Examples with ArmoredInputStream - org.bouncycastle.bcpg.ArmoredInputStream

Example 6 with ArmoredInputStream

use of org.bouncycastle.bcpg.ArmoredInputStream in project gerrit by GerritCodeReview.

the class PushCertificateChecker method readSignature.

private PGPSignature readSignature(PushCertificate cert) throws IOException {
    ArmoredInputStream in = new ArmoredInputStream(new ByteArrayInputStream(Constants.encode(cert.getSignature())));
    PGPObjectFactory factory = new BcPGPObjectFactory(in);
    Object obj;
    while ((obj = factory.nextObject()) != null) {
        if (obj instanceof PGPSignatureList) {
            PGPSignatureList sigs = (PGPSignatureList) obj;
            if (!sigs.isEmpty()) {
                return sigs.get(0);
            }
        }
    }
    return null;
}

Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory) PGPSignatureList(org.bouncycastle.openpgp.PGPSignatureList) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory)

Example 7 with ArmoredInputStream

use of org.bouncycastle.bcpg.ArmoredInputStream in project jPOS by jpos.

the class PGPHelper method verifySignature.

private static boolean verifySignature(InputStream in, PGPPublicKey pk) throws IOException, PGPException {
    boolean verify = false;
    boolean newl = false;
    int ch;
    ArmoredInputStream ain = new ArmoredInputStream(in, true);
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    while ((ch = ain.read()) >= 0 && ain.isClearText()) {
        if (newl) {
            out.write((byte) '\n');
            newl = false;
        }
        if (ch == '\n') {
            newl = true;
            continue;
        }
        out.write((byte) ch);
    }
    PGPObjectFactory pgpf = new PGPObjectFactory(ain, fingerPrintCalculator);
    Object o = pgpf.nextObject();
    if (o instanceof PGPSignatureList) {
        PGPSignatureList list = (PGPSignatureList) o;
        if (list.size() > 0) {
            PGPSignature sig = list.get(0);
            sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), pk);
            while ((ch = ain.read()) >= 0 && ain.isClearText()) {
                if (newl) {
                    out.write((byte) '\n');
                    newl = false;
                }
                if (ch == '\n') {
                    newl = true;
                    continue;
                }
                out.write((byte) ch);
            }
            sig.update(out.toByteArray());
            verify = sig.verify();
        }
    }
    return verify;
}

Also used : ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) JcaPGPContentVerifierBuilderProvider(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider)

Example 8 with ArmoredInputStream

use of org.bouncycastle.bcpg.ArmoredInputStream in project POL-POM-5 by PlayOnLinux.

the class SignatureChecker method check.

public Boolean check() {
    final PGPPublicKey pgpSigningKey = readPublicKey(new ByteArrayInputStream(publicKey.getBytes()));
    final ArmoredInputStream armoredInputStream;
    try {
        armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(signature.getBytes()));
    } catch (IOException e) {
        throw new SignatureException("Failed to verify signature", e);
    }
    final PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream);
    try {
        final Object nextObject = pgpObjectFactory.nextObject();
        PGPSignature pgpSignature = null;
        if (nextObject instanceof PGPSignatureList) {
            PGPSignatureList list = (PGPSignatureList) nextObject;
            if (!list.isEmpty()) {
                pgpSignature = list.get(0);
            }
        }
        if (pgpSignature == null) {
            return false;
        }
        initVerify(pgpSignature, pgpSigningKey);
        pgpSignature.update(signedData.getBytes());
        return pgpSignature.verify();
    } catch (IOException | PGPException | NoSuchProviderException | java.security.SignatureException e) {
        throw new SignatureException("Failed to verify signature", e);
    }
}

Also used : ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) NoSuchProviderException(java.security.NoSuchProviderException)

Example 9 with ArmoredInputStream

use of org.bouncycastle.bcpg.ArmoredInputStream in project gerrit by GerritCodeReview.

the class PostGpgKeys method readKeysToAdd.

