Examples with PGPObjectFactory org.bouncycastle.openpgp.PGPObjectFactory used on opensource projects

Example 6 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project gradle by gradle.

the class PublicKeySerializer method read.

@Override
public PGPPublicKey read(Decoder decoder) throws Exception {
    byte[] encoded = decoder.readBinary();
    PGPObjectFactory objectFactory = new PGPObjectFactory(PGPUtil.getDecoderStream(new ByteArrayInputStream(encoded)), new BcKeyFingerprintCalculator());
    Object object = objectFactory.nextObject();
    if (object instanceof PGPPublicKey) {
        return (PGPPublicKey) object;
    } else if (object instanceof PGPPublicKeyRing) {
        return ((PGPPublicKeyRing) object).getPublicKey();
    }
    throw new IllegalStateException("Unexpected key in cache: " + object.getClass());
}

Example 7 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project bisq-desktop by bisq-network.

the class BisqInstaller method verifySignature.

/**
 * Verifies detached PGP signatures against GPG/openPGP RSA public keys. Does currently not work with openssl or JCA/JCE keys.
 *
 * @param pubKeyFile Path to file providing the public key to use
 * @param sigFile    Path to detached signature file
 * @param dataFile   Path to signed data file
 * @return {@code true} if signature is valid, {@code false} if signature is not valid
 * @throws Exception throws various exceptions in case something went wrong. Main reason should be that key or
 *                   signature could be extracted from the provided files due to a "bad" format.<br>
 *                   <code>FileNotFoundException, IOException, SignatureException, PGPException</code>
 */
public static VerifyStatusEnum verifySignature(File pubKeyFile, File sigFile, File dataFile) throws Exception {
    InputStream inputStream;
    int bytesRead;
    PGPPublicKey publicKey;
    PGPSignature pgpSignature;
    boolean result;
    // Read keys from file
    inputStream = PGPUtil.getDecoderStream(new FileInputStream(pubKeyFile));
    PGPPublicKeyRingCollection publicKeyRingCollection = new PGPPublicKeyRingCollection(inputStream, new JcaKeyFingerprintCalculator());
    inputStream.close();
    Iterator<PGPPublicKeyRing> iterator = publicKeyRingCollection.getKeyRings();
    PGPPublicKeyRing pgpPublicKeyRing;
    if (iterator.hasNext()) {
        pgpPublicKeyRing = iterator.next();
    } else {
        throw new PGPException("Could not find public keyring in provided key file");
    }
    // Would be the solution for multiple keys in one file
    // Iterator<PGPPublicKey> kIt;
    // kIt = pgpPublicKeyRing.getPublicKeys();
    // publicKey = pgpPublicKeyRing.getPublicKey(0xF5B84436F379A1C6L);
    // Read signature from file
    inputStream = PGPUtil.getDecoderStream(new FileInputStream(sigFile));
    PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(inputStream, new JcaKeyFingerprintCalculator());
    Object o = pgpObjectFactory.nextObject();
    if (o instanceof PGPSignatureList) {
        PGPSignatureList signatureList = (PGPSignatureList) o;
        checkArgument(!signatureList.isEmpty(), "signatureList must not be empty");
        pgpSignature = signatureList.get(0);
    } else if (o instanceof PGPSignature) {
        pgpSignature = (PGPSignature) o;
    } else {
        throw new SignatureException("Could not find signature in provided signature file");
    }
    inputStream.close();
    log.debug("KeyID used in signature: %X\n", pgpSignature.getKeyID());
    publicKey = pgpPublicKeyRing.getPublicKey(pgpSignature.getKeyID());
    // If signature is not matching the key used for signing we fail
    if (publicKey == null)
        return VerifyStatusEnum.FAIL;
    log.debug("The ID of the selected key is %X\n", publicKey.getKeyID());
    pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    // Read file to verify
    byte[] data = new byte[1024];
    inputStream = new DataInputStream(new BufferedInputStream(new FileInputStream(dataFile)));
    while (true) {
        bytesRead = inputStream.read(data, 0, 1024);
        if (bytesRead == -1)
            break;
        pgpSignature.update(data, 0, bytesRead);
    }
    inputStream.close();
    // Verify the signature
    result = pgpSignature.verify();
    return result ? VerifyStatusEnum.OK : VerifyStatusEnum.FAIL;
}

Example 8 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project spring-roo by spring-projects.

the class PgpServiceImpl method getPublicKey.

public PGPPublicKeyRing getPublicKey(final InputStream in) {
    Object obj;
    try {
        final PGPObjectFactory pgpFact = new PGPObjectFactory(PGPUtil.getDecoderStream(in));
        obj = pgpFact.nextObject();
    } catch (final Exception e) {
        throw new IllegalStateException(e);
    }
    if (obj instanceof PGPPublicKeyRing) {
        final PGPPublicKeyRing keyRing = (PGPPublicKeyRing) obj;
        rememberKey(keyRing);
        return keyRing;
    }
    throw new IllegalStateException("Pblic key not available");
}

Example 9 with PGPObjectFactory

use of org.bouncycastle.openpgp.PGPObjectFactory in project gradle by gradle.

the class PublicKeyDownloadService method extractKeyRing.

private void extractKeyRing(InputStream stream, PublicKeyResultBuilder builder, Consumer<? super PGPPublicKeyRing> onKeyring) throws IOException {
    try (InputStream decoderStream = PGPUtil.getDecoderStream(stream)) {
        PGPObjectFactory objectFactory = new PGPObjectFactory(decoderStream, new BcKeyFingerprintCalculator());
        PGPPublicKeyRing keyring = (PGPPublicKeyRing) objectFactory.nextObject();
        onKeyring.accept(keyring);
        builder.keyRing(keyring);
    }
}