From 127a3089e6544f0621b6241fc7e41bd741388f3b Mon Sep 17 00:00:00 2001 From: Paul Schaub Date: Thu, 8 Aug 2024 14:37:10 +0200 Subject: [PATCH] Update crypto-refresh references to RFC9580 --- .../main/j2me/org/bouncycastle/bcpg/S2K.java | 2 +- .../bouncycastle/bcpg/AEADAlgorithmTags.java | 10 +++---- .../bcpg/CompressionAlgorithmTags.java | 4 +-- .../bouncycastle/bcpg/ECDHPublicBCPGKey.java | 4 +-- .../bouncycastle/bcpg/ECDSAPublicBCPGKey.java | 4 +-- .../bouncycastle/bcpg/ECSecretBCPGKey.java | 12 ++++---- .../bcpg/Ed25519PublicBCPGKey.java | 6 ++-- .../bcpg/Ed25519SecretBCPGKey.java | 6 ++-- .../bouncycastle/bcpg/Ed448PublicBCPGKey.java | 6 ++-- .../bouncycastle/bcpg/Ed448SecretBCPGKey.java | 6 ++-- .../bouncycastle/bcpg/EdDSAPublicBCPGKey.java | 4 +-- .../bouncycastle/bcpg/EdSecretBCPGKey.java | 4 +-- .../bouncycastle/bcpg/HashAlgorithmTags.java | 6 ++-- .../java/org/bouncycastle/bcpg/HashUtils.java | 4 +-- .../bcpg/OnePassSignaturePacket.java | 4 +-- .../java/org/bouncycastle/bcpg/Packet.java | 4 +-- .../org/bouncycastle/bcpg/PacketFormat.java | 2 +- .../bcpg/PublicKeyAlgorithmTags.java | 16 +++++----- .../bouncycastle/bcpg/PublicKeyPacket.java | 30 +++++++++---------- .../main/java/org/bouncycastle/bcpg/S2K.java | 14 ++++----- .../bouncycastle/bcpg/SecretKeyPacket.java | 4 +-- .../bouncycastle/bcpg/SignaturePacket.java | 8 ++--- .../bcpg/SignatureSubpacketTags.java | 2 +- .../bcpg/SymmetricKeyAlgorithmTags.java | 4 +-- .../bcpg/SymmetricKeyEncSessionPacket.java | 4 +-- .../bcpg/X25519PublicBCPGKey.java | 6 ++-- .../bcpg/X25519SecretBCPGKey.java | 6 ++-- .../bouncycastle/bcpg/X448PublicBCPGKey.java | 6 ++-- .../bouncycastle/bcpg/X448SecretBCPGKey.java | 6 ++-- .../bcpg/sig/PreferredAEADCiphersuites.java | 4 +-- .../openpgp/operator/PGPKeyConverter.java | 3 +- .../operator/bc/RFC6637KDFCalculator.java | 4 +-- .../bcpg/test/OnePassSignaturePacketTest.java | 4 +-- .../bcpg/test/OpenPgpMessageTest.java | 4 +-- .../bcpg/test/SignaturePacketTest.java | 4 +-- .../test/AEADProtectedPGPSecretKeyTest.java | 4 +-- .../test/DedicatedEd25519KeyPairTest.java | 2 +- 37 files changed, 112 insertions(+), 111 deletions(-) diff --git a/pg/src/main/j2me/org/bouncycastle/bcpg/S2K.java b/pg/src/main/j2me/org/bouncycastle/bcpg/S2K.java index ae2fe6ee73..8e26638183 100644 --- a/pg/src/main/j2me/org/bouncycastle/bcpg/S2K.java +++ b/pg/src/main/j2me/org/bouncycastle/bcpg/S2K.java @@ -452,7 +452,7 @@ public Argon2Params(byte[] salt, int passes, int parallelism, int memSizeExp) // log_2(p) = log_e(p) / log_e(2) //double log2_p = Math.log((double)parallelism) / Math.log(2.0); - // see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-05.html#section-3.7.1.4-5 + // see https://www.rfc-editor.org/rfc/rfc9580.html#section-3.7.1.4-5 //if (memSizeExp < (3 + Math.ceil(log2_p)) || memSizeExp > 31) //{ //throw new IllegalArgumentException("Memory size exponent MUST be between 3+ceil(log_2(parallelism)) and 31"); diff --git a/pg/src/main/java/org/bouncycastle/bcpg/AEADAlgorithmTags.java b/pg/src/main/java/org/bouncycastle/bcpg/AEADAlgorithmTags.java index 924f9c1b9f..965bb5107f 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/AEADAlgorithmTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/AEADAlgorithmTags.java @@ -2,11 +2,11 @@ /** * AEAD Algorithm IDs. - * Crypto-Refresh (OpenPGP) defines IDs 1 through 3, while LibrePGP only defines 1 and 2. - * Further, the use of AEAD differs between C-R and LibrePGP. + * RFC9580 (OpenPGP) defines IDs 1 through 3, while LibrePGP only defines 1 and 2. + * Further, the use of AEAD differs between OpenPGP and LibrePGP. * - * @see - * Crypto-Refresh: AEAD Algorithms + * @see + * OpenPGP - AEAD Algorithms * @see * LibrePGP - Encryption Modes */ @@ -18,7 +18,7 @@ public interface AEADAlgorithmTags int EAX = 1; /** * OCB with 15-bit nonce/IV and 16-bit auth tag length. - * C-R compliant implementations MUST implement OCB. + * RFC9580-compliant implementations MUST implement OCB. */ int OCB = 2; /** diff --git a/pg/src/main/java/org/bouncycastle/bcpg/CompressionAlgorithmTags.java b/pg/src/main/java/org/bouncycastle/bcpg/CompressionAlgorithmTags.java index 3bf91b6a10..154652d8c2 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/CompressionAlgorithmTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/CompressionAlgorithmTags.java @@ -5,10 +5,10 @@ * * @see * RFC4880 - Compression Algorithms + * @see + * RFC9580 - Compression Algorithms * @see * LibrePGP - Compression