List of usage examples for org.bouncycastle.openpgp.operator.jcajce JcePBESecretKeyDecryptorBuilder JcePBESecretKeyDecryptorBuilder
public JcePBESecretKeyDecryptorBuilder()
From source file:com.arcusx.simplepgp.PgpDataDecryptor.java
private static PGPPrivateKey findSecretKey(PGPSecretKeyRingCollection pgpSec, long keyID, char[] pass) throws PGPException, NoSuchProviderException { PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) { return null; }/* w w w. j a v a 2 s. c o m*/ return pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(pass)); }
From source file:com.navnorth.learningregistry.LRSigner.java
License:Apache License
/** * Encodes the provided message with the private key and pass phrase set in configuration * * @param message Message to encode/*w w w . ja v a2 s . co m*/ * @return Encoded message * @throws LRException SIGNING_FAILED if the document cannot be signed, NO_KEY if the key cannot be obtained */ private String signEnvelopeData(String message) throws LRException { // Throw an exception if any of the required fields are null if (passPhrase == null || publicKeyLocation == null || privateKey == null) { throw new LRException(LRException.NULL_FIELD); } // Add the provider here so that after signing, we can remove the provider. // This allows using this code from multiple separate class loaders while Bouncy Castle is on a separate class loader BouncyCastleProvider provider = new BouncyCastleProvider(); Security.addProvider(provider); try { // Get an InputStream for the private key InputStream privateKeyStream = getPrivateKeyStream(privateKey); // Get an OutputStream for the result ByteArrayOutputStream result = new ByteArrayOutputStream(); ArmoredOutputStream aOut = new ArmoredOutputStream(result); // Get the pass phrase char[] privateKeyPassword = passPhrase.toCharArray(); try { // Get the private key from the InputStream PGPSecretKey sk = readSecretKey(privateKeyStream); PGPPrivateKey pk = sk.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(privateKeyPassword)); PGPSignatureGenerator sGen = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(sk.getPublicKey().getAlgorithm(), PGPUtil.SHA256) .setProvider("BC")); PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator(); // Clear sign the message java.util.Iterator it = sk.getPublicKey().getUserIDs(); if (it.hasNext()) { spGen.setSignerUserID(false, (String) it.next()); sGen.setHashedSubpackets(spGen.generate()); } aOut.beginClearText(PGPUtil.SHA256); sGen.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, pk); byte[] msg = message.getBytes(); sGen.update(msg, 0, msg.length); aOut.write(msg, 0, msg.length); BCPGOutputStream bOut = new BCPGOutputStream(aOut); aOut.endClearText(); sGen.generate().encode(bOut); aOut.close(); String strResult = result.toString("utf8"); // for whatever reason, bouncycastle is failing to put a linebreak before "-----BEGIN PGP SIGNATURE" strResult = strResult.replaceAll("([a-z0-9])-----BEGIN PGP SIGNATURE-----", "$1\n-----BEGIN PGP SIGNATURE-----"); return strResult; } catch (Exception e) { throw new LRException(LRException.SIGNING_FAILED, e); } finally { try { if (privateKeyStream != null) { privateKeyStream.close(); } result.close(); } catch (IOException e) { //Could not close the streams } } } finally { Security.removeProvider(provider.getName()); } }
From source file:crypttools.PGPCryptoBC.java
License:Open Source License
public String signData(String data, String passphrase) throws Exception { Security.addProvider(new BouncyCastleProvider()); InputStream keyInputStream = new ByteArrayInputStream(this.armoredSecretKey); PGPSecretKey pgpSecretKey = readSecretKey(keyInputStream); PGPPrivateKey pgpPrivateKey = pgpSecretKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(passphrase.toCharArray())); PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(pgpSecretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1) .setProvider("BC")); signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, pgpPrivateKey); @SuppressWarnings("unchecked") Iterator<String> it = pgpSecretKey.getPublicKey().getUserIDs(); if (it.hasNext()) { PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator(); spGen.setSignerUserID(false, it.next()); signatureGenerator.setHashedSubpackets(spGen.generate()); }/* w ww .j a va 2 s. c o m*/ ByteArrayOutputStream byteOutputStream = new ByteArrayOutputStream(); OutputStream outputStream = new ArmoredOutputStream(byteOutputStream); PGPCompressedDataGenerator compressDataGenerator = new PGPCompressedDataGenerator(PGPCompressedData.ZLIB); BCPGOutputStream bcOutputStream = new BCPGOutputStream(compressDataGenerator.open(outputStream)); signatureGenerator.generateOnePassVersion(false).encode(bcOutputStream); PGPLiteralDataGenerator literalDataGenerator = new PGPLiteralDataGenerator(); File fileToSign = File.createTempFile("temp", ".scrap"); FileUtils.writeStringToFile(fileToSign, data); OutputStream literalDataGenOutputStream = literalDataGenerator.open(bcOutputStream, PGPLiteralData.BINARY, fileToSign); FileInputStream fis = new FileInputStream(fileToSign); int ch; while ((ch = fis.read()) >= 0) { literalDataGenOutputStream.write(ch); signatureGenerator.update((byte) ch); } literalDataGenerator.close(); fis.close(); signatureGenerator.generate().encode(bcOutputStream); compressDataGenerator.close(); outputStream.close(); fileToSign.delete(); return new String(byteOutputStream.toByteArray(), "UTF-8"); }
