Example 1 with PGPPrivateKey
use of org.bouncycastle.openpgp.PGPPrivateKey in project camel by apache.
the class PGPKeyAccessDataFormat method getDecryptedData.
private InputStream getDecryptedData(Exchange exchange, InputStream encryptedStream) throws Exception, PGPException {
PGPObjectFactory pgpFactory = new PGPObjectFactory(encryptedStream, new BcKeyFingerprintCalculator());
Object firstObject = pgpFactory.nextObject();
// the first object might be a PGP marker packet
PGPEncryptedDataList enc = getEcryptedDataList(pgpFactory, firstObject);
if (enc == null) {
throw getFormatException();
}
PGPPublicKeyEncryptedData pbe = null;
PGPPrivateKey key = null;
// find encrypted data for which a private key exists in the secret key ring
for (int i = 0; i < enc.size() && key == null; i++) {
Object encryptedData = enc.get(i);
if (!(encryptedData instanceof PGPPublicKeyEncryptedData)) {
throw getFormatException();
}
pbe = (PGPPublicKeyEncryptedData) encryptedData;
key = secretKeyAccessor.getPrivateKey(exchange, pbe.getKeyID());
if (key != null) {
// take the first key
break;
}
}
if (key == null) {
throw new PGPException("PGP message is encrypted with a key which could not be found in the Secret Keyring.");
}
InputStream encData = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(getProvider()).build(key));
return encData;
}
Also used :
PGPException(org.bouncycastle.openpgp.PGPException)
InputStream(java.io.InputStream)
JcePublicKeyDataDecryptorFactoryBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder)
PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
Example 2 with PGPPrivateKey
use of org.bouncycastle.openpgp.PGPPrivateKey in project camel by apache.
the class PGPKeyAccessDataFormat method createSignatureGenerator.
protected List<PGPSignatureGenerator> createSignatureGenerator(Exchange exchange, OutputStream out) throws Exception {
if (secretKeyAccessor == null) {
return null;
}
List<String> sigKeyUserids = determineSignaturenUserIds(exchange);
List<PGPSecretKeyAndPrivateKeyAndUserId> sigSecretKeysWithPrivateKeyAndUserId = secretKeyAccessor.getSignerKeys(exchange, sigKeyUserids);
if (sigSecretKeysWithPrivateKeyAndUserId.isEmpty()) {
return null;
}
exchange.getOut().setHeader(NUMBER_OF_SIGNING_KEYS, Integer.valueOf(sigSecretKeysWithPrivateKeyAndUserId.size()));
List<PGPSignatureGenerator> sigGens = new ArrayList<PGPSignatureGenerator>();
for (PGPSecretKeyAndPrivateKeyAndUserId sigSecretKeyWithPrivateKeyAndUserId : sigSecretKeysWithPrivateKeyAndUserId) {
PGPPrivateKey sigPrivateKey = sigSecretKeyWithPrivateKeyAndUserId.getPrivateKey();
PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
spGen.setSignerUserID(false, sigSecretKeyWithPrivateKeyAndUserId.getUserId());
int algorithm = sigSecretKeyWithPrivateKeyAndUserId.getSecretKey().getPublicKey().getAlgorithm();
PGPSignatureGenerator sigGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider()));
sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
sigGen.setHashedSubpackets(spGen.generate());
sigGen.generateOnePassVersion(false).encode(out);
sigGens.add(sigGen);
}
return sigGens;
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
JcaPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)
ArrayList(java.util.ArrayList)
PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
Example 3 with PGPPrivateKey
use of org.bouncycastle.openpgp.PGPPrivateKey in project camel by apache.
the class PGPDataFormatUtil method findPrivateKey.
@Deprecated
private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException {
PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput), new BcKeyFingerprintCalculator());
PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput), new BcKeyFingerprintCalculator());
PGPEncryptedDataList enc;
Object o = factory.nextObject();
if (o == null) {
throw new PGPException("Provided input is not encrypted.");
}
if (o instanceof PGPEncryptedDataList) {
enc = (PGPEncryptedDataList) o;
} else {
enc = (PGPEncryptedDataList) factory.nextObject();
}
// nextObject() method reads from the InputStream, so rewind it!
encryptedInput.reset();
Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
PGPPrivateKey privateKey = null;
PGPPublicKeyEncryptedData encryptedData = null;
while (privateKey == null && encryptedDataObjects.hasNext()) {
encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
if (pgpSecKey != null) {
if (passphrase == null && passphraseAccessor != null) {
// get passphrase from accessor
@SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs();
while (passphrase == null && userIDs.hasNext()) {
passphrase = passphraseAccessor.getPassphrase(userIDs.next());
}
}
privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
}
}
if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) {
throw new PGPException("Provided input is encrypted with unknown pair of keys.");
}
return privateKey;
}
Also used :
PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)
PGPException(org.bouncycastle.openpgp.PGPException)
PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey)
PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
Example 4 with PGPPrivateKey
use of org.bouncycastle.openpgp.PGPPrivateKey in project camel by apache.
the class PGPDataFormatTest method createSignature.
private void createSignature(OutputStream out) throws Exception {
PGPSecretKey pgpSec = readSecretKey();
PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(getProvider()).build("sdude".toCharArray()));
PGPSignatureGenerator sGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(pgpSec.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1).setProvider(getProvider()));
sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
BCPGOutputStream bOut = new BCPGOutputStream(out);
InputStream fIn = new ByteArrayInputStream("Test Signature".getBytes("UTF-8"));
int ch;
while ((ch = fIn.read()) >= 0) {
sGen.update((byte) ch);
}
fIn.close();
sGen.generate().encode(bOut);
}
Also used :
PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator)
JcaPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey)
BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
MockEndpoint(org.apache.camel.component.mock.MockEndpoint)
JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)
Example 5 with PGPPrivateKey
use of org.bouncycastle.openpgp.PGPPrivateKey in project camel by apache.
the class DefaultPGPSecretKeyAccessor method getPrivateKey.
@Override
public PGPPrivateKey getPrivateKey(Exchange exchange, long keyId) throws Exception {
Long keyIdLong = Long.valueOf(keyId);
PGPPrivateKey result = keyId2PrivateKey.get(keyIdLong);
if (result == null) {
result = PGPDataFormatUtil.findPrivateKeyWithkeyId(keyId, password, null, provider, pgpSecretKeyring);
if (result != null) {
keyId2PrivateKey.put(keyIdLong, result);
}
}
return result;
}
Also used :
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
Aggregations
PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)8
PGPSecretKey (org.bouncycastle.openpgp.PGPSecretKey)4
JcePBESecretKeyDecryptorBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)4
InputStream (java.io.InputStream)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
ArrayList (java.util.ArrayList)2
PGPEncryptedDataList (org.bouncycastle.openpgp.PGPEncryptedDataList)2
PGPException (org.bouncycastle.openpgp.PGPException)2
PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)2
PGPPublicKeyEncryptedData (org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)2
PGPSecretKeyRing (org.bouncycastle.openpgp.PGPSecretKeyRing)2
PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)2
BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)2
JcaPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)2
MockEndpoint (org.apache.camel.component.mock.MockEndpoint)1
BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1
PGPSecretKeyRingCollection (org.bouncycastle.openpgp.PGPSecretKeyRingCollection)1
PGPSignatureSubpacketGenerator (org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)1
JcePublicKeyDataDecryptorFactoryBuilder (org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder)1
