org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory Java Examples

/**
 * Taking in a file inputstream and a passPhrase, generate a decrypted file inputstream.
 * @param inputStream file inputstream
 * @param passPhrase passPhrase
 * @return
 * @throws IOException
 */
public InputStream decryptFile(InputStream inputStream, String passPhrase) throws IOException {

  PGPEncryptedDataList enc = getPGPEncryptedDataList(inputStream);
  PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0);
  InputStream clear;

  try {
    clear = pbe.getDataStream(new JcePBEDataDecryptorFactoryBuilder(
        new JcaPGPDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
            .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(passPhrase.toCharArray()));

    JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);

    return new LazyMaterializeDecryptorInputStream(pgpFact);
  } catch (PGPException e) {
    throw new IOException(e);
  }
}
 

private static byte[] readSign( JcaPGPObjectFactory objectFactory, PGPOnePassSignature onePassSignature )
        throws IOException
{
    InputStream is = getInputStream( objectFactory );
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    int ch;

    while ( ( ch = is.read() ) >= 0 )
    {
        onePassSignature.update( ( byte ) ch );
        bos.write( ch );
    }

    return bos.toByteArray();
}
 

private static void doVerify( JcaPGPObjectFactory objectFactory, PGPOnePassSignature onePassSignature )
        throws IOException, PGPException
{
    PGPSignatureList signatures = ( PGPSignatureList ) objectFactory.nextObject();

    if ( !onePassSignature.verify( signatures.get( 0 ) ) )
    {
        throw new PGPDataValidationException( "Signature verification failed" );
    }
}
 

private static PGPOnePassSignature getOnePassSignature( PGPPublicKey publicKey, JcaPGPObjectFactory pgpFact )
        throws IOException, PGPException
{
    PGPOnePassSignatureList p1 = ( PGPOnePassSignatureList ) pgpFact.nextObject();

    PGPOnePassSignature onePassSignature = p1.get( 0 );

    onePassSignature.init( new JcaPGPContentVerifierBuilderProvider().setProvider( "BC" ), publicKey );

    return onePassSignature;
}
 

static <T> T readSinglePgpObject(InputStream input, Class<T> expect) {
  try {
    PGPObjectFactory fact = new JcaPGPObjectFactory(input);
    return PgpUtils.pgpCast(fact.nextObject(), expect);
  } catch (IOException e) {
    throw new RuntimeException(e);
  }
}
 

/**
 * Move to the next {@link InputStream} if available, otherwise set {@link #currentUnderlyingStream} to null to
 * indicate that there is no more data.
 * @throws IOException
 */
private void moveToNextInputStream() throws IOException {
  Object pgpfObject = this.pgpFact.nextObject();

  // no more data
  if (pgpfObject == null) {
    this.currentUnderlyingStream = null;
    return;
  }

  if (pgpfObject instanceof PGPCompressedData) {
    PGPCompressedData cData = (PGPCompressedData) pgpfObject;

    try {
      this.pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
    } catch (PGPException e) {
      throw new IOException("Could not get the PGP data stream", e);
    }

    pgpfObject = this.pgpFact.nextObject();
  }

  if (pgpfObject instanceof PGPLiteralData) {
    this.currentUnderlyingStream = ((PGPLiteralData) pgpfObject).getInputStream();
  } else if (pgpfObject instanceof PGPOnePassSignatureList) {
    throw new IOException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
  } else if (pgpfObject instanceof PGPSignatureList) {
    throw new IOException("encrypted message contains PGPSignatureList message - not literal data.");
  } else {
    throw new IOException("message is not a simple encrypted file - type unknown.");
  }
}
 

private static InputStream getInputStream( JcaPGPObjectFactory objectFactory ) throws IOException
{
    PGPLiteralData literalData = ( PGPLiteralData ) objectFactory.nextObject();

    return literalData.getInputStream();
}
 

private static InputStream getInputStream( PGPPrivateKey privateKey, PGPPublicKeyEncryptedData pgpEncData )
        throws PGPException, IOException
{
    InputStream is = pgpEncData
            .getDataStream( new JcePublicKeyDataDecryptorFactoryBuilder().setProvider( "BC" ).build( privateKey ) );

