zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-14 16:37:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/rde/RydePgpEncryptionOutputStream.java
guyben 8ec2eaf39c Simplify the RyDE API 
Second step of RDE encoding refactoring.

Creates a single OutputStream encode RyDE files.
This replaces the 5 OutputStreams that were needed before.

Also removes all the factories that were injected. It's an encoding, there's no point in injecting it.

Finally, removed the buffer-size configuration and replaced with a static final
const value in each individual OutputStream.

This doesn't yet include a decoder (InputStream). And there's still a lot of overlap between the Ryde and the Ghostryde code. Both of those are left for the next CLs.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=204898369
2018-07-17 22:03:53 -04:00

118 lines
5.3 KiB
Java
Raw Blame History

// Copyright 2017 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.rde;
import static com.google.common.base.Preconditions.checkArgument;
import static org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags.AES_128;
import static org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME;
import google.registry.util.ImprovedOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.util.Collection;
import javax.annotation.WillNotClose;
import org.bouncycastle.openpgp.PGPEncryptedDataGenerator;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder;
import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator;
/**
* OpenPGP encryption service that wraps an {@link OutputStream}.
*
* <p>This uses 128-bit AES (Rijndael) as the symmetric encryption algorithm. This is the only key
* strength ICANN allows. The other valid algorithms are TripleDES and CAST5 per RFC 4880. It's
* probably for the best that we're not using AES-256 since it's been weakened over the years to
* potentially being worse than AES-128.
*
* <p>The key for the symmetric algorithm is generated by a random number generator which SHOULD
* come from {@code /dev/random} (see: {@link sun.security.provider.NativePRNG}) but Java doesn't
* offer any guarantees that {@link SecureRandom} isn't pseudo-random.
*
* <p>The asymmetric algorithm is whatever one is associated with the {@link PGPPublicKey} object
* you provide. That should be either RSA or DSA, per the ICANN escrow spec. The underlying
* {@link PGPEncryptedDataGenerator} class uses PGP Cipher Feedback Mode to chain blocks. No
* integrity packet is used.
*
* @see <a href="http://tools.ietf.org/html/rfc4880">RFC 4880 (OpenPGP Message Format)</a>
* @see <a href="http://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES (Wikipedia)</a>
*/
public class RydePgpEncryptionOutputStream extends ImprovedOutputStream {
private static final int BUFFER_SIZE = 64 * 1024;
/**
* The symmetric encryption algorithm to use. Do not change this value without checking the
* RFCs to make sure the encryption algorithm and strength combination is allowed.
*
* @see org.bouncycastle.bcpg.SymmetricKeyAlgorithmTags
*/
private static final int CIPHER = AES_128;
/**
* This option adds an additional checksum to the OpenPGP message. From what I can tell, this is
* meant to fix a bug that made a certain type of message tampering possible. GPG will actually
* complain on the command line when decrypting a message without this feature.
*
* <p>However I'm reasonably certain that this is not required if you have a signature (and
* remember to use it!) and the ICANN requirements document do not mention this. So we're going
* to leave it out.
*/
private static final boolean USE_INTEGRITY_PACKET = false;
/**
* The source of random bits. This should not be changed at Google because it uses dev random
* in production, and the testing environment is configured to make this go fast and not drain
* system entropy.
*
* @see SecureRandom#getInstance(String)
*/
private static final String RANDOM_SOURCE = "NativePRNG";
/**
* Creates a new instance that encrypts data for the owner of {@code receiverKey}.
*
* @param os is the upstream {@link OutputStream} which is not closed by this object
* @throws IllegalArgumentException if {@code publicKey} is invalid
* @throws RuntimeException to rethrow {@link PGPException} and {@link IOException}
*/
public RydePgpEncryptionOutputStream(
@WillNotClose OutputStream os,
Collection<PGPPublicKey> receiverKeys) {
super("RydePgpEncryptionOutputStream", createDelegate(os, receiverKeys));
}
private static OutputStream createDelegate(
OutputStream os, Collection<PGPPublicKey> receiverKeys) {
try {
PGPEncryptedDataGenerator encryptor = new PGPEncryptedDataGenerator(
new JcePGPDataEncryptorBuilder(CIPHER)
.setWithIntegrityPacket(USE_INTEGRITY_PACKET)
.setSecureRandom(SecureRandom.getInstance(RANDOM_SOURCE))
.setProvider(PROVIDER_NAME));
checkArgument(!receiverKeys.isEmpty(), "Must give at least one receiver key");
receiverKeys.forEach(
key -> encryptor.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(key)));
return encryptor.open(os, new byte[BUFFER_SIZE]);
} catch (NoSuchAlgorithmException e) {
throw new ProviderException(e);
} catch (IOException | PGPException e) {
throw new RuntimeException(e);
}
}
}
Reference in a new issue View git blame Copy permalink