use of org.bouncycastle.openpgp.PGPOnePassSignature in project camel by apache.
the class PGPKeyAccessDataFormat method getSignature.
protected PGPOnePassSignature getSignature(Exchange exchange, PGPOnePassSignatureList signatureList) throws Exception {
if (SIGNATURE_VERIFICATION_OPTION_IGNORE.equals(getSignatureVerificationOption())) {
return null;
}
if (SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.equals(getSignatureVerificationOption())) {
throw new PGPException("PGP message contains a signature although a signature is not expected. Either change the configuration of the PGP decryptor or send a PGP message with no signature.");
}
List<String> allowedUserIds = determineSignaturenUserIds(exchange);
for (int i = 0; i < signatureList.size(); i++) {
PGPOnePassSignature signature = signatureList.get(i);
// Determine public key from signature keyId
PGPPublicKey sigPublicKey = publicKeyAccessor.getPublicKey(exchange, signature.getKeyID(), allowedUserIds);
if (sigPublicKey == null) {
continue;
}
// choose that signature for which a public key exists!
signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getProvider()), sigPublicKey);
return signature;
}
if (signatureList.isEmpty()) {
return null;
} else {
throw new IllegalArgumentException("Cannot verify the PGP signature: No public key found for the key ID(s) contained in the PGP signature(s). " + "Either the received PGP message contains a signature from an unexpected sender or the Public Keyring does not contain the public key of the sender.");
}
}
use of org.bouncycastle.openpgp.PGPOnePassSignature in project camel by apache.
the class PGPKeyAccessDataFormat method unmarshal.
public Object unmarshal(Exchange exchange, InputStream encryptedStream) throws Exception {
//NOPMD
if (encryptedStream == null) {
return null;
}
InputStream in = null;
InputStream encData = null;
InputStream uncompressedData = null;
InputStream litData = null;
OutputStreamBuilder osb = null;
try {
in = PGPUtil.getDecoderStream(encryptedStream);
encData = getDecryptedData(exchange, in);
PGPObjectFactory pgpFactory = new PGPObjectFactory(encData, new BcKeyFingerprintCalculator());
Object object = pgpFactory.nextObject();
if (object instanceof PGPCompressedData) {
PGPCompressedData comData = (PGPCompressedData) object;
uncompressedData = comData.getDataStream();
pgpFactory = new PGPObjectFactory(uncompressedData, new BcKeyFingerprintCalculator());
object = pgpFactory.nextObject();
} else {
LOG.debug("PGP Message does not contain a Compressed Data Packet");
}
PGPOnePassSignature signature;
if (object instanceof PGPOnePassSignatureList) {
signature = getSignature(exchange, (PGPOnePassSignatureList) object);
object = pgpFactory.nextObject();
} else {
// no signature contained in PGP message
signature = null;
if (SIGNATURE_VERIFICATION_OPTION_REQUIRED.equals(getSignatureVerificationOption())) {
throw new PGPException("PGP message does not contain any signatures although a signature is expected. Either send a PGP message with signature or change the configuration of the PGP decryptor.");
}
}
PGPLiteralData ld;
if (object instanceof PGPLiteralData) {
ld = (PGPLiteralData) object;
} else {
throw getFormatException();
}
litData = ld.getInputStream();
osb = OutputStreamBuilder.withExchange(exchange);
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = litData.read(buffer)) != -1) {
osb.write(buffer, 0, bytesRead);
if (signature != null) {
signature.update(buffer, 0, bytesRead);
}
osb.flush();
}
verifySignature(pgpFactory, signature);
} finally {
IOHelper.close(osb, litData, uncompressedData, encData, in, encryptedStream);
}
return osb.build();
}
Aggregations