Example 1 with ArmoredInputStream
use of org.bouncycastle.bcpg.ArmoredInputStream in project gerrit by GerritCodeReview.
the class PostGpgKeys method readKeysToAdd.
private List<PGPPublicKeyRing> readKeysToAdd(Input input, Set<Fingerprint> toRemove) throws BadRequestException, IOException {
if (input.add == null || input.add.isEmpty()) {
return ImmutableList.of();
}
List<PGPPublicKeyRing> keyRings = new ArrayList<>(input.add.size());
for (String armored : input.add) {
try (InputStream in = new ByteArrayInputStream(armored.getBytes(UTF_8));
ArmoredInputStream ain = new ArmoredInputStream(in)) {
@SuppressWarnings("unchecked") List<Object> objs = Lists.newArrayList(new BcPGPObjectFactory(ain));
if (objs.size() != 1 || !(objs.get(0) instanceof PGPPublicKeyRing)) {
throw new BadRequestException("Expected exactly one PUBLIC KEY BLOCK");
}
PGPPublicKeyRing keyRing = (PGPPublicKeyRing) objs.get(0);
if (toRemove.contains(new Fingerprint(keyRing.getPublicKey().getFingerprint()))) {
throw new BadRequestException("Cannot both add and delete key: " + keyToString(keyRing.getPublicKey()));
}
keyRings.add(keyRing);
}
}
return keyRings;
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
Fingerprint(com.google.gerrit.gpg.Fingerprint)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
Example 2 with ArmoredInputStream
use of org.bouncycastle.bcpg.ArmoredInputStream in project gerrit by GerritCodeReview.
the class PublicKeyStore method get.
private List<PGPPublicKeyRing> get(long keyId, byte[] fp) throws IOException {
if (reader == null) {
load();
}
if (notes == null) {
return Collections.emptyList();
}
Note note = notes.getNote(keyObjectId(keyId));
if (note == null) {
return Collections.emptyList();
}
List<PGPPublicKeyRing> keys = new ArrayList<>();
try (InputStream in = reader.open(note.getData(), OBJ_BLOB).openStream()) {
while (true) {
@SuppressWarnings("unchecked") Iterator<Object> it = new BcPGPObjectFactory(new ArmoredInputStream(in)).iterator();
if (!it.hasNext()) {
break;
}
Object obj = it.next();
if (obj instanceof PGPPublicKeyRing) {
PGPPublicKeyRing kr = (PGPPublicKeyRing) obj;
if (fp == null || Arrays.equals(fp, kr.getPublicKey().getFingerprint())) {
keys.add(kr);
}
}
checkState(!it.hasNext(), "expected one PGP object per ArmoredInputStream");
}
return keys;
}
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
InputStream(java.io.InputStream)
Note(org.eclipse.jgit.notes.Note)
ArrayList(java.util.ArrayList)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory)
Example 3 with ArmoredInputStream
use of org.bouncycastle.bcpg.ArmoredInputStream in project jPOS by jpos.
the class PGPHelper method verifySignature.
private static boolean verifySignature(InputStream in, PGPPublicKey pk) throws IOException, NoSuchProviderException, PGPException, SignatureException {
boolean verify = false;
boolean newl = false;
int ch;
ArmoredInputStream ain = new ArmoredInputStream(in, true);
ByteArrayOutputStream out = new ByteArrayOutputStream();
while ((ch = ain.read()) >= 0 && ain.isClearText()) {
if (newl) {
out.write((byte) '\n');
newl = false;
}
if (ch == '\n') {
newl = true;
continue;
}
out.write((byte) ch);
}
PGPObjectFactory pgpf = new PGPObjectFactory(ain, fingerPrintCalculator);
Object o = pgpf.nextObject();
if (o instanceof PGPSignatureList) {
PGPSignatureList list = (PGPSignatureList) o;
if (list.size() > 0) {
PGPSignature sig = list.get(0);
sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), pk);
while ((ch = ain.read()) >= 0 && ain.isClearText()) {
if (newl) {
out.write((byte) '\n');
newl = false;
}
if (ch == '\n') {
newl = true;
continue;
}
out.write((byte) ch);
}
sig.update(out.toByteArray());
verify = sig.verify();
}
}
return verify;
}
Also used :
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
JcaPGPContentVerifierBuilderProvider(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider)
Example 4 with ArmoredInputStream
use of org.bouncycastle.bcpg.ArmoredInputStream in project POL-POM-5 by PhoenicisOrg.
the class SignatureChecker method check.
public Boolean check() {
final PGPPublicKey pgpSigningKey = readPublicKey(new ByteArrayInputStream(publicKey.getBytes()));
final ArmoredInputStream armoredInputStream;
try {
armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(signature.getBytes()));
} catch (IOException e) {
throw new SignatureException("Failed to verify signature", e);
}
final PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream);
try {
final Object nextObject = pgpObjectFactory.nextObject();
PGPSignature pgpSignature = null;
if (nextObject instanceof PGPSignatureList) {
PGPSignatureList list = (PGPSignatureList) nextObject;
if (!list.isEmpty()) {
pgpSignature = list.get(0);
}
}
if (pgpSignature == null) {
return false;
}
initVerify(pgpSignature, pgpSigningKey);
pgpSignature.update(signedData.getBytes());
return pgpSignature.verify();
} catch (IOException | PGPException | NoSuchProviderException | java.security.SignatureException e) {
throw new SignatureException("Failed to verify signature", e);
}
}
Also used :
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 5 with ArmoredInputStream
use of org.bouncycastle.bcpg.ArmoredInputStream in project phoenicis by PhoenicisOrg.
the class SignatureChecker method check.
public Boolean check() {
final PGPPublicKey pgpSigningKey = readPublicKey(new ByteArrayInputStream(publicKey.getBytes()));
final ArmoredInputStream armoredInputStream;
try {
armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(signature.getBytes()));
} catch (IOException e) {
throw new SignatureException("Failed to verify signature", e);
}
final PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream);
try {
final Object nextObject = pgpObjectFactory.nextObject();
PGPSignature pgpSignature = null;
if (nextObject instanceof PGPSignatureList) {
PGPSignatureList list = (PGPSignatureList) nextObject;
if (!list.isEmpty()) {
pgpSignature = list.get(0);
}
}
if (pgpSignature == null) {
return false;
}
initVerify(pgpSignature, pgpSigningKey);
pgpSignature.update(signedData.getBytes());
return pgpSignature.verify();
} catch (IOException | PGPException | NoSuchProviderException | java.security.SignatureException e) {
throw new SignatureException("Failed to verify signature", e);
}
}
Also used :
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
NoSuchProviderException(java.security.NoSuchProviderException)
Aggregations
ArmoredInputStream (org.bouncycastle.bcpg.ArmoredInputStream)11
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)5
BcPGPObjectFactory (org.bouncycastle.openpgp.bc.BcPGPObjectFactory)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
InputStream (java.io.InputStream)4
ArrayList (java.util.ArrayList)4
NoSuchProviderException (java.security.NoSuchProviderException)3
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)2
Fingerprint (com.google.gerrit.gpg.Fingerprint)2
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)2
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)2
JcaPGPContentVerifierBuilderProvider (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider)2
IOException (java.io.IOException)1
MalformedURLException (java.net.MalformedURLException)1
Matcher (java.util.regex.Matcher)1
Pattern (java.util.regex.Pattern)1
Mac (javax.crypto.Mac)1
SecretKeySpec (javax.crypto.spec.SecretKeySpec)1
PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)1
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)1
