Merge branch '2105-pgpainless-v6' into 'main'

Pual's thread for PGPainless new version release

See merge request root/bc-java!110

Author: dghgit

pg/src/main/java/org/bouncycastle/bcpg/PublicKeyUtils.java

@@ -30,26 +30,26 @@ public static boolean isSigningAlgorithm(int publicKeyAlgorithm)
         }
     }
 
-//    /**
-//     * Return true, if the public key algorithm that corresponds to the given ID is capable of encryption.
-//     * @param publicKeyAlgorithm public key algorithm id
-//     * @return true if algorithm can encrypt
-//     */
-//    public static boolean isEncryptionAlgorithm(int publicKeyAlgorithm)
-//    {
-//        switch (publicKeyAlgorithm)
-//        {
-//        case PublicKeyAlgorithmTags.RSA_GENERAL:
-//        case PublicKeyAlgorithmTags.RSA_ENCRYPT:
-//        case PublicKeyAlgorithmTags.ELGAMAL_ENCRYPT:
-//        case PublicKeyAlgorithmTags.ECDH:
-//        case PublicKeyAlgorithmTags.ELGAMAL_GENERAL:
-//        case PublicKeyAlgorithmTags.DIFFIE_HELLMAN:
-//        case PublicKeyAlgorithmTags.X25519:
-//        case PublicKeyAlgorithmTags.X448:
-//            return true;
-//        default:
-//            return false;
-//        }
-//    }
+    /**
+     * Return true, if the public key algorithm that corresponds to the given ID is capable of encryption.
+     * @param publicKeyAlgorithm public key algorithm id
+     * @return true if algorithm can encrypt
+     */
+    public static boolean isEncryptionAlgorithm(int publicKeyAlgorithm)
+    {
+        switch (publicKeyAlgorithm)
+        {
+        case PublicKeyAlgorithmTags.RSA_GENERAL:
+        case PublicKeyAlgorithmTags.RSA_ENCRYPT:
+        case PublicKeyAlgorithmTags.ELGAMAL_ENCRYPT:
+        case PublicKeyAlgorithmTags.ECDH:
+        case PublicKeyAlgorithmTags.ELGAMAL_GENERAL:
+        case PublicKeyAlgorithmTags.DIFFIE_HELLMAN:
+        case PublicKeyAlgorithmTags.X25519:
+        case PublicKeyAlgorithmTags.X448:
+            return true;
+        default:
+            return false;
+        }
+    }
 }

pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java

@@ -8,6 +8,7 @@
 import org.bouncycastle.bcpg.sig.IssuerFingerprint;
 import org.bouncycastle.bcpg.sig.IssuerKeyID;
 import org.bouncycastle.bcpg.sig.SignatureCreationTime;
+import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.Pack;
 import org.bouncycastle.util.io.Streams;
@@ -446,6 +447,40 @@ public SignaturePacket(
         }
     }
 
+    public static SignaturePacket copyOfWith(SignaturePacket packet, SignatureSubpacket[] unhashedSubpackets)
+    {
+        if (packet.getVersion() == SignaturePacket.VERSION_6)
+        {
+            return new SignaturePacket(
+                packet.getVersion(),
+                packet.getSignatureType(),
+                packet.getKeyID(),
+                packet.getKeyAlgorithm(),
+                packet.getHashAlgorithm(),
+                packet.getHashedSubPackets(),
+                unhashedSubpackets,
+                packet.getFingerPrint(),
+                packet.getSignatureBytes(),
+                packet.getSalt()
+            );
+        }
+        else
+        {
+            return new SignaturePacket(
+                packet.getVersion(),
+                packet.hasNewPacketFormat(),
+                packet.getSignatureType(),
+                packet.getKeyID(),
+                packet.getKeyAlgorithm(),
+                packet.getHashAlgorithm(),
+                packet.getHashedSubPackets(),
+                unhashedSubpackets,
+                packet.getFingerPrint(),
+                packet.getSignature()
+            );
+        }
+    }
+
     /**
      * get the version number
      */

pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedDataList.java

@@ -154,6 +154,11 @@ public PGPEncryptedData get(
         return (PGPEncryptedData)methods.get(index);
     }
 
+    public InputStreamPacket getEncryptedData()
+    {
+        return data;
+    }
+
     /**
      * Gets the number of encryption methods in this list.
      */

pg/src/main/java/org/bouncycastle/openpgp/PGPKeyRing.java

@@ -93,6 +93,16 @@ static void readUserIDs(
         }
     }
 
+    /**
+     * Return the {@link KeyIdentifier} of this key rings primary key.
+     *
+     * @return primary key identifier
+     */
+    public KeyIdentifier getKeyIdentifier()
+    {
+        return getPublicKey().getKeyIdentifier();
+    }
+
     /**
      * Return the first public key in the ring.  In the case of a {@link PGPSecretKeyRing}
      * this is also the public key of the master key pair.

pg/src/main/java/org/bouncycastle/openpgp/PGPObjectFactory.java

@@ -10,10 +10,10 @@
 
 import org.bouncycastle.bcpg.BCPGInputStream;
 import org.bouncycastle.bcpg.PacketTags;
+import org.bouncycastle.bcpg.TrustPacket;
 import org.bouncycastle.bcpg.UnknownPacket;
 import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
 import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator;
-import org.bouncycastle.util.Iterable;
 
 /**
  * General class for reading a PGP object stream.
@@ -141,6 +141,8 @@ public Object nextObject()
             return new PGPCompressedData(in);
         case PacketTags.LITERAL_DATA:
             return new PGPLiteralData(in);
+        case PacketTags.TRUST:
+            return new PGPTrust(in);
         case PacketTags.PUBLIC_KEY_ENC_SESSION:
         case PacketTags.SYMMETRIC_KEY_ENC_SESSION:
         case PacketTags.SYMMETRIC_KEY_ENC:

pg/src/main/java/org/bouncycastle/openpgp/PGPPublicKey.java

@@ -487,7 +487,14 @@ public Iterator<String> getUserIDs()
         {
             if (ids.get(i) instanceof UserIDPacket)
             {
-                temp.add(((UserIDPacket)ids.get(i)).getID());
+                try
+                {
+                    temp.add(((UserIDPacket) ids.get(i)).getID());
+                }
+                catch (IllegalArgumentException e)
+                {
+                    // Skip non-UTF8 user-ids
+                }
             }
         }
 
@@ -1157,7 +1164,7 @@ public static PGPPublicKey join(
         }
 
         // key signatures
-        joinPgpSignatureList(copy.keySigs, keySigs, true, true);
+        joinPgpSignatureList(copy.keySigs, keySigs, false, true);
 
         // user-ids and id sigs
         for (int idIdx = 0; idIdx < copy.ids.size(); idIdx++)

pg/src/main/java/org/bouncycastle/openpgp/PGPSecretKey.java

@@ -293,7 +293,7 @@ public PGPSecretKey(
         //
         // generate the certification
         //
-        PGPSignatureGenerator sGen = new PGPSignatureGenerator(certificationSignerBuilder);
+        PGPSignatureGenerator sGen = new PGPSignatureGenerator(certificationSignerBuilder, masterKeyPair.getPublicKey());
 
         sGen.init(PGPSignature.SUBKEY_BINDING, masterKeyPair.getPrivateKey());
 
@@ -302,7 +302,7 @@ public PGPSecretKey(
         {
             if (hashedPcks == null)
             {
-                PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(certificationSignerBuilder);
+                PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(certificationSignerBuilder, keyPair.getPublicKey());
 
                 signatureGenerator.init(PGPSignature.PRIMARYKEY_BINDING, keyPair.getPrivateKey());
 
@@ -382,7 +382,7 @@ private static PGPPublicKey certifiedPublicKey(
 
         try
         {
-            sGen = new PGPSignatureGenerator(certificationSignerBuilder);
+            sGen = new PGPSignatureGenerator(certificationSignerBuilder, keyPair.getPublicKey());
         }
         catch (Exception e)
         {

pg/src/main/java/org/bouncycastle/openpgp/PGPSignature.java

@@ -1033,18 +1033,7 @@ public static PGPSignature join(PGPSignature sig1, PGPSignature sig2)
 
