Examples with PBESecretKeyDecryptor - org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor

Example 1 with PBESecretKeyDecryptor

use of org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor in project nifi by apache.

the class OpenPGPKeyBasedEncryptor method getDecryptedPrivateKey.

private static PGPPrivateKey getDecryptedPrivateKey(String provider, String secretKeyringFile, long keyId, char[] passphrase) throws IOException, PGPException {
    // Read in from the secret keyring file
    try (FileInputStream keyInputStream = new FileInputStream(secretKeyringFile)) {
        // Form the SecretKeyRing collection (1.53 way with fingerprint calculator)
        PGPSecretKeyRingCollection pgpSecretKeyRingCollection = new PGPSecretKeyRingCollection(keyInputStream, new BcKeyFingerprintCalculator());
        // The decryptor is identical for all keys
        final PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase);
        // Iterate over all secret keyrings
        Iterator<PGPSecretKeyRing> keyringIterator = pgpSecretKeyRingCollection.getKeyRings();
        PGPSecretKeyRing keyRing;
        PGPSecretKey secretKey;
        while (keyringIterator.hasNext()) {
            keyRing = keyringIterator.next();
            // If keyId exists, get a specific secret key; else, iterate over all
            if (keyId != 0) {
                secretKey = keyRing.getSecretKey(keyId);
                try {
                    return secretKey.extractPrivateKey(decryptor);
                } catch (Exception e) {
                    throw new PGPException("No private key available using passphrase", e);
                }
            } else {
                Iterator<PGPSecretKey> keyIterator = keyRing.getSecretKeys();
                while (keyIterator.hasNext()) {
                    secretKey = keyIterator.next();
                    try {
                        return secretKey.extractPrivateKey(decryptor);
                    } catch (Exception e) {
                    // TODO: Log (expected) failures?
                    }
                }
            }
        }
    }
    // If this point is reached, no private key could be extracted with the given passphrase
    throw new PGPException("No private key available using passphrase");
}

Also used : PGPException(org.bouncycastle.openpgp.PGPException) PBESecretKeyDecryptor(org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor) PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey) PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection) BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator) PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing) FileInputStream(java.io.FileInputStream) ProcessException(org.apache.nifi.processor.exception.ProcessException) PGPException(org.bouncycastle.openpgp.PGPException) IOException(java.io.IOException) NoSuchProviderException(java.security.NoSuchProviderException) JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)

Example 2 with PBESecretKeyDecryptor

use of org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor in project jPOS by jpos.

the class PGPHelper method findSecretKey.

private static PGPPrivateKey findSecretKey(PGPSecretKeyRingCollection pgpSec, long keyID, char[] pass) throws PGPException, NoSuchProviderException {
    PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID);
    if (pgpSecKey == null) {
        return null;
    }
    PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(pass);
    return pgpSecKey.extractPrivateKey(decryptor);
}

Also used : PBESecretKeyDecryptor(org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor)

Example 3 with PBESecretKeyDecryptor

use of org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor in project ant-ivy by apache.

the class OpenPGPSignatureGenerator method sign.

public void sign(File src, File dest) throws IOException {
    OutputStream out = null;
    InputStream in = null;
    InputStream keyIn = null;
    try {
        if (secring == null) {
            secring = System.getProperty("user.home") + "/.gnupg/secring.gpg";
        }
        if (pgpSec == null) {
            keyIn = new FileInputStream(secring);
            pgpSec = readSecretKey(keyIn);
        }
        PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(password.toCharArray());
        PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(decryptor);
        PGPSignatureGenerator sGen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1));
        sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
        in = new FileInputStream(src);
        out = new BCPGOutputStream(new ArmoredOutputStream(new FileOutputStream(dest)));
        int ch = 0;
        while ((ch = in.read()) >= 0) {
            sGen.update((byte) ch);
        }
        sGen.generate().encode(out);
    } catch (PGPException e) {
        throw new IOException(e);
    } finally {
        if (out != null) {
            try {
                out.close();
            } catch (IOException e) {
            }
        }
        if (in != null) {
            try {
                in.close();
            } catch (IOException e) {
            }
        }
        if (keyIn != null) {
            try {
                keyIn.close();
            } catch (IOException e) {
            }
        }
    }
}

Also used : PGPSignatureGenerator(org.bouncycastle.openpgp.PGPSignatureGenerator) PBESecretKeyDecryptor(org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor) BcPGPContentSignerBuilder(org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) ArmoredOutputStream(org.bouncycastle.bcpg.ArmoredOutputStream) BcPGPDigestCalculatorProvider(org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider) BCPGOutputStream(org.bouncycastle.bcpg.BCPGOutputStream) IOException(java.io.IOException) FileInputStream(java.io.FileInputStream) PGPException(org.bouncycastle.openpgp.PGPException) FileOutputStream(java.io.FileOutputStream) BcPBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder) PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)

Aggregations

PBESecretKeyDecryptor (org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor)3 FileInputStream (java.io.FileInputStream)2 IOException (java.io.IOException)2 PGPException (org.bouncycastle.openpgp.PGPException)2 FileOutputStream (java.io.FileOutputStream)1 InputStream (java.io.InputStream)1 OutputStream (java.io.OutputStream)1 NoSuchProviderException (java.security.NoSuchProviderException)1 ProcessException (org.apache.nifi.processor.exception.ProcessException)1 ArmoredOutputStream (org.bouncycastle.bcpg.ArmoredOutputStream)1 BCPGOutputStream (org.bouncycastle.bcpg.BCPGOutputStream)1 PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)1 PGPSecretKey (org.bouncycastle.openpgp.PGPSecretKey)1 PGPSecretKeyRing (org.bouncycastle.openpgp.PGPSecretKeyRing)1 PGPSecretKeyRingCollection (org.bouncycastle.openpgp.PGPSecretKeyRingCollection)1 PGPSignatureGenerator (org.bouncycastle.openpgp.PGPSignatureGenerator)1 BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)1 BcPBESecretKeyDecryptorBuilder (org.bouncycastle.openpgp.operator.bc.BcPBESecretKeyDecryptorBuilder)1 BcPGPContentSignerBuilder (org.bouncycastle.openpgp.operator.bc.BcPGPContentSignerBuilder)1 BcPGPDigestCalculatorProvider (org.bouncycastle.openpgp.operator.bc.BcPGPDigestCalculatorProvider)1