Example 21 with OpenPgpV4Fingerprint
use of org.pgpainless.key.OpenPgpV4Fingerprint in project Smack by igniterealtime.
the class OpenPgpManager method backupSecretKeyToServer.
/**
* Upload the encrypted secret key to a private PEP node.
* The backup is encrypted using the provided secret key passphrase.
*
* @see <a href="https://xmpp.org/extensions/xep-0373.html#synchro-pep">XEP-0373 ยง5</a>
*
* @param selectKeyCallback callback, which will receive the users choice of which keys will be backed up.
* @param passphrase secret key passphrase
*
* @throws InterruptedException if the thread is interrupted.
* @throws PubSubException.NotALeafNodeException if the private node is not a {@link LeafNode}.
* @throws XMPPException.XMPPErrorException in case of an XMPP protocol error.
* @throws SmackException.NotConnectedException if we are not connected.
* @throws SmackException.NoResponseException if the server doesn't respond.
* @throws SmackException.NotLoggedInException if we are not logged in.
* @throws IOException IO is dangerous.
* @throws SmackException.FeatureNotSupportedException if the server doesn't support the PubSub whitelist access model.
* @throws PGPException PGP is brittle
* @throws MissingOpenPgpKeyException in case we have no OpenPGP key pair to back up.
*/
public void backupSecretKeyToServer(SecretKeyBackupSelectionCallback selectKeyCallback, OpenPgpSecretKeyBackupPassphrase passphrase) throws InterruptedException, PubSubException.NotALeafNodeException, XMPPException.XMPPErrorException, SmackException.NotConnectedException, SmackException.NoResponseException, SmackException.NotLoggedInException, IOException, SmackException.FeatureNotSupportedException, PGPException, MissingOpenPgpKeyException {
throwIfNoProviderSet();
throwIfNotAuthenticated();
BareJid ownJid = connection().getUser().asBareJid();
PGPSecretKeyRingCollection secretKeyRings = provider.getStore().getSecretKeysOf(ownJid);
Set<OpenPgpV4Fingerprint> availableKeyPairs = new HashSet<>();
for (PGPSecretKeyRing ring : secretKeyRings) {
availableKeyPairs.add(new OpenPgpV4Fingerprint(ring));
}
Set<OpenPgpV4Fingerprint> selectedKeyPairs = selectKeyCallback.selectKeysToBackup(availableKeyPairs);
SecretkeyElement secretKey = SecretKeyBackupHelper.createSecretkeyElement(provider, ownJid, selectedKeyPairs, passphrase);
OpenPgpPubSubUtil.depositSecretKey(connection(), secretKey);
}
Also used :
SecretkeyElement(org.jivesoftware.smackx.ox.element.SecretkeyElement)
EntityBareJid(org.jxmpp.jid.EntityBareJid)
BareJid(org.jxmpp.jid.BareJid)
PGPSecretKeyRingCollection(org.bouncycastle.openpgp.PGPSecretKeyRingCollection)
OpenPgpV4Fingerprint(org.pgpainless.key.OpenPgpV4Fingerprint)
PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing)
HashSet(java.util.HashSet)
Example 22 with OpenPgpV4Fingerprint
use of org.pgpainless.key.OpenPgpV4Fingerprint in project Smack by igniterealtime.
the class FileBasedOpenPgpMetadataStore method writeFingerprintsAndDates.
