List of usage examples for org.bouncycastle.openpgp PGPKeyPair getPublicKey
public PGPPublicKey getPublicKey()
From source file:genkeys.java
License:Open Source License
private static SecretKeyPacket secretKeyPacket(KeyPair key, int cipher, boolean useSHA1, S2K s2k, String pass) throws NoSuchProviderException, PGPException { int algorithm; if (key.getPrivate().getAlgorithm() == "RSA") { algorithm = PGPPublicKey.RSA_GENERAL; } else {/*from w ww.j ava2 s. c o m*/ algorithm = PGPPublicKey.DSA; } Date time = new Date(); PGPKeyPair keyPair = new PGPKeyPair(algorithm, key.getPublic(), key.getPrivate(), time, "BC"); PublicKeyPacket pubPk = publicKeyPacket(key.getPublic(), algorithm, time); BCPGObject secKey; switch (keyPair.getPublicKey().getAlgorithm()) { case PGPPublicKey.RSA_ENCRYPT: case PGPPublicKey.RSA_SIGN: case PGPPublicKey.RSA_GENERAL: RSAPrivateCrtKey rsK = (RSAPrivateCrtKey) keyPair.getPrivateKey().getKey(); secKey = new RSASecretBCPGKey(rsK.getPrivateExponent(), rsK.getPrimeP(), rsK.getPrimeQ()); break; case PGPPublicKey.DSA: DSAPrivateKey dsK = (DSAPrivateKey) keyPair.getPrivateKey().getKey(); secKey = new DSASecretBCPGKey(dsK.getX()); break; case PGPPublicKey.ELGAMAL_ENCRYPT: case PGPPublicKey.ELGAMAL_GENERAL: ElGamalPrivateKey esK = (ElGamalPrivateKey) keyPair.getPrivateKey().getKey(); secKey = new ElGamalSecretBCPGKey(esK.getX()); break; default: throw new PGPException("unknown key class"); } Cipher c = cipher(cipher); SecretKeyPacket secPk; try { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); BCPGOutputStream pOut = new BCPGOutputStream(bOut); pOut.writeObject(secKey); byte[] keyData = bOut.toByteArray(); pOut.write(checksum(useSHA1, keyData, keyData.length)); if (c != null) { SecretKey skey = PGPUtil.makeKeyFromPassPhrase(cipher, s2k, pass.toCharArray(), "BC"); c.init(Cipher.ENCRYPT_MODE, skey, new SecureRandom()); byte[] iv = c.getIV(); byte[] encData = c.doFinal(bOut.toByteArray()); if (useSHA1) { secPk = new SecretKeyPacket(pubPk, cipher, SecretKeyPacket.USAGE_SHA1, s2k, iv, encData); } else { secPk = new SecretKeyPacket(pubPk, cipher, SecretKeyPacket.USAGE_CHECKSUM, s2k, iv, encData); } } else { secPk = new SecretKeyPacket(pubPk, cipher, null, null, bOut.toByteArray()); } } catch (PGPException e) { throw e; } catch (Exception e) { throw new PGPException("Exception encrypting key", e); } return secPk; }
From source file:com.fuzion.tools.pgp.BCPGPKeyGenTools.java
License:Open Source License
/** * /*from w w w. java2 s. c o m*/ * @param dsaKeyPair - the generated DSA key pair * @param elGamalKeyPair - the generated El Gamal key pair * @param identity - the given identity of the key pair ring * @param passphrase - the secret pass phrase to protect the key pair * @return a PGP Key Ring Generate with the El Gamal key pair added as sub key * @throws Exception */ @SuppressWarnings("deprecation") public static final PGPKeyRingGenerator createPGPKeyRingGeneratorForDSAKeyPair(KeyPair dsaKeyPair, KeyPair elGamalKeyPair, String identity, char[] passphrase) throws Exception { PGPKeyPair dsaPgpKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKeyPair, new Date()); PGPKeyPair elGamalPgpKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elGamalKeyPair, new Date()); PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build() .get(HashAlgorithmTags.SHA1); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaPgpKeyPair, identity, sha1Calc, null, null, new JcaPGPContentSignerBuilder(dsaPgpKeyPair.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1), new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha1Calc).setProvider("BC") .build(passphrase)); keyRingGen.addSubKey(elGamalPgpKeyPair); return keyRingGen; }
From source file:com.fuzion.tools.pgp.BCPGPKeyGenTools.java
License:Open Source License
