modified builders to make setV5/V6 order independent.

dghgit · dghgit · commit 99c3646fe1b5 · 2023-05-23T12:20:58.000+10:00
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedDataGenerator.java b/pg/src/main/java/org/bouncycastle/openpgp/PGPEncryptedDataGenerator.java
@@ -242,7 +242,8 @@ private OutputStream open(
 
         // In OpenPGP v6, we need an additional step to derive a message key and IV from the session info.
         // Since we cannot inject the IV into the data encryptor, we append it to the message key.
-        if (dataEncryptorBuilder.getAeadAlgorithm() != -1 && !dataEncryptorBuilder.isV5StyleAEAD())
+        boolean isV5StyleAEAD = dataEncryptorBuilder.isV5StyleAEAD();
+        if (dataEncryptorBuilder.getAeadAlgorithm() != -1 && !isV5StyleAEAD)
         {
             byte[] info = SymmetricEncIntegrityPacket.createAAData(
                     SymmetricEncIntegrityPacket.VERSION_2,
@@ -266,7 +267,7 @@ private OutputStream open(
             {
                 PGPAEADDataEncryptor aeadDataEncryptor = (PGPAEADDataEncryptor) dataEncryptor;
                 // data is encrypted by AEAD Encrypted Data packet (rfc4880bis10), so write v5 SKESK packet
-                if (aeadDataEncryptor.isV5StyleAEAD())
+                if (isV5StyleAEAD)
                 {
                     writeOpenPGPv5ESKPacket(method, sessionInfo);
                 }
@@ -289,7 +290,7 @@ private OutputStream open(
                 PGPAEADDataEncryptor encryptor = (PGPAEADDataEncryptor)dataEncryptor;
 
                 // OpenPGP V5 style AEAD
-                if (encryptor.isV5StyleAEAD())
+                if (isV5StyleAEAD)
                 {
                     byte[] iv = encryptor.getIV();
 
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPAEADDataEncryptor.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPAEADDataEncryptor.java
@@ -19,5 +19,4 @@ public interface PGPAEADDataEncryptor
 
     byte[] getIV();
 
-    boolean isV5StyleAEAD();
 }
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDataEncryptorBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcPGPDataEncryptorBuilder.java
@@ -88,38 +88,6 @@ public BcPGPDataEncryptorBuilder setUseV6AEAD()
      */
     @Override
     public BcPGPDataEncryptorBuilder setWithAEAD(int aeadAlgorithm, int chunkSize)
-    {
-        if (isV5StyleAEAD)
-        {
-            return setWithV5AEAD(aeadAlgorithm, chunkSize);
-        }
-        else
-        {
-            return setWithV6AEAD(aeadAlgorithm, chunkSize);
-        }
-    }
-
-    private BcPGPDataEncryptorBuilder setWithV5AEAD(int aeadAlgorithm, int chunkSize)
-    {
-        if (encAlgorithm != SymmetricKeyAlgorithmTags.AES_128
-            && encAlgorithm != SymmetricKeyAlgorithmTags.AES_192
-            && encAlgorithm != SymmetricKeyAlgorithmTags.AES_256)
-        {
-            throw new IllegalStateException("AEAD algorithms can only be used with AES");
-        }
-
-        if (chunkSize < 6)
-        {
-            throw new IllegalArgumentException("minimum chunkSize is 6");
-        }
-
-        this.aeadAlgorithm = aeadAlgorithm;
-        this.chunkSize = chunkSize - 6;
-
-        return this;
-    }
-
-    private BcPGPDataEncryptorBuilder setWithV6AEAD(int aeadAlgorithm, int chunkSize)
     {
         if (encAlgorithm != SymmetricKeyAlgorithmTags.AES_128
             && encAlgorithm != SymmetricKeyAlgorithmTags.AES_192
@@ -323,10 +291,5 @@ public byte[] getIV()
             return Arrays.clone(iv);
         }
 
-        @Override
-        public boolean isV5StyleAEAD()
-        {
-            return isV5StyleAEAD;
-        }
     }
 }
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcePGPDataEncryptorBuilder.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcePGPDataEncryptorBuilder.java
@@ -21,7 +21,6 @@
 import org.bouncycastle.openpgp.operator.PGPDataEncryptor;
 import org.bouncycastle.openpgp.operator.PGPDataEncryptorBuilder;
 import org.bouncycastle.openpgp.operator.PGPDigestCalculator;
-import org.bouncycastle.openpgp.operator.bc.BcPGPDataEncryptorBuilder;
 import org.bouncycastle.util.Arrays;
 
 /**
@@ -77,34 +76,6 @@ public JcePGPDataEncryptorBuilder setWithIntegrityPacket(boolean withIntegrityPa
 
