Examples with PGPPublicKeyRing org.bouncycastle.openpgp.PGPPublicKeyRing used on opensource projects
Example 1 with PGPPublicKeyRing
use of org.bouncycastle.openpgp.PGPPublicKeyRing in project camel by apache.
the class PGPDataFormatUtil method findPublicKeys.
public static List<PGPPublicKey> findPublicKeys(List<String> useridParts, boolean forEncryption, PGPPublicKeyRingCollection pgpPublicKeyringCollection) {
List<PGPPublicKey> result = new ArrayList<PGPPublicKey>(useridParts.size());
for (Iterator<PGPPublicKeyRing> keyRingIter = pgpPublicKeyringCollection.getKeyRings(); keyRingIter.hasNext(); ) {
PGPPublicKeyRing keyRing = keyRingIter.next();
PGPPublicKey primaryKey = keyRing.getPublicKey();
String[] foundKeyUserIdForUserIdPart = findFirstKeyUserIdContainingOneOfTheParts(useridParts, primaryKey);
if (foundKeyUserIdForUserIdPart == null) {
LOG.debug("No User ID found in primary key with key ID {} containing one of the parts {}", primaryKey.getKeyID(), useridParts);
continue;
}
LOG.debug("User ID {} found in primary key with key ID {} containing one of the parts {}", new Object[] { foundKeyUserIdForUserIdPart[0], primaryKey.getKeyID(), useridParts });
// add adequate keys to the result
for (Iterator<PGPPublicKey> keyIter = keyRing.getPublicKeys(); keyIter.hasNext(); ) {
PGPPublicKey key = keyIter.next();
if (forEncryption) {
if (isEncryptionKey(key)) {
LOG.debug("Public encryption key with key user ID {} and key ID {} added to the encryption keys", foundKeyUserIdForUserIdPart[0], Long.toString(key.getKeyID()));
result.add(key);
}
} else if (!forEncryption && isSignatureKey(key)) {
// not used!
result.add(key);
LOG.debug("Public key with key user ID {} and key ID {} added to the signing keys", foundKeyUserIdForUserIdPart[0], Long.toString(key.getKeyID()));
}
}
}
return result;
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
ArrayList(java.util.ArrayList)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
Example 2 with PGPPublicKeyRing
use of org.bouncycastle.openpgp.PGPPublicKeyRing in project keywhiz by square.
the class ExpirationExtractor method expirationFromOpenPGP.
@Nullable
public static Instant expirationFromOpenPGP(byte[] content) {
JcaPGPPublicKeyRingCollection collection;
try {
collection = new JcaPGPPublicKeyRingCollection(new ByteArrayInputStream(content));
} catch (IOException | PGPException e) {
// Unable to parse
logger.info("Failed to parse OpenPGP keyring", e);
return null;
}
Instant earliest = null;
// Iterate over all key rings in file
Iterator rings = collection.getKeyRings();
while (rings.hasNext()) {
Object ringItem = rings.next();
if (ringItem instanceof PGPPublicKeyRing) {
PGPPublicKeyRing ring = (PGPPublicKeyRing) ringItem;
// Iterate over all keys in ring
Iterator keys = ring.getPublicKeys();
while (keys.hasNext()) {
Object keyItem = keys.next();
if (keyItem instanceof PGPPublicKey) {
PGPPublicKey key = (PGPPublicKey) keyItem;
// Get validity for key (zero means no expiry)
long validSeconds = key.getValidSeconds();
if (validSeconds > 0) {
Instant expiry = key.getCreationTime().toInstant().plusSeconds(validSeconds);
if (earliest == null || expiry.isBefore(earliest)) {
earliest = expiry;
}
}
}
}
}
}
return earliest;
}
Also used :
PGPException(org.bouncycastle.openpgp.PGPException)
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Instant(java.time.Instant)
Iterator(java.util.Iterator)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
PemObject(org.bouncycastle.util.io.pem.PemObject)
IOException(java.io.IOException)
JcaPGPPublicKeyRingCollection(org.bouncycastle.openpgp.jcajce.JcaPGPPublicKeyRingCollection)
Nullable(javax.annotation.Nullable)
Example 3 with PGPPublicKeyRing
use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.
the class GpgKeys method parse.
