Example usage for org.bouncycastle.openpgp PGPSignatureGenerator PGPSignatureGenerator

List of usage examples for org.bouncycastle.openpgp PGPSignatureGenerator PGPSignatureGenerator

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.openpgp.*
  5. PGPSignatureGenerator
  6. PGPSignatureGenerator

Introduction

In this page you can find the example usage for org.bouncycastle.openpgp PGPSignatureGenerator PGPSignatureGenerator.

Prototype

public PGPSignatureGenerator(PGPContentSignerBuilder contentSignerBuilder)

Source Link

Document

Create a signature generator built on the passed in contentSignerBuilder.

Usage

From source file:exchange.User.java

public String addSignature(String message) throws PGPException, SignatureException, IOException {
    message = (message.endsWith("#")) ? message.substring(0, message.length() - 1) : message;
    PGPSignatureGenerator sigGen = new PGPSignatureGenerator(
            new BcPGPContentSignerBuilder(keyAlgorithm, PGPUtil.SHA256));

    sigGen.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privateKey);
    sigGen.update(message.getBytes());/*  ww  w.  j a va2 s  . com*/
    PGPSignature signature = sigGen.generate();
    System.out.println(message);
    return message + msgDelimiter + DatatypeConverter.printBase64Binary(signature.getEncoded());
}

From source file:google.registry.rde.BouncyCastleTest.java

License:Open Source License

@Test
public void testSignVerify_Detached() throws Exception {
    // Load the keys.
    PGPPublicKeyRing publicKeyRing = new BcPGPPublicKeyRing(PUBLIC_KEY);
    PGPSecretKeyRing privateKeyRing = new BcPGPSecretKeyRing(PRIVATE_KEY);
    PGPPublicKey publicKey = publicKeyRing.getPublicKey();
    PGPPrivateKey privateKey = extractPrivateKey(privateKeyRing.getSecretKey());

    // Sign the data and write signature data to "signatureFile".
    // Note: RSA_GENERAL will encrypt AND sign. RSA_SIGN and RSA_ENCRYPT are deprecated.
    PGPSignatureGenerator signer = new PGPSignatureGenerator(
            new BcPGPContentSignerBuilder(RSA_GENERAL, SHA256));
    signer.init(PGPSignature.BINARY_DOCUMENT, privateKey);
    addUserInfoToSignature(publicKey, signer);
    signer.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
    ByteArrayOutputStream output = new ByteArrayOutputStream();
    signer.generate().encode(output);/*from w  w  w. j a v a 2s.com*/
    byte[] signatureFileData = output.toByteArray();
    logger.info(".sig file data: " + dumpHex(signatureFileData));

    // Load algorithm information and signature data from "signatureFileData".
    PGPSignature sig;
    try (ByteArrayInputStream input = new ByteArrayInputStream(signatureFileData)) {
        PGPObjectFactory pgpFact = new BcPGPObjectFactory(input);
        PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
        assertThat(sigList.size()).isEqualTo(1);
        sig = sigList.get(0);
    }

    // Use "onePass" and "sig" to verify "publicKey" signed the text.
    sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    sig.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
    assertThat(sig.verify()).isTrue();

    // Verify that they DIDN'T sign the text "hello monster".
    sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    sig.update("hello monster".getBytes(UTF_8));
    assertThat(sig.verify()).isFalse();
}

From source file:google.registry.rde.BouncyCastleTest.java

License:Open Source License

@Test
public void testSignVerify_OnePass() throws Exception {
    // Load the keys.
    PGPPublicKeyRing publicKeyRing = new BcPGPPublicKeyRing(PUBLIC_KEY);
    PGPSecretKeyRing privateKeyRing = new BcPGPSecretKeyRing(PRIVATE_KEY);
    PGPPublicKey publicKey = publicKeyRing.getPublicKey();
    PGPPrivateKey privateKey = extractPrivateKey(privateKeyRing.getSecretKey());

