Example 1 with BcKeyFingerprintCalculator
use of org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator in project camel by apache.
the class PGPKeyAccessDataFormat method getDecryptedData.
private InputStream getDecryptedData(Exchange exchange, InputStream encryptedStream) throws Exception, PGPException {
PGPObjectFactory pgpFactory = new PGPObjectFactory(encryptedStream, new BcKeyFingerprintCalculator());
Object firstObject = pgpFactory.nextObject();
// the first object might be a PGP marker packet
PGPEncryptedDataList enc = getEcryptedDataList(pgpFactory, firstObject);
if (enc == null) {
throw getFormatException();
}
PGPPublicKeyEncryptedData pbe = null;
PGPPrivateKey key = null;
// find encrypted data for which a private key exists in the secret key ring
for (int i = 0; i < enc.size() && key == null; i++) {
Object encryptedData = enc.get(i);
if (!(encryptedData instanceof PGPPublicKeyEncryptedData)) {
throw getFormatException();
}
pbe = (PGPPublicKeyEncryptedData) encryptedData;
key = secretKeyAccessor.getPrivateKey(exchange, pbe.getKeyID());
if (key != null) {
// take the first key
break;
}
}
if (key == null) {
throw new PGPException("PGP message is encrypted with a key which could not be found in the Secret Keyring.");
}
InputStream encData = pbe.getDataStream(new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(getProvider()).build(key));
return encData;
}
Also used :
PGPException(org.bouncycastle.openpgp.PGPException)
InputStream(java.io.InputStream)
JcePublicKeyDataDecryptorFactoryBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder)
PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
Example 2 with BcKeyFingerprintCalculator
use of org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator in project camel by apache.
the class PGPKeyAccessDataFormat method unmarshal.
public Object unmarshal(Exchange exchange, InputStream encryptedStream) throws Exception {
//NOPMD
if (encryptedStream == null) {
return null;
}
InputStream in = null;
InputStream encData = null;
InputStream uncompressedData = null;
InputStream litData = null;
OutputStreamBuilder osb = null;
try {
in = PGPUtil.getDecoderStream(encryptedStream);
encData = getDecryptedData(exchange, in);
PGPObjectFactory pgpFactory = new PGPObjectFactory(encData, new BcKeyFingerprintCalculator());
Object object = pgpFactory.nextObject();
if (object instanceof PGPCompressedData) {
PGPCompressedData comData = (PGPCompressedData) object;
uncompressedData = comData.getDataStream();
pgpFactory = new PGPObjectFactory(uncompressedData, new BcKeyFingerprintCalculator());
object = pgpFactory.nextObject();
} else {
LOG.debug("PGP Message does not contain a Compressed Data Packet");
}
PGPOnePassSignature signature;
if (object instanceof PGPOnePassSignatureList) {
signature = getSignature(exchange, (PGPOnePassSignatureList) object);
object = pgpFactory.nextObject();
} else {
// no signature contained in PGP message
signature = null;
if (SIGNATURE_VERIFICATION_OPTION_REQUIRED.equals(getSignatureVerificationOption())) {
throw new PGPException("PGP message does not contain any signatures although a signature is expected. Either send a PGP message with signature or change the configuration of the PGP decryptor.");
}
}
PGPLiteralData ld;
if (object instanceof PGPLiteralData) {
ld = (PGPLiteralData) object;
} else {
throw getFormatException();
}
litData = ld.getInputStream();
osb = OutputStreamBuilder.withExchange(exchange);
byte[] buffer = new byte[BUFFER_SIZE];
int bytesRead;
while ((bytesRead = litData.read(buffer)) != -1) {
osb.write(buffer, 0, bytesRead);
if (signature != null) {
signature.update(buffer, 0, bytesRead);
}
osb.flush();
}
verifySignature(pgpFactory, signature);
} finally {
IOHelper.close(osb, litData, uncompressedData, encData, in, encryptedStream);
}
return osb.build();
}
Also used :
PGPException(org.bouncycastle.openpgp.PGPException)
PGPOnePassSignatureList(org.bouncycastle.openpgp.PGPOnePassSignatureList)
PGPLiteralData(org.bouncycastle.openpgp.PGPLiteralData)
InputStream(java.io.InputStream)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPOnePassSignature(org.bouncycastle.openpgp.PGPOnePassSignature)
OutputStreamBuilder(org.apache.camel.converter.stream.OutputStreamBuilder)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
PGPCompressedData(org.bouncycastle.openpgp.PGPCompressedData)
Example 3 with BcKeyFingerprintCalculator
use of org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator in project camel by apache.
the class PGPDataFormatTest method readSecretKey.
static PGPSecretKey readSecretKey() throws Exception {
InputStream input = new ByteArrayInputStream(getSecKeyRing());
PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(input), new BcKeyFingerprintCalculator());
@SuppressWarnings("rawtypes") Iterator keyRingIter = pgpSec.getKeyRings();
while (keyRingIter.hasNext()) {
PGPSecretKeyRing keyRing = (PGPSecretKeyRing) keyRingIter.next();
@SuppressWarnings("rawtypes") Iterator keyIter = keyRing.getSecretKeys();
while (keyIter.hasNext()) {
PGPSecretKey key = (PGPSecretKey) keyIter.next();
if (key.isSigningKey()) {
return key;
}
}
}
throw new IllegalArgumentException("Can't find signing key in key ring.");
}
Also used :
ByteArrayInputStream(java.io.ByteArrayInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey)
Iterator(java.util.Iterator)
PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing)
Example 4 with BcKeyFingerprintCalculator
use of org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator in project camel by apache.
the class PGPDataFormatUtil method findPrivateKey.
