Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tests and improvements to PGPPadding class #1716

Closed
wants to merge 5 commits into from
Closed

Tests and improvements to PGPPadding class #1716

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
f397a21
PaddingPacket: Throw IllegalArgumentException for invalid padding length
vanitasvitae Jun 20, 2024
32b2c31
Add constructors for PGPPadding class
vanitasvitae Jun 20, 2024
3cd3555
Add test for PGPPadding class
vanitasvitae Jun 20, 2024
4a67944
PGPKeyRing classes: Add getEncoded(PacketFormat) method
vanitasvitae Jun 21, 2024
8df2c52
Test parsing of padded certificate
vanitasvitae Jun 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Add constructors for PGPPadding class
  • Loading branch information
@vanitasvitae
vanitasvitae committed Jun 20, 2024
commit 32b2c31b02fbe2eefba5f2e175f3ad074176cc77
66 changes: 65 additions & 1 deletion pg/src/main/java/org/bouncycastle/openpgp/PGPPadding.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
package org.bouncycastle.openpgp;

import java.io.IOException;
import java.security.SecureRandom;

import org.bouncycastle.bcpg.BCPGInputStream;
import org.bouncycastle.bcpg.Packet;
import org.bouncycastle.bcpg.PaddingPacket;
import org.bouncycastle.crypto.CryptoServicesRegistrar;

/**
* The PGPPadding contains random data, and can be used to defend against traffic analysis on version 2 SEIPD messages
Expand All @@ -16,10 +18,25 @@ public class PGPPadding
{
private PaddingPacket p;

/**
* Minimum random padding length in octets.
* Chosen totally arbitrarily.
*/
public static final int MIN_PADDING_LEN = 16;

/**
* Maximum random padding length.
* Chosen somewhat arbitrarily, as SSH also uses max 255 bytes for random padding.
*
* @see <a href="https://www.rfc-editor.org/rfc/rfc4253.html#section-6">
* rfc4253 - Binary Packet Protocol</a>
*/
public static final int MAX_PADDING_LEN = 255;

/**
* Default constructor.
*
* @param in
* @param in packet input stream
* @throws IOException
*/
public PGPPadding(
Expand All @@ -34,6 +51,53 @@ public PGPPadding(
p = (PaddingPacket)packet;
}

/**
* Generate a new, random {@link PGPPadding} object.
* The padding consists of n random bytes, where n is a number between (inclusive) {@link #MIN_PADDING_LEN}
* and {@link #MAX_PADDING_LEN}.
*/
public PGPPadding()
{
this(CryptoServicesRegistrar.getSecureRandom());
}

/**
* Generate a new, random {@link PGPPadding} object.
* The padding consists of n random bytes, where n is a number between (inclusive) {@link #MIN_PADDING_LEN}
* and {@link #MAX_PADDING_LEN}.
*
* @param random random number generator instance
*/
public PGPPadding(SecureRandom random)
{
this(MIN_PADDING_LEN + random.nextInt(MAX_PADDING_LEN - MIN_PADDING_LEN + 1), random);
}

/**
* Generate a new, random {@link PGPPadding} object.
* The padding consists of <pre>len</pre> random bytes.
*/
public PGPPadding(int len)
{
this(len, CryptoServicesRegistrar.getSecureRandom());
}

/**
* Generate a new, random {@link PGPPadding} object.
* The padding consists of <pre>len</pre> random bytes.
*
* @param len number of random octets
* @param random random number generator instance
*/
public PGPPadding(int len, SecureRandom random)
{
this.p = new PaddingPacket(len, random);
}

/**
* Return the padding octets as a byte array.
* @return padding octets
*/
public byte[] getPadding()
{
return p.getPadding();
Expand Down