static void writeFingerprintsAndDates(Map<OpenPgpV4Fingerprint, Date> data, File destination) throws IOException {
if (data == null || data.isEmpty()) {
FileUtils.maybeDeleteFileOrThrow(destination);
return;
}
FileUtils.maybeCreateFileWithParentDirectories(destination);
BufferedWriter writer = null;
try {
OutputStream outputStream = FileUtils.prepareFileOutputStream(destination);
OutputStreamWriter osw = new OutputStreamWriter(outputStream, Util.UTF8);
writer = new BufferedWriter(osw);
for (OpenPgpV4Fingerprint fingerprint : data.keySet()) {
Date date = data.get(fingerprint);
String line = fingerprint.toString() + " " + (date != null ? XmppDateTime.formatXEP0082Date(date) : XmppDateTime.formatXEP0082Date(new Date()));
writer.write(line);
writer.newLine();
}
} finally {
CloseableUtil.maybeClose(writer, LOGGER);
}
}
Also used :
OutputStream(java.io.OutputStream)
OutputStreamWriter(java.io.OutputStreamWriter)
OpenPgpV4Fingerprint(org.pgpainless.key.OpenPgpV4Fingerprint)
Date(java.util.Date)
BufferedWriter(java.io.BufferedWriter)
Example 23 with OpenPgpV4Fingerprint
use of org.pgpainless.key.OpenPgpV4Fingerprint in project Smack by igniterealtime.
the class SecretKeyBackupHelperTest method createAndDecryptSecretKeyElementTest.
@Test
public void createAndDecryptSecretKeyElementTest() throws PGPException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException, MissingUserIdOnKeyException, MissingOpenPgpKeyException, InvalidBackupCodeException {
// Prepare store and provider and so on...
FileBasedOpenPgpStore store = new FileBasedOpenPgpStore(basePath);
PainlessOpenPgpProvider provider = new PainlessOpenPgpProvider(store);
// Generate and import key
PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().simpleEcKeyRing("xmpp:alice@wonderland.lit");
BareJid jid = JidCreate.bareFrom("alice@wonderland.lit");
provider.getStore().importSecretKey(jid, secretKeys);
// Create encrypted backup
OpenPgpSecretKeyBackupPassphrase backupCode = SecretKeyBackupHelper.generateBackupPassword();
SecretkeyElement element = SecretKeyBackupHelper.createSecretkeyElement(provider, jid, Collections.singleton(new OpenPgpV4Fingerprint(secretKeys)), backupCode);
// Decrypt backup and compare
PGPSecretKeyRing secretKeyRing = SecretKeyBackupHelper.restoreSecretKeyBackup(element, backupCode);
Assertions.assertArrayEquals(secretKeys.getEncoded(), secretKeyRing.getEncoded());
}
Also used :
SecretkeyElement(org.jivesoftware.smackx.ox.element.SecretkeyElement)
FileBasedOpenPgpStore(org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore)
BareJid(org.jxmpp.jid.BareJid)
OpenPgpV4Fingerprint(org.pgpainless.key.OpenPgpV4Fingerprint)
PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing)
PainlessOpenPgpProvider(org.jivesoftware.smackx.ox.crypto.PainlessOpenPgpProvider)
Test(org.junit.jupiter.api.Test)
Example 24 with OpenPgpV4Fingerprint
use of org.pgpainless.key.OpenPgpV4Fingerprint in project Smack by igniterealtime.
the class PainlessOpenPgpProviderTest method encryptDecryptTest.
@Test
public void encryptDecryptTest() throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, MissingUserIdOnKeyException, XmlPullParserException {
// Initialize
OpenPgpStore aliceStore = new FileBasedOpenPgpStore(storagePath);
OpenPgpStore bobStore = new FileBasedOpenPgpStore(storagePath);
aliceStore.setKeyRingProtector(new UnprotectedKeysProtector());
bobStore.setKeyRingProtector(new UnprotectedKeysProtector());
XMPPConnection bobConnection = new DummyConnection();
PainlessOpenPgpProvider aliceProvider = new PainlessOpenPgpProvider(aliceStore);
