Examples with PGPObjectFactory org.bouncycastle.openpgp.PGPObjectFactory used on opensource projects

Search in sources :

Example 1 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project camel by apache.

the class PGPKeyAccessDataFormat method getDecryptedData.

private InputStream getDecryptedData(Exchange exchange, InputStream encryptedStream) throws Exception, PGPException {
    PGPObjectFactory pgpFactory = new PGPObjectFactory(encryptedStream, new BcKeyFingerprintCalculator());
    Object firstObject = pgpFactory.nextObject();
    // the first object might be a PGP marker packet 
    PGPEncryptedDataList enc = getEcryptedDataList(pgpFactory, firstObject);
    if (enc == null) {
        throw getFormatException();
    }
    PGPPublicKeyEncryptedData pbe = null;
    PGPPrivateKey key = null;
    // find encrypted data for which a private key exists in the secret key ring
    for (int i = 0; i < enc.size() && key == null; i++) {
        Object encryptedData = enc.get(i);
        if (!(encryptedData instanceof PGPPublicKeyEncryptedData)) {
            throw getFormatException();
        }
        pbe = (PGPPublicKeyEncryptedData) encryptedData;
        key = secretKeyAccessor.getPrivateKey(exchange, pbe.getKeyID());
        if (key != null) {
            // take the first key
            break;
        }
    }
    if (key == null) {
        throw new PGPException("PGP message is encrypted with a key which could not be found in the Secret Keyring.");
    }
    InputStream encData = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(getProvider()).build(key));
    return encData;
}
Also used : PGPException(org.bouncycastle.openpgp.PGPException) InputStream(java.io.InputStream) JcePublicKeyDataDecryptorFactoryBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder) PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList) BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator) PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)

Example 2 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project camel by apache.

the class PGPKeyAccessDataFormat method unmarshal.

public Object unmarshal(Exchange exchange, InputStream encryptedStream) throws Exception {
    //NOPMD
    if (encryptedStream == null) {
        return null;
    }
    InputStream in = null;
    InputStream encData = null;
    InputStream uncompressedData = null;
    InputStream litData = null;
    OutputStreamBuilder osb = null;
    try {
        in = PGPUtil.getDecoderStream(encryptedStream);
        encData = getDecryptedData(exchange, in);
        PGPObjectFactory pgpFactory = new PGPObjectFactory(encData, new BcKeyFingerprintCalculator());
        Object object = pgpFactory.nextObject();
        if (object instanceof PGPCompressedData) {
            PGPCompressedData comData = (PGPCompressedData) object;
            uncompressedData = comData.getDataStream();
            pgpFactory = new PGPObjectFactory(uncompressedData, new BcKeyFingerprintCalculator());
            object = pgpFactory.nextObject();
        } else {
            LOG.debug("PGP Message does not contain a Compressed Data Packet");
        }
        PGPOnePassSignature signature;
        if (object instanceof PGPOnePassSignatureList) {
            signature = getSignature(exchange, (PGPOnePassSignatureList) object);
            object = pgpFactory.nextObject();
        } else {
            // no signature contained in PGP message
            signature = null;
            if (SIGNATURE_VERIFICATION_OPTION_REQUIRED.equals(getSignatureVerificationOption())) {
                throw new PGPException("PGP message does not contain any signatures although a signature is expected. Either send a PGP message with signature or change the configuration of the PGP decryptor.");
            }
        }
        PGPLiteralData ld;
        if (object instanceof PGPLiteralData) {
            ld = (PGPLiteralData) object;
        } else {
            throw getFormatException();
        }
        litData = ld.getInputStream();
        osb = OutputStreamBuilder.withExchange(exchange);
        byte[] buffer = new byte[BUFFER_SIZE];
        int bytesRead;
        while ((bytesRead = litData.read(buffer)) != -1) {
            osb.write(buffer, 0, bytesRead);
            if (signature != null) {
                signature.update(buffer, 0, bytesRead);
            }
            osb.flush();
        }
        verifySignature(pgpFactory, signature);
    } finally {
        IOHelper.close(osb, litData, uncompressedData, encData, in, encryptedStream);
    }
    return osb.build();
}
Also used : PGPException(org.bouncycastle.openpgp.PGPException) PGPOnePassSignatureList(org.bouncycastle.openpgp.PGPOnePassSignatureList) PGPLiteralData(org.bouncycastle.openpgp.PGPLiteralData) InputStream(java.io.InputStream) BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator) PGPOnePassSignature(org.bouncycastle.openpgp.PGPOnePassSignature) OutputStreamBuilder(org.apache.camel.converter.stream.OutputStreamBuilder) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) PGPCompressedData(org.bouncycastle.openpgp.PGPCompressedData)

Example 3 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project camel by apache.

the class PGPDataFormatUtil method findPrivateKey.

