List of usage examples for org.bouncycastle.openpgp PGPSignatureList isEmpty
public boolean isEmpty()
From source file:bisq.desktop.main.overlays.windows.downloadupdate.BisqInstaller.java
License:Open Source License
/** * Verifies detached PGP signatures against GPG/openPGP RSA public keys. Does currently not work with openssl or JCA/JCE keys. * * @param pubKeyFile Path to file providing the public key to use * @param sigFile Path to detached signature file * @param dataFile Path to signed data file * @return {@code true} if signature is valid, {@code false} if signature is not valid * @throws Exception throws various exceptions in case something went wrong. Main reason should be that key or * signature could be extracted from the provided files due to a "bad" format.<br> * <code>FileNotFoundException, IOException, SignatureException, PGPException</code> *///from w ww . ja va 2s . c o m public static VerifyStatusEnum verifySignature(File pubKeyFile, File sigFile, File dataFile) throws Exception { InputStream inputStream; int bytesRead; PGPPublicKey publicKey; PGPSignature pgpSignature; boolean result; // Read keys from file inputStream = PGPUtil.getDecoderStream(new FileInputStream(pubKeyFile)); PGPPublicKeyRingCollection publicKeyRingCollection = new PGPPublicKeyRingCollection(inputStream, new JcaKeyFingerprintCalculator()); inputStream.close(); Iterator<PGPPublicKeyRing> iterator = publicKeyRingCollection.getKeyRings(); PGPPublicKeyRing pgpPublicKeyRing; if (iterator.hasNext()) { pgpPublicKeyRing = iterator.next(); } else { throw new PGPException("Could not find public keyring in provided key file"); } // Would be the solution for multiple keys in one file // Iterator<PGPPublicKey> kIt; // kIt = pgpPublicKeyRing.getPublicKeys(); // publicKey = pgpPublicKeyRing.getPublicKey(0xF5B84436F379A1C6L); // Read signature from file inputStream = PGPUtil.getDecoderStream(new FileInputStream(sigFile)); PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(inputStream, new JcaKeyFingerprintCalculator()); Object o = pgpObjectFactory.nextObject(); if (o instanceof PGPSignatureList) { PGPSignatureList signatureList = (PGPSignatureList) o; checkArgument(!signatureList.isEmpty(), "signatureList must not be empty"); pgpSignature = signatureList.get(0); } else if (o instanceof PGPSignature) { pgpSignature = (PGPSignature) o; } else { throw new SignatureException("Could not find signature in provided signature file"); } inputStream.close(); log.debug("KeyID used in signature: %X\n", pgpSignature.getKeyID()); publicKey = pgpPublicKeyRing.getPublicKey(pgpSignature.getKeyID()); // If signature is not matching the key used for signing we fail if (publicKey == null) return VerifyStatusEnum.FAIL; log.debug("The ID of the selected key is %X\n", publicKey.getKeyID()); pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), publicKey); // Read file to verify byte[] data = new byte[1024]; inputStream = new DataInputStream(new BufferedInputStream(new FileInputStream(dataFile))); while (true) { bytesRead = inputStream.read(data, 0, 1024); if (bytesRead == -1) break; pgpSignature.update(data, 0, bytesRead); } inputStream.close(); // Verify the signature result = pgpSignature.verify(); return result ? VerifyStatusEnum.OK : VerifyStatusEnum.FAIL; }
From source file:com.google.gerrit.gpg.PushCertificateChecker.java
License:Apache License
private PGPSignature readSignature(PushCertificate cert) throws IOException { ArmoredInputStream in = new ArmoredInputStream( new ByteArrayInputStream(Constants.encode(cert.getSignature()))); PGPObjectFactory factory = new BcPGPObjectFactory(in); Object obj;// w w w.j a va2 s. co m while ((obj = factory.nextObject()) != null) { if (obj instanceof PGPSignatureList) { PGPSignatureList sigs = (PGPSignatureList) obj; if (!sigs.isEmpty()) { return sigs.get(0); } } } return null; }
From source file:com.playonlinux.core.gpg.SignatureChecker.java
License:Open Source License
public Boolean check() { final PGPPublicKey pgpSigningKey = readPublicKey(new ByteArrayInputStream(publicKey.getBytes())); final ArmoredInputStream armoredInputStream; try {// ww w .j a va 2s . co m armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(signature.getBytes())); } catch (IOException e) { throw new SignatureException("Failed to verify signature", e); } final PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream); try { final Object nextObject = pgpObjectFactory.nextObject(); PGPSignature pgpSignature = null; if (nextObject instanceof PGPSignatureList) { PGPSignatureList list = (PGPSignatureList) nextObject; if (!list.isEmpty()) { pgpSignature = list.get(0); } } if (pgpSignature == null) { return false; } initVerify(pgpSignature, pgpSigningKey); pgpSignature.update(signedData.getBytes()); return pgpSignature.verify(); } catch (IOException | PGPException | NoSuchProviderException | java.security.SignatureException e) { throw new SignatureException("Failed to verify signature", e); } }
From source file:com.playonlinux.utils.SignatureChecker.java
