Example 1 with PGPSignatureSubpacketGenerator
use of org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator in project camel by apache.
the class PGPKeyAccessDataFormat method createSignatureGenerator.
protected List<PGPSignatureGenerator> createSignatureGenerator(Exchange exchange, OutputStream out) throws Exception {
if (secretKeyAccessor == null) {
return null;
}
List<String> sigKeyUserids = determineSignaturenUserIds(exchange);
List<PGPSecretKeyAndPrivateKeyAndUserId> sigSecretKeysWithPrivateKeyAndUserId = secretKeyAccessor.getSignerKeys(exchange, sigKeyUserids);
if (sigSecretKeysWithPrivateKeyAndUserId.isEmpty()) {
return null;
}
exchange.getOut().setHeader(NUMBER_OF_SIGNING_KEYS, Integer.valueOf(sigSecretKeysWithPrivateKeyAndUserId.size()));
List<PGPSignatureGenerator> sigGens = new ArrayList<PGPSignatureGenerator>();
for (PGPSecretKeyAndPrivateKeyAndUserId sigSecretKeyWithPrivateKeyAndUserId : sigSecretKeysWithPrivateKeyAndUserId) {
PGPPrivateKey sigPrivateKey = sigSecretKeyWithPrivateKeyAndUserId.getPrivateKey();
PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
spGen.setSignerUserID(false, sigSecretKeyWithPrivateKeyAndUserId.getUserId());
int algorithm = sigSecretKeyWithPrivateKeyAndUserId.getSecretKey().getPublicKey().getAlgorithm();
PGPSignatureGenerator sigGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider()));
sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
sigGen.setHashedSubpackets(spGen.generate());
sigGen.generateOnePassVersion(false).encode(out);
sigGens.add(sigGen);
}
return sigGens;
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
JcaPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)
ArrayList(java.util.ArrayList)
PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
Example 2 with PGPSignatureSubpacketGenerator
use of org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator in project gerrit by GerritCodeReview.
the class PushCertificateCheckerTest method newSignedCert.
private PushCertificate newSignedCert(String nonce, TestKey signingKey, Date now) throws Exception {
PushCertificateIdent ident = new PushCertificateIdent(signingKey.getFirstUserId(), System.currentTimeMillis(), -7 * 60);
String payload = "certificate version 0.1\n" + "pusher " + ident.getRaw() + "\n" + "pushee test://localhost/repo.git\n" + "nonce " + nonce + "\n" + "\n" + "0000000000000000000000000000000000000000" + " deadbeefdeadbeefdeadbeefdeadbeefdeadbeef" + " refs/heads/master\n";
PGPSignatureGenerator gen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
if (now != null) {
PGPSignatureSubpacketGenerator subGen = new PGPSignatureSubpacketGenerator();
subGen.setSignatureCreationTime(false, now);
gen.setHashedSubpackets(subGen.generate());
}
gen.init(PGPSignature.BINARY_DOCUMENT, signingKey.getPrivateKey());
gen.update(payload.getBytes(UTF_8));
PGPSignature sig = gen.generate();
ByteArrayOutputStream bout = new ByteArrayOutputStream();
try (BCPGOutputStream out = new BCPGOutputStream(new ArmoredOutputStream(bout))) {
sig.encode(out);
}
String cert = payload + new String(bout.toByteArray(), UTF_8);
Reader reader = new InputStreamReader(new ByteArrayInputStream(cert.getBytes(UTF_8)));
PushCertificateParser parser = new PushCertificateParser(repo, signedPushConfig);
return parser.parse(reader);
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
PushCertificateParser(org.eclipse.jgit.transport.PushCertificateParser)
InputStreamReader(java.io.InputStreamReader)
BcPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder)
ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
PGPSignature(org.bouncycastle.openpgp.PGPSignature)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PushCertificateIdent(org.eclipse.jgit.transport.PushCertificateIdent)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)
Aggregations
PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)2
PGPSignatureSubpacketGenerator (org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)2
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)1
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
InputStreamReader (java.io.InputStreamReader)1
Reader (java.io.Reader)1
ArrayList (java.util.ArrayList)1
ArmoredOutputStream (org.bouncycastle.bcpg.ArmoredOutputStream)1
BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1
PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)1
PGPSignature (org.bouncycastle.openpgp.PGPSignature)1
BcPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder)1
JcaPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)1
PushCertificateIdent (org.eclipse.jgit.transport.PushCertificateIdent)1
PushCertificateParser (org.eclipse.jgit.transport.PushCertificateParser)1
