List of usage examples for org.bouncycastle.openpgp PGPOnePassSignatureList isEmpty
public boolean isEmpty()
From source file:org.apache.camel.converter.crypto.PGPDataFormat.java
License:Apache License
protected PGPOnePassSignature getSignature(Exchange exchange, PGPOnePassSignatureList signatureList) throws IOException, PGPException, NoSuchProviderException { for (int i = 0; i < signatureList.size(); i++) { PGPOnePassSignature signature = signatureList.get(i); // Determine public key from signature keyId PGPPublicKey sigPublicKey = PGPDataFormatUtil.findPublicKeyWithKeyId(exchange.getContext(), findSignatureKeyFileName(exchange), findSignatureKeyRing(exchange), signature.getKeyID(), false);//from w w w . jav a 2s . c om if (sigPublicKey == null) { continue; } // choose that signature for which a public key exists! signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getProvider()), sigPublicKey); return signature; } if (signatureList.isEmpty()) { return null; } else { throw new IllegalArgumentException( "No public key found fitting to the signature key Id; cannot verify the signature"); } }
From source file:org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.java
License:Apache License
protected PGPOnePassSignature getSignature(Exchange exchange, PGPOnePassSignatureList signatureList) throws Exception { if (SIGNATURE_VERIFICATION_OPTION_IGNORE.equals(getSignatureVerificationOption())) { return null; }/* ww w . ja v a 2 s . c o m*/ if (SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.equals(getSignatureVerificationOption())) { throw new PGPException( "PGP message contains a signature although a signature is not expected. Either change the configuration of the PGP decryptor or send a PGP message with no signature."); } List<String> allowedUserIds = determineSignaturenUserIds(exchange); for (int i = 0; i < signatureList.size(); i++) { PGPOnePassSignature signature = signatureList.get(i); // Determine public key from signature keyId PGPPublicKey sigPublicKey = publicKeyAccessor.getPublicKey(exchange, signature.getKeyID(), allowedUserIds); if (sigPublicKey == null) { continue; } // choose that signature for which a public key exists! signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getProvider()), sigPublicKey); return signature; } if (signatureList.isEmpty()) { return null; } else { throw new IllegalArgumentException( "Cannot verify the PGP signature: No public key found for the key ID(s) contained in the PGP signature(s). " + "Either the received PGP message contains a signature from an unexpected sender or the Public Keyring does not contain the public key of the sender."); } }
From source file:org.kontalk.crypto.Coder.java
License:Open Source License
private static DecryptionResult decryptAndVerify(InputStream encryptedStream, PersonalKey myKey, PGPPublicKey senderKey) {// w w w . j a v a 2s .c o m // note: the signature is inside the encrypted data DecryptionResult result = new DecryptionResult(); PGPObjectFactory pgpFactory = new PGPObjectFactory(encryptedStream); ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); try { // catch all IO and PGP exceptions // the first object might be a PGP marker packet Object o = pgpFactory.nextObject(); // nullable if (!(o instanceof PGPEncryptedDataList)) { o = pgpFactory.nextObject(); // nullable } if (!(o instanceof PGPEncryptedDataList)) { LOGGER.warning("can't find encrypted data list in data"); result.errors.add(Error.INVALID_DATA); return result; } PGPEncryptedDataList encDataList = (PGPEncryptedDataList) o; // check if secret key matches our encryption keyID Iterator<?> it = encDataList.getEncryptedDataObjects(); PGPPrivateKey sKey = null; PGPPublicKeyEncryptedData pbe = null; long myKeyID = myKey.getPrivateEncryptionKey().getKeyID(); while (sKey == null && it.hasNext()) { Object i = it.next(); if (!(i instanceof PGPPublicKeyEncryptedData)) continue; pbe = (PGPPublicKeyEncryptedData) i; if (pbe.getKeyID() == myKeyID) sKey = myKey.getPrivateEncryptionKey(); } if (sKey == null || pbe == null) { LOGGER.warning("private key for message not found"); result.errors.add(Error.INVALID_PRIVATE_KEY); return result; } InputStream clear = pbe.getDataStream(new BcPublicKeyDataDecryptorFactory(sKey)); PGPObjectFactory plainFactory = new PGPObjectFactory(clear); Object object = plainFactory.nextObject(); // nullable if (!(object instanceof PGPCompressedData)) { LOGGER.warning("data packet not compressed"); result.errors.add(Error.INVALID_DATA); return result; } PGPCompressedData cData = (PGPCompressedData) object; PGPObjectFactory pgpFact = new PGPObjectFactory(cData.getDataStream()); object = pgpFact.nextObject(); // nullable // the first object could be the signature list // get signature from it PGPOnePassSignature ops = null; if (object instanceof PGPOnePassSignatureList) { PGPOnePassSignatureList signatureList = (PGPOnePassSignatureList) object; // there is a signature list, so we assume the message is signed // (makes sense) result.signing = Signing.SIGNED; if (signatureList.isEmpty()) { LOGGER.warning("signature list is empty"); result.errors.add(Error.INVALID_SIGNATURE_DATA); } else { ops = signatureList.get(0); ops.init(new BcPGPContentVerifierBuilderProvider(), senderKey); } object = pgpFact.nextObject(); // nullable } else { LOGGER.warning("signature list not found"); result.signing = Signing.NOT; } if (!(object instanceof PGPLiteralData)) { LOGGER.warning("unknown packet type: " + object.getClass().getName()); result.errors.add(Error.INVALID_DATA); return result; } PGPLiteralData ld = (PGPLiteralData) object; InputStream unc = ld.getInputStream(); int ch; while ((ch = unc.read()) >= 0) { outputStream.write(ch); if (ops != null) try { ops.update((byte) ch); } catch (SignatureException ex) { LOGGER.log(Level.WARNING, "can't read signature", ex); } } result.decryptedStream = Optional.of(outputStream); if (ops != null) { result = verifySignature(result, pgpFact, ops); } // verify message integrity if (pbe.isIntegrityProtected()) { if (!pbe.verify()) { LOGGER.warning("message integrity check failed"); result.errors.add(Error.INVALID_INTEGRITY); } } else { LOGGER.warning("message is not integrity protected"); result.errors.add(Error.NO_INTEGRITY); } } catch (IOException | PGPException ex) { LOGGER.log(Level.WARNING, "can't decrypt message", ex); result.errors.add(Error.UNKNOWN_ERROR); } return result; }
From source file:org.sufficientlysecure.keychain.pgp.PgpSignatureChecker.java
License:Open Source License
boolean initializeOnePassSignature(Object dataChunk, OperationLog log, int indent) throws PGPException { if (!(dataChunk instanceof PGPOnePassSignatureList)) { return false; }/* w w w.ja v a 2s. c om*/ log.add(LogType.MSG_DC_CLEAR_SIGNATURE, indent + 1); PGPOnePassSignatureList sigList = (PGPOnePassSignatureList) dataChunk; findAvailableSignature(sigList); if (signingKey != null) { // key found in our database! signatureResultBuilder.initValid(signingKey); JcaPGPContentVerifierBuilderProvider contentVerifierBuilderProvider = new JcaPGPContentVerifierBuilderProvider() .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME); onePassSignature.init(contentVerifierBuilderProvider, signingKey.getPublicKey()); checkKeySecurity(log, indent); } else if (!sigList.isEmpty()) { signatureResultBuilder.setSignatureAvailable(true); signatureResultBuilder.setKnownKey(false); signatureResultBuilder.setKeyId(sigList.get(0).getKeyID()); } return true; }