+        PBESecretKeyEncryptor cfbEncBuilder = new BcPBESecretKeyEncryptorBuilder(SymmetricKeyAlgorithmTags.AES_128)
+                .build(passphrase.toCharArray());
+        PGPDigestCalculatorProvider digestProv = new BcPGPDigestCalculatorProvider();
+
+        // Encrypt key using CFB mode
+        PGPSecretKey cfbEncKey = new PGPSecretKey(
+                keyPair.getPrivateKey(),
+                keyPair.getPublicKey(),
+                digestProv.get(HashAlgorithmTags.SHA1),
+                true,
+                cfbEncBuilder);
+
+        PBESecretKeyDecryptor cfbDecryptor = new BcPBESecretKeyDecryptorBuilder(digestProv)
+                .build(passphrase.toCharArray());
+
+        BcAEADSecretKeyEncryptorBuilder aeadEncBuilder = new BcAEADSecretKeyEncryptorBuilder(
+                AEADAlgorithmTags.OCB, SymmetricKeyAlgorithmTags.AES_128,
+                S2K.Argon2Params.memoryConstrainedParameters());
+
+        // Reencrypt key using AEAD
+        PGPSecretKey aeadEncKey = PGPSecretKey.copyWithNewPassword(
+                cfbEncKey,
+                cfbDecryptor,
+                aeadEncBuilder.build(
+                        passphrase.toCharArray(),
+                        cfbEncKey.getPublicKey().getPublicKeyPacket()));
+
+        PBESecretKeyDecryptor aeadDecryptor = new BcPBESecretKeyDecryptorBuilder(digestProv)
+                .build(passphrase.toCharArray());
+        isNotNull(aeadEncKey.extractPrivateKey(aeadDecryptor));
+    }
+
     public static void main(String[] args)
     {
         runTest(new AEADProtectedPGPSecretKeyTest());