PainlessOpenPgpProvider bobProvider = new PainlessOpenPgpProvider(bobStore);
PGPSecretKeyRing aliceKeys = aliceStore.generateKeyRing(alice);
PGPSecretKeyRing bobKeys = bobStore.generateKeyRing(bob);
PGPPublicKeyRing alicePubKeys = KeyRingUtils.publicKeyRingFrom(aliceKeys);
PGPPublicKeyRing bobPubKeys = KeyRingUtils.publicKeyRingFrom(bobKeys);
OpenPgpV4Fingerprint aliceFingerprint = new OpenPgpV4Fingerprint(aliceKeys);
OpenPgpV4Fingerprint bobFingerprint = new OpenPgpV4Fingerprint(bobKeys);
aliceStore.importSecretKey(alice, aliceKeys);
bobStore.importSecretKey(bob, bobKeys);
aliceStore.setAnnouncedFingerprintsOf(alice, Collections.singletonMap(aliceFingerprint, new Date()));
bobStore.setAnnouncedFingerprintsOf(bob, Collections.singletonMap(bobFingerprint, new Date()));
OpenPgpSelf aliceSelf = new OpenPgpSelf(alice, aliceStore);
aliceSelf.trust(aliceFingerprint);
OpenPgpSelf bobSelf = new OpenPgpSelf(bob, bobStore);
bobSelf.trust(bobFingerprint);
// Exchange keys
aliceStore.importPublicKey(bob, bobPubKeys);
bobStore.importPublicKey(alice, alicePubKeys);
aliceStore.setAnnouncedFingerprintsOf(bob, Collections.singletonMap(bobFingerprint, new Date()));
bobStore.setAnnouncedFingerprintsOf(alice, Collections.singletonMap(aliceFingerprint, new Date()));
OpenPgpContact aliceForBob = new OpenPgpContact(alice, bobStore);
aliceForBob.trust(aliceFingerprint);
OpenPgpContact bobForAlice = new OpenPgpContact(bob, aliceStore);
bobForAlice.trust(bobFingerprint);
// Prepare message
Message.Body body = new Message.Body(null, "Lorem ipsum dolor sit amet, consectetur adipisici elit, sed eiusmod tempor incidunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquid ex ea commodi consequat. Quis aute iure reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint obcaecat cupiditat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.");
List<ExtensionElement> payload = Collections.singletonList(body);
OpenPgpElementAndMetadata encrypted;
OpenPgpMessage decrypted;
/*
test signcrypt
*/
SigncryptElement signcryptElement = new SigncryptElement(Collections.<Jid>singleton(bob), payload);
// Encrypt and Sign
encrypted = aliceProvider.signAndEncrypt(signcryptElement, aliceSelf, Collections.singleton(bobForAlice));
// Decrypt and Verify
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
OpenPgpFingerprint decryptionFingerprint = decrypted.getMetadata().getDecryptionKey().getFingerprint();
assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId()));
assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys));
assertEquals(OpenPgpMessage.State.signcrypt, decrypted.getState());
SigncryptElement decryptedSignCrypt = (SigncryptElement) decrypted.getOpenPgpContentElement();
assertEquals(body.getMessage(), decryptedSignCrypt.<Message.Body>getExtension(Message.Body.ELEMENT, Message.Body.NAMESPACE).getMessage());
/*
test crypt
*/
CryptElement cryptElement = new CryptElement(Collections.<Jid>singleton(bob), payload);
// Encrypt
encrypted = aliceProvider.encrypt(cryptElement, aliceSelf, Collections.singleton(bobForAlice));
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
decryptionFingerprint = decrypted.getMetadata().getDecryptionKey().getFingerprint();
assertTrue(bobSelf.getSecretKeys().contains(decryptionFingerprint.getKeyId()));
assertTrue(decrypted.getMetadata().getVerifiedSignatures().isEmpty());
assertEquals(OpenPgpMessage.State.crypt, decrypted.getState());
CryptElement decryptedCrypt = (CryptElement) decrypted.getOpenPgpContentElement();
assertEquals(body.getMessage(), decryptedCrypt.<Message.Body>getExtension(Message.Body.ELEMENT, Message.Body.NAMESPACE).getMessage());
/*
