private static PGPPrivateKey findSecretKey( PGPSecretKeyRingCollection securityCollection, long keyID, char[] pass) throws PGPException, NoSuchProviderException { PGPSecretKey privateKey = securityCollection.getSecretKey(keyID); if (privateKey == null) { return null; } return privateKey.extractPrivateKey(pass, "BC"); }
/** * Private util function that finds the private key from keyring collection based on keyId and passPhrase * @param pgpSec keyring collection * @param keyID keyID for this encryption file * @param passPhrase passPhrase for this encryption file * @throws PGPException */ private PGPPrivateKey findSecretKey(PGPSecretKeyRingCollection pgpSec, long keyID, String passPhrase) throws PGPException { PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) { return null; } return pgpSecKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder() .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(passPhrase.toCharArray())); }
@Override public boolean accept(BareJid jid, PGPPublicKeyRing ring) { Iterator<String> userIds = ring.getPublicKey().getUserIDs(); while (userIds.hasNext()) { String userId = userIds.next(); if (userId.equals("xmpp:" + jid.toString())) { return true; } } return false; } }
@SuppressWarnings("rawtypes") public static PGPPublicKey getPublicKey(String userId, String publicKeyringFile) throws IOException, PGPException { // TODO: Reevaluate the mechanism for executing this task as performance can suffer here and only a specific key needs to be validated // Read in from the public keyring file try (FileInputStream keyInputStream = new FileInputStream(publicKeyringFile)) { // Form the PublicKeyRing collection (1.53 way with fingerprint calculator) PGPPublicKeyRingCollection pgpPublicKeyRingCollection = new PGPPublicKeyRingCollection(keyInputStream, new BcKeyFingerprintCalculator()); // Iterate over all public keyrings Iterator<PGPPublicKeyRing> iter = pgpPublicKeyRingCollection.getKeyRings(); PGPPublicKeyRing keyRing; while (iter.hasNext()) { keyRing = iter.next(); // Iterate over each public key in this keyring Iterator<PGPPublicKey> keyIter = keyRing.getPublicKeys(); while (keyIter.hasNext()) { PGPPublicKey publicKey = keyIter.next(); // Iterate over each userId attached to the public key Iterator userIdIterator = publicKey.getUserIDs(); while (userIdIterator.hasNext()) { String id = (String) userIdIterator.next(); if (userId.equalsIgnoreCase(id)) { return publicKey; } } } } } // If this point is reached, no public key could be extracted with the given userId throw new PGPException("Could not find a public key with the given userId"); }
new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(input)); Iterator keyRingIter = pgpPub.getKeyRings(); while (keyRingIter.hasNext()) { PGPPublicKeyRing keyRing = (PGPPublicKeyRing) keyRingIter.next(); Iterator keyIter = keyRing.getPublicKeys(); while (keyIter.hasNext()) { PGPPublicKey key = (PGPPublicKey) keyIter.next(); if (key.isEncryptionKey()) { return key;
Object pgpfObject = this.pgpFact.nextObject(); this.pgpFact = new JcaPGPObjectFactory(cData.getDataStream()); } catch (PGPException e) { throw new IOException("Could not get the PGP data stream", e); pgpfObject = this.pgpFact.nextObject(); this.currentUnderlyingStream = ((PGPLiteralData) pgpfObject).getInputStream(); } else if (pgpfObject instanceof PGPOnePassSignatureList) { throw new IOException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
/** * Return a {@link PGPPublicKeyRingCollection} containing only the public keys belonging to our signing key ring. * TODO: Add support for public keys of other devices of the owner. * * @return public keys * * @throws IOException IO is dangerous. * @throws PGPException PGP is brittle. */ @Override public PGPPublicKeyRingCollection getAnnouncedPublicKeys() throws IOException, PGPException { PGPSecretKeyRing secretKeys = getSigningKeyRing(); PGPPublicKeyRing publicKeys = getAnyPublicKeys().getPublicKeyRing(secretKeys.getPublicKey().getKeyID()); publicKeys = BCUtil.removeUnassociatedKeysFromKeyRing(publicKeys, secretKeys.getPublicKey()); return new PGPPublicKeyRingCollection(Collections.singleton(publicKeys)); } }
@Override public boolean accept(BareJid jid, PGPSecretKeyRing ring) { Iterator<String> userIds = ring.getPublicKey().getUserIDs(); while (userIds.hasNext()) { String userId = userIds.next(); if (userId.equals("xmpp:" + jid.toString())) { return true; } } return false; } }
/** * Return the {@link PGPSecretKeyRing} which we will use to sign our messages. * @return signing key * @throws IOException IO is dangerous * @throws PGPException PGP is brittle */ public PGPSecretKeyRing getSigningKeyRing() throws IOException, PGPException { PGPSecretKeyRingCollection secretKeyRings = getSecretKeys(); if (secretKeyRings == null) { return null; } PGPSecretKeyRing signingKeyRing = null; for (PGPSecretKeyRing ring : secretKeyRings) { if (signingKeyRing == null) { signingKeyRing = ring; continue; } if (ring.getPublicKey().getCreationTime().after(signingKeyRing.getPublicKey().getCreationTime())) { signingKeyRing = ring; } } return signingKeyRing; }
@Override public PGPPublicKey onMissingPublicKeyEncountered(Long keyId) { try { sender.updateKeys(connection); return sender.getAnyPublicKeys().getPublicKey(keyId); } catch (Exception e) { LOGGER.log(Level.WARNING, "Cannot fetch missing key " + keyId, e); return null; } } };
