Search in sources :

Example 1 with JcePBESecretKeyDecryptorBuilder

use of org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder in project camel by apache.

the class PGPDataFormatUtil method findPrivateKey.

@Deprecated
private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException {
    PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput), new BcKeyFingerprintCalculator());
    PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput), new BcKeyFingerprintCalculator());
    PGPEncryptedDataList enc;
    Object o = factory.nextObject();
    if (o == null) {
        throw new PGPException("Provided input is not encrypted.");
    }
    if (o instanceof PGPEncryptedDataList) {
        enc = (PGPEncryptedDataList) o;
    } else {
        enc = (PGPEncryptedDataList) factory.nextObject();
    }
    // nextObject() method reads from the InputStream, so rewind it!
    encryptedInput.reset();
    Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
    PGPPrivateKey privateKey = null;
    PGPPublicKeyEncryptedData encryptedData = null;
    while (privateKey == null && encryptedDataObjects.hasNext()) {
        encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
        PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
        if (pgpSecKey != null) {
            if (passphrase == null && passphraseAccessor != null) {
                // get passphrase from accessor
                @SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs();
                while (passphrase == null && userIDs.hasNext()) {
                    passphrase = passphraseAccessor.getPassphrase(userIDs.next());
                }
            }
            privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
        }
    }
    if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) {
        throw new PGPException("Provided input is encrypted with unknown pair of keys.");
    }
    return privateKey;
}
Also used : PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder) PGPException(org.bouncycastle.openpgp.PGPException) PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection) BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator) PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)

Example 2 with JcePBESecretKeyDecryptorBuilder

use of org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder in project camel by apache.

the class PGPDataFormatTest method createSignature.

private void createSignature(OutputStream out) throws Exception {
    PGPSecretKey pgpSec = readSecretKey();
    PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(getProvider()).build("sdude".toCharArray()));
    PGPSignatureGenerator sGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(pgpSec.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1).setProvider(getProvider()));
    sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
    BCPGOutputStream bOut = new BCPGOutputStream(out);
    InputStream fIn = new ByteArrayInputStream("Test Signature".getBytes("UTF-8"));
    int ch;
    while ((ch = fIn.read()) >= 0) {
        sGen.update((byte) ch);
    }
    fIn.close();
    sGen.generate().encode(bOut);
}
Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) JcaPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey) MockEndpoint(org.apache.camel.component.mock.MockEndpoint) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)

Example 3 with JcePBESecretKeyDecryptorBuilder

use of org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder in project camel by apache.

the class PGPDataFormatUtil method findPrivateKeyWithkeyId.

public static PGPPrivateKey findPrivateKeyWithkeyId(long keyid, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider, PGPSecretKeyRingCollection pgpSec) throws PGPException {
    for (Iterator<?> i = pgpSec.getKeyRings(); i.hasNext(); ) {
        Object data = i.next();
        if (data instanceof PGPSecretKeyRing) {
            PGPSecretKeyRing keyring = (PGPSecretKeyRing) data;
            PGPSecretKey secKey = keyring.getSecretKey(keyid);
            if (secKey != null) {
                if (passphrase == null && passphraseAccessor != null) {
                    // get passphrase from accessor // only primary/master key has user IDS
                    @SuppressWarnings("unchecked") Iterator<String> userIDs = keyring.getSecretKey().getUserIDs();
                    while (passphrase == null && userIDs.hasNext()) {
                        passphrase = passphraseAccessor.getPassphrase(userIDs.next());
                    }
                }
                if (passphrase != null) {
                    PGPPrivateKey privateKey = secKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
                    if (privateKey != null) {
                        return privateKey;
                    }
                }
            }
        }
    }
    return null;
}
Also used : PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey) PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)

Example 4 with JcePBESecretKeyDecryptorBuilder

use of org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder in project camel by apache.

the class PGPDataFormatUtil method findSecretKeysWithPrivateKeyAndUserId.

public static List<PGPSecretKeyAndPrivateKeyAndUserId> findSecretKeysWithPrivateKeyAndUserId(Map<String, String> sigKeyUserId2Password, String provider, PGPSecretKeyRingCollection pgpSec) throws PGPException {
    List<PGPSecretKeyAndPrivateKeyAndUserId> result = new ArrayList<PGPSecretKeyAndPrivateKeyAndUserId>(sigKeyUserId2Password.size());
    for (Iterator<?> i = pgpSec.getKeyRings(); i.hasNext(); ) {
        Object data = i.next();
        if (data instanceof PGPSecretKeyRing) {
            PGPSecretKeyRing keyring = (PGPSecretKeyRing) data;
            PGPSecretKey primaryKey = keyring.getSecretKey();
            List<String> useridParts = new ArrayList<String>(sigKeyUserId2Password.keySet());
            String[] foundKeyUserIdForUserIdPart = findFirstKeyUserIdContainingOneOfTheParts(useridParts, primaryKey.getPublicKey());
            if (foundKeyUserIdForUserIdPart == null) {
                LOG.debug("No User ID found in primary key with key ID {} containing one of the parts {}", primaryKey.getKeyID(), useridParts);
                continue;
            }
            LOG.debug("User ID {} found in primary key with key ID {} containing one of the parts {}", new Object[] { foundKeyUserIdForUserIdPart[0], primaryKey.getKeyID(), useridParts });
            // add all signing keys
            for (Iterator<PGPSecretKey> iterKey = keyring.getSecretKeys(); iterKey.hasNext(); ) {
                PGPSecretKey secKey = iterKey.next();
                if (isSigningKey(secKey)) {
                    PGPPrivateKey privateKey = secKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(sigKeyUserId2Password.get(foundKeyUserIdForUserIdPart[1]).toCharArray()));
                    if (privateKey != null) {
                        result.add(new PGPSecretKeyAndPrivateKeyAndUserId(secKey, privateKey, foundKeyUserIdForUserIdPart[0]));
                        LOG.debug("Private key with user ID {} and key ID {} added to the signing keys", foundKeyUserIdForUserIdPart[0], Long.toString(privateKey.getKeyID()));
                    }
                }
            }
        }
    }
    return result;
}
Also used : ArrayList(java.util.ArrayList) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder) PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey) PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing)

Aggregations

PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)4 PGPSecretKey (org.bouncycastle.openpgp.PGPSecretKey)4 JcePBESecretKeyDecryptorBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)4 PGPSecretKeyRing (org.bouncycastle.openpgp.PGPSecretKeyRing)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 InputStream (java.io.InputStream)1 ArrayList (java.util.ArrayList)1 MockEndpoint (org.apache.camel.component.mock.MockEndpoint)1 BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1 PGPEncryptedDataList (org.bouncycastle.openpgp.PGPEncryptedDataList)1 PGPException (org.bouncycastle.openpgp.PGPException)1 PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)1 PGPPublicKeyEncryptedData (org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)1 PGPSecretKeyRingCollection (org.bouncycastle.openpgp.PGPSecretKeyRingCollection)1 PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)1 BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)1 JcaPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)1