private ImmutableList<PGPPublicKeyRing> readKeysToAdd(GpgKeysInput input, Collection<Fingerprint> toRemove) throws BadRequestException, IOException {
    if (input.add == null || input.add.isEmpty()) {
        return ImmutableList.of();
    }
    List<PGPPublicKeyRing> keyRings = new ArrayList<>(input.add.size());
    for (String armored : input.add) {
        try (InputStream in = new ByteArrayInputStream(armored.getBytes(UTF_8));
            ArmoredInputStream ain = new ArmoredInputStream(in)) {
            @SuppressWarnings("unchecked") List<Object> objs = Lists.newArrayList(new BcPGPObjectFactory(ain));
            if (objs.size() != 1 || !(objs.get(0) instanceof PGPPublicKeyRing)) {
                throw new BadRequestException("Expected exactly one PUBLIC KEY BLOCK");
            }
            PGPPublicKeyRing keyRing = (PGPPublicKeyRing) objs.get(0);
            if (toRemove.contains(new Fingerprint(keyRing.getPublicKey().getFingerprint()))) {
                throw new BadRequestException("Cannot both add and delete key: " + keyToString(keyRing.getPublicKey()));
            }
            keyRings.add(keyRing);
        } catch (PGPRuntimeOperationException e) {
            throw new BadRequestException("Failed to parse GPG keys", e);
        }
    }
    return ImmutableList.copyOf(keyRings);
}

Also used : PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing) Fingerprint(com.google.gerrit.gpg.Fingerprint) PGPRuntimeOperationException(org.bouncycastle.openpgp.PGPRuntimeOperationException) ByteArrayInputStream(java.io.ByteArrayInputStream) ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) InputStream(java.io.InputStream) ArrayList(java.util.ArrayList) PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString) PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString) ByteArrayInputStream(java.io.ByteArrayInputStream) ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory) BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)

Example 10 with ArmoredInputStream

use of org.bouncycastle.bcpg.ArmoredInputStream in project spring-roo by spring-projects.

the class PgpServiceImpl method isResourceSignedBySignature.

public boolean isResourceSignedBySignature(final InputStream resource, InputStream signature) {
    PGPPublicKey publicKey = null;
    PGPSignature pgpSignature = null;
    try {
        if (!(signature instanceof ArmoredInputStream)) {
            signature = new ArmoredInputStream(signature);
        }
        pgpSignature = isSignatureAcceptable(signature).getPgpSignature();
        final PGPPublicKeyRing keyRing = getPublicKey(new PgpKeyId(pgpSignature));
        rememberKey(keyRing);
        publicKey = keyRing.getPublicKey();
        Validate.notNull(publicKey, "Could not obtain public key for signer key ID '%s'", pgpSignature);
        pgpSignature.initVerify(publicKey, "BC");
        // Now verify the signed content
        final byte[] buff = new byte[BUFFER_SIZE];
        int chunk;
        do {
            chunk = resource.read(buff);
            if (chunk > 0) {
                pgpSignature.update(buff, 0, chunk);
            }
        } while (chunk >= 0);
        return pgpSignature.verify();
    } catch (final Exception e) {
        throw new IllegalStateException(e);
    }
}

Also used : PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing) ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) PGPSignature(org.bouncycastle.openpgp.PGPSignature) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException)

Aggregations

ArmoredInputStream (org.bouncycastle.bcpg.ArmoredInputStream)11 PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)5 BcPGPObjectFactory (org.bouncycastle.openpgp.bc.BcPGPObjectFactory)5 ByteArrayInputStream (java.io.ByteArrayInputStream)4 InputStream (java.io.InputStream)4 ArrayList (java.util.ArrayList)4 NoSuchProviderException (java.security.NoSuchProviderException)3 BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)2 Fingerprint (com.google.gerrit.gpg.Fingerprint)2 PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)2 PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)2 JcaPGPContentVerifierBuilderProvider (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider)2 IOException (java.io.IOException)1 MalformedURLException (java.net.MalformedURLException)1 Matcher (java.util.regex.Matcher)1 Pattern (java.util.regex.Pattern)1 Mac (javax.crypto.Mac)1 SecretKeySpec (javax.crypto.spec.SecretKeySpec)1 PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)1 PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)1