Algorithms - * @see - * Crypto-Refresh - Compression Algorithms */ public interface CompressionAlgorithmTags { diff --git a/pg/src/main/java/org/bouncycastle/bcpg/ECDHPublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/ECDHPublicBCPGKey.java index b0d83b7684..807459052a 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/ECDHPublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/ECDHPublicBCPGKey.java @@ -16,8 +16,8 @@ * If you want to be compatible with legacy applications however, you should use this class instead. * Note though, that for v6 keys, {@link X25519PublicBCPGKey} or {@link X448PublicBCPGKey} MUST be used for X25519, X448. * - * @see - * Crypto-Refresh - Algorithm-Specific Parts for ECDH Keys + * @see + * OpenPGP - Algorithm-Specific Parts for ECDH Keys */ public class ECDHPublicBCPGKey extends ECPublicBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/ECDSAPublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/ECDSAPublicBCPGKey.java index 87bfa6f334..a29bdb0aa7 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/ECDSAPublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/ECDSAPublicBCPGKey.java @@ -10,8 +10,8 @@ * Base class for an ECDSA Public Key. * This type is used with {@link PublicKeyAlgorithmTags#ECDSA} and the curve is identified by providing an OID. * - * @see - * Crypto-Refresh - Algorithm-Specific Parts for ECDSA Keys + * @see + * OpenPGP - Algorithm-Specific Parts for ECDSA Keys */ public class ECDSAPublicBCPGKey extends ECPublicBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/ECSecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/ECSecretBCPGKey.java index a5b498f985..b92c9c7c69 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/ECSecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/ECSecretBCPGKey.java @@ -16,12 +16,12 @@ * If you want to be compatible with legacy applications however, you should use this class instead. * Note though, that for v6 keys, {@link X25519SecretBCPGKey} or {@link X448SecretBCPGKey} MUST be used for X25519, X448. * - * @see - * Crypto-Refresh - Algorithm-Specific Parts for ECDH Keys - * @see - * Crypto-Refresh - Algorithm-Specific Parts for ECDSA Keys - * @see - * Crypto-Refresh - Curve25519Legacy ECDH Secret Key Material (deprecated) + * @see + * OpenPGP - Algorithm-Specific Parts for ECDH Keys + * @see + * OpenPGP - Algorithm-Specific Parts for ECDSA Keys + * @see + * OpenPGP - Curve25519Legacy ECDH Secret Key Material (deprecated) */ public class ECSecretBCPGKey extends BCPGObject diff --git a/pg/src/main/java/org/bouncycastle/bcpg/Ed25519PublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/Ed25519PublicBCPGKey.java index 14507dca2c..b107b8c7c0 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/Ed25519PublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/Ed25519PublicBCPGKey.java @@ -4,13 +4,13 @@ /** * Public key of type {@link PublicKeyAlgorithmTags#Ed25519}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link EdDSAPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#EDDSA_LEGACY}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for Ed25519 Keys + * @see + * OpenPGP - Algorithm-Specific Part for Ed25519 Keys */ public class Ed25519PublicBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/Ed25519SecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/Ed25519SecretBCPGKey.java index 56f7bb815d..2c306fb2c6 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/Ed25519SecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/Ed25519SecretBCPGKey.java @@ -4,13 +4,13 @@ /** * Secret key of type {@link PublicKeyAlgorithmTags#Ed25519}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link EdDSAPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#EDDSA_LEGACY}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for Ed25519 Keys + * @see + * OpenPGP - Algorithm-Specific Part for Ed25519 Keys */ public class Ed25519SecretBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/Ed448PublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/Ed448PublicBCPGKey.java index 426f9d909c..a7103b80d2 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/Ed448PublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/Ed448PublicBCPGKey.java @@ -4,13 +4,13 @@ /** * Public key of type {@link PublicKeyAlgorithmTags#Ed448}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link EdDSAPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#EDDSA_LEGACY}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for