From source file:crypttools.PGPCryptoBC.java
License:Open Source License
public String signDataDetached(String data, String passphrase) throws Exception { Security.addProvider(new BouncyCastleProvider()); InputStream keyInputStream = new ByteArrayInputStream(this.armoredSecretKey); PGPSecretKey pgpSecretKey = readSecretKey(keyInputStream); PGPPrivateKey pgpPrivateKey = pgpSecretKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(passphrase.toCharArray())); PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(pgpSecretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1) .setProvider("BC")); signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, pgpPrivateKey); ByteArrayOutputStream byteOutputStream = new ByteArrayOutputStream(); OutputStream outputStream = new ArmoredOutputStream(byteOutputStream); BCPGOutputStream bOut = new BCPGOutputStream(outputStream); InputStream fIn = IOUtils.toInputStream(data, "UTF-8"); int ch;/*from w ww . j av a 2 s . c o m*/ while ((ch = fIn.read()) >= 0) { signatureGenerator.update((byte) ch); } fIn.close(); signatureGenerator.generate().encode(bOut); outputStream.close(); keyInputStream.close(); return new String(byteOutputStream.toByteArray(), "UTF-8"); }
From source file:hh.learnj.test.license.test.lincense3j.MyPGPUtil.java
/** * Search a secret key ring collection for a secret key corresponding to * keyID if it exists./*from w w w . j ava 2s . com*/ * * @param pgpSec * a secret key ring collection. * @param keyID * keyID we want. * @param pass * passphrase to decrypt secret key with. * @return the private key. * @throws PGPException * @throws NoSuchProviderException */ public static PGPPrivateKey findSecretKey(PGPSecretKeyRingCollection pgpSec, long keyID, char[] pass) throws PGPException, NoSuchProviderException { PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) { return null; } return pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(pass)); }
From source file:net.staticsnow.nexus.repository.apt.internal.gpg.AptSigningFacet.java
License:Open Source License
public byte[] signInline(String input) throws IOException, PGPException { PGPSecretKey signKey = readSecretKey(); PGPPrivateKey privKey = signKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(config.passphrase.toCharArray())); PGPSignatureGenerator sigGenerator = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(signKey.getPublicKey().getAlgorithm(), PGPUtil.SHA256) .setProvider("BC")); sigGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privKey); @SuppressWarnings("unchecked") Iterator<String> userIds = signKey.getUserIDs(); if (userIds.hasNext()) { PGPSignatureSubpacketGenerator sigSubpacketGenerator = new PGPSignatureSubpacketGenerator(); sigSubpacketGenerator.setSignerUserID(false, userIds.next()); sigGenerator.setHashedSubpackets(sigSubpacketGenerator.generate()); }//from w ww . jav a 2 s .c o m String[] lines = input.split("\r?\n"); ByteArrayOutputStream buffer = new ByteArrayOutputStream(); try (ArmoredOutputStream aOut = new ArmoredOutputStream(buffer)) { aOut.beginClearText(PGPUtil.SHA256); boolean firstLine = true; for (String line : lines) { String sigLine = (firstLine ? "" : "\r\n") + line.replaceAll("\\s*$", ""); sigGenerator.update(sigLine.getBytes(Charsets.UTF_8)); aOut.write((line + "\n").getBytes(Charsets.UTF_8)); firstLine = false; } aOut.endClearText(); BCPGOutputStream bOut = new BCPGOutputStream(aOut); sigGenerator.generate().encode(bOut); } return buffer.toByteArray(); }
From source file:net.staticsnow.nexus.repository.apt.internal.gpg.AptSigningFacet.java
License:Open Source License
public byte[] signExternal(String input) throws IOException, PGPException { PGPSecretKey signKey = readSecretKey(); PGPPrivateKey privKey = signKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(config.passphrase.toCharArray())); PGPSignatureGenerator sigGenerator = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(signKey.getPublicKey().getAlgorithm(), PGPUtil.SHA256) .setProvider("BC")); sigGenerator.init(PGPSignature.BINARY_DOCUMENT, privKey); ByteArrayOutputStream buffer = new ByteArrayOutputStream(); try (ArmoredOutputStream aOut = new ArmoredOutputStream(buffer)) { BCPGOutputStream bOut = new BCPGOutputStream(aOut); sigGenerator.update(input.getBytes(Charsets.UTF_8)); sigGenerator.generate().encode(bOut); }/* ww w . j ava 2 s . com*/ return buffer.toByteArray(); }
