use of org.bouncycastle.openpgp.PGPOnePassSignatureList in project camel by apache.
the class PGPKeyAccessDataFormat method unmarshal.
public Object unmarshal(Exchange exchange, InputStream encryptedStream) throws Exception {
//NOPMD
if (encryptedStream == null) {
return null;
}
InputStream in = null;
InputStream encData = null;
InputStream uncompressedData = null;
InputStream litData = null;
OutputStreamBuilder osb = null;
try {
in = PGPUtil.getDecoderStream(encryptedStream);
encData = getDecryptedData(exchange, in);
PGPObjectFactory pgpFactory = new PGPObjectFactory(encData, new BcKeyFingerprintCalculator());
Object object = pgpFactory.nextObject();
if (object instanceof PGPCompressedData) {
PGPCompressedData comData = (PGPCompressedData) object;
uncompressedData = comData.getDataStream();
pgpFactory = new PGPObjectFactory(uncompressedData, new BcKeyFingerprintCalculator());
object = pgpFactory.nextObject();
} else {
LOG.debug("PGP Message does not contain a Compressed Data Packet");
}
PGPOnePassSignature signature;
if (object instanceof PGPOnePassSignatureList) {
signature = getSignature(exchange, (PGPOnePassSignatureList) object);
object = pgpFactory.nextObject();
} else {
// no signature contained in PGP message
signature = null;
if (SIGNATURE_VERIFICATION_OPTION_REQUIRED.equals(getSignatureVerificationOption())) {
throw new PGPException("PGP message does not contain any signatures although a signature is expected. Either send a PGP message with signature or change the configuration of the PGP decryptor.");
}
}
PGPLiteralData ld;
if (object instanceof PGPLiteralData) {
ld = (PGPLiteralData) object;
} else {
throw getFormatException();
}
litData = ld.getInputStream();
osb = OutputStreamBuilder.withExchange(exchange);
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = litData.read(buffer)) != -1) {
osb.write(buffer, 0, bytesRead);
if (signature != null) {
signature.update(buffer, 0, bytesRead);
}
osb.flush();
}
verifySignature(pgpFactory, signature);
} finally {
IOHelper.close(osb, litData, uncompressedData, encData, in, encryptedStream);
}
return osb.build();
}
use of org.bouncycastle.openpgp.PGPOnePassSignatureList in project incubator-gobblin by apache.
the class GPGFileDecryptor method decryptFile.
/**
* Taking in a file inputstream, keyring inputstream and a passPhrase, generate a decrypted file inputstream.
* @param inputStream file inputstream
* @param keyIn keyring inputstream
* @param passPhrase passPhrase
* @return
* @throws IOException
*/
@SneakyThrows(PGPException.class)
public InputStream decryptFile(InputStream inputStream, InputStream keyIn, String passPhrase) throws IOException {
PGPEncryptedDataList enc = getPGPEncryptedDataList(inputStream);
Iterator it = enc.getEncryptedDataObjects();
PGPPrivateKey sKey = null;
PGPPublicKeyEncryptedData pbe = null;
PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyIn), new BcKeyFingerprintCalculator());
while (sKey == null && it.hasNext()) {
pbe = (PGPPublicKeyEncryptedData) it.next();
sKey = findSecretKey(pgpSec, pbe.getKeyID(), passPhrase);
}
if (sKey == null) {
throw new IllegalArgumentException("secret key for message not found.");
}
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try (InputStream clear = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(sKey))) {
JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
Object pgpfObject = pgpFact.nextObject();
while (pgpfObject != null) {
if (pgpfObject instanceof PGPCompressedData) {
PGPCompressedData cData = (PGPCompressedData) pgpfObject;
pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
pgpfObject = pgpFact.nextObject();
}
if (pgpfObject instanceof PGPLiteralData) {
Streams.pipeAll(((PGPLiteralData) pgpfObject).getInputStream(), outputStream);
} else if (pgpfObject instanceof PGPOnePassSignatureList) {
throw new PGPException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
} else if (pgpfObject instanceof PGPSignatureList) {
throw new PGPException("encrypted message contains PGPSignatureList message - not literal data.");
} else {
throw new PGPException("message is not a simple encrypted file - type unknown.");
}
pgpfObject = pgpFact.nextObject();
}
return new ByteArrayInputStream(outputStream.toByteArray());
} finally {
outputStream.close();
}
}
Aggregations