     @Override
     public JcePGPDataEncryptorBuilder setWithAEAD(int aeadAlgorithm, int chunkSize)
-    {
-        if (isV5StyleAEAD)
-        {
-            return setWithV5AEAD(aeadAlgorithm, chunkSize);
-        }
-        else
-        {
-            return setWithV6AEAD(aeadAlgorithm, chunkSize);
-        }
-    }
-
-    @Override
-    public JcePGPDataEncryptorBuilder setUseV5AEAD()
-    {
-        this.isV5StyleAEAD = true;
-
-        return this;
-    }
-
-    @Override
-    public JcePGPDataEncryptorBuilder setUseV6AEAD()
-    {
-        this.isV5StyleAEAD = false;
-
-        return this;
-    }
-
-    private JcePGPDataEncryptorBuilder setWithV5AEAD(int aeadAlgorithm, int chunkSize)
     {
         if (encAlgorithm != SymmetricKeyAlgorithmTags.AES_128
             && encAlgorithm != SymmetricKeyAlgorithmTags.AES_192
@@ -124,23 +95,18 @@ private JcePGPDataEncryptorBuilder setWithV5AEAD(int aeadAlgorithm, int chunkSiz
         return this;
     }
 
-    private JcePGPDataEncryptorBuilder setWithV6AEAD(int aeadAlgorithm, int chunkSize)
+    @Override
+    public JcePGPDataEncryptorBuilder setUseV5AEAD()
     {
-        this.isV5StyleAEAD = false;
-        if (encAlgorithm != SymmetricKeyAlgorithmTags.AES_128
-            && encAlgorithm != SymmetricKeyAlgorithmTags.AES_192
-            && encAlgorithm != SymmetricKeyAlgorithmTags.AES_256)
-        {
-            throw new IllegalStateException("AEAD algorithms can only be used with AES");
-        }
+        this.isV5StyleAEAD = true;
 
-        if (chunkSize < 6)
-        {
-            throw new IllegalArgumentException("minimum chunkSize is 6");
-        }
+        return this;
+    }
 
-        this.aeadAlgorithm = aeadAlgorithm;
-        this.chunkSize = chunkSize - 6;
+    @Override
+    public JcePGPDataEncryptorBuilder setUseV6AEAD()
+    {
+        this.isV5StyleAEAD = false;
 
         return this;
     }
@@ -367,10 +333,5 @@ public byte[] getIV()
             return Arrays.clone(iv);
         }
 
-        @Override
-        public boolean isV5StyleAEAD()
-        {
-            return isV5StyleAEAD;
-        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -242,7 +242,8 @@ private OutputStream open(`
`242`	`242`
`243`	`243`	`// In OpenPGP v6, we need an additional step to derive a message key and IV from the session info.`
`244`	`244`	`// Since we cannot inject the IV into the data encryptor, we append it to the message key.`
`245`		`- if (dataEncryptorBuilder.getAeadAlgorithm() != -1 && !dataEncryptorBuilder.isV5StyleAEAD())`
	`245`	`+ boolean isV5StyleAEAD = dataEncryptorBuilder.isV5StyleAEAD();`
	`246`	`+ if (dataEncryptorBuilder.getAeadAlgorithm() != -1 && !isV5StyleAEAD)`
`246`	`247`	`{`
`247`	`248`	`byte[] info = SymmetricEncIntegrityPacket.createAAData(`
`248`	`249`	`SymmetricEncIntegrityPacket.VERSION_2,`
`@@ -266,7 +267,7 @@ private OutputStream open(`
`266`	`267`	`{`
`267`	`268`	`PGPAEADDataEncryptor aeadDataEncryptor = (PGPAEADDataEncryptor) dataEncryptor;`
`268`	`269`	`// data is encrypted by AEAD Encrypted Data packet (rfc4880bis10), so write v5 SKESK packet`
`269`		`- if (aeadDataEncryptor.isV5StyleAEAD())`
	`270`	`+ if (isV5StyleAEAD)`
`270`	`271`	`{`
`271`	`272`	`writeOpenPGPv5ESKPacket(method, sessionInfo);`
`272`	`273`	`}`
`@@ -289,7 +290,7 @@ private OutputStream open(`
`289`	`290`	`PGPAEADDataEncryptor encryptor = (PGPAEADDataEncryptor)dataEncryptor;`
`290`	`291`
`291`	`292`	`// OpenPGP V5 style AEAD`
`292`		`- if (encryptor.isV5StyleAEAD())`
	`293`	`+ if (isV5StyleAEAD)`
`293`	`294`	`{`
`294`	`295`	`byte[] iv = encryptor.getIV();`
`295`	`296`
Original file line number	Diff line number	Diff line change
`@@ -19,5 +19,4 @@ public interface PGPAEADDataEncryptor`
`19`	`19`
`20`	`20`	`byte[] getIV();`
`21`	`21`
`22`		`- boolean isV5StyleAEAD();`
`23`	`22`	`}`