@Override
public GpgKey parse(AccountResource parent, IdString id) throws ResourceNotFoundException, PGPException, OrmException, IOException {
checkVisible(self, parent);
String str = CharMatcher.whitespace().removeFrom(id.get()).toUpperCase();
if ((str.length() != 8 && str.length() != 40) || !CharMatcher.anyOf("0123456789ABCDEF").matchesAllOf(str)) {
throw new ResourceNotFoundException(id);
}
byte[] fp = parseFingerprint(id.get(), getGpgExtIds(parent));
try (PublicKeyStore store = storeProvider.get()) {
long keyId = keyId(fp);
for (PGPPublicKeyRing keyRing : store.get(keyId)) {
PGPPublicKey key = keyRing.getPublicKey();
if (Arrays.equals(key.getFingerprint(), fp)) {
return new GpgKey(parent.getUser(), keyRing);
}
}
}
throw new ResourceNotFoundException(id);
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
PublicKeyStore(com.google.gerrit.gpg.PublicKeyStore)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
IdString(com.google.gerrit.extensions.restapi.IdString)
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
Example 4 with PGPPublicKeyRing
use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.
the class PostGpgKeys method toJson.
private Map<String, GpgKeyInfo> toJson(Collection<PGPPublicKeyRing> keys, Set<Fingerprint> deleted, PublicKeyStore store, IdentifiedUser user) throws IOException {
// Unlike when storing keys, include web-of-trust checks when producing
// result JSON, so the user at least knows of any issues.
PublicKeyChecker checker = checkerFactory.create(user, store);
Map<String, GpgKeyInfo> infos = Maps.newHashMapWithExpectedSize(keys.size() + deleted.size());
for (PGPPublicKeyRing keyRing : keys) {
PGPPublicKey key = keyRing.getPublicKey();
CheckResult result = checker.check(key);
GpgKeyInfo info = GpgKeys.toJson(key, result);
infos.put(info.id, info);
info.id = null;
}
for (Fingerprint fp : deleted) {
infos.put(keyIdToString(fp.getId()), new GpgKeyInfo());
}
return infos;
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
Fingerprint(com.google.gerrit.gpg.Fingerprint)
CheckResult(com.google.gerrit.gpg.CheckResult)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
GerritPublicKeyChecker(com.google.gerrit.gpg.GerritPublicKeyChecker)
PublicKeyChecker(com.google.gerrit.gpg.PublicKeyChecker)
GpgKeyInfo(com.google.gerrit.extensions.common.GpgKeyInfo)
Example 5 with PGPPublicKeyRing
use of org.bouncycastle.openpgp.PGPPublicKeyRing in project gerrit by GerritCodeReview.
the class PostGpgKeys method readKeysToAdd.
private List<PGPPublicKeyRing> readKeysToAdd(Input input, Set<Fingerprint> toRemove) throws BadRequestException, IOException {
if (input.add == null || input.add.isEmpty()) {
return ImmutableList.of();
}
List<PGPPublicKeyRing> keyRings = new ArrayList<>(input.add.size());
for (String armored : input.add) {
try (InputStream in = new ByteArrayInputStream(armored.getBytes(UTF_8));
ArmoredInputStream ain = new ArmoredInputStream(in)) {
@SuppressWarnings("unchecked") List<Object> objs = Lists.newArrayList(new BcPGPObjectFactory(ain));
if (objs.size() != 1 || !(objs.get(0) instanceof PGPPublicKeyRing)) {
throw new BadRequestException("Expected exactly one PUBLIC KEY BLOCK");
}
PGPPublicKeyRing keyRing = (PGPPublicKeyRing) objs.get(0);
if (toRemove.contains(new Fingerprint(keyRing.getPublicKey().getFingerprint()))) {
throw new BadRequestException("Cannot both add and delete key: " + keyToString(keyRing.getPublicKey()));
}
keyRings.add(keyRing);
}
}
return keyRings;
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
Fingerprint(com.google.gerrit.gpg.Fingerprint)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
BcPGPObjectFactory(org.bouncycastle.openpgp.bc.BcPGPObjectFactory)
BadRequestException(com.google.gerrit.extensions.restapi.BadRequestException)
Aggregations
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)20
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)12
ArrayList (java.util.ArrayList)7
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)6
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)5
Fingerprint (com.google.gerrit.gpg.Fingerprint)4
PublicKeyStore (com.google.gerrit.gpg.PublicKeyStore)4
TestKey (com.google.gerrit.gpg.testutil.TestKey)4
ByteArrayInputStream (java.io.ByteArrayInputStream)4
InputStream (java.io.InputStream)4
PGPPublicKeyRingCollection (org.bouncycastle.openpgp.PGPPublicKeyRingCollection)4
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)3
CheckResult (com.google.gerrit.gpg.CheckResult)3
BcPGPContentVerifierBuilderProvider (org.bouncycastle.openpgp.operator.bc.BcPGPContentVerifierBuilderProvider)3
RefUpdate (org.eclipse.jgit.lib.RefUpdate)3
Test (org.junit.Test)3
EmailException (com.google.gerrit.common.errors.EmailException)2
GpgKeyInfo (com.google.gerrit.extensions.common.GpgKeyInfo)2
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)2
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)2