    // Sign the data and write signature data to "signatureFile".
    PGPSignatureGenerator signer = new PGPSignatureGenerator(
            new BcPGPContentSignerBuilder(RSA_GENERAL, SHA256));
    signer.init(PGPSignature.BINARY_DOCUMENT, privateKey);
    addUserInfoToSignature(publicKey, signer);
    ByteArrayOutputStream output = new ByteArrayOutputStream();
    signer.generateOnePassVersion(false).encode(output);
    signer.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
    signer.generate().encode(output);/*from  w w w.  j a  va2s  . c o m*/
    byte[] signatureFileData = output.toByteArray();
    logger.info(".sig file data: " + dumpHex(signatureFileData));

    // Load algorithm information and signature data from "signatureFileData".
    PGPSignature sig;
    PGPOnePassSignature onePass;
    try (ByteArrayInputStream input = new ByteArrayInputStream(signatureFileData)) {
        PGPObjectFactory pgpFact = new BcPGPObjectFactory(input);
        PGPOnePassSignatureList onePassList = (PGPOnePassSignatureList) pgpFact.nextObject();
        PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
        assertThat(onePassList.size()).isEqualTo(1);
        assertThat(sigList.size()).isEqualTo(1);
        onePass = onePassList.get(0);
        sig = sigList.get(0);
    }

    // Use "onePass" and "sig" to verify "publicKey" signed the text.
    onePass.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    onePass.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
    assertThat(onePass.verify(sig)).isTrue();

    // Verify that they DIDN'T sign the text "hello monster".
    onePass.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
    onePass.update("hello monster".getBytes(UTF_8));
    assertThat(onePass.verify(sig)).isFalse();
}

From source file:google.registry.rde.RydePgpSigningOutputStream.java

License:Open Source License

/**
 * Create a signer that wraps {@code os} and generates a detached signature using
 * {@code signingKey}. After closing, you should call {@link #getSignature()} to get the detached
 * signature.//from  w  ww.  j  a  v a2  s  .  co m
 *
 * @param os is the upstream {@link OutputStream} which is not closed by this object
 * @throws RuntimeException to rethrow {@link PGPException}
 */
public RydePgpSigningOutputStream(@WillNotClose OutputStream os, PGPKeyPair signingKey) {
    super(os, false, -1);
    try {
        signer = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(RSA_GENERAL, SHA256));
        signer.init(BINARY_DOCUMENT, signingKey.getPrivateKey());
    } catch (PGPException e) {
        throw new RuntimeException(e);
    }
    addUserInfoToSignature(signingKey.getPublicKey(), signer);
}

From source file:net.staticsnow.nexus.repository.apt.internal.gpg.AptSigningFacet.java

License:Open Source License

public byte[] signInline(String input) throws IOException, PGPException {
    PGPSecretKey signKey = readSecretKey();
    PGPPrivateKey privKey = signKey.extractPrivateKey(
            new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(config.passphrase.toCharArray()));
    PGPSignatureGenerator sigGenerator = new PGPSignatureGenerator(
            new JcaPGPContentSignerBuilder(signKey.getPublicKey().getAlgorithm(), PGPUtil.SHA256)
                    .setProvider("BC"));
    sigGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privKey);

    @SuppressWarnings("unchecked")
    Iterator<String> userIds = signKey.getUserIDs();
    if (userIds.hasNext()) {
        PGPSignatureSubpacketGenerator sigSubpacketGenerator = new PGPSignatureSubpacketGenerator();
        sigSubpacketGenerator.setSignerUserID(false, userIds.next());
        sigGenerator.setHashedSubpackets(sigSubpacketGenerator.generate());
    }//from   ww  w  .  j ava 2s. c  om

    String[] lines = input.split("\r?\n");
    ByteArrayOutputStream buffer = new ByteArrayOutputStream();
    try (ArmoredOutputStream aOut = new ArmoredOutputStream(buffer)) {
        aOut.beginClearText(PGPUtil.SHA256);

        boolean firstLine = true;
        for (String line : lines) {
            String sigLine = (firstLine ? "" : "\r\n") + line.replaceAll("\\s*$", "");
            sigGenerator.update(sigLine.getBytes(Charsets.UTF_8));
            aOut.write((line + "\n").getBytes(Charsets.UTF_8));
            firstLine = false;
        }
        aOut.endClearText();

