diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java index 11ec4901a2..06b89ee052 100644 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java +++ b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/BcKeyFingerprintCalculator.java @@ -23,7 +23,7 @@ public byte[] calculateFingerprint(PublicKeyPacket publicPk) BCPGKey key = publicPk.getKey(); Digest digest; - if (publicPk.getVersion() <= 3) + if (publicPk.getVersion() <= PublicKeyPacket.VERSION_3) { RSAPublicBCPGKey rK = (RSAPublicBCPGKey)key; @@ -42,7 +42,7 @@ public byte[] calculateFingerprint(PublicKeyPacket publicPk) throw new PGPException("can't encode key components: " + e.getMessage(), e); } } - else if (publicPk.getVersion() == 4) + else if (publicPk.getVersion() == PublicKeyPacket.VERSION_4) { try { @@ -60,14 +60,14 @@ else if (publicPk.getVersion() == 4) throw new PGPException("can't encode key components: " + e.getMessage(), e); } } - else if (publicPk.getVersion() == 6) + else if (publicPk.getVersion() == 5 || publicPk.getVersion() == PublicKeyPacket.VERSION_6) { try { byte[] kBytes = publicPk.getEncodedContents(); digest = new SHA256Digest(); - digest.update((byte)0x9b); + digest.update((byte) (publicPk.getVersion() == PublicKeyPacket.VERSION_6 ? 0x9b : 0x9a)); digest.update((byte)(kBytes.length >> 24)); digest.update((byte)(kBytes.length >> 16)); diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaKeyFingerprintCalculator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaKeyFingerprintCalculator.java index fab2ba5d9d..29185d9ddd 100644 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaKeyFingerprintCalculator.java +++ b/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaKeyFingerprintCalculator.java @@ -63,7 +63,7 @@ public byte[] calculateFingerprint(PublicKeyPacket publicPk) { BCPGKey key = publicPk.getKey(); - if (publicPk.getVersion() <= 3) + if (publicPk.getVersion() <= PublicKeyPacket.VERSION_3) { RSAPublicBCPGKey rK = (RSAPublicBCPGKey)key; @@ -92,7 +92,7 @@ public byte[] calculateFingerprint(PublicKeyPacket publicPk) throw new PGPException("can't encode key components: " + e.getMessage(), e); } } - else if (publicPk.getVersion() == 4) + else if (publicPk.getVersion() == PublicKeyPacket.VERSION_4) { try { @@ -120,15 +120,14 @@ else if (publicPk.getVersion() == 4) throw new PGPException("can't encode key components: " + e.getMessage(), e); } } - else if (publicPk.getVersion() == 6) + else if (publicPk.getVersion() == 5 || publicPk.getVersion() == PublicKeyPacket.VERSION_6) { try { byte[] kBytes = publicPk.getEncodedContents(); MessageDigest digest = helper.createMessageDigest("SHA-256"); - - digest.update((byte)0x9b); + digest.update((byte) (publicPk.getVersion() == PublicKeyPacket.VERSION_6 ? 0x9b : 0x9a)); digest.update((byte)(kBytes.length >> 24)); digest.update((byte)(kBytes.length >> 16)); diff --git a/pg/src/test/java/org/bouncycastle/openpgp/test/OperatorBcTest.java b/pg/src/test/java/org/bouncycastle/openpgp/test/OperatorBcTest.java index 88d85b1a2e..5fc4f26f24 100644 --- a/pg/src/test/java/org/bouncycastle/openpgp/test/OperatorBcTest.java +++ b/pg/src/test/java/org/bouncycastle/openpgp/test/OperatorBcTest.java @@ -145,12 +145,13 @@ public void testBcKeyFingerprintCalculator() KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC"); kpGen.initialize(1024); KeyPair kp = kpGen.generateKeyPair(); + Date creationTime = new Date(1000 * (new Date().getTime() / 1000)); JcaPGPKeyConverter converter = new JcaPGPKeyConverter().setProvider(new BouncyCastleProvider()); - final PGPPublicKey pubKey = converter.getPGPPublicKey(PublicKeyAlgorithmTags.RSA_GENERAL, kp.getPublic(), new Date()); + final PGPPublicKey pubKey = converter.getPGPPublicKey(PublicKeyAlgorithmTags.RSA_GENERAL, kp.getPublic(), creationTime); - PublicKeyPacket pubKeyPacket = new PublicKeyPacket(6, PublicKeyAlgorithmTags.RSA_GENERAL, new Date(), pubKey.getPublicKeyPacket().getKey()); - byte[] output = calculator.calculateFingerprint(new PublicKeyPacket(6, PublicKeyAlgorithmTags.RSA_GENERAL, new Date(), pubKey.getPublicKeyPacket().getKey())); + PublicKeyPacket pubKeyPacket = new PublicKeyPacket(6, PublicKeyAlgorithmTags.RSA_GENERAL, creationTime, pubKey.getPublicKeyPacket().getKey()); + byte[] output = calculator.calculateFingerprint(new PublicKeyPacket(6, PublicKeyAlgorithmTags.RSA_GENERAL, creationTime, pubKey.getPublicKeyPacket().getKey())); byte[] kBytes = pubKeyPacket.getEncodedContents(); SHA256Digest digest = new SHA256Digest(); @@ -167,16 +168,24 @@ public void testBcKeyFingerprintCalculator() digest.doFinal(digBuf, 0); isTrue(areEqual(output, digBuf)); - final PublicKeyPacket pubKeyPacket2 = new PublicKeyPacket(5, PublicKeyAlgorithmTags.RSA_GENERAL, new Date(), pubKey.getPublicKeyPacket().getKey()); - testException("Unsupported PGP key version: ", "UnsupportedPacketVersionException", new TestExceptionOperation() - { - @Override - public void operation() - throws Exception - { - calculator.calculateFingerprint(pubKeyPacket2); - } - }); + final PublicKeyPacket pubKeyPacket2 = new PublicKeyPacket(5, PublicKeyAlgorithmTags.RSA_GENERAL, creationTime, pubKey.getPublicKeyPacket().getKey()); + kBytes = pubKeyPacket2.getEncodedContents(); + output = calculator.calculateFingerprint(pubKeyPacket2); + + digest = new SHA256Digest(); + + digest.update((byte)0x9a); + + digest.update((byte)(kBytes.length >> 24)); + digest.update((byte)(kBytes.length >> 16)); + digest.update((byte)(kBytes.length >> 8)); + digest.update((byte)kBytes.length); + + digest.update(kBytes, 0, kBytes.length); + digBuf = new byte[digest.getDigestSize()]; + + digest.doFinal(digBuf, 0); + isTrue(areEqual(output, digBuf)); } // public void testBcPBESecretKeyDecryptorBuilder()