Examples with JcaKeyFingerprintCalculator org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator used on opensource projects

Example 1 with JcaKeyFingerprintCalculator

use of org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator in project cryptonomica by Cryptonomica.

the class PGPTools method verifyFile.

public static Boolean verifyFile(// signed data
InputStream signedDataIn, // signature
InputStream signatureIn, // key
PGPPublicKey pgpPublicKey) throws Exception {
    signatureIn = PGPUtil.getDecoderStream(signatureIn);
    // dataIn = PGPUtil.getDecoderStream(dataIn); // not needed
    PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(signatureIn, // <<<< TODO: check if this is correct
    new JcaKeyFingerprintCalculator());
    PGPSignatureList pgpSignatureList = null;
    Object o;
    // get adn check: pgpObjectFactory.nextObject()
    try {
        o = pgpObjectFactory.nextObject();
        if (o == null)
            throw new Exception("pgpObjectFactory.nextObject() returned null");
    } catch (Exception ex) {
        // 
        throw new Exception("Invalid input data");
    }
    if (o instanceof PGPCompressedData) {
        PGPCompressedData pgpCompressedData = (PGPCompressedData) o;
        pgpObjectFactory = new PGPObjectFactory(pgpCompressedData.getDataStream(), // <<<< TODO: check if this is correct
        new JcaKeyFingerprintCalculator());
        pgpSignatureList = (PGPSignatureList) pgpObjectFactory.nextObject();
    } else {
        pgpSignatureList = (PGPSignatureList) o;
    }
    int ch;
    // A PGP signatureObject
    // https://www.borelly.net/cb/docs/javaBC-1.4.8/pg/index.html?org/bouncycastle/openpgp/PGPSignature.html
    PGPSignature signatureObject = pgpSignatureList.get(0);
    if (pgpPublicKey == null)
        throw new Exception("Cannot find key 0x" + Integer.toHexString((int) signatureObject.getKeyID()).toUpperCase() + " in the pubring");
    // signatureObject.initVerify(
    // pgpPublicKey,
    // "BC"
    // );
    // https://www.borelly.net/cb/docs/javaBC-1.4.8/pg/org/bouncycastle/openpgp/PGPSignature.html#initVerify(org.bouncycastle.openpgp.PGPPublicKey,%20java.security.Provider)
    // Deprecated. use init(PGPContentVerifierBuilderProvider, PGPPublicKey)
    signatureObject.init(new JcaPGPContentVerifierBuilderProvider(), pgpPublicKey);
    while ((ch = signedDataIn.read()) >= 0) {
        signatureObject.update((byte) ch);
    }
    if (signatureObject.verify()) {
        return Boolean.TRUE;
    } else {
        return Boolean.FALSE;
    }
}

Example 2 with JcaKeyFingerprintCalculator

use of org.bouncycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator in project bisq-desktop by bisq-network.

the class BisqInstaller method verifySignature.

/**
 * Verifies detached PGP signatures against GPG/openPGP RSA public keys. Does currently not work with openssl or JCA/JCE keys.
 *
 * @param pubKeyFile Path to file providing the public key to use
 * @param sigFile    Path to detached signature file
 * @param dataFile   Path to signed data file
 * @return {@code true} if signature is valid, {@code false} if signature is not valid
 * @throws Exception throws various exceptions in case something went wrong. Main reason should be that key or
 *                   signature could be extracted from the provided files due to a "bad" format.<br>
 *                   <code>FileNotFoundException, IOException, SignatureException, PGPException</code>
 */
public static VerifyStatusEnum verifySignature(File pubKeyFile, File sigFile, File dataFile) throws Exception {
    InputStream inputStream;
    int bytesRead;
    PGPPublicKey publicKey;
    PGPSignature pgpSignature;
    boolean result;
    // Read keys from file
    inputStream = PGPUtil.getDecoderStream(new FileInputStream(pubKeyFile));
    PGPPublicKeyRingCollection publicKeyRingCollection = new PGPPublicKeyRingCollection(inputStream, new JcaKeyFingerprintCalculator());
    inputStream.close();
    Iterator<PGPPublicKeyRing> iterator = publicKeyRingCollection.getKeyRings();
    PGPPublicKeyRing pgpPublicKeyRing;
    if (iterator.hasNext()) {
        pgpPublicKeyRing = iterator.next();
    } else {
        throw new PGPException("Could not find public keyring in provided key file");
    }
    // Would be the solution for multiple keys in one file
    // Iterator<PGPPublicKey> kIt;
    // kIt = pgpPublicKeyRing.getPublicKeys();
    // publicKey = pgpPublicKeyRing.getPublicKey(0xF5B84436F379A1C6L);
    // Read signature from file
    inputStream = PGPUtil.getDecoderStream(new FileInputStream(sigFile));
    PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(inputStream, new JcaKeyFingerprintCalculator());
    Object o = pgpObjectFactory.nextObject();
    if (o instanceof PGPSignatureList) {
        PGPSignatureList signatureList = (PGPSignatureList) o;
        checkArgument(!signatureList.isEmpty(), "signatureList must not be empty");
        pgpSignature = signatureList.get(0);
    } else if (o instanceof PGPSignature) {
        pgpSignature = (PGPSignature) o;
    } else {
        throw new SignatureException("Could not find signature in provided signature file");
    }
    inputStream.close();
    log.debug("KeyID used in signature: %X\n", pgpSignature.getKeyID());
    publicKey = pgpPublicKeyRing.getPublicKey(pgpSignature.getKeyID());
    // If signature is not matching the key used for signing we fail
    if (publicKey == null)
        return VerifyStatusEnum.FAIL;
    log.debug("The ID of the selected key is %X\n", publicKey.getKeyID());
    pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    // Read file to verify
    byte[] data = new byte[1024];
    inputStream = new DataInputStream(new BufferedInputStream(new FileInputStream(dataFile)));
    while (true) {
        bytesRead = inputStream.read(data, 0, 1024);
        if (bytesRead == -1)
            break;
        pgpSignature.update(data, 0, bytesRead);
    }
    inputStream.close();
    // Verify the signature
    result = pgpSignature.verify();
    return result ? VerifyStatusEnum.OK : VerifyStatusEnum.FAIL;
}