Ed448 Keys + * @see + * OpenPGP - Algorithm-Specific Part for Ed448 Keys */ public class Ed448PublicBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/Ed448SecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/Ed448SecretBCPGKey.java index 76ac630b64..824db6afd5 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/Ed448SecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/Ed448SecretBCPGKey.java @@ -4,13 +4,13 @@ /** * Secret key of type {@link PublicKeyAlgorithmTags#Ed448}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link EdDSAPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#EDDSA_LEGACY}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for Ed448 Keys + * @see + * OpenPGP - Algorithm-Specific Part for Ed448 Keys */ public class Ed448SecretBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/EdDSAPublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/EdDSAPublicBCPGKey.java index 9bbcf710b4..d6d95e4a96 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/EdDSAPublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/EdDSAPublicBCPGKey.java @@ -13,8 +13,8 @@ * Modern OpenPGP uses dedicated key types: * For {@link PublicKeyAlgorithmTags#Ed25519} see {@link Ed25519PublicBCPGKey} instead. * For {@link PublicKeyAlgorithmTags#Ed448} see {@link Ed448PublicBCPGKey} instead. - * @see - * Crypto-Refresh - Algorithm-Specific Parts for EdDSALegacy Keys (deprecated) + * @see + * OpenPGP - Algorithm-Specific Parts for EdDSALegacy Keys (deprecated) */ public class EdDSAPublicBCPGKey extends ECPublicBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/EdSecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/EdSecretBCPGKey.java index 6862fc6298..70cdb6b2ce 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/EdSecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/EdSecretBCPGKey.java @@ -10,8 +10,8 @@ * For {@link PublicKeyAlgorithmTags#Ed25519} see {@link Ed25519SecretBCPGKey} instead. * For {@link PublicKeyAlgorithmTags#Ed448} see {@link Ed448SecretBCPGKey} instead. * - * @see - * Crypto-Refresh - Algorithm-Specific Parts for EdDSALegacy Keys (deprecated) + * @see + * OpenPGP - Algorithm-Specific Parts for EdDSALegacy Keys (deprecated) */ public class EdSecretBCPGKey extends BCPGObject diff --git a/pg/src/main/java/org/bouncycastle/bcpg/HashAlgorithmTags.java b/pg/src/main/java/org/bouncycastle/bcpg/HashAlgorithmTags.java index 2a6b987838..a908b41f54 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/HashAlgorithmTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/HashAlgorithmTags.java @@ -5,10 +5,10 @@ * * @see * RFC4880 - Hash Algorithms - * @see + * @see + * RFC9580 - Hash Algorithms + * @see * LibrePGP - Hash Algorithms - * @see - * Crypto-Refresh - Hash Algorithms */ public interface HashAlgorithmTags { diff --git a/pg/src/main/java/org/bouncycastle/bcpg/HashUtils.java b/pg/src/main/java/org/bouncycastle/bcpg/HashUtils.java index b4576391b6..07f78b72c0 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/HashUtils.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/HashUtils.java @@ -6,8 +6,8 @@ public class HashUtils /** * Return the length of the salt per hash algorithm, used in OpenPGP v6 signatures. * - * @see - * Salt Size declarations + * @see + * OpenPGP - Salt Size declarations * @param hashAlgorithm hash algorithm tag * @return size of the salt for the given hash algorithm in bytes */ diff --git a/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java b/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java index 9953b752b5..474aab849e 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/OnePassSignaturePacket.java @@ -19,8 +19,8 @@ * * @see * Definition of version 3 OPS packets in RFC4880 - * @see - * Definition of version 3 and 6 OPS packets in crypto-refresh + * @see + * Definition of version 3 and 6 OPS packets in RFC9580 * @see * Definition of version 3 and 6 OPS packets in librepgp */ diff --git a/pg/src/main/java/org/bouncycastle/bcpg/Packet.java b/pg/src/main/java/org/bouncycastle/bcpg/Packet.java index 697683c14c..8456713607 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/Packet.