Bump Bouncycastle to 1.69

2025-09-10 10:49:39 +02:00 · 2021-06-10 12:41:12 +02:00 · 2021-06-10 12:41:12 +02:00 · 27370fa925
commit 27370fa925
parent 0701d1e5a1
5 changed files with 5 additions and 27 deletions
--- a/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/encryption_signing/EncryptionStream.java
@ -31,8 +31,6 @@ import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.PGPSignatureGenerator;
 import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.PGPKeyEncryptionMethodGenerator;
 import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
 import org.pgpainless.algorithm.CompressionAlgorithm;
 import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
 import org.pgpainless.decryption_verification.OpenPgpMetadata;
@ -101,12 +99,7 @@ public final class EncryptionStream extends OutputStream {
        LOGGER.log(LEVEL, "Encrypt message using " + encryptionAlgorithm);
        PGPDataEncryptorBuilder dataEncryptorBuilder =
                ImplementationFactory.getInstance().getPGPDataEncryptorBuilder(encryptionAlgorithm);
-        // Simplify once https://github.com/bcgit/bc-java/pull/859 is merged
+        dataEncryptorBuilder.setWithIntegrityPacket(true);
        if (dataEncryptorBuilder instanceof BcPGPDataEncryptorBuilder) {
            ((BcPGPDataEncryptorBuilder) dataEncryptorBuilder).setWithIntegrityPacket(true);
        } else if (dataEncryptorBuilder instanceof JcePGPDataEncryptorBuilder) {
            ((JcePGPDataEncryptorBuilder) dataEncryptorBuilder).setWithIntegrityPacket(true);
        }
        PGPEncryptedDataGenerator encryptedDataGenerator =
                new PGPEncryptedDataGenerator(dataEncryptorBuilder);
--- a/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/generation/KeyRingBuilder.java
@ -28,8 +28,6 @@ import java.util.Iterator;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.annotation.Nonnull;
 import org.bouncycastle.openpgp.PGPException;
@ -65,8 +63,6 @@ import org.pgpainless.signature.subpackets.SignatureSubpacketGeneratorUtil;
 public class KeyRingBuilder implements KeyRingBuilderInterface {
    private static final Logger LOGGER = Logger.getLogger(KeyRingBuilder.class.getName());
    private final Charset UTF8 = Charset.forName("UTF-8");
    private final List<KeySpec> keySpecs = new ArrayList<>();
@ -484,16 +480,7 @@ public class KeyRingBuilder implements KeyRingBuilderInterface {
        KeyPair keyPair = certKeyGenerator.generateKeyPair();
        // Form PGP key pair
-        PGPKeyPair pgpKeyPair;
+        PGPKeyPair pgpKeyPair = ImplementationFactory.getInstance().getPGPKeyPair(type.getAlgorithm(), keyPair, new Date());
        try {
            pgpKeyPair = ImplementationFactory.getInstance().getPGPKeyPair(type.getAlgorithm(), keyPair, new Date());
        } catch (PGPException e) {
            // When generating EdDSA keys, the private key has an encoding length of 33 instead of 34, which results
            //  in an exception. Therefore we just try again as a workaround.
            LOGGER.log(Level.INFO, "Generated private key encoding has incorrect length. Trying again.");
            LOGGER.log(Level.FINER, "Incorrect private key encoding length is caused by a bug in Bouncycastle. See https://github.com/bcgit/bc-java/issues/887", e);
            pgpKeyPair = generateKeyPair(spec);
        }
        return pgpKeyPair;
    }
 }
--- a/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.java
+++ b/pgpainless-core/src/main/java/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.java
@ -422,9 +422,9 @@ public class SecretKeyRingEditor implements SecretKeyRingEditorInterface {
                throw new IllegalStateException("Key " + new OpenPgpV4Fingerprint(subjectPubKey) + " does not have a previous positive signature.");
            }
        } else {
-            Iterator bindingSignatures = subjectPubKey.getSignaturesOfType(SignatureType.SUBKEY_BINDING.getCode());
+            Iterator<PGPSignature> bindingSignatures = subjectPubKey.getSignaturesOfType(SignatureType.SUBKEY_BINDING.getCode());
            while (bindingSignatures.hasNext()) {
-                oldSignature = (PGPSignature) bindingSignatures.next();
+                oldSignature = bindingSignatures.next();
            }
        }
--- a/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java
+++ b/pgpainless-core/src/test/java/org/pgpainless/signature/IgnoreMarkerPackets.java
@ -30,7 +30,6 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.util.io.Streams;
 import org.junit.jupiter.api.Disabled;
 import org.junit.jupiter.api.Test;
 import org.pgpainless.PGPainless;
 import org.pgpainless.decryption_verification.DecryptionStream;
@ -217,7 +216,6 @@ public class IgnoreMarkerPackets {
    }
    @Test
    @Disabled // TODO: Fix upstreamed. Enable once BC is bumped
    public void markerPlusCertificate() throws IOException {
        String pubKeyBlock = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" +
                "\n" +
--- a/version.gradle
+++ b/version.gradle
@ -4,6 +4,6 @@ allprojects {
        isSnapshot = true
        pgpainlessMinAndroidSdk = 10
        javaSourceCompatibility = 1.8
-        bouncyCastleVersion = '1.68'
+        bouncyCastleVersion = '1.69'
    }
 }