Example 1 with PGPOnePassSignatureList
use of org.bouncycastle.openpgp.PGPOnePassSignatureList in project camel by apache.
the class PGPKeyAccessDataFormat method unmarshal.
public Object unmarshal(Exchange exchange, InputStream encryptedStream) throws Exception {
//NOPMD
if (encryptedStream == null) {
return null;
}
InputStream in = null;
InputStream encData = null;
InputStream uncompressedData = null;
InputStream litData = null;
OutputStreamBuilder osb = null;
try {
in = PGPUtil.getDecoderStream(encryptedStream);
encData = getDecryptedData(exchange, in);
PGPObjectFactory pgpFactory = new PGPObjectFactory(encData, new BcKeyFingerprintCalculator());
Object object = pgpFactory.nextObject();
if (object instanceof PGPCompressedData) {
PGPCompressedData comData = (PGPCompressedData) object;
uncompressedData = comData.getDataStream();
pgpFactory = new PGPObjectFactory(uncompressedData, new BcKeyFingerprintCalculator());
object = pgpFactory.nextObject();
} else {
LOG.debug("PGP Message does not contain a Compressed Data Packet");
}
PGPOnePassSignature signature;
if (object instanceof PGPOnePassSignatureList) {
signature = getSignature(exchange, (PGPOnePassSignatureList) object);
object = pgpFactory.nextObject();
} else {
// no signature contained in PGP message
signature = null;
if (SIGNATURE_VERIFICATION_OPTION_REQUIRED.equals(getSignatureVerificationOption())) {
throw new PGPException("PGP message does not contain any signatures although a signature is expected. Either send a PGP message with signature or change the configuration of the PGP decryptor.");
}
}
PGPLiteralData ld;
if (object instanceof PGPLiteralData) {
ld = (PGPLiteralData) object;
} else {
throw getFormatException();
}
litData = ld.getInputStream();
osb = OutputStreamBuilder.withExchange(exchange);
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = litData.read(buffer)) != -1) {
osb.write(buffer, 0, bytesRead);
if (signature != null) {
signature.update(buffer, 0, bytesRead);
}
osb.flush();
}
verifySignature(pgpFactory, signature);
} finally {
IOHelper.close(osb, litData, uncompressedData, encData, in, encryptedStream);
}
return osb.build();
}
Also used :
PGPException(org.bouncycastle.openpgp.PGPException)
PGPOnePassSignatureList(org.bouncycastle.openpgp.PGPOnePassSignatureList)
PGPLiteralData(org.bouncycastle.openpgp.PGPLiteralData)
InputStream(java.io.InputStream)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPOnePassSignature(org.bouncycastle.openpgp.PGPOnePassSignature)
OutputStreamBuilder(org.apache.camel.converter.stream.OutputStreamBuilder)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
PGPCompressedData(org.bouncycastle.openpgp.PGPCompressedData)
Example 2 with PGPOnePassSignatureList
use of org.bouncycastle.openpgp.PGPOnePassSignatureList in project incubator-gobblin by apache.
the class GPGFileDecryptor method decryptFile.
/**
* Taking in a file inputstream, keyring inputstream and a passPhrase, generate a decrypted file inputstream.
* @param inputStream file inputstream
* @param keyIn keyring inputstream
* @param passPhrase passPhrase
* @return
* @throws IOException
*/
@SneakyThrows(PGPException.class)
public InputStream decryptFile(InputStream inputStream, InputStream keyIn, String passPhrase) throws IOException {
PGPEncryptedDataList enc = getPGPEncryptedDataList(inputStream);
Iterator it = enc.getEncryptedDataObjects();
PGPPrivateKey sKey = null;
PGPPublicKeyEncryptedData pbe = null;
PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyIn), new BcKeyFingerprintCalculator());
while (sKey == null && it.hasNext()) {
pbe = (PGPPublicKeyEncryptedData) it.next();
sKey = findSecretKey(pgpSec, pbe.getKeyID(), passPhrase);
}
if (sKey == null) {
throw new IllegalArgumentException("secret key for message not found.");
}
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try (InputStream clear = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(sKey))) {
JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
Object pgpfObject = pgpFact.nextObject();
while (pgpfObject != null) {
if (pgpfObject instanceof PGPCompressedData) {
PGPCompressedData cData = (PGPCompressedData) pgpfObject;
pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
pgpfObject = pgpFact.nextObject();
}
if (pgpfObject instanceof PGPLiteralData) {
Streams.pipeAll(((PGPLiteralData) pgpfObject).getInputStream(), outputStream);
} else if (pgpfObject instanceof PGPOnePassSignatureList) {
throw new PGPException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
} else if (pgpfObject instanceof PGPSignatureList) {
throw new PGPException("encrypted message contains PGPSignatureList message - not literal data.");
} else {
throw new PGPException("message is not a simple encrypted file - type unknown.");
}
pgpfObject = pgpFact.nextObject();
}
return new ByteArrayInputStream(outputStream.toByteArray());
} finally {
outputStream.close();
}
}
Also used :
PGPOnePassSignatureList(org.bouncycastle.openpgp.PGPOnePassSignatureList)
PGPLiteralData(org.bouncycastle.openpgp.PGPLiteralData)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
JcePublicKeyDataDecryptorFactoryBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder)
PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList)
PGPSignatureList(org.bouncycastle.openpgp.PGPSignatureList)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
PGPCompressedData(org.bouncycastle.openpgp.PGPCompressedData)
PGPException(org.bouncycastle.openpgp.PGPException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Iterator(java.util.Iterator)
PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
JcaPGPObjectFactory(org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory)
SneakyThrows(lombok.SneakyThrows)
Aggregations
InputStream (java.io.InputStream)2
PGPCompressedData (org.bouncycastle.openpgp.PGPCompressedData)2
PGPException (org.bouncycastle.openpgp.PGPException)2
PGPLiteralData (org.bouncycastle.openpgp.PGPLiteralData)2
PGPOnePassSignatureList (org.bouncycastle.openpgp.PGPOnePassSignatureList)2
BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)2
ByteArrayInputStream (java.io.ByteArrayInputStream)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
Iterator (java.util.Iterator)1
SneakyThrows (lombok.SneakyThrows)1
OutputStreamBuilder (org.apache.camel.converter.stream.OutputStreamBuilder)1
PGPEncryptedDataList (org.bouncycastle.openpgp.PGPEncryptedDataList)1
PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)1
PGPOnePassSignature (org.bouncycastle.openpgp.PGPOnePassSignature)1
PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)1
PGPPublicKeyEncryptedData (org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)1
PGPSecretKeyRingCollection (org.bouncycastle.openpgp.PGPSecretKeyRingCollection)1
PGPSignatureList (org.bouncycastle.openpgp.PGPSignatureList)1
JcaPGPObjectFactory (org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory)1
JcePublicKeyDataDecryptorFactoryBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder)1
