예제 #1
0
  private static byte[] getDValue(
      InputStream inputStream,
      PBEProtectionRemoverFactory keyProtectionRemoverFactory,
      String curveName)
      throws IOException, PGPException {
    String type;
    SXprUtils.skipOpenParenthesis(inputStream);

    String protection;
    S2K s2k;
    byte[] iv;
    byte[] secKeyData;

    type = SXprUtils.readString(inputStream, inputStream.read());
    if (type.equals("protected")) {
      protection = SXprUtils.readString(inputStream, inputStream.read());

      SXprUtils.skipOpenParenthesis(inputStream);

      s2k = SXprUtils.parseS2K(inputStream);

      iv = SXprUtils.readBytes(inputStream, inputStream.read());

      SXprUtils.skipCloseParenthesis(inputStream);

      secKeyData = SXprUtils.readBytes(inputStream, inputStream.read());
    } else {
      throw new PGPException("protected block not found");
    }

    PBESecretKeyDecryptor keyDecryptor = keyProtectionRemoverFactory.createDecryptor(protection);

    // TODO: recognise other algorithms
    byte[] key = keyDecryptor.makeKeyFromPassPhrase(SymmetricKeyAlgorithmTags.AES_128, s2k);

    byte[] data =
        keyDecryptor.recoverKeyData(
            SymmetricKeyAlgorithmTags.AES_128, key, iv, secKeyData, 0, secKeyData.length);

    //
    // parse the secret key S-expr
    //
    InputStream keyIn = new ByteArrayInputStream(data);

    SXprUtils.skipOpenParenthesis(keyIn);
    SXprUtils.skipOpenParenthesis(keyIn);
    SXprUtils.skipOpenParenthesis(keyIn);
    String name = SXprUtils.readString(keyIn, keyIn.read());
    return SXprUtils.readBytes(keyIn, keyIn.read());
  }
예제 #2
0
  private byte[] extractKeyData(PBESecretKeyDecryptor decryptorFactory) throws PGPException {
    byte[] encData = secret.getSecretKeyData();
    byte[] data = null;

    if (secret.getEncAlgorithm() != SymmetricKeyAlgorithmTags.NULL) {
      try {
        if (secret.getPublicKeyPacket().getVersion() == 4) {
          byte[] key =
              decryptorFactory.makeKeyFromPassPhrase(secret.getEncAlgorithm(), secret.getS2K());

          data =
              decryptorFactory.recoverKeyData(
                  secret.getEncAlgorithm(), key, secret.getIV(), encData, 0, encData.length);

          boolean useSHA1 = secret.getS2KUsage() == SecretKeyPacket.USAGE_SHA1;
          byte[] check =
              checksum(
                  useSHA1 ? decryptorFactory.getChecksumCalculator(HashAlgorithmTags.SHA1) : null,
                  data,
                  (useSHA1) ? data.length - 20 : data.length - 2);

          for (int i = 0; i != check.length; i++) {
            if (check[i] != data[data.length - check.length + i]) {
              throw new PGPException("checksum mismatch at " + i + " of " + check.length);
            }
          }
        } else // version 2 or 3, RSA only.
        {
          byte[] key =
              decryptorFactory.makeKeyFromPassPhrase(secret.getEncAlgorithm(), secret.getS2K());

          data = new byte[encData.length];

          byte[] iv = new byte[secret.getIV().length];

          System.arraycopy(secret.getIV(), 0, iv, 0, iv.length);

          //
          // read in the four numbers
          //
          int pos = 0;

          for (int i = 0; i != 4; i++) {
            int encLen = (((encData[pos] << 8) | (encData[pos + 1] & 0xff)) + 7) / 8;

            data[pos] = encData[pos];
            data[pos + 1] = encData[pos + 1];

            byte[] tmp =
                decryptorFactory.recoverKeyData(
                    secret.getEncAlgorithm(), key, iv, encData, pos + 2, encLen);
            System.arraycopy(tmp, 0, data, pos + 2, tmp.length);
            pos += 2 + encLen;

            if (i != 3) {
              System.arraycopy(encData, pos - iv.length, iv, 0, iv.length);
            }
          }

          //
          // verify and copy checksum
          //

          data[pos] = encData[pos];
          data[pos + 1] = encData[pos + 1];

          int cs = ((encData[pos] << 8) & 0xff00) | (encData[pos + 1] & 0xff);
          int calcCs = 0;
          for (int j = 0; j < data.length - 2; j++) {
            calcCs += data[j] & 0xff;
          }

          calcCs &= 0xffff;
          if (calcCs != cs) {
            throw new PGPException(
                "checksum mismatch: passphrase wrong, expected "
                    + Integer.toHexString(cs)
                    + " found "
                    + Integer.toHexString(calcCs));
          }
        }
      } catch (PGPException e) {
        throw e;
      } catch (Exception e) {
        throw new PGPException("Exception decrypting key", e);
      }
    } else {
      data = encData;
    }

    return data;
  }