License:Open Source License
public Boolean check() throws IOException, CMSException, PGPException, NoSuchProviderException, SignatureException { PGPPublicKey pgpSigningKey = readPublicKey(new ByteArrayInputStream(publicKey.getBytes())); ArmoredInputStream armoredInputStream = new ArmoredInputStream( new ByteArrayInputStream(signature.getBytes())); PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream); Object nextObject = pgpObjectFactory.nextObject(); PGPSignature pgpSignature = null;/*from ww w. j av a 2 s . co m*/ if (nextObject instanceof PGPSignatureList) { PGPSignatureList list = (PGPSignatureList) nextObject; if (!list.isEmpty()) { pgpSignature = list.get(0); } } if (pgpSignature == null) { return false; } try { pgpSignature.initVerify(pgpSigningKey, "BC"); } catch (NoSuchProviderException e) { logger.info("No security provider found. Adding bouncy castle", e); Security.addProvider(new BouncyCastleProvider()); pgpSignature.initVerify(pgpSigningKey, "BC"); } pgpSignature.update(signedData.getBytes()); return pgpSignature.verify(); }
From source file:google.registry.tmch.Marksdb.java
License:Open Source License
/** * Extracts a {@link PGPSignature} object from a blob of {@code .sig} data. * * @throws SignatureException if a signature object couldn't be extracted for any reason. *//* w ww. j a v a 2s . c om*/ private static PGPSignature pgpExtractSignature(@Tainted byte[] signature) throws SignatureException { try { ByteArrayInputStream input = new ByteArrayInputStream(signature); PGPObjectFactory decoder = new BcPGPObjectFactory(PGPUtil.getDecoderStream(input)); Object object = decoder.nextObject(); if (object == null) { throw new SignatureException( String.format("No OpenPGP packets found in signature.\n%s", dumpHex(signature))); } if (!(object instanceof PGPSignatureList)) { throw new SignatureException(String.format("Expected PGPSignatureList packet but got %s\n%s", object.getClass().getSimpleName(), dumpHex(signature))); } PGPSignatureList sigs = (PGPSignatureList) object; if (sigs.isEmpty()) { throw new SignatureException( String.format("PGPSignatureList doesn't have a PGPSignature.\n%s", dumpHex(signature))); } return sigs.get(0); } catch (IOException e) { throw new SignatureException( String.format("Failed to extract PGPSignature object from .sig blob.\n%s", dumpHex(signature)), e); } }
From source file:org.kontalk.crypto.Coder.java
License:Open Source License
private static DecryptionResult verifySignature(DecryptionResult result, PGPObjectFactory pgpFact, PGPOnePassSignature ops) throws PGPException, IOException { Object object = pgpFact.nextObject(); // nullable if (!(object instanceof PGPSignatureList)) { LOGGER.warning("invalid signature packet"); result.errors.add(Error.INVALID_SIGNATURE_DATA); return result; }//from w ww . j a v a 2 s .c o m PGPSignatureList signatureList = (PGPSignatureList) object; if (signatureList.isEmpty()) { LOGGER.warning("no signature in signature list"); result.errors.add(Error.INVALID_SIGNATURE_DATA); return result; } PGPSignature signature = signatureList.get(0); boolean verified = false; try { verified = ops.verify(signature); } catch (SignatureException ex) { LOGGER.log(Level.WARNING, "can't verify signature", ex); } if (verified) { // signature verification successful! result.signing = Signing.VERIFIED; } else { LOGGER.warning("signature verification failed"); result.errors.add(Error.INVALID_SIGNATURE); } return result; }
From source file:org.sufficientlysecure.keychain.pgp.PgpSignatureChecker.java
License:Open Source License
boolean initializeSignature(Object dataChunk, OperationLog log, int indent) throws PGPException { if (!(dataChunk instanceof PGPSignatureList)) { return false; }/*from w w w .ja v a 2s.c o m*/ PGPSignatureList sigList = (PGPSignatureList) dataChunk; findAvailableSignature(sigList); if (signingKey != null) { // key found in our database! signatureResultBuilder.initValid(signingKey); JcaPGPContentVerifierBuilderProvider contentVerifierBuilderProvider = new JcaPGPContentVerifierBuilderProvider() .setProvider(Constants.BOUNCY_CASTLE_PROVIDER_NAME); signature.init(contentVerifierBuilderProvider, signingKey.getPublicKey()); checkKeySecurity(log, indent); } else if (!sigList.isEmpty()) { signatureResultBuilder.setSignatureAvailable(true); signatureResultBuilder.setKnownKey(false); signatureResultBuilder.setKeyId(sigList.get(0).getKeyID()); } return true; }
From source file:org.sufficientlysecure.keychain.pgp.WrappedSignature.java
License:Open Source License
public static WrappedSignature fromBytes(byte[] data) { PGPObjectFactory factory = new PGPObjectFactory(data, new JcaKeyFingerprintCalculator()); PGPSignatureList signatures = null; try {/* www . j a v a 2 s .c o m*/ if ((signatures = (PGPSignatureList) factory.nextObject()) == null || signatures.isEmpty()) { Log.e(Constants.TAG, "No signatures given!"); return null; } } catch (IOException e) { Log.e(Constants.TAG, "Error while converting to PGPSignature!", e); return null; } return new WrappedSignature(signatures.get(0)); }