List of usage examples for org.bouncycastle.bcpg SignatureSubpacket getData
public byte[] getData()
From source file:com.google.e2e.bcdriver.KeyChecker.java
License:Apache License
private static final boolean isGoodBackSignature(PGPSignature sig, PGPPublicKey signer, PGPPublicKey target, StringBuilder errors) throws PGPException, SignatureException, IOException { SignatureSubpacket esigpack = null; // Prefer to get it from the hashed subpacket. PGPSignatureSubpacketVector svec = sig.getHashedSubPackets(); if (svec != null) { esigpack = svec.getSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE); }//from w ww .j a v a2 s .c o m if (esigpack == null) { svec = sig.getUnhashedSubPackets(); if (svec != null) { esigpack = svec.getSubpacket(SignatureSubpacketTags.EMBEDDED_SIGNATURE); } } if (esigpack == null) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because it doesn't have a cross-certification.\n" + "See https://www.gnupg.org/faq/subkey-cross-certify.html\n"); return false; } // Unfortunately, since PGPSignature(byte[]) is not public, we // have to go through this ugly contortion to get a signature. ByteArrayOutputStream baout = new ByteArrayOutputStream(); // dump out an old-style header. int hdr = 0x80 | (PacketTags.SIGNATURE << 2); int len = esigpack.getData().length; if (len <= 0xff) { baout.write(hdr); baout.write(len); } else if (len <= 0xffff) { baout.write(hdr | 0x01); baout.write((len >> 8) & 0xff); baout.write(len & 0xff); } else { baout.write(hdr | 0x02); baout.write((len >> 24) & 0xff); baout.write((len >> 16) & 0xff); baout.write((len >> 8) & 0xff); baout.write(len & 0xff); } baout.write(esigpack.getData()); baout.close(); PGPObjectFactory fact = new PGPObjectFactory(new ByteArrayInputStream(baout.toByteArray()), new BcKeyFingerprintCalculator()); Object obj = fact.nextObject(); if (!(obj instanceof PGPSignatureList)) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because no usable embedded signature is available.\n"); return false; } PGPSignatureList esiglist = (PGPSignatureList) obj; if (esiglist.size() != 1) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because no usable embedded signature is available.\n"); return false; } PGPSignature esig = esiglist.get(0); if (esig.getSignatureType() != PGPSignature.PRIMARYKEY_BINDING) { errors.append("Rejecting " + niceSig(sig) + " for subkey " + nicePk(target) + " because the embedded " + niceSig(esig) + " is not a proper backsignature.\n"); return false; } esig.init(new BcPGPContentVerifierBuilderProvider(), target); return esig.verifyCertification(signer, target) && isSignatureCurrent(esig, errors); }
From source file:com.google.gerrit.gpg.PublicKeyChecker.java
License:Apache License
private CheckResult checkTrustSubpacket(PGPSignature sig, int depth) { SignatureSubpacket trustSub = sig.getHashedSubPackets().getSubpacket(SignatureSubpacketTags.TRUST_SIG); if (trustSub == null || trustSub.getData().length != 2) { return new CheckResult("Certification is missing trust information"); }//www . j a va 2s .co m byte amount = trustSub.getData()[1]; if (amount < COMPLETE_TRUST) { return new CheckResult("Certification does not fully trust key"); } byte level = trustSub.getData()[0]; int required = depth + 1; if (level < required) { return new CheckResult( "Certification trusts to depth " + level + ", but depth " + required + " is required"); } return CheckResult.OK; }
From source file:org.sufficientlysecure.keychain.pgp.WrappedSignature.java
License:Open Source License
public String getRevocationReason() throws PgpGeneralException { if (!isRevocation()) { throw new PgpGeneralException("Not a revocation signature."); }/* ww w . j a v a2 s.c om*/ if (mSig.getHashedSubPackets() == null) { return null; } SignatureSubpacket p = mSig.getHashedSubPackets().getSubpacket(SignatureSubpacketTags.REVOCATION_REASON); // For some reason, this is missing in SignatureSubpacketInputStream:146 if (!(p instanceof RevocationReason)) { p = new RevocationReason(false, false, p.getData()); } return ((RevocationReason) p).getRevocationDescription(); }