Search in sources :

Example 1 with ConsumerOptions

use of org.pgpainless.decryption_verification.ConsumerOptions in project Smack by igniterealtime.

the class PainlessOpenPgpProvider method decryptAndOrVerify.

@Override
public OpenPgpMessage decryptAndOrVerify(XMPPConnection connection, OpenPgpElement element, final OpenPgpSelf self, final OpenPgpContact sender) throws IOException, PGPException {
    ByteArrayOutputStream plainText = new ByteArrayOutputStream();
    InputStream cipherText = element.toInputStream();
    PGPPublicKeyRingCollection announcedPublicKeys = sender.getAnnouncedPublicKeys();
    if (announcedPublicKeys == null) {
        try {
            sender.updateKeys(connection);
            announcedPublicKeys = sender.getAnnouncedPublicKeys();
        } catch (InterruptedException | NotALeafNodeException | NotAPubSubNodeException | NotConnectedException | NoResponseException | XMPPErrorException e) {
            throw new PGPException("Abort decryption due to lack of keys", e);
        }
    }
    MissingPublicKeyCallback missingPublicKeyCallback = new MissingPublicKeyCallback() {

        @Override
        public PGPPublicKeyRing onMissingPublicKeyEncountered(Long keyId) {
            try {
                sender.updateKeys(connection);
                PGPPublicKeyRingCollection anyKeys = sender.getAnyPublicKeys();
                for (PGPPublicKeyRing ring : anyKeys) {
                    if (ring.getPublicKey(keyId) != null) {
                        return ring;
                    }
                }
                return null;
            } catch (InterruptedException | NotALeafNodeException | NotAPubSubNodeException | NotConnectedException | NoResponseException | XMPPErrorException | IOException | PGPException e) {
                LOGGER.log(Level.WARNING, "Cannot fetch missing key " + keyId, e);
                return null;
            }
        }
    };
    DecryptionStream cipherStream = PGPainless.decryptAndOrVerify().onInputStream(cipherText).withOptions(new ConsumerOptions().addDecryptionKeys(self.getSecretKeys(), getStore().getKeyRingProtector()).addVerificationCerts(announcedPublicKeys).setMissingCertificateCallback(missingPublicKeyCallback));
    Streams.pipeAll(cipherStream, plainText);
    cipherText.close();
    cipherStream.close();
    plainText.close();
    OpenPgpMetadata info = cipherStream.getResult();
    OpenPgpMessage.State state;
    if (info.isSigned()) {
        if (info.isEncrypted()) {
            state = OpenPgpMessage.State.signcrypt;
        } else {
            state = OpenPgpMessage.State.sign;
        }
    } else if (info.isEncrypted()) {
        state = OpenPgpMessage.State.crypt;
    } else {
        throw new PGPException("Received message appears to be neither encrypted, nor signed.");
    }
    return new OpenPgpMessage(plainText.toByteArray(), state, info);
}
Also used : PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing) XMPPErrorException(org.jivesoftware.smack.XMPPException.XMPPErrorException) NotALeafNodeException(org.jivesoftware.smackx.pubsub.PubSubException.NotALeafNodeException) NotConnectedException(org.jivesoftware.smack.SmackException.NotConnectedException) InputStream(java.io.InputStream) ConsumerOptions(org.pgpainless.decryption_verification.ConsumerOptions) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) DecryptionStream(org.pgpainless.decryption_verification.DecryptionStream) PGPException(org.bouncycastle.openpgp.PGPException) PGPPublicKeyRingCollection(org.bouncycastle.openpgp.PGPPublicKeyRingCollection) NotAPubSubNodeException(org.jivesoftware.smackx.pubsub.PubSubException.NotAPubSubNodeException) OpenPgpMessage(org.jivesoftware.smackx.ox.OpenPgpMessage) NoResponseException(org.jivesoftware.smack.SmackException.NoResponseException) MissingPublicKeyCallback(org.pgpainless.decryption_verification.MissingPublicKeyCallback) OpenPgpMetadata(org.pgpainless.decryption_verification.OpenPgpMetadata)

Example 2 with ConsumerOptions

use of org.pgpainless.decryption_verification.ConsumerOptions in project Smack by igniterealtime.

the class SecretKeyBackupHelper method restoreSecretKeyBackup.

