Document sun anomaly

pgpainless · May 10, 2024 · 45c32b0 · 45c32b0
1 parent c2d7c01
commit 45c32b0
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaPGPKeyConverter.java b/pg/src/main/java/org/bouncycastle/openpgp/operator/jcajce/JcaPGPKeyConverter.java
@@ -564,15 +564,19 @@ else if (pubKey.getAlgorithm().regionMatches(true, 0, "X4", 0, 2))
                     }
                     else // XDH
                     {
+                        // sun.security.ec.XDHPublicKeyImpl returns "XDH" for getAlgorithm()
+                        // In this case we need to determine the curve by looking at the length of the encoding :/
+
                         // X25519
-                        if (pubKey.getEncoded().length == 32 + 12)
+                        if (X25519.SCALAR_SIZE + 12 == pubKey.getEncoded().length) // + 12 for some reason
                         {
                             PGPKdfParameters kdfParams = implGetKdfParameters(CryptlibObjectIdentifiers.curvey25519, algorithmParameters);
 
                             return new ECDHPublicBCPGKey(CryptlibObjectIdentifiers.curvey25519, new BigInteger(1, getPointEncUncompressed(pubKey, X25519.SCALAR_SIZE)),
                                     kdfParams.getHashAlgorithm(), kdfParams.getSymmetricWrapAlgorithm());
                         }
-                        else // X448
+                        // X448
+                        else
                         {
                             PGPKdfParameters kdfParams = implGetKdfParameters(EdECObjectIdentifiers.id_X448, algorithmParameters);
 
@@ -605,8 +609,9 @@ else if (pubKey.getAlgorithm().regionMatches(true, 0, "X4", 0, 2))
                 // Dang...
                 if (pubKey.getAlgorithm().regionMatches(true, 0, "EDDSA", 0, 5))
                 {
+                    // sun.security.ec.ed.EdDSAPublicKeyImpl returns "EdDSA" for getAlgorithm()
                     // if algorithm is just EdDSA, we need to detect the curve based on encoding length :/
-                    if (pubKey.getEncoded().length == 12 + Ed25519.PUBLIC_KEY_SIZE)
+                    if (pubKey.getEncoded().length == 12 + Ed25519.PUBLIC_KEY_SIZE) // +12 for some reason
                     {
                         // Legacy Ed25519
                         return new EdDSAPublicBCPGKey(GNUObjectIdentifiers.Ed25519, new BigInteger(1, getPointEncUncompressed(pubKey, Ed25519.PUBLIC_KEY_SIZE)));