Search in sources :

Example 1 with EncryptionOptions

use of org.pgpainless.encryption_signing.EncryptionOptions in project Smack by igniterealtime.

the class SecretKeyBackupHelper method createSecretkeyElement.

/**
 * Create a {@link SecretkeyElement} which contains the secret keys which are serialized in {@code keys} and is
 * symmetrically encrypted using the {@code backupCode}.
 *
 * @see <a href="https://xmpp.org/extensions/xep-0373.html#backup-encryption">
 *     XEP-0373 ยง5.4 Encrypting the Secret Key Backup</a>
 *
 * @param keys serialized OpenPGP secret keys in transferable key format
 * @param backupCode passphrase for symmetric encryption
 * @return {@link SecretkeyElement}
 *
 * @throws PGPException PGP is brittle
 * @throws IOException IO is dangerous
 */
public static SecretkeyElement createSecretkeyElement(byte[] keys, OpenPgpSecretKeyBackupPassphrase backupCode) throws PGPException, IOException {
    InputStream keyStream = new ByteArrayInputStream(keys);
    ByteArrayOutputStream cryptOut = new ByteArrayOutputStream();
    EncryptionOptions encOpts = new EncryptionOptions().addPassphrase(Passphrase.fromPassword(backupCode.toString()));
    encOpts.overrideEncryptionAlgorithm(SymmetricKeyAlgorithm.AES_256);
    EncryptionStream encryptionStream = PGPainless.encryptAndOrSign().onOutputStream(cryptOut).withOptions(ProducerOptions.encrypt(encOpts).setAsciiArmor(false));
    Streams.pipeAll(keyStream, encryptionStream);
    encryptionStream.close();
    return new SecretkeyElement(Base64.encode(cryptOut.toByteArray()));
}
Also used : SecretkeyElement(org.jivesoftware.smackx.ox.element.SecretkeyElement) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) EncryptionOptions(org.pgpainless.encryption_signing.EncryptionOptions) EncryptionStream(org.pgpainless.encryption_signing.EncryptionStream)

Example 2 with EncryptionOptions

use of org.pgpainless.encryption_signing.EncryptionOptions in project Smack by igniterealtime.

the class PainlessOpenPgpProvider method encrypt.

@Override
public OpenPgpElementAndMetadata encrypt(CryptElement element, OpenPgpSelf self, Collection<OpenPgpContact> recipients) throws IOException, PGPException {
    InputStream plainText = element.toInputStream();
    ByteArrayOutputStream cipherText = new ByteArrayOutputStream();
    EncryptionOptions encOpts = EncryptionOptions.encryptCommunications();
    for (OpenPgpContact contact : recipients) {
        PGPPublicKeyRingCollection keys = contact.getTrustedAnnouncedKeys();
        if (keys == null) {
            LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + contact.getJid());
        }
        encOpts.addRecipients(keys);
    }
    encOpts.addRecipients(self.getTrustedAnnouncedKeys());
    EncryptionStream cipherStream = PGPainless.encryptAndOrSign().onOutputStream(cipherText).withOptions(ProducerOptions.encrypt(encOpts).setAsciiArmor(false));
    Streams.pipeAll(plainText, cipherStream);
    plainText.close();
    cipherStream.flush();
    cipherStream.close();
    cipherText.close();
    String base64 = Base64.encodeToString(cipherText.toByteArray());
    OpenPgpElement openPgpElement = new OpenPgpElement(base64);
    return new OpenPgpElementAndMetadata(openPgpElement, cipherStream.getResult());
}
Also used : PGPPublicKeyRingCollection(org.bouncycastle.openpgp.PGPPublicKeyRingCollection) InputStream(java.io.InputStream) OpenPgpElement(org.jivesoftware.smackx.ox.element.OpenPgpElement) ByteArrayOutputStream(java.io.ByteArrayOutputStream) EncryptionOptions(org.pgpainless.encryption_signing.EncryptionOptions) EncryptionStream(org.pgpainless.encryption_signing.EncryptionStream) OpenPgpContact(org.jivesoftware.smackx.ox.OpenPgpContact)

Example 3 with EncryptionOptions

use of org.pgpainless.encryption_signing.EncryptionOptions in project Smack by igniterealtime.

the class PainlessOpenPgpProvider method signAndEncrypt.

@Override
public OpenPgpElementAndMetadata signAndEncrypt(SigncryptElement element, OpenPgpSelf self, Collection<OpenPgpContact> recipients) throws IOException, PGPException {
    InputStream plainText = element.toInputStream();
    ByteArrayOutputStream cipherText = new ByteArrayOutputStream();
    EncryptionOptions encOpts = EncryptionOptions.encryptCommunications();
    for (OpenPgpContact contact : recipients) {
        PGPPublicKeyRingCollection keys = contact.getTrustedAnnouncedKeys();
        if (keys == null) {
            LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + contact.getJid());
        }
        encOpts.addRecipients(keys);
    }
    encOpts.addRecipients(self.getTrustedAnnouncedKeys());
    SigningOptions signOpts = new SigningOptions();
    signOpts.addInlineSignature(getStore().getKeyRingProtector(), self.getSigningKeyRing(), DocumentSignatureType.BINARY_DOCUMENT);
    EncryptionStream cipherStream = PGPainless.encryptAndOrSign().onOutputStream(cipherText).withOptions(ProducerOptions.signAndEncrypt(encOpts, signOpts).setAsciiArmor(false));
    Streams.pipeAll(plainText, cipherStream);
    plainText.close();
    cipherStream.flush();
    cipherStream.close();
    cipherText.close();
    String base64 = Base64.encodeToString(cipherText.toByteArray());
    OpenPgpElement openPgpElement = new OpenPgpElement(base64);
    return new OpenPgpElementAndMetadata(openPgpElement, cipherStream.getResult());
}
Also used : PGPPublicKeyRingCollection(org.bouncycastle.openpgp.PGPPublicKeyRingCollection) InputStream(java.io.InputStream) OpenPgpElement(org.jivesoftware.smackx.ox.element.OpenPgpElement) SigningOptions(org.pgpainless.encryption_signing.SigningOptions) ByteArrayOutputStream(java.io.ByteArrayOutputStream) EncryptionOptions(org.pgpainless.encryption_signing.EncryptionOptions) EncryptionStream(org.pgpainless.encryption_signing.EncryptionStream) OpenPgpContact(org.jivesoftware.smackx.ox.OpenPgpContact)

Aggregations

ByteArrayOutputStream (java.io.ByteArrayOutputStream)3 InputStream (java.io.InputStream)3 EncryptionOptions (org.pgpainless.encryption_signing.EncryptionOptions)3 EncryptionStream (org.pgpainless.encryption_signing.EncryptionStream)3 PGPPublicKeyRingCollection (org.bouncycastle.openpgp.PGPPublicKeyRingCollection)2 OpenPgpContact (org.jivesoftware.smackx.ox.OpenPgpContact)2 OpenPgpElement (org.jivesoftware.smackx.ox.element.OpenPgpElement)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 SecretkeyElement (org.jivesoftware.smackx.ox.element.SecretkeyElement)1 SigningOptions (org.pgpainless.encryption_signing.SigningOptions)1