Skip to content

Commit

Permalink
Replace Bouncy Castle with Spongy Castle
Browse files Browse the repository at this point in the history 
Unfortunately, Android ships with a cut-down version of Bouncy Castle,
which makes it difficult to use an updated version of Bouncy Castle.
This commit solves this issue by replacing Bouncy Castle with Spongy
Castle.

See: #SDKCRYPTJ-4
  • Loading branch information
@mkellnhofer
mkellnhofer committed Nov 22, 2018
1 parent 2e36d5e commit bd00d8b
Show file tree
Hide file tree
Showing 5 changed files with 40 additions and 35 deletions.
16 changes: 8 additions & 8 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<modelVersion>4.0.0</modelVersion>

<groupId>com.dracoon</groupId>
<artifactId>dracoon-crypto-sdk</artifactId>
<artifactId>dracoon-android-crypto-sdk</artifactId>
<version>1.0.1</version>

<name>dracoon-crypto-sdk</name>
Expand Down Expand Up @@ -50,21 +50,21 @@
<java-version>1.8</java-version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>

<bouncycastle.version>1.54</bouncycastle.version>
<spongycastle.version>1.54.0.0</spongycastle.version>
<junit.version>4.12</junit.version>
<gson.version>2.8.0</gson.version>
</properties>

<dependencies>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
<version>${bouncycastle.version}</version>
<groupId>com.madgag.spongycastle</groupId>
<artifactId>prov</artifactId>
<version>${spongycastle.version}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>${bouncycastle.version}</version>
<groupId>com.madgag.spongycastle</groupId>
<artifactId>pkix</artifactId>
<version>${spongycastle.version}</version>
</dependency>

<dependency>
Expand Down
5 changes: 5 additions & 0 deletions replace_bc_with_sc.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
find src/main/java -type f -print0 | xargs -0 sed -i 's|org.bouncycastle|org.spongycastle|g'
find src/main/java -type f -print0 | xargs -0 sed -i 's|.setProvider("BC")|.setProvider("SC")|g'

find src/test/java -type f -print0 | xargs -0 sed -i 's|org.bouncycastle|org.spongycastle|g'
find src/test/java -type f -print0 | xargs -0 sed -i 's|.setProvider("BC")|.setProvider("SC")|g'
42 changes: 21 additions & 21 deletions src/main/java/com/dracoon/sdk/crypto/Crypto.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,22 +25,22 @@

import com.dracoon.sdk.crypto.model.EncryptedFileKey;
import com.dracoon.sdk.crypto.model.UserKeyPair;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.openssl.PEMException;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.PKCS8Generator;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
import org.bouncycastle.operator.InputDecryptorProvider;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.bouncycastle.util.io.pem.PemGenerationException;
import org.spongycastle.asn1.pkcs.PrivateKeyInfo;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.openssl.PEMException;
import org.spongycastle.openssl.PEMParser;
import org.spongycastle.openssl.PKCS8Generator;
import org.spongycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.spongycastle.openssl.jcajce.JcaPEMWriter;
import org.spongycastle.openssl.jcajce.JcaPKCS8Generator;
import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.spongycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
import org.spongycastle.operator.InputDecryptorProvider;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.OutputEncryptor;
import org.spongycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.spongycastle.pkcs.PKCSException;
import org.spongycastle.util.io.pem.PemGenerationException;

import com.dracoon.sdk.crypto.model.PlainFileKey;
import com.dracoon.sdk.crypto.model.UserPrivateKey;
Expand All @@ -61,7 +61,7 @@
public class Crypto {

static {
Security.insertProviderAt(new org.bouncycastle.jce.provider.BouncyCastleProvider(), 1);
Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1);
}

private static final int HASH_ITERATION_COUNT = 10000;
Expand Down Expand Up @@ -140,7 +140,7 @@ private static String encryptPrivateKey(PrivateKey privateKey, String password)
OutputEncryptor encryptor;
try {
encryptor = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.AES_256_CBC)
.setProvider("BC")
.setProvider("SC")
.setIterationCount(HASH_ITERATION_COUNT)
.setPasssword(password.toCharArray())
.build();
Expand Down Expand Up @@ -188,7 +188,7 @@ private static PrivateKey decryptPrivateKey(String privateKey, String password)
if (obj instanceof PKCS8EncryptedPrivateKeyInfo) {
PKCS8EncryptedPrivateKeyInfo epkInfo = (PKCS8EncryptedPrivateKeyInfo) obj;
InputDecryptorProvider decryptor = new JceOpenSSLPKCS8DecryptorProviderBuilder()
.setProvider("BC")
.setProvider("SC")
.build(password.toCharArray());
pkInfo = epkInfo.decryptPrivateKeyInfo(decryptor);
} else {
Expand All @@ -204,7 +204,7 @@ private static PrivateKey decryptPrivateKey(String privateKey, String password)
}

try {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("SC");
return converter.getPrivateKey(pkInfo);
} catch (PEMException e) {
throw new CryptoSystemException("Could not decrypted private key. PEM decoding failed.",
Expand Down Expand Up @@ -248,7 +248,7 @@ private static PublicKey getPublicKeyFromString(String pubKey) throws InvalidKey
}

try {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("SC");
return converter.getPublicKey(pkInfo);
} catch (PEMException e) {
throw new CryptoSystemException("Could not decode public key. PEM decoding failed.", e);
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/dracoon/sdk/crypto/CryptoUtils.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
package com.dracoon.sdk.crypto;

import org.bouncycastle.util.encoders.Base64;
import org.spongycastle.util.encoders.Base64;

/**
* Provides helper methods.
Expand Down
10 changes: 5 additions & 5 deletions src/main/java/com/dracoon/sdk/crypto/FileCipher.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@
import java.io.ByteArrayOutputStream;
import java.io.IOException;

import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.AESFastEngine;
import org.bouncycastle.crypto.modes.GCMBlockCipher;
import org.bouncycastle.crypto.params.AEADParameters;
import org.bouncycastle.crypto.params.KeyParameter;
import org.spongycastle.crypto.InvalidCipherTextException;
import org.spongycastle.crypto.engines.AESFastEngine;
import org.spongycastle.crypto.modes.GCMBlockCipher;
import org.spongycastle.crypto.params.AEADParameters;
import org.spongycastle.crypto.params.KeyParameter;

import com.dracoon.sdk.crypto.model.PlainFileKey;

Expand Down

0 comments on commit bd00d8b

Please sign in to comment.