@Deprecated
private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException {
PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput), new BcKeyFingerprintCalculator());
PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput), new BcKeyFingerprintCalculator());
PGPEncryptedDataList enc;
Object o = factory.nextObject();
if (o == null) {
throw new PGPException("Provided input is not encrypted.");
}
if (o instanceof PGPEncryptedDataList) {
enc = (PGPEncryptedDataList) o;
} else {
enc = (PGPEncryptedDataList) factory.nextObject();
}
// nextObject() method reads from the InputStream, so rewind it!
encryptedInput.reset();
Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
PGPPrivateKey privateKey = null;
PGPPublicKeyEncryptedData encryptedData = null;
while (privateKey == null && encryptedDataObjects.hasNext()) {
encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
if (pgpSecKey != null) {
if (passphrase == null && passphraseAccessor != null) {
// get passphrase from accessor
@SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs();
while (passphrase == null && userIDs.hasNext()) {
passphrase = passphraseAccessor.getPassphrase(userIDs.next());
}
}
privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider).build(passphrase.toCharArray()));
}
}
if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) {
throw new PGPException("Provided input is encrypted with unknown pair of keys.");
}
return privateKey;
}
Also used :
PGPEncryptedDataList(org.bouncycastle.openpgp.PGPEncryptedDataList)
PGPObjectFactory(org.bouncycastle.openpgp.PGPObjectFactory)
JcePBESecretKeyDecryptorBuilder(org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder)
PGPException(org.bouncycastle.openpgp.PGPException)
PGPSecretKey(org.bouncycastle.openpgp.PGPSecretKey)
PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKeyEncryptedData(org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)
PGPPrivateKey(org.bouncycastle.openpgp.PGPPrivateKey)
Example 5 with BcKeyFingerprintCalculator
use of org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator in project camel by apache.
the class PGPDataFormatTest method readPublicKey.
static PGPPublicKey readPublicKey(String keyringPath) throws Exception {
InputStream input = new ByteArrayInputStream(getKeyRing(keyringPath));
PGPPublicKeyRingCollection pgpPub = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(input), new BcKeyFingerprintCalculator());
@SuppressWarnings("rawtypes") Iterator keyRingIter = pgpPub.getKeyRings();
while (keyRingIter.hasNext()) {
PGPPublicKeyRing keyRing = (PGPPublicKeyRing) keyRingIter.next();
@SuppressWarnings("rawtypes") Iterator keyIter = keyRing.getPublicKeys();
while (keyIter.hasNext()) {
PGPPublicKey key = (PGPPublicKey) keyIter.next();
if (key.isEncryptionKey()) {
return key;
}
}
}
throw new IllegalArgumentException("Can't find encryption key in key ring.");
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
PGPPublicKeyRingCollection(org.bouncycastle.openpgp.PGPPublicKeyRingCollection)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Iterator(java.util.Iterator)
BcKeyFingerprintCalculator(org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
Aggregations
BcKeyFingerprintCalculator (org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator)5
InputStream (java.io.InputStream)4
PGPException (org.bouncycastle.openpgp.PGPException)3
PGPObjectFactory (org.bouncycastle.openpgp.PGPObjectFactory)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
Iterator (java.util.Iterator)2
PGPEncryptedDataList (org.bouncycastle.openpgp.PGPEncryptedDataList)2
PGPPrivateKey (org.bouncycastle.openpgp.PGPPrivateKey)2
PGPPublicKeyEncryptedData (org.bouncycastle.openpgp.PGPPublicKeyEncryptedData)2
PGPSecretKey (org.bouncycastle.openpgp.PGPSecretKey)2
PGPSecretKeyRingCollection (org.bouncycastle.openpgp.PGPSecretKeyRingCollection)2
OutputStreamBuilder (org.apache.camel.converter.stream.OutputStreamBuilder)1
PGPCompressedData (org.bouncycastle.openpgp.PGPCompressedData)1
PGPLiteralData (org.bouncycastle.openpgp.PGPLiteralData)1
PGPOnePassSignature (org.bouncycastle.openpgp.PGPOnePassSignature)1
PGPOnePassSignatureList (org.bouncycastle.openpgp.PGPOnePassSignatureList)1
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)1
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)1
PGPPublicKeyRingCollection (org.bouncycastle.openpgp.PGPPublicKeyRingCollection)1
PGPSecretKeyRing (org.bouncycastle.openpgp.PGPSecretKeyRing)1