test sign
*/
SignElement signElement = new SignElement(Collections.singleton(bob), new Date(), payload);
// Sign
encrypted = aliceProvider.sign(signElement, aliceSelf);
decrypted = bobProvider.decryptAndOrVerify(bobConnection, encrypted.getElement(), bobSelf, aliceForBob);
assertNull(decrypted.getMetadata().getDecryptionKey());
assertTrue(decrypted.getMetadata().containsVerifiedSignatureFrom(alicePubKeys));
assertEquals(OpenPgpMessage.State.sign, decrypted.getState());
SignElement decryptedSign = (SignElement) decrypted.getOpenPgpContentElement();
assertEquals(body.getMessage(), decryptedSign.<Message.Body>getExtension(Message.Body.ELEMENT, Message.Body.NAMESPACE).getMessage());
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
SigncryptElement(org.jivesoftware.smackx.ox.element.SigncryptElement)
Message(org.jivesoftware.smack.packet.Message)
DummyConnection(org.jivesoftware.smack.DummyConnection)
ExtensionElement(org.jivesoftware.smack.packet.ExtensionElement)
XMPPConnection(org.jivesoftware.smack.XMPPConnection)
Date(java.util.Date)
CryptElement(org.jivesoftware.smackx.ox.element.CryptElement)
OpenPgpElementAndMetadata(org.jivesoftware.smackx.ox.crypto.OpenPgpElementAndMetadata)
FileBasedOpenPgpStore(org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore)
UnprotectedKeysProtector(org.pgpainless.key.protection.UnprotectedKeysProtector)
SignElement(org.jivesoftware.smackx.ox.element.SignElement)
FileBasedOpenPgpStore(org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore)
OpenPgpStore(org.jivesoftware.smackx.ox.store.definition.OpenPgpStore)
OpenPgpV4Fingerprint(org.pgpainless.key.OpenPgpV4Fingerprint)
OpenPgpFingerprint(org.pgpainless.key.OpenPgpFingerprint)
PGPSecretKeyRing(org.bouncycastle.openpgp.PGPSecretKeyRing)
PainlessOpenPgpProvider(org.jivesoftware.smackx.ox.crypto.PainlessOpenPgpProvider)
Test(org.junit.jupiter.api.Test)
Example 25 with OpenPgpV4Fingerprint
use of org.pgpainless.key.OpenPgpV4Fingerprint in project Smack by igniterealtime.
the class PubSubDelegateTest method pubkeyNodeNameTest.
@Test
public void pubkeyNodeNameTest() {
OpenPgpV4Fingerprint fingerprint = new OpenPgpV4Fingerprint("486f7065207520646f6e2068617665204f43640a");
assertEquals("urn:xmpp:openpgp:0:public-keys:486F7065207520646F6E2068617665204F43640A", OpenPgpPubSubUtil.PEP_NODE_PUBLIC_KEY(fingerprint));
}
Also used :
OpenPgpV4Fingerprint(org.pgpainless.key.OpenPgpV4Fingerprint)
Test(org.junit.jupiter.api.Test)
Aggregations
OpenPgpV4Fingerprint (org.pgpainless.key.OpenPgpV4Fingerprint)28
Date (java.util.Date)11
PGPSecretKeyRing (org.bouncycastle.openpgp.PGPSecretKeyRing)11
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)8
Test (org.junit.Test)7
Test (org.junit.jupiter.api.Test)5
HashMap (java.util.HashMap)3
HashSet (java.util.HashSet)3
PGPPublicKeyRingCollection (org.bouncycastle.openpgp.PGPPublicKeyRingCollection)3
PainlessOpenPgpProvider (org.jivesoftware.smackx.ox.crypto.PainlessOpenPgpProvider)3
PublicKeysListElement (org.jivesoftware.smackx.ox.element.PublicKeysListElement)3
SecretkeyElement (org.jivesoftware.smackx.ox.element.SecretkeyElement)3
MissingUserIdOnKeyException (org.jivesoftware.smackx.ox.exception.MissingUserIdOnKeyException)3
OpenPgpStore (org.jivesoftware.smackx.ox.store.definition.OpenPgpStore)3
FileBasedOpenPgpStore (org.jivesoftware.smackx.ox.store.filebased.FileBasedOpenPgpStore)3
KeyRingInfo (org.pgpainless.key.info.KeyRingInfo)3
UnprotectedKeysProtector (org.pgpainless.key.protection.UnprotectedKeysProtector)3
BufferedReader (java.io.BufferedReader)2
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