        BCPGOutputStream bOut = new BCPGOutputStream(aOut);
        sigGenerator.generate().encode(bOut);
    }
    return buffer.toByteArray();
}

From source file:net.staticsnow.nexus.repository.apt.internal.gpg.AptSigningFacet.java

License:Open Source License

public byte[] signExternal(String input) throws IOException, PGPException {
    PGPSecretKey signKey = readSecretKey();
    PGPPrivateKey privKey = signKey.extractPrivateKey(
            new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(config.passphrase.toCharArray()));
    PGPSignatureGenerator sigGenerator = new PGPSignatureGenerator(
            new JcaPGPContentSignerBuilder(signKey.getPublicKey().getAlgorithm(), PGPUtil.SHA256)
                    .setProvider("BC"));
    sigGenerator.init(PGPSignature.BINARY_DOCUMENT, privKey);

    ByteArrayOutputStream buffer = new ByteArrayOutputStream();

    try (ArmoredOutputStream aOut = new ArmoredOutputStream(buffer)) {
        BCPGOutputStream bOut = new BCPGOutputStream(aOut);
        sigGenerator.update(input.getBytes(Charsets.UTF_8));
        sigGenerator.generate().encode(bOut);
    }/*from   w  w w .jav  a  2 s .  c  o m*/

    return buffer.toByteArray();
}

From source file:org.apache.camel.converter.crypto.PGPDataFormat.java

License:Apache License

protected PGPSignatureGenerator createSignatureGenerator(Exchange exchange, OutputStream out)
        throws IOException, PGPException, NoSuchProviderException, NoSuchAlgorithmException {

    String sigKeyFileName = findSignatureKeyFileName(exchange);
    String sigKeyUserid = findSignatureKeyUserid(exchange);
    String sigKeyPassword = findSignatureKeyPassword(exchange);
    byte[] sigKeyRing = findSignatureKeyRing(exchange);

    if ((sigKeyFileName == null && sigKeyRing == null) || sigKeyUserid == null || sigKeyPassword == null) {
        return null;
    }//from  w w w . jav  a2 s  .  co  m

    PGPSecretKey sigSecretKey = PGPDataFormatUtil.findSecretKey(exchange.getContext(), sigKeyFileName,
            sigKeyRing, sigKeyPassword, sigKeyUserid, getProvider());
    if (sigSecretKey == null) {
        throw new IllegalArgumentException(String.format(
                "Cannot PGP encrypt message. No secret key found for User ID %s. Either add a key with this User ID to the secret keyring or change the configured User ID.",
                sigKeyUserid));
    }

    PGPPrivateKey sigPrivateKey = sigSecretKey.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder()
            .setProvider(getProvider()).build(sigKeyPassword.toCharArray()));
    if (sigPrivateKey == null) {
        // this exception will never happen
        throw new IllegalArgumentException("Signature private key is null, cannot proceed");
    }

    PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
    spGen.setSignerUserID(false, sigKeyUserid);

    int algorithm = sigSecretKey.getPublicKey().getAlgorithm();
    PGPSignatureGenerator sigGen = new PGPSignatureGenerator(
            new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange)).setProvider(getProvider()));
    sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
    sigGen.setHashedSubpackets(spGen.generate());
    sigGen.generateOnePassVersion(false).encode(out);
    return sigGen;
}

From source file:org.apache.camel.converter.crypto.PGPKeyAccessDataFormat.java

License:Apache License

protected List<PGPSignatureGenerator> createSignatureGenerator(Exchange exchange, OutputStream out)
        throws Exception {

    if (secretKeyAccessor == null) {
        return null;
    }//from w w w  .j  a  v a2 s . c o m