From source file:org.apache.camel.converter.crypto.PGPDataFormat.java
License:Apache License
protected PGPSignatureGenerator createSignatureGenerator(Exchange exchange, OutputStream out) throws IOException, PGPException, NoSuchProviderException, NoSuchAlgorithmException { String sigKeyFileName = findSignatureKeyFileName(exchange); String sigKeyUserid = findSignatureKeyUserid(exchange); String sigKeyPassword = findSignatureKeyPassword(exchange); byte[] sigKeyRing = findSignatureKeyRing(exchange); if ((sigKeyFileName == null && sigKeyRing == null) || sigKeyUserid == null || sigKeyPassword == null) { return null; }/* w ww .j a v a2 s . c o m*/ PGPSecretKey sigSecretKey = PGPDataFormatUtil.findSecretKey(exchange.getContext(), sigKeyFileName, sigKeyRing, sigKeyPassword, sigKeyUserid, getProvider()); if (sigSecretKey == null) { throw new IllegalArgumentException(String.format( "Cannot PGP encrypt message. No secret key found for User ID %s. Either add a key with this User ID to the secret keyring or change the configured User ID.", sigKeyUserid)); } PGPPrivateKey sigPrivateKey = sigSecretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder() .setProvider(getProvider()).build(sigKeyPassword.toCharArray())); if (sigPrivateKey == null) { // this exception will never happen throw new IllegalArgumentException("Signature private key is null, cannot proceed"); } PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator(); spGen.setSignerUserID(false, sigKeyUserid); int algorithm = sigSecretKey.getPublicKey().getAlgorithm(); PGPSignatureGenerator sigGen = new PGPSignatureGenerator( new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider())); sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey); sigGen.setHashedSubpackets(spGen.generate()); sigGen.generateOnePassVersion(false).encode(out); return sigGen; }
From source file:org.apache.camel.converter.crypto.PGPDataFormatUtil.java
License:Apache License
@SuppressWarnings("unchecked") private static PGPPrivateKey findPrivateKeyWithKeyId(InputStream keyringInput, long keyid, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput)); for (Iterator<?> i = pgpSec.getKeyRings(); i.hasNext();) { Object data = i.next();// ww w .jav a 2 s. com if (data instanceof PGPSecretKeyRing) { PGPSecretKeyRing keyring = (PGPSecretKeyRing) data; for (Iterator<PGPSecretKey> secKeys = keyring.getSecretKeys(); secKeys.hasNext();) { PGPSecretKey secKey = secKeys.next(); if (secKey != null && keyid == secKey.getKeyID()) { if (passphrase == null && passphraseAccessor != null) { // get passphrase from accessor Iterator<String> userIDs = secKey.getUserIDs(); while (passphrase == null && userIDs.hasNext()) { passphrase = passphraseAccessor.getPassphrase(userIDs.next()); } } if (passphrase != null) { PGPPrivateKey privateKey = secKey .extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider) .build(passphrase.toCharArray())); if (privateKey != null) { return privateKey; } } } } } } return null; }
From source file:org.apache.camel.converter.crypto.PGPDataFormatUtil.java
License:Apache License
@Deprecated private static PGPPrivateKey findPrivateKey(InputStream keyringInput, InputStream encryptedInput, String passphrase, PGPPassphraseAccessor passphraseAccessor, String provider) throws IOException, PGPException, NoSuchProviderException { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyringInput)); PGPObjectFactory factory = new PGPObjectFactory(PGPUtil.getDecoderStream(encryptedInput)); PGPEncryptedDataList enc;/* w ww. j a v a 2 s .com*/ Object o = factory.nextObject(); if (o == null) { throw new PGPException("Provided input is not encrypted."); } if (o instanceof PGPEncryptedDataList) { enc = (PGPEncryptedDataList) o; } else { enc = (PGPEncryptedDataList) factory.nextObject(); } encryptedInput.reset(); // nextObject() method reads from the InputStream, so rewind it! Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects(); PGPPrivateKey privateKey = null; PGPPublicKeyEncryptedData encryptedData = null; while (privateKey == null && encryptedDataObjects.hasNext()) { encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next(); PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID()); if (pgpSecKey != null) { if (passphrase == null && passphraseAccessor != null) { // get passphrase from accessor @SuppressWarnings("unchecked") Iterator<String> userIDs = pgpSecKey.getUserIDs(); while (passphrase == null && userIDs.hasNext()) { passphrase = passphraseAccessor.getPassphrase(userIDs.next()); } } privateKey = pgpSecKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider(provider) .build(passphrase.toCharArray())); } } if (privateKey == null && pgpSec.size() > 0 && encryptedData != null) { throw new PGPException("Provided input is encrypted with unknown pair of keys."); } return privateKey; }