Example 1 with PGPCompressedDataGenerator
use of org.bouncycastle.openpgp.PGPCompressedDataGenerator in project camel by apache.
the class PGPKeyAccessDataFormat method marshal.
public void marshal(Exchange exchange, Object graph, OutputStream outputStream) throws Exception {
//NOPMD
List<String> userids = determineEncryptionUserIds(exchange);
List<PGPPublicKey> keys = publicKeyAccessor.getEncryptionKeys(exchange, userids);
if (keys.isEmpty()) {
throw new IllegalArgumentException("Cannot PGP encrypt message. No public encryption key found for the User Ids " + userids + " in the public keyring. Either specify other User IDs or add correct public keys to the keyring.");
}
exchange.getOut().setHeader(NUMBER_OF_ENCRYPTION_KEYS, Integer.valueOf(keys.size()));
InputStream input = ExchangeHelper.convertToMandatoryType(exchange, InputStream.class, graph);
if (armored) {
outputStream = new ArmoredOutputStream(outputStream);
}
PGPEncryptedDataGenerator encGen = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(findAlgorithm(exchange)).setWithIntegrityPacket(integrity).setSecureRandom(new SecureRandom()).setProvider(getProvider()));
// several keys can be added
for (PGPPublicKey key : keys) {
encGen.addMethod(new JcePublicKeyKeyEncryptionMethodGenerator(key));
}
OutputStream encOut = encGen.open(outputStream, new byte[BUFFER_SIZE]);
OutputStream comOut;
if (withCompressedDataPacket) {
PGPCompressedDataGenerator comData = new PGPCompressedDataGenerator(findCompressionAlgorithm(exchange));
comOut = new BufferedOutputStream(comData.open(encOut));
} else {
comOut = encOut;
LOG.debug("No Compressed Data packet is added");
}
List<PGPSignatureGenerator> sigGens = createSignatureGenerator(exchange, comOut);
PGPLiteralDataGenerator litData = new PGPLiteralDataGenerator();
String fileName = findFileName(exchange);
OutputStream litOut = litData.open(comOut, PGPLiteralData.BINARY, fileName, new Date(), new byte[BUFFER_SIZE]);
try {
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = input.read(buffer)) != -1) {
litOut.write(buffer, 0, bytesRead);
if (sigGens != null && !sigGens.isEmpty()) {
for (PGPSignatureGenerator sigGen : sigGens) {
// not nested therefore it is the same for all
// can this be improved that we only do it for one sigGen and set the result on the others?
sigGen.update(buffer, 0, bytesRead);
}
}
litOut.flush();
}
} finally {
IOHelper.close(litOut);
if (sigGens != null && !sigGens.isEmpty()) {
// reverse order
for (int i = sigGens.size() - 1; i > -1; i--) {
PGPSignatureGenerator sigGen = sigGens.get(i);
sigGen.generate().encode(comOut);
}
}
IOHelper.close(comOut, encOut, outputStream, input);
}
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
InputStream(java.io.InputStream)
BufferedOutputStream(java.io.BufferedOutputStream)
OutputStream(java.io.OutputStream)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
PGPCompressedDataGenerator(org.bouncycastle.openpgp.PGPCompressedDataGenerator)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
SecureRandom(java.security.SecureRandom)
PGPLiteralDataGenerator(org.bouncycastle.openpgp.PGPLiteralDataGenerator)
PGPEncryptedDataGenerator(org.bouncycastle.openpgp.PGPEncryptedDataGenerator)
Date(java.util.Date)
JcePublicKeyKeyEncryptionMethodGenerator(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator)
BufferedOutputStream(java.io.BufferedOutputStream)
JcePGPDataEncryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)
Example 2 with PGPCompressedDataGenerator
use of org.bouncycastle.openpgp.PGPCompressedDataGenerator in project nifi by apache.
the class PGPUtil method encrypt.