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/Packet.java @@ -52,8 +52,8 @@ public boolean hasNewPacketFormat() * Tags 40 to 59 are reserved for unassigned, non-critical packets. * Tags 60 to 63 are non-critical private or experimental packets. * - * @see - * Packet Tags + * @see + * OpenPGP - Packet Tags * @return true if the packet is critical, false otherwise. */ public boolean isCritical() diff --git a/pg/src/main/java/org/bouncycastle/bcpg/PacketFormat.java b/pg/src/main/java/org/bouncycastle/bcpg/PacketFormat.java index 61f62d0340..0783cddbda 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/PacketFormat.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/PacketFormat.java @@ -3,7 +3,7 @@ /** * OpenPGP Packet Header Length Format. * - * @see + * @see * OpenPGP Packet Headers */ public enum PacketFormat diff --git a/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyAlgorithmTags.java b/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyAlgorithmTags.java index f6aadbc957..e4030e957a 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyAlgorithmTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyAlgorithmTags.java @@ -3,12 +3,12 @@ /** * Public Key Algorithm IDs. * - * @see - * https://www.rfc-editor.org/rfc/rfc4880.html#section-9.1 - * @see - * https://www.ietf.org/archive/id/draft-koch-librepgp-00.html#name-public-key-algorithms - * @see - * https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-public-key-algorithms + * @see + * RFC9580 - Public-Key Algorithms + * @see + * RFC4880 - Public-Key Algorithms + * @see + * LibrePGP - Public-Key Algorithms */ public interface PublicKeyAlgorithmTags { @@ -80,7 +80,7 @@ public interface PublicKeyAlgorithmTags int AEDSA = 24; // Reserved /** * X25519 encryption algorithm. - * C-R compliant implementations MUST implement support for this. + * RFC9580-compliant implementations MUST implement support for this. */ int X25519 = 25; // X25519 /** @@ -89,7 +89,7 @@ public interface PublicKeyAlgorithmTags int X448 = 26; // X448 /** * Ed25519 signing algorithm. - * C-R compliant implementations MUST implement support for this. + * RFC9580-compliant implementations MUST implement support for this. */ int Ed25519 = 27; // new style Ed25519 /** diff --git a/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java b/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java index 8b7ff932c8..1a83ba0cfd 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java @@ -10,9 +10,9 @@ * An OpenPGP certificate (transferable public key) consists of one primary key and optionally multiple subkey packets. * * @see - * rfc4880 - Public-Key Packet - * @see - * C-R - Public-Key Packet + * RFC4880 - Public-Key Packet + * @see + * RFC9580 - Public-Key Packet * @see * LibrePGP - Public-Key Packet */ @@ -24,15 +24,15 @@ public class PublicKeyPacket * OpenPGP v3 keys are deprecated. * They can only be used with RSA. * - * @see - * C-R - Version 3 Public Keys + * @see + * OpenPGP - Version 3 Public Keys */ public static final int VERSION_3 = 3; /** * OpenPGP v4 keys are (at the time of writing) widely used, but are subject to some attacks. * - * @see - * C-R - Version 4 Public Keys + * @see + * OpenPGP - Version 4 Public Keys */ public static final int VERSION_4 = 4; /** @@ -42,8 +42,8 @@ public class PublicKeyPacket /** * OpenPGP v6 keys are newly introduced. * - * @see - * C-R - Version 6 Public Keys + * @see + * OpenPGP - Version 6 Public Keys */ public static final int VERSION_6 = 6; @@ -111,12 +111,12 @@ public class PublicKeyPacket * @param newPacketFormat packet format * @throws IOException if the key packet cannot be parsed * - * @see - * C-R - Version 3 Public Keys - * @see - * C-R - Version 4 Public Keys - * @see - * C-R - Version 6 Public Keys + * @see + * OpenPGP - Version 3 Public Keys + * @see + * OpenPGP - Version 4 Public Keys + * @see + * OpenPGP - Version 6 Public Keys * @see * LibrePGP - Public-Key Packet Formats */ diff --git a/pg/src/main/java/org/bouncycastle/bcpg/S2K.java b/pg/src/main/java/org/bouncycastle/bcpg/S2K.java index 5d93e1d80f..7d1461eaed 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/S2K.