         SignatureSubpacket[] unhashed = (SignatureSubpacket[])merged.toArray(new SignatureSubpacket[0]);
         return new PGPSignature(
-            new SignaturePacket(
-                sig1.getVersion(),
-                sig1.sigPck.hasNewPacketFormat(),
-                sig1.getSignatureType(),
-                sig1.getKeyID(),
-                sig1.getKeyAlgorithm(),
-                sig1.getHashAlgorithm(),
-                sig1.getHashedSubPackets().packets,
-                unhashed,
-                sig1.getDigestPrefix(),
-                sig1.sigPck.getSignature()
-            )
+            SignaturePacket.copyOfWith(sig1.sigPck, unhashed)
         );
     }
 }

pg/src/main/java/org/bouncycastle/openpgp/PGPTrust.java

@@ -0,0 +1,36 @@
+package org.bouncycastle.openpgp;
+
+import org.bouncycastle.bcpg.BCPGInputStream;
+import org.bouncycastle.bcpg.TrustPacket;
+
+import java.io.IOException;
+import java.util.Arrays;
+
+public class PGPTrust
+{
+
+    private final TrustPacket packet;
+
+    public PGPTrust(TrustPacket packet)
+    {
+        this.packet = packet;
+    }
+
+    public PGPTrust(BCPGInputStream inputStream)
+        throws IOException
+    {
+        this((TrustPacket) inputStream.readPacket());
+    }
+
+    public TrustPacket getPacket()
+    {
+        return packet;
+    }
+
+    public byte[] getLevelAndTrust()
+    {
+        return Arrays.copyOf(
+                packet.getLevelAndTrustAmount(),
+                packet.getLevelAndTrustAmount().length);
+    }
+}

pg/src/main/java/org/bouncycastle/openpgp/api/EncryptedDataPacketType.java

@@ -1,5 +1,13 @@
 package org.bouncycastle.openpgp.api;
 
+import org.bouncycastle.bcpg.AEADEncDataPacket;
+import org.bouncycastle.bcpg.InputStreamPacket;
+import org.bouncycastle.bcpg.SymmetricEncDataPacket;
+import org.bouncycastle.bcpg.SymmetricEncIntegrityPacket;
+import org.bouncycastle.bcpg.UnsupportedPacketVersionException;
+import org.bouncycastle.openpgp.PGPEncryptedDataList;
+import org.bouncycastle.openpgp.PGPException;
+
 /**
  * Encryption Mode.
  */
@@ -34,4 +42,58 @@ public enum EncryptedDataPacketType
      * Support for this feature is signalled using {@link org.bouncycastle.bcpg.sig.Features#FEATURE_AEAD_ENCRYPTED_DATA}.
      */
     LIBREPGP_OED // "v5"
+    ;
+
+    /**
+     * Detect the type of the PGPEncryptedDataList's encrypted data packet.
+     *
+     * @param encDataList encrypted data list
+     * @return encrypted data packet type
+     * @throws PGPException if an unexpected data packet is encountered.
+     */
+    public static EncryptedDataPacketType of(PGPEncryptedDataList encDataList)
+            throws PGPException
+    {
+        return of(encDataList.getEncryptedData());
+    }
+
+    /**
+     * Detect the type the provided encrypted data packet.
+     *
+     * @param encData encrypted data packet
+     * @return encrypted data packet type
+     * @throws PGPException if an unexpected data packet is encountered.
+     */
+    public static EncryptedDataPacketType of(InputStreamPacket encData)
+            throws PGPException
+    {
+        if (encData instanceof SymmetricEncIntegrityPacket)
+        {
+            SymmetricEncIntegrityPacket seipd = (SymmetricEncIntegrityPacket) encData;
+            if (seipd.getVersion() == SymmetricEncIntegrityPacket.VERSION_1)
+            {
+                return SEIPDv1;
+            }
+            else if (seipd.getVersion() == SymmetricEncIntegrityPacket.VERSION_2)
+            {
+                return SEIPDv2;
+            }
+            else
+            {
+                throw new UnsupportedPacketVersionException("Symmetrically-Encrypted Integrity-Protected Data Packet of unknown version encountered: " + seipd.getVersion());
+            }
+        }
+        else if (encData instanceof AEADEncDataPacket)
+        {
+            return LIBREPGP_OED;
+        }
+        else if (encData instanceof SymmetricEncDataPacket)
+        {
+            return SED;
+        }
+        else
+        {
+            throw new PGPException("Unexpected packet type: " + encData.getClass().getName());
+        }
+    }
 }