public static void encrypt(InputStream in, OutputStream out, String algorithm, String provider, int cipher, String filename, PGPKeyEncryptionMethodGenerator encryptionMethodGenerator) throws IOException, PGPException {
if (StringUtils.isEmpty(algorithm)) {
throw new IllegalArgumentException("The algorithm must be specified");
}
final boolean isArmored = EncryptContent.isPGPArmoredAlgorithm(algorithm);
OutputStream output = out;
if (isArmored) {
output = new ArmoredOutputStream(out);
}
// Default value, do not allow null encryption
if (cipher == PGPEncryptedData.NULL) {
logger.warn("Null encryption not allowed; defaulting to AES-128");
cipher = PGPEncryptedData.AES_128;
}
try {
// TODO: Can probably hard-code provider to BC and remove one method parameter
PGPEncryptedDataGenerator encryptedDataGenerator = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(cipher).setWithIntegrityPacket(true).setSecureRandom(new SecureRandom()).setProvider(provider));
encryptedDataGenerator.addMethod(encryptionMethodGenerator);
try (OutputStream encryptedOut = encryptedDataGenerator.open(output, new byte[BUFFER_SIZE])) {
PGPCompressedDataGenerator compressedDataGenerator = new PGPCompressedDataGenerator(PGPCompressedData.ZIP, Deflater.BEST_SPEED);
try (OutputStream compressedOut = compressedDataGenerator.open(encryptedOut, new byte[BUFFER_SIZE])) {
PGPLiteralDataGenerator literalDataGenerator = new PGPLiteralDataGenerator();
try (OutputStream literalOut = literalDataGenerator.open(compressedOut, PGPLiteralData.BINARY, filename, new Date(), new byte[BUFFER_SIZE])) {
final byte[] buffer = new byte[BLOCK_SIZE];
int len;
while ((len = in.read(buffer)) > -1) {
literalOut.write(buffer, 0, len);
}
}
}
}
} finally {
if (isArmored) {
output.close();
}
}
}
Also used :
OutputStream(java.io.OutputStream)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
PGPCompressedDataGenerator(org.bouncycastle.openpgp.PGPCompressedDataGenerator)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
SecureRandom(java.security.SecureRandom)
PGPLiteralDataGenerator(org.bouncycastle.openpgp.PGPLiteralDataGenerator)
PGPEncryptedDataGenerator(org.bouncycastle.openpgp.PGPEncryptedDataGenerator)
Date(java.util.Date)
JcePGPDataEncryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)
Example 3 with PGPCompressedDataGenerator
use of org.bouncycastle.openpgp.PGPCompressedDataGenerator in project camel by apache.
the class PGPDataFormatTest method testExceptionDecryptorIncorrectInputFormatSymmetricEncryptedData.
@Test
public void testExceptionDecryptorIncorrectInputFormatSymmetricEncryptedData() throws Exception {
byte[] payload = "Not Correct Format".getBytes("UTF-8");
ByteArrayOutputStream bos = new ByteArrayOutputStream();
PGPEncryptedDataGenerator encGen = new PGPEncryptedDataGenerator(new JcePGPDataEncryptorBuilder(SymmetricKeyAlgorithmTags.CAST5).setSecureRandom(new SecureRandom()).setProvider(getProvider()));
encGen.addMethod(new JcePBEKeyEncryptionMethodGenerator("pw".toCharArray()));
OutputStream encOut = encGen.open(bos, new byte[1024]);
PGPCompressedDataGenerator comData = new PGPCompressedDataGenerator(CompressionAlgorithmTags.ZIP);
OutputStream comOut = new BufferedOutputStream(comData.open(encOut));
PGPLiteralDataGenerator litData = new PGPLiteralDataGenerator();
OutputStream litOut = litData.open(comOut, PGPLiteralData.BINARY, PGPLiteralData.CONSOLE, new Date(), new byte[1024]);
litOut.write(payload);
litOut.flush();
litOut.close();
comOut.close();
encOut.close();
MockEndpoint mock = getMockEndpoint("mock:exception");
mock.expectedMessageCount(1);
template.sendBody("direct:subkeyUnmarshal", bos.toByteArray());
assertMockEndpointsSatisfied();
checkThrownException(mock, IllegalArgumentException.class, null, "The input message body has an invalid format.");
}
Also used :
JcePBEKeyEncryptionMethodGenerator(org.bouncycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator)
MockEndpoint(org.apache.camel.component.mock.MockEndpoint)
BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
BufferedOutputStream(java.io.BufferedOutputStream)
OutputStream(java.io.OutputStream)
PGPCompressedDataGenerator(org.bouncycastle.openpgp.PGPCompressedDataGenerator)
SecureRandom(java.security.SecureRandom)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PGPLiteralDataGenerator(org.bouncycastle.openpgp.PGPLiteralDataGenerator)
BufferedOutputStream(java.io.BufferedOutputStream)
PGPEncryptedDataGenerator(org.bouncycastle.openpgp.PGPEncryptedDataGenerator)
Date(java.util.Date)
JcePGPDataEncryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)
Test(org.junit.Test)
Aggregations
OutputStream (java.io.OutputStream)3
SecureRandom (java.security.SecureRandom)3
Date (java.util.Date)3
PGPCompressedDataGenerator (org.bouncycastle.openpgp.PGPCompressedDataGenerator)3
PGPEncryptedDataGenerator (org.bouncycastle.openpgp.PGPEncryptedDataGenerator)3
PGPLiteralDataGenerator (org.bouncycastle.openpgp.PGPLiteralDataGenerator)3
JcePGPDataEncryptorBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)3
BufferedOutputStream (java.io.BufferedOutputStream)2
ArmoredOutputStream (org.bouncycastle.bcpg.ArmoredOutputStream)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
InputStream (java.io.InputStream)1
MockEndpoint (org.apache.camel.component.mock.MockEndpoint)1
BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)1
PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)1
JcePBEKeyEncryptionMethodGenerator (org.bouncycastle.openpgp.operator.jcajce.JcePBEKeyEncryptionMethodGenerator)1
JcePublicKeyKeyEncryptionMethodGenerator (org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyKeyEncryptionMethodGenerator)1
Test (org.junit.Test)1