/**
 * Decrypt a secret key backup and return the {@link PGPSecretKeyRing} contained in it.
 * TODO: Return a PGPSecretKeyRingCollection instead?
 *
 * @param backup encrypted {@link SecretkeyElement} containing the backup
 * @param backupCode passphrase for decrypting the {@link SecretkeyElement}.
 * @return the TODO javadoc me please
 * @throws InvalidBackupCodeException in case the provided backup code is invalid.
 * @throws IOException IO is dangerous.
 * @throws PGPException PGP is brittle.
 */
public static PGPSecretKeyRing restoreSecretKeyBackup(SecretkeyElement backup, OpenPgpSecretKeyBackupPassphrase backupCode) throws InvalidBackupCodeException, IOException, PGPException {
    byte[] encrypted = Base64.decode(backup.getB64Data());
    InputStream encryptedIn = new ByteArrayInputStream(encrypted);
    ByteArrayOutputStream plaintextOut = new ByteArrayOutputStream();
    try {
        DecryptionStream decryptionStream = PGPainless.decryptAndOrVerify().onInputStream(encryptedIn).withOptions(new ConsumerOptions().addDecryptionPassphrase(Passphrase.fromPassword(backupCode.toString())));
        Streams.pipeAll(decryptionStream, plaintextOut);
        decryptionStream.close();
    } catch (MissingDecryptionMethodException e) {
        throw new InvalidBackupCodeException("Could not decrypt secret key backup. Possibly wrong passphrase?", e);
    }
    byte[] decrypted = plaintextOut.toByteArray();
    return PGPainless.readKeyRing().secretKeyRing(decrypted);
}
Also used : MissingDecryptionMethodException(org.pgpainless.exception.MissingDecryptionMethodException) InvalidBackupCodeException(org.jivesoftware.smackx.ox.exception.InvalidBackupCodeException) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ConsumerOptions(org.pgpainless.decryption_verification.ConsumerOptions) ByteArrayOutputStream(java.io.ByteArrayOutputStream) DecryptionStream(org.pgpainless.decryption_verification.DecryptionStream)

Aggregations

ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InputStream (java.io.InputStream)2 ConsumerOptions (org.pgpainless.decryption_verification.ConsumerOptions)2 DecryptionStream (org.pgpainless.decryption_verification.DecryptionStream)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 IOException (java.io.IOException)1 PGPException (org.bouncycastle.openpgp.PGPException)1 PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)1 PGPPublicKeyRingCollection (org.bouncycastle.openpgp.PGPPublicKeyRingCollection)1 NoResponseException (org.jivesoftware.smack.SmackException.NoResponseException)1 NotConnectedException (org.jivesoftware.smack.SmackException.NotConnectedException)1 XMPPErrorException (org.jivesoftware.smack.XMPPException.XMPPErrorException)1 OpenPgpMessage (org.jivesoftware.smackx.ox.OpenPgpMessage)1 InvalidBackupCodeException (org.jivesoftware.smackx.ox.exception.InvalidBackupCodeException)1 NotALeafNodeException (org.jivesoftware.smackx.pubsub.PubSubException.NotALeafNodeException)1 NotAPubSubNodeException (org.jivesoftware.smackx.pubsub.PubSubException.NotAPubSubNodeException)1 MissingPublicKeyCallback (org.pgpainless.decryption_verification.MissingPublicKeyCallback)1 OpenPgpMetadata (org.pgpainless.decryption_verification.OpenPgpMetadata)1 MissingDecryptionMethodException (org.pgpainless.exception.MissingDecryptionMethodException)1