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/S2K.java @@ -38,10 +38,10 @@ * * * @see - * rfc4880 - String-to-Key (S2K) Specifiers - * @see - * C-R - String-to-Key (S2K) Specifier - * @see + * RFC4880 - String-to-Key (S2K) Specifiers + * @see + * RFC9580 - String-to-Key (S2K) Specifier + * @see * LibrePGP - String-to-Key (S2K) Specifiers */ public class S2K @@ -480,8 +480,8 @@ private void writeOneOctetOrThrow(BCPGOutputStream out, int val, String valName) /** * Parameters for Argon2 S2K. - * @see - * C-R - Argon2 + * @see + * OpenPGP - Argon2 */ public static class Argon2Params { @@ -555,7 +555,7 @@ public Argon2Params(byte[] salt, int passes, int parallelism, int memSizeExp) // log₂p = logₑp / logₑ2 double log2_p = Math.log(parallelism) / Math.log(2); - // see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-05.html#section-3.7.1.4-5 + // see https://www.rfc-editor.org/rfc/rfc9580.html#section-3.7.1.4-5 if (memSizeExp < (3 + Math.ceil(log2_p)) || memSizeExp > 31) { throw new IllegalArgumentException("Memory size exponent MUST be between 3 + ⌈log₂(parallelism)⌉ and 31"); diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SecretKeyPacket.java b/pg/src/main/java/org/bouncycastle/bcpg/SecretKeyPacket.java index 78b010482e..d2f9f8873c 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/SecretKeyPacket.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/SecretKeyPacket.java @@ -129,8 +129,8 @@ public class SecretKeyPacket * @param newPacketFormat packet format * @throws IOException if the secret key packet cannot be parsed * - * @see - * C-R - Secret-Key Packet Formats + * @see + * OpenPGP - Secret-Key Packet Formats * @see * LibrePGP - Secret-Key Packet Formats * @see diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java b/pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java index 47505bf15a..9b4e405aec 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java @@ -22,7 +22,7 @@ public class SignaturePacket public static final int VERSION_3 = 3; public static final int VERSION_4 = 4; // https://datatracker.ietf.org/doc/rfc4880/ public static final int VERSION_5 = 5; // https://datatracker.ietf.org/doc/draft-koch-librepgp/ - public static final int VERSION_6 = 6; // https://datatracker.ietf.org/doc/draft-ietf-openpgp-crypto-refresh/ + public static final int VERSION_6 = 6; // https://www.rfc-editor.org/rfc/rfc9580.html private int version; private int signatureType; @@ -128,12 +128,12 @@ private void parseV4_V5(BCPGInputStream in) /** * Parse a version 6 signature. * Version 6 signatures do use 4 octet subpacket area length descriptors and contain an additional salt value - * (which may or may not be of size 0, librepgp and crypto-refresh are in disagreement here). + * (which may or may not be of size 0, LibrePGP and OpenPGP are in disagreement here). * @param in input stream which already skipped over the version number * @throws IOException if the packet is malformed * - * @see - * Version 6 packet format + * @see + * OpenPGP - Version 6 packet format */ private void parseV6(BCPGInputStream in) throws IOException diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java b/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java index 73456727b4..e52ef8b7b5 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/SignatureSubpacketTags.java @@ -30,7 +30,7 @@ public interface SignatureSubpacketTags int SIGNATURE_TARGET = 31; // signature target int EMBEDDED_SIGNATURE = 32; // embedded signature int ISSUER_FINGERPRINT = 33; // issuer key fingerprint -// public static final int PREFERRED_AEAD_ALGORITHMS = 34; // RESERVED since crypto-refresh-05 +// public static final int PREFERRED_AEAD_ALGORITHMS = 34; // RESERVED since rfc9580 int INTENDED_RECIPIENT_FINGERPRINT = 35; // intended recipient fingerprint int ATTESTED_CERTIFICATIONS = 37; // attested certifications (RESERVED) int KEY_BLOCK = 38; // Key Block (RESERVED) diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyAlgorithmTags.java b/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyAlgorithmTags.java index 1b576ccd87..a587446988 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyAlgorithmTags.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyAlgorithmTags.java @@ -3,12 +3,12 @@ /** * Basic tags for symmetric key algorithms. * + * @see + * RFC9580 - Symmetric-Key Algorithms * @see * RFC4880 - Symmetric-Key Algorithms * @see * LibrePGP - Symmetric-Key Algorithms - * @see - * Crypto-Refresh - Symmetric-Key Algorithms */ public interface SymmetricKeyAlgorithmTags { diff --git a/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyEncSessionPacket.java b/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyEncSessionPacket.java index 93d01dc76b..fd1f3a3e00 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyEncSessionPacket.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/SymmetricKeyEncSessionPacket.java @@ -63,13 +63,13 @@ public SymmetricKeyEncSessionPacket( } else if (version == VERSION_5 || version == VERSION_6) { - // https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.3.2-3.2 + // https://www.rfc-editor.org/rfc/rfc9580.html#section-5.3.2-3.2.1 // SymAlg + AEADAlg + S2KCount + S2K + IV int next5Fields5Count = in.read(); encAlgorithm = in.read(); aeadAlgorithm = in.read(); - // https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-07.html#section-5.3.2-3.5 + // https://www.rfc-editor.org/rfc/rfc9580.html#section-5.3.2-3.5.1 int s2kOctetCount = in.read(); //TODO: use this line to replace the following code? diff --git a/pg/src/main/java/org/bouncycastle/bcpg/X25519PublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/X25519PublicBCPGKey.java index a0db01b01e..1ce252b2ba 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/X25519PublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/X25519PublicBCPGKey.java @@ -4,13 +4,13 @@ /** * Public key of type {@link PublicKeyAlgorithmTags#X25519}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link ECDHPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#ECDH}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for X25519 Keys + * @see + * OpenPGP - Algorithm-Specific Part for X25519 Keys */ public class X25519PublicBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/X25519SecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/X25519SecretBCPGKey.java index 17043353af..8bba9a1228 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/X25519SecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/X25519SecretBCPGKey.java @@ -4,15 +4,15 @@ /** * Secret key of type {@link PublicKeyAlgorithmTags#X25519}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link ECSecretBCPGKey} with * {@link PublicKeyAlgorithmTags#ECDH}. * Note: Contrary to {@link ECSecretBCPGKey} using {@link PublicKeyAlgorithmTags#ECDH}, which uses big-endian * MPI encoding to encode the secret key material, {@link X25519SecretBCPGKey} uses native little-endian encoding. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for X25519 Keys + * @see + * OpenPGP - Algorithm-Specific Part for X25519 Keys */ public class X25519SecretBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/X448PublicBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/X448PublicBCPGKey.java index 6881b276ba..b3fb71496b 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/X448PublicBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/X448PublicBCPGKey.java @@ -4,13 +4,13 @@ /** * Public key of type {@link PublicKeyAlgorithmTags#X448}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link ECDHPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#ECDH}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for X448 Keys + * @see + * OpenPGP - Algorithm-Specific Part for X448 Keys */ public class X448PublicBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/X448SecretBCPGKey.java b/pg/src/main/java/org/bouncycastle/bcpg/X448SecretBCPGKey.java index 8bcf0332e1..b3dad65360 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/X448SecretBCPGKey.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/X448SecretBCPGKey.java @@ -4,13 +4,13 @@ /** * Secret key of type {@link PublicKeyAlgorithmTags#X448}. - * This type was introduced with Crypto-Refresh and can be used with v4, v6 keys. + * This type was introduced with RFC9580 and can be used with v4, v6 keys. * Note however, that legacy implementations might not understand this key type yet. * For a key type compatible with legacy v4 implementations, see {@link ECDHPublicBCPGKey} with * {@link PublicKeyAlgorithmTags#ECDH}. * - * @see - * Crypto-Refresh - Algorithm-Specific Part for X448 Keys + * @see + * OpenPGP - Algorithm-Specific Part for X448 Keys */ public class X448SecretBCPGKey extends OctetArrayBCPGKey diff --git a/pg/src/main/java/org/bouncycastle/bcpg/sig/PreferredAEADCiphersuites.java b/pg/src/main/java/org/bouncycastle/bcpg/sig/PreferredAEADCiphersuites.java index 1ed5ae9001..a40302ba9c 100644 --- a/pg/src/main/java/org/bouncycastle/bcpg/sig/PreferredAEADCiphersuites.java +++ b/pg/src/main/java/org/bouncycastle/bcpg/sig/PreferredAEADCiphersuites.java @@ -13,8 +13,8 @@ public class PreferredAEADCiphersuites /** * AES-128 + OCB is a MUST implement and is therefore implicitly supported. * - * @see - * Crypto-Refresh § 5.2.3.15. Preferred AEAD Ciphersuites + * @see + * OpenPGP - Preferred AEAD Ciphersuites */ private static final Combination AES_128_OCB = new Combination(SymmetricKeyAlgorithmTags.AES_128, AEADAlgorithmTags.OCB); diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPKeyConverter.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPKeyConverter.java index ab73bd51d8..f4b21852e9 100644 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPKeyConverter.java +++ b/pg/src/main/java/org/bouncycastle/openpgp/operator/PGPKeyConverter.java @@ -25,7 +25,8 @@ protected PGPKeyConverter() } /** - * Reference: RFC Draft-ietf-openpgp-crypto-refresh-13 + * Reference: + * RFC9580 - OpenPGP *

