Examples with PGPPublicKeyEncryptedData org.bouncycastle.openpgp.PGPPublicKeyEncryptedData used on opensource projects

Example 1 with PGPPublicKeyEncryptedData

use of org.bouncycastle.openpgp.PGPPublicKeyEncryptedData in project camel by apache.

the class PGPKeyAccessDataFormat method getDecryptedData.

private InputStream getDecryptedData(Exchange exchange, InputStream encryptedStream) throws Exception, PGPException {
    PGPObjectFactory pgpFactory = new PGPObjectFactory(encryptedStream, new BcKeyFingerprintCalculator());
    Object firstObject = pgpFactory.nextObject();
    // the first object might be a PGP marker packet 
    PGPEncryptedDataList enc = getEcryptedDataList(pgpFactory, firstObject);
    if (enc == null) {
        throw getFormatException();
    }
    PGPPublicKeyEncryptedData pbe = null;
    PGPPrivateKey key = null;
    // find encrypted data for which a private key exists in the secret key ring
    for (int i = 0; i < enc.size() && key == null; i++) {
        Object encryptedData = enc.get(i);
        if (!(encryptedData instanceof PGPPublicKeyEncryptedData)) {
            throw getFormatException();
        }
        pbe = (PGPPublicKeyEncryptedData) encryptedData;
        key = secretKeyAccessor.getPrivateKey(exchange, pbe.getKeyID());
        if (key != null) {
            // take the first key
            break;
        }
    }
    if (key == null) {
        throw new PGPException("PGP message is encrypted with a key which could not be found in the Secret Keyring.");
    }
    InputStream encData = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(getProvider()).build(key));
    return encData;
}

Example 2 with PGPPublicKeyEncryptedData

use of org.bouncycastle.openpgp.PGPPublicKeyEncryptedData in project camel by apache.

the class PGPDataFormatUtil method findPrivateKey.

@Deprecated
private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException {
    PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput), new BcKeyFingerprintCalculator());
    PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput), new BcKeyFingerprintCalculator());
    PGPEncryptedDataList enc;
    Object o = factory.nextObject();
    if (o == null) {
        throw new PGPException("Provided input is not encrypted.");
    }
    if (o instanceof PGPEncryptedDataList) {
        enc = (PGPEncryptedDataList) o;
    } else {
        enc = (PGPEncryptedDataList) factory.nextObject();
    }
    // nextObject() method reads from the InputStream, so rewind it!
    encryptedInput.reset();
    Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
    PGPPrivateKey privateKey = null;
    PGPPublicKeyEncryptedData encryptedData = null;
    while (privateKey == null && encryptedDataObjects.hasNext()) {
        encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
        PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
        if (pgpSecKey != null) {
            if (passphrase == null && passphraseAccessor != null) {
                // get passphrase from accessor
                @SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs();
                while (passphrase == null && userIDs.hasNext()) {
                    passphrase = passphraseAccessor.getPassphrase(userIDs.next());
                }
            }
            privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
        }
    }
    if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) {
        throw new PGPException("Provided input is encrypted with unknown pair of keys.");
    }
    return privateKey;
}

Example 3 with PGPPublicKeyEncryptedData

use of org.bouncycastle.openpgp.PGPPublicKeyEncryptedData in project incubator-gobblin by apache.

the class GPGFileDecryptor method decryptFile.

/**
 * Taking in a file inputstream, keyring inputstream and a passPhrase, generate a decrypted file inputstream.
 * @param inputStream file inputstream
 * @param keyIn keyring inputstream
 * @param passPhrase passPhrase
 * @return
 * @throws IOException
 */
@SneakyThrows(PGPException.class)
public InputStream decryptFile(InputStream inputStream, InputStream keyIn, String passPhrase) throws IOException {
    PGPEncryptedDataList enc = getPGPEncryptedDataList(inputStream);
    Iterator it = enc.getEncryptedDataObjects();
    PGPPrivateKey sKey = null;
    PGPPublicKeyEncryptedData pbe = null;
    PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyIn), new BcKeyFingerprintCalculator());
    while (sKey == null && it.hasNext()) {
        pbe = (PGPPublicKeyEncryptedData) it.next();
        sKey = findSecretKey(pgpSec, pbe.getKeyID(), passPhrase);
    }
    if (sKey == null) {
        throw new IllegalArgumentException("secret key for message not found.");
    }
    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
    try (InputStream clear = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(sKey))) {
        JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
        Object pgpfObject = pgpFact.nextObject();
        while (pgpfObject != null) {
            if (pgpfObject instanceof PGPCompressedData) {
                PGPCompressedData cData = (PGPCompressedData) pgpfObject;
                pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
                pgpfObject = pgpFact.nextObject();
            }
            if (pgpfObject instanceof PGPLiteralData) {
                Streams.pipeAll(((PGPLiteralData) pgpfObject).getInputStream(), outputStream);
            } else if (pgpfObject instanceof PGPOnePassSignatureList) {
                throw new PGPException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
            } else if (pgpfObject instanceof PGPSignatureList) {
                throw new PGPException("encrypted message contains PGPSignatureList message - not literal data.");
            } else {
                throw new PGPException("message is not a simple encrypted file - type unknown.");
            }
            pgpfObject = pgpFact.nextObject();
        }
        return new ByteArrayInputStream(outputStream.toByteArray());
    } finally {
        outputStream.close();
    }
}