if (list.size() > 0) { PGPSignature sig = list.get(0); sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), pk); while ((ch = ain.read()) >= 0 && ain.isClearText()) { if (newl) {
InputStream inSig = PGPUtil.getDecoderStream(new FileInputStream(signaturFile)); //ArmoredInputStream inSig = new ArmoredInputStream(new FileInputStream(signaturFile)); JcaPGPObjectFactory objFactory = new JcaPGPObjectFactory(inSig); PGPSignatureList signatureList = (PGPSignatureList) objFactory.nextObject(); PGPSignature signature = signatureList.get(0); InputStream keyIn = PGPUtil.getDecoderStream(new FileInputStream(publicKeyFile)); //ArmoredInputStream keyIn = new ArmoredInputStream(new FileInputStream(publicKeyFile)); JcaPGPPublicKeyRingCollection pgpRing = new JcaPGPPublicKeyRingCollection(keyIn); PGPPublicKey publicKey = pgpRing.getPublicKey(signature.getKeyID()); byte[] bytePublicKeyFingerprint = publicKey.getFingerprint(); char[] publicKeyFingerprintHexArray = org.apache.commons.codec.binary.Hex.encodeHex(bytePublicKeyFingerprint); String publicKeyFingerprintHex = new String(publicKeyFingerprintHexArray); signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), publicKey); FileInputStream in = new FileInputStream(file); byte[] byteData = new byte[(int) file.length()]; in.read(byteData); in.close(); signature.update(byteData); if (signature.verify() && publicKeyFingerprintHex.equals(fingerprint)) { return true; } else { return false; }
signature.init( new JcaPGPContentVerifierBuilderProvider().setProvider( provider ), keyToVerifyWith ); if ( signature.verifyCertification( id.getBytes(), keyToVerify ) )
if (list.size() > 0) { PGPSignature sig = list.get(0); sig.init (new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), pk); while ((ch = ain.read()) >= 0 && ain.isClearText()) { if (newl) {
publicKey = pgpRing.getPublicKey(ops.getKeyID()); if (publicKey != null) { ops.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), publicKey); ops.update(output); PGPSignature signature = signatureList.get(i);
sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), publicKey);
publicKey = pgpRing.getPublicKey(ops.getKeyID()); if (publicKey != null) { ops.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), publicKey); ops.update(output); PGPSignature signature = signatureList.get(i);
protected PGPOnePassSignature getSignature(Exchange exchange, PGPOnePassSignatureList signatureList) throws Exception { if (SIGNATURE_VERIFICATION_OPTION_IGNORE.equals(getSignatureVerificationOption())) { return null; } if (SIGNATURE_VERIFICATION_OPTION_NO_SIGNATURE_ALLOWED.equals(getSignatureVerificationOption())) { throw new PGPException( "PGP message contains a signature although a signature is not expected. Either change the configuration of the PGP decryptor or send a PGP message with no signature."); } List<String> allowedUserIds = determineSignaturenUserIds(exchange); for (int i = 0; i < signatureList.size(); i++) { PGPOnePassSignature signature = signatureList.get(i); // Determine public key from signature keyId PGPPublicKey sigPublicKey = publicKeyAccessor.getPublicKey(exchange, signature.getKeyID(), allowedUserIds); if (sigPublicKey == null) { continue; } // choose that signature for which a public key exists! signature.init(new JcaPGPContentVerifierBuilderProvider().setProvider(getProvider()), sigPublicKey); return signature; } if (signatureList.isEmpty()) { return null; } else { throw new IllegalArgumentException("Cannot verify the PGP signature: No public key found for the key ID(s) contained in the PGP signature(s). " + "Either the received PGP message contains a signature from an unexpected sender or the Public Keyring does not contain the public key of the sender."); } }
PGPPublicKey key = pgpPubRingCollection.getPublicKey(sig.getKeyID()); sig.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), key);
private static void verifyFile( InputStream in, InputStream keyIn) throws Exception { in = PGPUtil.getDecoderStream(in); PGPObjectFactory pgpFact = new PGPObjectFactory(in); PGPCompressedData c1 = (PGPCompressedData) pgpFact.nextObject(); pgpFact = new PGPObjectFactory(c1.getDataStream()); PGPOnePassSignatureList p1 = (PGPOnePassSignatureList) pgpFact.nextObject(); PGPOnePassSignature ops = p1.get(0); PGPLiteralData p2 = (PGPLiteralData) pgpFact.nextObject(); InputStream dIn = p2.getInputStream(); int ch; PGPPublicKeyRingCollection pgpRing = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(keyIn)); PGPPublicKey key = pgpRing.getPublicKey(ops.getKeyID()); FileOutputStream out = new FileOutputStream(p2.getFileName()); ops.init(new JcaPGPContentVerifierBuilderProvider().setProvider("BC"), key); while ((ch = dIn.read()) >= 0) { ops.update((byte) ch); out.write(ch); } out.close(); PGPSignatureList p3 = (PGPSignatureList) pgpFact.nextObject(); if (ops.verify(p3.get(0))) { System.out.println("signature verified."); } else { System.out.println("signature verification failed."); } }