Search in sources :

Example 6 with ArmoredOutputStream

use of org.bouncycastle.bcpg.ArmoredOutputStream in project ant-ivy by apache.

the class OpenPGPSignatureGenerator method sign.

public void sign(File src, File dest) throws IOException {
    OutputStream out = null;
    InputStream in = null;
    InputStream keyIn = null;
    try {
        if (secring == null) {
            secring = System.getProperty("user.home") + "/.gnupg/secring.gpg";
        }
        if (pgpSec == null) {
            keyIn = new FileInputStream(secring);
            pgpSec = readSecretKey(keyIn);
        }
        PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(password.toCharArray());
        PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor);
        PGPSignatureGenerator sGen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
        sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
        in = new FileInputStream(src);
        out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest)));
        int ch = 0;
        while ((ch = in.read()) >= 0) {
            sGen.update((byte) ch);
        }
        sGen.generate().encode(out);
    } catch (PGPException e) {
        throw new IOException(e);
    } finally {
        if (out != null) {
            try {
                out.close();
            } catch (IOException e) {
            }
        }
        if (in != null) {
            try {
                in.close();
            } catch (IOException e) {
            }
        }
        if (keyIn != null) {
            try {
                keyIn.close();
            } catch (IOException e) {
            }
        }
    }
}
Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) PBESecretKeyDecryptor(org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor) BcPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) BcPGPDigestCalculatorProvider(org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) IOException(java.io.IOException) FileInputStream(java.io.FileInputStream) PGPException(org.bouncycastle.openpgp.PGPException) FileOutputStream(java.io.FileOutputStream) BcPBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)

Example 7 with ArmoredOutputStream

use of org.bouncycastle.bcpg.ArmoredOutputStream in project gerrit by GerritCodeReview.

the class PushCertificateCheckerTest method newSignedCert.

private PushCertificate newSignedCert(String nonce, TestKey signingKey, Date now) throws Exception {
    PushCertificateIdent ident = new PushCertificateIdent(signingKey.getFirstUserId(), System.currentTimeMillis(), -7 * 60);
    String payload = "certificate version 0.1\n" + "pusher " + ident.getRaw() + "\n" + "pushee test://localhost/repo.git\n" + "nonce " + nonce + "\n" + "\n" + "0000000000000000000000000000000000000000" + " deadbeefdeadbeefdeadbeefdeadbeefdeadbeef" + " refs/heads/master\n";
    PGPSignatureGenerator gen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
    if (now != null) {
        PGPSignatureSubpacketGenerator subGen = new PGPSignatureSubpacketGenerator();
        subGen.setSignatureCreationTime(false, now);
        gen.setHashedSubpackets(subGen.generate());
    }
    gen.init(PGPSignature.BINARY_DOCUMENT, signingKey.getPrivateKey());
    gen.update(payload.getBytes(UTF_8));
    PGPSignature sig = gen.generate();
    ByteArrayOutputStream bout = new ByteArrayOutputStream();
    try (BCPGOutputStream out = new BCPGOutputStream(new ArmoredOutputStream(bout))) {
        sig.encode(out);
    }
    String cert = payload + new String(bout.toByteArray(), UTF_8);
    Reader reader = new InputStreamReader(new ByteArrayInputStream(cert.getBytes(UTF_8)), UTF_8);
    PushCertificateParser parser = new PushCertificateParser(repo, signedPushConfig);
    return parser.parse(reader);
}
Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) PushCertificateParser(org.eclipse.jgit.transport.PushCertificateParser) InputStreamReader(java.io.InputStreamReader) BcPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString) PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString) PGPSignature(org.bouncycastle.openpgp.PGPSignature) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PushCertificateIdent(org.eclipse.jgit.transport.PushCertificateIdent) ByteArrayInputStream(java.io.ByteArrayInputStream) PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)

Aggregations

ArmoredOutputStream (org.bouncycastle.bcpg.ArmoredOutputStream)7 OutputStream (java.io.OutputStream)4 PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)3 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 FileOutputStream (java.io.FileOutputStream)2 InputStream (java.io.InputStream)2 SecureRandom (java.security.SecureRandom)2 Date (java.util.Date)2 BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)2 PGPCompressedDataGenerator (org.bouncycastle.openpgp.PGPCompressedDataGenerator)2 PGPEncryptedDataGenerator (org.bouncycastle.openpgp.PGPEncryptedDataGenerator)2 PGPLiteralDataGenerator (org.bouncycastle.openpgp.PGPLiteralDataGenerator)2 PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)2 BcPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder)2 JcePGPDataEncryptorBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePGPDataEncryptorBuilder)2 GpgKeyInfo (com.google.gerrit.extensions.common.GpgKeyInfo)1 IdString (com.google.gerrit.extensions.restapi.IdString)1 PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)1 PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)1 BufferedOutputStream (java.io.BufferedOutputStream)1