Update BouncyCastle to 1.77

OpenKeychain/build.gradle

@@ -57,7 +57,7 @@ dependencies {
     implementation project(':extern:MaterialChipsInput')
 
     // implementation project(':openkeychain:extern:bouncycastle:core')
-    implementation 'org.bouncycastle:bcprov-jdk15on:1.68'
+    implementation 'org.bouncycastle:bcprov-jdk18on:1.77'
     implementation project(':extern:bouncycastle:pg')
     // implementation project(':openkeychain:extern:bouncycastle:prov')
 
@@ -69,7 +69,7 @@ dependencies {
     // http://www.vogella.com/tutorials/Robolectric/article.html
     testImplementation 'junit:junit:4.13'
     testImplementation ('org.robolectric:robolectric:3.8') {
-        exclude group: 'org.bouncycastle', module: 'bcprov-jdk16'
+        exclude group: 'org.bouncycastle', module: 'bcprov-jdk18on'
     }
     testImplementation 'org.mockito:mockito-core:2.18.0'
 

OpenKeychain/src/main/java/org/bouncycastle/openpgp/operator/jcajce/CachingDataDecryptorFactory.java

@@ -13,24 +13,30 @@ import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.bouncycastle.bcpg.AEADEncDataPacket;
+import org.bouncycastle.bcpg.SymmetricEncIntegrityPacket;
 import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
+import org.bouncycastle.openpgp.PGPSessionKey;
 import org.bouncycastle.openpgp.operator.PGPDataDecryptor;
 import org.bouncycastle.openpgp.operator.PublicKeyDataDecryptorFactory;
 
+
 public class CachingDataDecryptorFactory implements PublicKeyDataDecryptorFactory
 {
     private final PublicKeyDataDecryptorFactory mWrappedDecryptor;
     private final HashMap<ByteBuffer, byte[]> mSessionKeyCache;
 
     private OperatorHelper mOperatorHelper;
+    private JceAEADUtil mAeadHelper;
 
     public CachingDataDecryptorFactory(String providerName, Map<ByteBuffer, byte[]> sessionKeyCache)
     {
         this((PublicKeyDataDecryptorFactory) null, sessionKeyCache);
 
         mOperatorHelper = new OperatorHelper(new NamedJcaJceHelper(providerName));
+        mAeadHelper = new JceAEADUtil(mOperatorHelper);
     }
 
     public CachingDataDecryptorFactory(PublicKeyDataDecryptorFactory wrapped,
@@ -83,4 +89,22 @@ public class CachingDataDecryptorFactory implements PublicKeyDataDecryptorFactor
         return mOperatorHelper.createDataDecryptor(withIntegrityPacket, encAlgorithm, key);
     }
 
+    @Override
+    public PGPDataDecryptor createDataDecryptor(AEADEncDataPacket aeadEncDataPacket,
+            PGPSessionKey sessionKey) throws PGPException {
+        if (mWrappedDecryptor != null) {
+            mWrappedDecryptor.createDataDecryptor(aeadEncDataPacket, sessionKey);
+        }
+        return mAeadHelper.createOpenPgpV5DataDecryptor(aeadEncDataPacket, sessionKey);
+    }
+
+    @Override
+    public PGPDataDecryptor createDataDecryptor(SymmetricEncIntegrityPacket seipd,
+            PGPSessionKey sessionKey) throws PGPException {
+        if (mWrappedDecryptor != null) {
+            mWrappedDecryptor.createDataDecryptor(seipd, sessionKey);
+        }
+        return mAeadHelper.createOpenPgpV6DataDecryptor(seipd, sessionKey);
+    }
+
 }

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/CanonicalizedPublicKey.java

@@ -72,7 +72,10 @@ public class CanonicalizedPublicKey extends UncachedPublicKey {
     }
 
     JcePublicKeyKeyEncryptionMethodGenerator getPubKeyEncryptionGenerator(boolean hiddenRecipients) {
-        return new JcePublicKeyKeyEncryptionMethodGenerator(mPublicKey, hiddenRecipients);
+        JcePublicKeyKeyEncryptionMethodGenerator generator =
+                new JcePublicKeyKeyEncryptionMethodGenerator(mPublicKey);
+        generator.setSessionKeyObfuscation(hiddenRecipients);
+        return generator;
     }
 
     public boolean canSign() {

OpenKeychain/src/main/java/org/sufficientlysecure/keychain/pgp/WrappedUserAttribute.java

@@ -59,8 +59,8 @@ public class WrappedUserAttribute implements Serializable {
     }
 
     public static WrappedUserAttribute fromSubpacket (int type, byte[] data) {
-        UserAttributeSubpacket subpacket = new UserAttributeSubpacket(type, data);
-        PGPUserAttributeSubpacketVector vector = new PGPUserAttributeSubpacketVector(
+        UserAttributeSubpacket subpacket = UserAttributeSubpacket.create(type, data);
+        PGPUserAttributeSubpacketVector vector = PGPUserAttributeSubpacketVector.fromSubpackets(
                 new UserAttributeSubpacket[] { subpacket });
 
         return new WrappedUserAttribute(vector);
@@ -86,7 +86,7 @@ public class WrappedUserAttribute implements Serializable {
         UserAttributeSubpacket[] result = new UserAttributeSubpacket[list.size()];
         list.toArray(result);
         return new WrappedUserAttribute(
-                new PGPUserAttributeSubpacketVector(result));
+                PGPUserAttributeSubpacketVector.fromSubpackets(result));
     }
 
     /** Writes this object to an ObjectOutputStream. */
@@ -107,7 +107,7 @@ public class WrappedUserAttribute implements Serializable {
         if ( ! UserAttributePacket.class.isInstance(p)) {
             throw new IOException("Could not decode UserAttributePacket!");
         }
-        mVector = new PGPUserAttributeSubpacketVector(((UserAttributePacket) p).getSubpackets());
+        mVector = PGPUserAttributeSubpacketVector.fromSubpackets(((UserAttributePacket) p).getSubpackets());
 
     }
 

extern/bouncycastle

@@ -1 +1 @@
-Subproject commit 187ca21dd44766942e6c85e3a85430ecbca77f22
+Subproject commit a76cb19f71b4843d4e58bbeb9dd14ca197501b92

gradle.properties

@@ -1,6 +1,6 @@
 android.enableJetifier=true
 android.useAndroidX=true
-android.jetifier.ignorelist=bcprov-jdk15on
+android.jetifier.ignorelist=bcprov-jdk18on
 org.gradle.jvmargs=-Xms128m -Xmx4096m -XX:+CMSClassUnloadingEnabled
 android.defaults.buildfeatures.buildconfig=true
 android.nonTransitiveRClass=false