    List<String> sigKeyUserids = determineSignaturenUserIds(exchange);
    List<PGPSecretKeyAndPrivateKeyAndUserId> sigSecretKeysWithPrivateKeyAndUserId = secretKeyAccessor
            .getSignerKeys(exchange, sigKeyUserids);
    if (sigSecretKeysWithPrivateKeyAndUserId.isEmpty()) {
        return null;
    }

    exchange.getOut().setHeader(NUMBER_OF_SIGNING_KEYS,
            Integer.valueOf(sigSecretKeysWithPrivateKeyAndUserId.size()));

    List<PGPSignatureGenerator> sigGens = new ArrayList<PGPSignatureGenerator>();
    for (PGPSecretKeyAndPrivateKeyAndUserId sigSecretKeyWithPrivateKeyAndUserId : sigSecretKeysWithPrivateKeyAndUserId) {
        PGPPrivateKey sigPrivateKey = sigSecretKeyWithPrivateKeyAndUserId.getPrivateKey();

        PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
        spGen.setSignerUserID(false, sigSecretKeyWithPrivateKeyAndUserId.getUserId());

        int algorithm = sigSecretKeyWithPrivateKeyAndUserId.getSecretKey().getPublicKey().getAlgorithm();
        PGPSignatureGenerator sigGen = new PGPSignatureGenerator(
                new JcaPGPContentSignerBuilder(algorithm, findHashAlgorithm(exchange))
                        .setProvider(getProvider()));
        sigGen.init(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
        sigGen.setHashedSubpackets(spGen.generate());
        sigGen.generateOnePassVersion(false).encode(out);
        sigGens.add(sigGen);
    }
    return sigGens;
}

From source file:org.eclipse.packagedrone.repo.signing.pgp.internal.AbstractSecretKeySigningService.java

License:Open Source License

@Override
public void sign(final InputStream in, final OutputStream out, final boolean inline) throws Exception {
    final int digest = HashAlgorithmTags.SHA1;
    final PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
            new BcPGPContentSignerBuilder(this.privateKey.getPublicKeyPacket().getAlgorithm(), digest));

    if (inline) {
        signatureGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, this.privateKey);
    } else {/*from w w  w.  j  a v a  2 s .com*/
        signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, this.privateKey);
    }

    final ArmoredOutputStream armoredOutput = new ArmoredOutputStream(out);
    armoredOutput.setHeader("Version", VersionInformation.VERSIONED_PRODUCT);

    if (inline) {
        armoredOutput.beginClearText(digest);

        final LineNumberReader lnr = new LineNumberReader(new InputStreamReader(in, StandardCharsets.UTF_8));

        String line;
        while ((line = lnr.readLine()) != null) {
            if (lnr.getLineNumber() > 1) {
                signatureGenerator.update(NL_DATA);
            }

            final byte[] data = trimTrailing(line).getBytes(StandardCharsets.UTF_8);

            if (inline) {
                armoredOutput.write(data);
                armoredOutput.write(NL_DATA);
            }
            signatureGenerator.update(data);
        }

        armoredOutput.endClearText();
    } else {

        final byte[] buffer = new byte[4096];
        int rc;
        while ((rc = in.read(buffer)) >= 0) {
            signatureGenerator.update(buffer, 0, rc);
        }
    }

    final PGPSignature signature = signatureGenerator.generate();
    signature.encode(new BCPGOutputStream(armoredOutput));

    armoredOutput.close();
}

From source file:org.eclipse.packagedrone.repo.signing.pgp.SigningStream.java

License:Open Source License

protected void testInit() throws IOException {
    if (this.initialized) {
        return;/*w  ww .ja  v  a 2s. co  m*/
    }

    this.initialized = true;

    try {
        final int digest = HashAlgorithmTags.SHA1;
        this.signatureGenerator = new PGPSignatureGenerator(
                new BcPGPContentSignerBuilder(this.privateKey.getPublicKeyPacket().getAlgorithm(), digest));
        this.signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, this.privateKey);

        this.armoredOutput = new ArmoredOutputStream(this.stream);
        this.armoredOutput.setHeader("Version", VersionInformation.VERSIONED_PRODUCT);

        if (this.inline) {
            this.armoredOutput.beginClearText(digest);
        }
    } catch (final PGPException e) {
        throw new IOException(e);
    }
}