/** * //from w ww .j ava 2 s .co m * @param signKeyPair - the generated signing RSA key pair * @param encryptKeyPair - the generated encrypting RSA key pair * @param identity - the given identity of the key pair ring * @param passphrase - the secret pass phrase to protect the key pair * @return a PGP Key Ring Generate with the RSA key pair added as sub key * @throws Exception */ @SuppressWarnings("deprecation") public static final PGPKeyRingGenerator createPGPKeyRingGeneratorForRSAKeyPair(KeyPair signKeyPair, KeyPair encryptKeyPair, String identity, char[] passphrase) throws Exception { PGPKeyPair signPgpKeyPair = new PGPKeyPair(PGPPublicKey.RSA_SIGN, signKeyPair, new Date()); PGPKeyPair encryptPgpKeyPair = new PGPKeyPair(PGPPublicKey.RSA_ENCRYPT, encryptKeyPair, new Date()); PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build() .get(HashAlgorithmTags.SHA1); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, signPgpKeyPair, identity, sha1Calc, null, null, new JcaPGPContentSignerBuilder(signPgpKeyPair.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1), new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha1Calc).setProvider("BC") .build(passphrase)); keyRingGen.addSubKey(encryptPgpKeyPair); return keyRingGen; }
From source file:crypttools.PGPTools.java
License:Open Source License
/** * /*from www .j av a 2 s . c o m*/ * @param dsaKeyPair - the generated DSA key pair * @param elGamalKeyPair - the generated El Gamal key pair * @param identity - the given identity of the key pair ring * @param passphrase - the secret pass phrase to protect the key pair * @return a PGP Key Ring Generate with the El Gamal key pair added as sub key * @throws Exception */ @SuppressWarnings("deprecation") public static final PGPKeyRingGenerator createPGPKeyRingGenerator(KeyPair dsaKeyPair, KeyPair elGamalKeyPair, String identity, char[] passphrase) throws Exception { PGPKeyPair dsaPgpKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKeyPair, new Date()); PGPKeyPair elGamalPgpKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elGamalKeyPair, new Date()); PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build() .get(HashAlgorithmTags.SHA1); PGPContentSignerBuilder pgpCSB = new JcaPGPContentSignerBuilder(dsaPgpKeyPair.getPublicKey().getAlgorithm(), HashAlgorithmTags.SHA1); PBESecretKeyEncryptor pbeSKE = new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha1Calc) .setProvider("BC").build(passphrase); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaPgpKeyPair, identity, sha1Calc, null, null, pgpCSB, pbeSKE); keyRingGen.addSubKey(elGamalPgpKeyPair); return keyRingGen; }
From source file:google.registry.keyring.api.ComparatorKeyring.java
License:Open Source License
@VisibleForTesting static boolean compare(@Nullable PGPKeyPair a, @Nullable PGPKeyPair b) { if (a == null || b == null) { return a == null && b == null; }/* w w w. ja v a 2 s . c om*/ return compare(a.getPublicKey(), b.getPublicKey()) && compare(a.getPrivateKey(), b.getPrivateKey()); }
From source file:google.registry.keyring.api.ComparatorKeyring.java
License:Open Source License
@VisibleForTesting static String stringify(PGPKeyPair a) { if (a == null) { return "null"; }/*www .j a va 2 s . c om*/ return MoreObjects.toStringHelper(PGPKeyPair.class).addValue(stringify(a.getPublicKey())) .addValue(stringify(a.getPrivateKey())).toString(); }
From source file:google.registry.keyring.api.DummyKeyringModule.java
License:Open Source License
/** Always returns a {@link InMemoryKeyring} instance. */ @Provides/*w ww .jav a2 s . c o m*/ static Keyring provideKeyring() { PGPKeyPair dummyKey; try (InputStream publicInput = PGP_PUBLIC_KEYRING.openStream(); InputStream privateInput = PGP_PRIVATE_KEYRING.openStream()) { PGPPublicKeyRingCollection publicKeys = new BcPGPPublicKeyRingCollection( PGPUtil.getDecoderStream(publicInput)); PGPSecretKeyRingCollection privateKeys = new BcPGPSecretKeyRingCollection( PGPUtil.getDecoderStream(privateInput)); dummyKey = lookupKeyPair(publicKeys, privateKeys, EMAIL_ADDRESS, ENCRYPT_SIGN); } catch (PGPException | IOException e) { throw new VerifyException("Failed to load PGP keys from jar", e); } // Use the same dummy PGP keypair for all required PGP keys -- a real production system would // have different values for these keys. Pass dummy values for all Strings. return new InMemoryKeyring(dummyKey, dummyKey, dummyKey.getPublicKey(), dummyKey, dummyKey.getPublicKey(), "not a real key", "not a real key", "not a real password", "not a real login", "not a real password", "not a real login", "not a real credential", "not a real key"); }
From source file:google.registry.keyring.api.InMemoryKeyring.java
License:Open Source License