* This class provides information about the recommended algorithms to use * depending on the key version and curve type in OpenPGP keys. diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/RFC6637KDFCalculator.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/RFC6637KDFCalculator.java index 8da21226e5..f0692a3965 100644 --- a/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/RFC6637KDFCalculator.java +++ b/pg/src/main/java/org/bouncycastle/openpgp/operator/bc/RFC6637KDFCalculator.java @@ -53,7 +53,7 @@ public byte[] createKey(byte[] secret, byte[] userKeyingMaterial) * Creates a session key for X25519 or X448 encryption based on the provided algorithm and key algorithm. *

* The method follows the specifications outlined in the OpenPGP standards, specifically sections 5.1.6 and 5.1.7 - * of draft-ietf-openpgp-crypto-refresh-13. + * of rfc9580. * * @param algorithm The algorithm to use for key derivation, such as SHA256 or SHA512. * @param keyAlgorithm The key algorithm identifier, representing AES-128 or AES-256. @@ -65,7 +65,7 @@ public byte[] createKey(byte[] secret, byte[] userKeyingMaterial) * For X448, use "OpenPGP X448". * @return The derived key for encryption. * @throws PGPException If an error occurs during key derivation. - * @see draft-ietf-openpgp-crypto-refresh-13 + * @see rfc9580 - OpenPGP */ public static byte[] createKey(int algorithm, int keyAlgorithm, byte[] prepend, String info) throws PGPException diff --git a/pg/src/test/java/org/bouncycastle/bcpg/test/OnePassSignaturePacketTest.java b/pg/src/test/java/org/bouncycastle/bcpg/test/OnePassSignaturePacketTest.java index 2b06e20b18..e9b899ad1c 100644 --- a/pg/src/test/java/org/bouncycastle/bcpg/test/OnePassSignaturePacketTest.java +++ b/pg/src/test/java/org/bouncycastle/bcpg/test/OnePassSignaturePacketTest.java @@ -18,7 +18,7 @@ private void testParseV6OnePassSignaturePacket() throws IOException { // Version 6 OnePassSignature packet - // extracted from https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-inline-signed-messag + // extracted from https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-inline-signed-messag byte[] encOPS = Hex.decode("c44606010a1b2076495f50218890f7f5e2ee3c1822514f70500f551d86e5c921e404e34a53fbaccb186c4f0609a697e4d52dfa6c722b0c1f1e27c18a56708f6525ec27bad9acc901"); // Issuer of the message byte[] issuerFp = Hex.decode("CB186C4F0609A697E4D52DFA6C722B0C1F1E27C18A56708F6525EC27BAD9ACC9"); @@ -254,7 +254,7 @@ private void parsingOfPacketWithTruncatedFingerprintFails() { // Version 6 OnePassSignature packet with truncated fingerprint field (20 bytes instead of 32) // This error would happen, if a v6 OPS packet was generated with a v4 fingerprint. - // extracted from https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-inline-signed-messag + // extracted from https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-inline-signed-messag byte[] encOPS = Hex.decode("c44606010a1b2076495f50218890f7f5e2ee3c1822514f70500f551d86e5c921e404e34a53fbaccb186c4f0609a697e4d52dfa6c722b0c1f1e27c101"); ByteArrayInputStream bIn = new ByteArrayInputStream(encOPS); diff --git a/pg/src/test/java/org/bouncycastle/bcpg/test/OpenPgpMessageTest.java b/pg/src/test/java/org/bouncycastle/bcpg/test/OpenPgpMessageTest.java index 8bad1dcb36..e546aeb6b2 100644 --- a/pg/src/test/java/org/bouncycastle/bcpg/test/OpenPgpMessageTest.java +++ b/pg/src/test/java/org/bouncycastle/bcpg/test/OpenPgpMessageTest.java @@ -19,7 +19,7 @@ public class OpenPgpMessageTest /* Inline-signed message using a version 6 signature - see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-inline-signed-messag + see https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-inline-signed-messag */ public static final String INLINE_SIGNED = "-----BEGIN PGP MESSAGE-----\n" + "\n" + @@ -34,7 +34,7 @@ public class OpenPgpMessageTest /* Cleartext-signed message using a version 6 signature - see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-cleartext-signed-mes + see https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-cleartext-signed-mes */ public static final String CLEARTEXT_SIGNED = "-----BEGIN PGP SIGNED MESSAGE-----\n" + "\n" + diff --git a/pg/src/test/java/org/bouncycastle/bcpg/test/SignaturePacketTest.java b/pg/src/test/java/org/bouncycastle/bcpg/test/SignaturePacketTest.java index 6d77368bd7..c003b9fe6e 100644 --- a/pg/src/test/java/org/bouncycastle/bcpg/test/SignaturePacketTest.java +++ b/pg/src/test/java/org/bouncycastle/bcpg/test/SignaturePacketTest.java @@ -33,7 +33,7 @@ private void testParseV6Signature() throws IOException { // Hex-encoded OpenPGP v6 signature packet - // Extracted from https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-inline-signed-messag + // Extracted from https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-inline-signed-messag byte[] encSigPacket = Hex.decode("c29806011b0a0000002905826398a363222106cb186c4f0609a697e4d52dfa6c722b0c1f1e27c18a56708f6525ec27bad9acc90000000069362076495f50218890f7f5e2ee3c1822514f70500f551d86e5c921e404e34a53fbac27d06fb80aa8fc5bcb16e19631b280740f9ea6aed5e073ad00f9415a653c40e77a6ae77e692ba71d069a109fa24c58cfd8e316d0a06b34ad9acb8e5c5f521501"); // Issuer of the message byte[] issuerFP = Hex.decode("CB186C4F0609A697E4D52DFA6C722B0C1F1E27C18A56708F6525EC27BAD9ACC9"); @@ -87,7 +87,7 @@ private void testParseV4Ed25519LegacySignature() throws IOException { // Hex-encoded v4 test signature - // see https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-v4-ed25519legacy-sig + // see https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-v4-ed25519legacy-sig byte[] encSigPacket = Hex.decode("885e040016080006050255f95f95000a09108cfde12197965a9af62200ff56f90cca98e2102637bd983fdb16c131dfd27ed82bf4dde5606e0d756aed33660100d09c4fa11527f038e0f57f2201d82f2ea2c9033265fa6ceb489e854bae61b404"); ByteArrayInputStream bIn = new ByteArrayInputStream(encSigPacket); BCPGInputStream pIn = new BCPGInputStream(bIn); diff --git a/pg/src/test/java/org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.java b/pg/src/test/java/org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.java index 75cf09646b..496c57d521 100644 --- a/pg/src/test/java/org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.java +++ b/pg/src/test/java/org/bouncycastle/openpgp/test/AEADProtectedPGPSecretKeyTest.java @@ -71,7 +71,7 @@ private void unlockTestVector() throws IOException, PGPException { // AEAD encrypted test vector extracted from here: - // https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-locked-v6-secret-key + // https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-locked-v6-secret-key String armoredVector = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + "\n" + "xYIGY4d/4xsAAAAg+U2nu0jWCmHlZ3BqZYfQMxmZu52JGggkLq2EVD34laP9JgkC\n" + @@ -90,7 +90,7 @@ private void unlockTestVector() "-----END PGP PRIVATE KEY BLOCK-----"; char[] passphrase = "correct horse battery staple".toCharArray(); // Plaintext vectors extracted from here: - // https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-sample-v6-secret-key-transf + // https://www.rfc-editor.org/rfc/rfc9580.html#name-sample-v6-secret-key-transf byte[] plainPrimaryKey = Hex.decode("1972817b12be707e8d5f586ce61361201d344eb266a2c82fde6835762b65b0b7"); byte[] plainSubkey = Hex.decode("4d600a4f794d44775c57a26e0feefed558e9afffd6ad0d582d57fb2ba2dcedb8"); diff --git a/pg/src/test/java/org/bouncycastle/openpgp/test/DedicatedEd25519KeyPairTest.java b/pg/src/test/java/org/bouncycastle/openpgp/test/DedicatedEd25519KeyPairTest.java index 5dfb912580..fff15a7f0a 100644 --- a/pg/src/test/java/org/bouncycastle/openpgp/test/DedicatedEd25519KeyPairTest.java +++ b/pg/src/test/java/org/bouncycastle/openpgp/test/DedicatedEd25519KeyPairTest.java @@ -193,7 +193,7 @@ private void testV4SigningVerificationWithBcKey() private void testConversionOfTestVectorKey() throws PGPException, IOException { JcaPGPKeyConverter jc = new JcaPGPKeyConverter().setProvider(new BouncyCastleProvider()); BcPGPKeyConverter bc = new BcPGPKeyConverter(); - // ed25519 public key from https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-13.html#name-hashed-data-stream-for-sign + // ed25519 public key from https://www.rfc-editor.org/rfc/rfc9580.html#name-hashed-data-stream-for-sign Date creationTime = new Date(Pack.bigEndianToInt(Hex.decode("63877fe3"), 0) * 1000L); byte[] k = Hex.decode("f94da7bb48d60a61e567706a6587d0331999bb9d891a08242ead84543df895a3"); for (int version: new int[]{PublicKeyPacket.VERSION_4, PublicKeyPacket.VERSION_6})