private static void processLine(final PGPSignature sig, final byte[] line) throws SignatureException, IOException { final int length = getLengthWithoutWhiteSpace(line); if (length > 0) { sig.update(line, 0, length); } }
@Override public void close() throws IOException { this.encryptedOsWrapper.close(); this.compressedDataGenerator.close(); this.pgpBosWrapper.close(); }
@Override public void deleteSecretKeyRing(BareJid owner, OpenPgpV4Fingerprint fingerprint) throws IOException, PGPException { PGPSecretKeyRingCollection secretKeyRings = getSecretKeysOf(owner); if (secretKeyRings.contains(fingerprint.getKeyId())) { secretKeyRings = PGPSecretKeyRingCollection.removeSecretKeyRing(secretKeyRings, secretKeyRings.getSecretKeyRing(fingerprint.getKeyId())); if (!secretKeyRings.iterator().hasNext()) { secretKeyRings = null; } this.secretKeyRingCollections.put(owner, secretKeyRings); writeSecretKeysOf(owner, secretKeyRings); } }
@Override public void deletePublicKeyRing(BareJid owner, OpenPgpV4Fingerprint fingerprint) throws IOException, PGPException { PGPPublicKeyRingCollection publicKeyRings = getPublicKeysOf(owner); if (publicKeyRings.contains(fingerprint.getKeyId())) { publicKeyRings = PGPPublicKeyRingCollection.removePublicKeyRing(publicKeyRings, publicKeyRings.getPublicKeyRing(fingerprint.getKeyId())); if (!publicKeyRings.iterator().hasNext()) { publicKeyRings = null; } this.publicKeyRingCollections.put(owner, publicKeyRings); writePublicKeysOf(owner, publicKeyRings); } }
@Test public void t07_multipleKeysTest() throws PGPException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, MissingUserIdOnKeyException { PGPKeyRing one = openPgpStoreInstance1.generateKeyRing(alice); PGPKeyRing two = openPgpStoreInstance1.generateKeyRing(alice); OpenPgpV4Fingerprint fingerprint1 = new OpenPgpV4Fingerprint(one.getSecretKeys()); OpenPgpV4Fingerprint fingerprint2 = new OpenPgpV4Fingerprint(two.getSecretKeys()); openPgpStoreInstance1.importSecretKey(alice, one.getSecretKeys()); openPgpStoreInstance1.importSecretKey(alice, two.getSecretKeys()); openPgpStoreInstance1.importPublicKey(alice, one.getPublicKeys()); openPgpStoreInstance1.importPublicKey(alice, two.getPublicKeys()); assertTrue(Arrays.equals(one.getSecretKeys().getEncoded(), openPgpStoreInstance1.getSecretKeyRing(alice, fingerprint1).getEncoded())); assertTrue(Arrays.equals(two.getSecretKeys().getEncoded(), openPgpStoreInstance1.getSecretKeyRing(alice, fingerprint2).getEncoded())); assertTrue(Arrays.equals(one.getSecretKeys().getEncoded(), openPgpStoreInstance1.getSecretKeysOf(alice).getSecretKeyRing(fingerprint1.getKeyId()).getEncoded())); assertTrue(Arrays.equals(one.getPublicKeys().getEncoded(), openPgpStoreInstance1.getPublicKeyRing(alice, fingerprint1).getEncoded())); // Cleanup openPgpStoreInstance1.deletePublicKeyRing(alice, fingerprint1); openPgpStoreInstance1.deletePublicKeyRing(alice, fingerprint2); openPgpStoreInstance1.deleteSecretKeyRing(alice, fingerprint1); openPgpStoreInstance1.deleteSecretKeyRing(alice, fingerprint2); }
/** * Return the {@link OpenPgpV4Fingerprint} of our signing key. * @return fingerprint of signing key * @throws IOException IO is dangerous * @throws PGPException PGP is brittle */ public OpenPgpV4Fingerprint getSigningKeyFingerprint() throws IOException, PGPException { PGPSecretKeyRing signingKeyRing = getSigningKeyRing(); return signingKeyRing != null ? new OpenPgpV4Fingerprint(signingKeyRing.getPublicKey()) : null; }
@Override public void writePublicKeysOf(BareJid owner, PGPPublicKeyRingCollection publicKeys) throws IOException { File file = getPublicKeyRingPath(owner); if (publicKeys == null) { FileUtils.maybeDeleteFileOrThrow(file); return; } OutputStream outputStream = null; try { outputStream = FileUtils.prepareFileOutputStream(file); publicKeys.encode(outputStream); } finally { CloseableUtil.maybeClose(outputStream, LOGGER); } }
@Override public PGPPublicKeyRing getPublicKeyRing(BareJid owner, OpenPgpV4Fingerprint fingerprint) throws IOException, PGPException { PGPPublicKeyRingCollection publicKeyRings = getPublicKeysOf(owner); if (publicKeyRings != null) { return publicKeyRings.getPublicKeyRing(fingerprint.getKeyId()); } return null; }
@Override public PGPSecretKeyRing getSecretKeyRing(BareJid owner, OpenPgpV4Fingerprint fingerprint) throws IOException, PGPException { PGPSecretKeyRingCollection secretKeyRings = getSecretKeysOf(owner); if (secretKeyRings != null) { return secretKeyRings.getSecretKeyRing(fingerprint.getKeyId()); } return null; }
/** * Search a secret key ring collection for a secret key corresponding to keyID if it exists. * * @param pgpSec a secret key ring collection. * @param keyID keyID we want. * @param pass passphrase to decrypt secret key with. * @return secret or private key corresponding to the keyID. * @throws PGPException if there is any exception in getting the PGP key corresponding to the ID * provided. * @throws NoSuchProviderException If PGP Provider is not available. */ public static PGPPrivateKey findSecretKey( PGPSecretKeyRingCollection pgpSec, long keyID, char[] pass) throws PGPException, NoSuchProviderException { PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) { return null; } return pgpSecKey.extractPrivateKey(pass, "BC"); }