    JcaPGPObjectFactory objectFactory = new JcaPGPObjectFactory( is );

    Object message = objectFactory.nextObject();

    PGPCompressedData compressedData = ( PGPCompressedData ) message;

    JcaPGPObjectFactory pgpObjectFactory = new JcaPGPObjectFactory( compressedData.getDataStream() );

    PGPLiteralData literalData = ( PGPLiteralData ) pgpObjectFactory.nextObject();

    return literalData.getInputStream();
}
 

public static boolean verifyClearSign( byte[] message, PGPPublicKeyRing pgpRings )
        throws IOException, PGPException, SignatureException
{
    ArmoredInputStream aIn = new ArmoredInputStream( new ByteArrayInputStream( message ) );
    ByteArrayOutputStream bout = new ByteArrayOutputStream();


    //
    // write out signed section using the local line separator.
    // note: trailing white space needs to be removed from the end of
    // each line RFC 4880 Section 7.1
    //
    ByteArrayOutputStream lineOut = new ByteArrayOutputStream();

    boolean isFirstLineClearText = aIn.isClearText();
    int lookAhead = readInputLine( lineOut, aIn );

    if ( lookAhead != -1 && isFirstLineClearText )
    {
        bout.write( lineOut.toByteArray() );
        while ( lookAhead != -1 && aIn.isClearText() )
        {
            lookAhead = readInputLine( lineOut, lookAhead, aIn );
            bout.write( lineOut.toByteArray() );
        }
    }

    JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory( aIn );
    PGPSignatureList p3 = ( PGPSignatureList ) pgpFact.nextObject();
    PGPSignature sig = p3.get( 0 );


    PGPPublicKey publicKey = pgpRings.getPublicKey( sig.getKeyID() );
    sig.init( new JcaPGPContentVerifierBuilderProvider().setProvider( "BC" ), publicKey );

    //
    // read the input, making sure we ignore the last newline.
    //

    InputStream sigIn = new ByteArrayInputStream( bout.toByteArray() );

    lookAhead = readInputLine( lineOut, sigIn );

    processLine( sig, lineOut.toByteArray() );

    if ( lookAhead != -1 )
    {
        do
        {
            lookAhead = readInputLine( lineOut, lookAhead, sigIn );

            sig.update( ( byte ) '\r' );
            sig.update( ( byte ) '\n' );

            processLine( sig, lineOut.toByteArray() );
        }
        while ( lookAhead != -1 );
    }

    sigIn.close();

    return sig.verify();
}
 

public LazyMaterializeDecryptorInputStream(JcaPGPObjectFactory pgpFact)
    throws IOException {
  this.pgpFact = pgpFact;

  moveToNextInputStream();
}
 

public static byte[] verify( byte signedData[], PGPPublicKey publicKey ) throws IOException, PGPException
{
    JcaPGPObjectFactory objectFactory = getObjectFactory( signedData );

    PGPOnePassSignature onePassSignature = getOnePassSignature( publicKey, objectFactory );

    byte data[] = readSign( objectFactory, onePassSignature );

    doVerify( objectFactory, onePassSignature );

    return data;
}
 

private static JcaPGPObjectFactory getObjectFactory( byte signedData[] ) throws IOException, PGPException
{
    InputStream in = PGPUtil.getDecoderStream( new ByteArrayInputStream( signedData ) );

    JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory( in );

    PGPCompressedData compressedData = ( PGPCompressedData ) pgpFact.nextObject();

    return new JcaPGPObjectFactory( compressedData.getDataStream() );
}
 

private static PGPPublicKeyEncryptedData getPGPEncryptedData( byte data[] ) throws IOException
{
    InputStream in = PGPUtil.getDecoderStream( new ByteArrayInputStream( data ) );

    JcaPGPObjectFactory objectFactory = new JcaPGPObjectFactory( in );

    PGPEncryptedDataList encryptedDataList = ( PGPEncryptedDataList ) objectFactory.nextObject();

    Iterator it = encryptedDataList.getEncryptedDataObjects();

    return ( PGPPublicKeyEncryptedData ) it.next();
}