Search in sources :

Example 1 with PGPSignatureSubpacketGenerator

use of org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator in project camel by apache.

the class PGPKeyAccessDataFormat method createSignatureGenerator.

protected List<PGPSignatureGenerator> createSignatureGenerator(Exchange exchange, OutputStream out) throws Exception {
    if (secretKeyAccessor == null) {
        return null;
    }
    List<String> sigKeyUserids = determineSignaturenUserIds(exchange);
    List<PGPSecretKeyAndPrivateKeyAndUserId> sigSecretKeysWithPrivateKeyAndUserId = secretKeyAccessor.getSignerKeys(exchange, sigKeyUserids);
    if (sigSecretKeysWithPrivateKeyAndUserId.isEmpty()) {
        return null;
    }
    exchange.getOut().setHeader(NUMBER_OF_SIGNING_KEYS, Integer.valueOf(sigSecretKeysWithPrivateKeyAndUserId.size()));
    List<PGPSignatureGenerator> sigGens = new ArrayList<PGPSignatureGenerator>();
    for (PGPSecretKeyAndPrivateKeyAndUserId sigSecretKeyWithPrivateKeyAndUserId : sigSecretKeysWithPrivateKeyAndUserId) {
        PGPPrivateKey sigPrivateKey = sigSecretKeyWithPrivateKeyAndUserId.getPrivateKey();
        PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
        spGen.setSignerUserID(false, sigSecretKeyWithPrivateKeyAndUserId.getUserId());
        int algorithm = sigSecretKeyWithPrivateKeyAndUserId.getSecretKey().getPublicKey().getAlgorithm();
        PGPSignatureGenerator sigGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider()));
        sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
        sigGen.setHashedSubpackets(spGen.generate());
        sigGen.generateOnePassVersion(false).encode(out);
        sigGens.add(sigGen);
    }
    return sigGens;
}
Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) JcaPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder) ArrayList(java.util.ArrayList) PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)

Example 2 with PGPSignatureSubpacketGenerator

use of org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator in project gerrit by GerritCodeReview.

the class PushCertificateCheckerTest method newSignedCert.

private PushCertificate newSignedCert(String nonce, TestKey signingKey, Date now) throws Exception {
    PushCertificateIdent ident = new PushCertificateIdent(signingKey.getFirstUserId(), System.currentTimeMillis(), -7 * 60);
    String payload = "certificate version 0.1\n" + "pusher " + ident.getRaw() + "\n" + "pushee test://localhost/repo.git\n" + "nonce " + nonce + "\n" + "\n" + "0000000000000000000000000000000000000000" + " deadbeefdeadbeefdeadbeefdeadbeefdeadbeef" + " refs/heads/master\n";
    PGPSignatureGenerator gen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(signingKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
    if (now != null) {
        PGPSignatureSubpacketGenerator subGen = new PGPSignatureSubpacketGenerator();
        subGen.setSignatureCreationTime(false, now);
        gen.setHashedSubpackets(subGen.generate());
    }
    gen.init(PGPSignature.BINARY_DOCUMENT, signingKey.getPrivateKey());
    gen.update(payload.getBytes(UTF_8));
    PGPSignature sig = gen.generate();
    ByteArrayOutputStream bout = new ByteArrayOutputStream();
    try (BCPGOutputStream out = new BCPGOutputStream(new ArmoredOutputStream(bout))) {
        sig.encode(out);
    }
    String cert = payload + new String(bout.toByteArray(), UTF_8);
    Reader reader = new InputStreamReader(new ByteArrayInputStream(cert.getBytes(UTF_8)));
    PushCertificateParser parser = new PushCertificateParser(repo, signedPushConfig);
    return parser.parse(reader);
}
Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) PushCertificateParser(org.eclipse.jgit.transport.PushCertificateParser) InputStreamReader(java.io.InputStreamReader) BcPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) PublicKeyStore.keyToString(com.google.gerrit.gpg.PublicKeyStore.keyToString) PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString) PGPSignature(org.bouncycastle.openpgp.PGPSignature) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PushCertificateIdent(org.eclipse.jgit.transport.PushCertificateIdent) ByteArrayInputStream(java.io.ByteArrayInputStream) PGPSignatureSubpacketGenerator(org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)

Aggregations

PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)2 PGPSignatureSubpacketGenerator (org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator)2 PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)1 PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 InputStreamReader (java.io.InputStreamReader)1 Reader (java.io.Reader)1 ArrayList (java.util.ArrayList)1 ArmoredOutputStream (org.bouncycastle.bcpg.ArmoredOutputStream)1 BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1 PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)1 PGPSignature (org.bouncycastle.openpgp.PGPSignature)1 BcPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder)1 JcaPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder)1 PushCertificateIdent (org.eclipse.jgit.transport.PushCertificateIdent)1 PushCertificateParser (org.eclipse.jgit.transport.PushCertificateParser)1