public InMemoryKeyring(PGPKeyPair rdeStagingKey, PGPKeyPair rdeSigningKey, PGPPublicKey rdeReceiverKey, PGPKeyPair brdaSigningKey, PGPPublicKey brdaEncryptionKey, String rdeSshClientPublicKey, String rdeSshClientPrivateKey, String icannReportingPassword, String marksdbDnlLogin, String marksdbLordnPassword, String marksdbSmdrlLogin, String jsonCredential, String braintreePrivateKey) { checkArgument(PgpHelper.isSigningKey(rdeSigningKey.getPublicKey()), "RDE signing key must support signing: %s", rdeSigningKey.getKeyID()); checkArgument(rdeStagingKey.getPublicKey().isEncryptionKey(), "staging key must support encryption: %s", rdeStagingKey.getKeyID());//from w ww .j a v a 2 s.co m checkArgument(rdeReceiverKey.isEncryptionKey(), "receiver key must support encryption: %s", rdeReceiverKey.getKeyID()); checkArgument(PgpHelper.isSigningKey(brdaSigningKey.getPublicKey()), "BRDA signing key must support signing: %s", brdaSigningKey.getKeyID()); checkArgument(brdaEncryptionKey.isEncryptionKey(), "encryption key must support encryption: %s", brdaEncryptionKey.getKeyID()); this.rdeStagingKey = rdeStagingKey; this.rdeSigningKey = rdeSigningKey; this.rdeReceiverKey = rdeReceiverKey; this.brdaSigningKey = brdaSigningKey; this.brdaEncryptionKey = brdaEncryptionKey; this.rdeSshClientPublicKey = checkNotNull(rdeSshClientPublicKey, "rdeSshClientPublicKey"); this.rdeSshClientPrivateKey = checkNotNull(rdeSshClientPrivateKey, "rdeSshClientPrivateKey"); this.icannReportingPassword = checkNotNull(icannReportingPassword, "icannReportingPassword"); this.marksdbDnlLogin = checkNotNull(marksdbDnlLogin, "marksdbDnlLogin"); this.marksdbLordnPassword = checkNotNull(marksdbLordnPassword, "marksdbLordnPassword"); this.marksdbSmdrlLogin = checkNotNull(marksdbSmdrlLogin, "marksdbSmdrlLogin"); this.jsonCredential = checkNotNull(jsonCredential, "jsonCredential"); this.braintreePrivateKey = checkNotNull(braintreePrivateKey, "braintreePrivateKey"); }
From source file:google.registry.keyring.api.KeySerializer.java
License:Open Source License
/** * Serialize a PGPKeyPair//from w ww .j a v a2 s. c o m * * <p>Use this to serialize a PGPPrivateKey as well (pairing it with the corresponding * PGPPublicKey), as private keys can't be serialized on their own. */ public static byte[] serializeKeyPair(PGPKeyPair keyPair) throws IOException, PGPException { try (ByteArrayOutputStream byteStream = new ByteArrayOutputStream()) { // NOTE: We have to close the ArmoredOutputStream before calling the underlying OutputStream's // "toByteArray". Failing to do so would result in a truncated serialization as we took the // byte array before the ArmoredOutputStream wrote all the data. // // Even "flushing" the ArmoredOutputStream isn't enough - as there are parts that are only // written by the ArmoredOutputStream when it is closed: the "-----END PGP PRIVATE KEY // BLOCK-----" (or similar) footer. try (ArmoredOutputStream out = new ArmoredOutputStream(byteStream)) { new PGPSecretKey(keyPair.getPrivateKey(), keyPair.getPublicKey(), new JcaPGPDigestCalculatorProviderBuilder().setProvider("BC").build() .get(HashAlgorithmTags.SHA256), true, null).encode(out); } return byteStream.toByteArray(); } }
From source file:google.registry.rde.GhostrydeTest.java
License:Open Source License
@Test public void testFailure_keyMismatch() throws Exception { RdeKeyringModule keyringModule = new RdeKeyringModule(); byte[] data = "Fanatics have their dreams, wherewith they weave.".getBytes(UTF_8); DateTime mtime = DateTime.parse("1984-12-18T00:30:00Z"); PGPKeyPair dsa1 = keyringModule.get("rde-unittest@registry.test", ENCRYPT); PGPKeyPair dsa2 = keyringModule.get("rde-unittest-dsa@registry.test", ENCRYPT); PGPPublicKey publicKey = dsa1.getPublicKey(); PGPPrivateKey privateKey = dsa2.getPrivateKey(); Ghostryde ghost = new Ghostryde(1024); ByteArrayOutputStream bsOut = new ByteArrayOutputStream(); try (Ghostryde.Encryptor encryptor = ghost.openEncryptor(bsOut, publicKey); Ghostryde.Compressor kompressor = ghost.openCompressor(encryptor); OutputStream output = ghost.openOutput(kompressor, "lol", mtime)) { output.write(data);/* w ww. j av a 2s . c om*/ } ByteArrayInputStream bsIn = new ByteArrayInputStream(bsOut.toByteArray()); thrown.expect(PGPException.class, "Message was encrypted for keyid a59c132f3589a1d5 but ours is c9598c84ec70b9fd"); try (Ghostryde.Decryptor decryptor = ghost.openDecryptor(bsIn, privateKey)) { ByteStreams.copy(decryptor, ByteStreams.nullOutputStream()); } }