@Deprecated
private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException {
    PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput), new BcKeyFingerprintCalculator());
    PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput), new BcKeyFingerprintCalculator());
    PGPEncryptedDataList enc;
    Object o = factory.nextObject();
    if (o == null) {
        throw new PGPException("Provided input is not encrypted.");
    }
    if (o instanceof PGPEncryptedDataList) {
        enc = (PGPEncryptedDataList) o;
    } else {
        enc = (PGPEncryptedDataList) factory.nextObject();
    }
    // nextObject() method reads from the InputStream, so rewind it!
    encryptedInput.reset();
    Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
    PGPPrivateKey privateKey = null;
    PGPPublicKeyEncryptedData encryptedData = null;
    while (privateKey == null && encryptedDataObjects.hasNext()) {
        encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
        PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
        if (pgpSecKey != null) {
            if (passphrase == null && passphraseAccessor != null) {
                // get passphrase from accessor
                @SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs();
                while (passphrase == null && userIDs.hasNext()) {
                    passphrase = passphraseAccessor.getPassphrase(userIDs.next());
                }
            }
            privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
        }
    }
    if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) {
        throw new PGPException("Provided input is encrypted with unknown pair of keys.");
    }
    return privateKey;
}
Also used : PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder) PGPException(org.bouncycastle.openpgp.PGPException) PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection) BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator) PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)

Example 4 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project spring-roo by spring-projects.

the class PgpServiceImpl method isSignatureAcceptable.

public SignatureDecision isSignatureAcceptable(final InputStream signature) throws IOException {
    Validate.notNull(signature, "Signature input stream required");
    PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(signature));
    final Object obj = factory.nextObject();
    Validate.notNull(obj, "Unable to retrieve signature from stream");
    PGPSignatureList p3;
    if (obj instanceof PGPCompressedData) {
        try {
            factory = new PGPObjectFactory(((PGPCompressedData) obj).getDataStream());
        } catch (final Exception e) {
            throw new IllegalStateException(e);
        }
        p3 = (PGPSignatureList) factory.nextObject();
    } else {
        p3 = (PGPSignatureList) obj;
    }
    final PGPSignature pgpSignature = p3.get(0);
    Validate.notNull(pgpSignature, "Unable to retrieve signature from stream");
    final PgpKeyId keyIdInHex = new PgpKeyId(pgpSignature);
    // Special case where we directly store the key ID, as we know it's
    // valid
    discoveredKeyIds.add(keyIdInHex);
    boolean signatureAcceptable = false;
    // Loop to see if the user trusts this key
    for (final PGPPublicKeyRing keyRing : getTrustedKeys()) {
        final PgpKeyId candidate = new PgpKeyId(keyRing.getPublicKey());
        if (candidate.equals(keyIdInHex)) {
            signatureAcceptable = true;
            break;
        }
    }
    if (!signatureAcceptable && automaticTrust) {
        // We don't approve of this signature, but the user has told us it's
        // OK
        trust(keyIdInHex);
        signatureAcceptable = true;
    }
    return new SignatureDecision(pgpSignature, keyIdInHex, signatureAcceptable);
}
Also used : PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing) PGPSignatureList(org.bouncycastle.openpgp.PGPSignatureList) PGPSignature(org.bouncycastle.openpgp.PGPSignature) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) PGPCompressedData(org.bouncycastle.openpgp.PGPCompressedData)

Example 5 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project gerrit by GerritCodeReview.

the class PushCertificateChecker method readSignature.

private PGPSignature readSignature(PushCertificate cert) throws IOException {
    ArmoredInputStream in = new ArmoredInputStream(new ByteArrayInputStream(Constants.encode(cert.getSignature())));
    PGPObjectFactory factory = new BcPGPObjectFactory(in);
    Object obj;
    while ((obj = factory.nextObject()) != null) {
        if (obj instanceof PGPSignatureList) {
            PGPSignatureList sigs = (PGPSignatureList) obj;
            if (!sigs.isEmpty()) {
                return sigs.get(0);
            }
        }
    }
    return null;
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream) BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory) PGPSignatureList(org.bouncycastle.openpgp.PGPSignatureList) PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory) BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory)

Aggregations

PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)9 PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)5 BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)5 InputStream (java.io.InputStream)4 PGPException (org.bouncycastle.openpgp.PGPException)4 PGPSignatureList (org.bouncycastle.openpgp.PGPSignatureList)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 IOException (java.io.IOException)2 MalformedURLException (java.net.MalformedURLException)2 PGPCompressedData (org.bouncycastle.openpgp.PGPCompressedData)2 PGPEncryptedDataList (org.bouncycastle.openpgp.PGPEncryptedDataList)2 PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)2 PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)2 PGPPublicKeyEncryptedData (org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)2 PGPSignature (org.bouncycastle.openpgp.PGPSignature)2 BufferedInputStream (java.io.BufferedInputStream)1 DataInputStream (java.io.DataInputStream)1 FileInputStream (java.io.FileInputStream)1 SignatureException (java.security.SignatureException)1 OutputStreamBuilder (org.apache.camel.converter.stream.OutputStreamBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial