use of org.pgpainless.encryption_signing.EncryptionStream in project Smack by igniterealtime.
the class SecretKeyBackupHelper method createSecretkeyElement.
/**
* Create a {@link SecretkeyElement} which contains the secret keys which are serialized in {@code keys} and is
* symmetrically encrypted using the {@code backupCode}.
*
* @see <a href="https://xmpp.org/extensions/xep-0373.html#backup-encryption">
* XEP-0373 ยง5.4 Encrypting the Secret Key Backup</a>
*
* @param keys serialized OpenPGP secret keys in transferable key format
* @param backupCode passphrase for symmetric encryption
* @return {@link SecretkeyElement}
*
* @throws PGPException PGP is brittle
* @throws IOException IO is dangerous
*/
public static SecretkeyElement createSecretkeyElement(byte[] keys, OpenPgpSecretKeyBackupPassphrase backupCode) throws PGPException, IOException {
InputStream keyStream = new ByteArrayInputStream(keys);
ByteArrayOutputStream cryptOut = new ByteArrayOutputStream();
EncryptionOptions encOpts = new EncryptionOptions().addPassphrase(Passphrase.fromPassword(backupCode.toString()));
encOpts.overrideEncryptionAlgorithm(SymmetricKeyAlgorithm.AES_256);
EncryptionStream encryptionStream = PGPainless.encryptAndOrSign().onOutputStream(cryptOut).withOptions(ProducerOptions.encrypt(encOpts).setAsciiArmor(false));
Streams.pipeAll(keyStream, encryptionStream);
encryptionStream.close();
return new SecretkeyElement(Base64.encode(cryptOut.toByteArray()));
}
use of org.pgpainless.encryption_signing.EncryptionStream in project Smack by igniterealtime.
the class PainlessOpenPgpProvider method encrypt.
@Override
public OpenPgpElementAndMetadata encrypt(CryptElement element, OpenPgpSelf self, Collection<OpenPgpContact> recipients) throws IOException, PGPException {
InputStream plainText = element.toInputStream();
ByteArrayOutputStream cipherText = new ByteArrayOutputStream();
EncryptionOptions encOpts = EncryptionOptions.encryptCommunications();
for (OpenPgpContact contact : recipients) {
PGPPublicKeyRingCollection keys = contact.getTrustedAnnouncedKeys();
if (keys == null) {
LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + contact.getJid());
}
encOpts.addRecipients(keys);
}
encOpts.addRecipients(self.getTrustedAnnouncedKeys());
EncryptionStream cipherStream = PGPainless.encryptAndOrSign().onOutputStream(cipherText).withOptions(ProducerOptions.encrypt(encOpts).setAsciiArmor(false));
Streams.pipeAll(plainText, cipherStream);
plainText.close();
cipherStream.flush();
cipherStream.close();
cipherText.close();
String base64 = Base64.encodeToString(cipherText.toByteArray());
OpenPgpElement openPgpElement = new OpenPgpElement(base64);
return new OpenPgpElementAndMetadata(openPgpElement, cipherStream.getResult());
}
use of org.pgpainless.encryption_signing.EncryptionStream in project Smack by igniterealtime.
the class PainlessOpenPgpProvider method signAndEncrypt.
@Override
public OpenPgpElementAndMetadata signAndEncrypt(SigncryptElement element, OpenPgpSelf self, Collection<OpenPgpContact> recipients) throws IOException, PGPException {
InputStream plainText = element.toInputStream();
ByteArrayOutputStream cipherText = new ByteArrayOutputStream();
EncryptionOptions encOpts = EncryptionOptions.encryptCommunications();
for (OpenPgpContact contact : recipients) {
PGPPublicKeyRingCollection keys = contact.getTrustedAnnouncedKeys();
if (keys == null) {
LOGGER.log(Level.WARNING, "There are no suitable keys for contact " + contact.getJid());
}
encOpts.addRecipients(keys);
}
encOpts.addRecipients(self.getTrustedAnnouncedKeys());
SigningOptions signOpts = new SigningOptions();
signOpts.addInlineSignature(getStore().getKeyRingProtector(), self.getSigningKeyRing(), DocumentSignatureType.BINARY_DOCUMENT);
EncryptionStream cipherStream = PGPainless.encryptAndOrSign().onOutputStream(cipherText).withOptions(ProducerOptions.signAndEncrypt(encOpts, signOpts).setAsciiArmor(false));
Streams.pipeAll(plainText, cipherStream);
plainText.close();
cipherStream.flush();
cipherStream.close();
cipherText.close();
String base64 = Base64.encodeToString(cipherText.toByteArray());
OpenPgpElement openPgpElement = new OpenPgpElement(base64);
return new OpenPgpElementAndMetadata(openPgpElement, cipherStream.getResult());
}
use of org.pgpainless.encryption_signing.EncryptionStream in project Smack by igniterealtime.
the class PainlessOpenPgpProvider method sign.
@Override
public OpenPgpElementAndMetadata sign(SignElement element, OpenPgpSelf self) throws IOException, PGPException {
InputStream plainText = element.toInputStream();
ByteArrayOutputStream cipherText = new ByteArrayOutputStream();
EncryptionStream cipherStream = PGPainless.encryptAndOrSign().onOutputStream(cipherText).withOptions(ProducerOptions.sign(new SigningOptions().addInlineSignature(getStore().getKeyRingProtector(), self.getSigningKeyRing(), "xmpp:" + self.getJid().toString(), DocumentSignatureType.BINARY_DOCUMENT)).setAsciiArmor(false));
Streams.pipeAll(plainText, cipherStream);
plainText.close();
cipherStream.flush();
cipherStream.close();
cipherText.close();
String base64 = Base64.encodeToString(cipherText.toByteArray());
OpenPgpElement openPgpElement = new OpenPgpElement(base64);
return new OpenPgpElementAndMetadata(openPgpElement, cipherStream.getResult());
}
Aggregations