private static PGPPublicKey certifiedPublicKey(
int certificationLevel,
PGPKeyPair keyPair,
String id,
PGPSignatureSubpacketVector hashedPcks,
PGPSignatureSubpacketVector unhashedPcks,
PGPContentSignerBuilder certificationSignerBuilder)
throws PGPException {
PGPSignatureGenerator sGen;
try {
sGen = new PGPSignatureGenerator(certificationSignerBuilder);
} catch (Exception e) {
throw new PGPException("creating signature generator: " + e, e);
}
//
// generate the certification
//
sGen.init(certificationLevel, keyPair.getPrivateKey());
sGen.setHashedSubpackets(hashedPcks);
sGen.setUnhashedSubpackets(unhashedPcks);
try {
PGPSignature certification = sGen.generateCertification(id, keyPair.getPublicKey());
return PGPPublicKey.addCertification(keyPair.getPublicKey(), id, certification);
} catch (Exception e) {
throw new PGPException("exception doing certification: " + e, e);
}
}
/**
* Encodes the provided message with the private key and pass phrase set in configuration
*
* @param message Message to encode
* @return Encoded message
* @throws LRException SIGNING_FAILED if the document cannot be signed, NO_KEY if the key cannot
* be obtained
*/
private String signEnvelopeData(String message) throws LRException {
// Get an InputStream for the private key
InputStream privateKeyStream = getPrivateKeyStream(privateKey);
// Get an OutputStream for the result
ByteArrayOutputStream result = new ByteArrayOutputStream();
ArmoredOutputStream aOut = new ArmoredOutputStream(result);
// Get the pass phrase
char[] privateKeyPassword = passPhrase.toCharArray();
try {
// Get the private key from the InputStream
PGPSecretKey sk = readSecretKey(privateKeyStream);
PGPPrivateKey pk = sk.extractPrivateKey(privateKeyPassword, "BC");
PGPSignatureGenerator pgp =
new PGPSignatureGenerator(sk.getPublicKey().getAlgorithm(), PGPUtil.SHA256, "BC");
PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
// Clear sign the message
java.util.Iterator it = sk.getPublicKey().getUserIDs();
if (it.hasNext()) {
spGen.setSignerUserID(false, (String) it.next());
pgp.setHashedSubpackets(spGen.generate());
}
aOut.beginClearText(PGPUtil.SHA256);
pgp.initSign(PGPSignature.CANONICAL_TEXT_DOCUMENT, pk);
byte[] msg = message.getBytes();
pgp.update(msg, 0, msg.length);
aOut.write(msg, 0, msg.length);
BCPGOutputStream bOut = new BCPGOutputStream(aOut);
aOut.endClearText();
pgp.generate().encode(bOut);
String strResult = result.toString("utf8");
return strResult;
} catch (Exception e) {
throw new LRException(LRException.SIGNING_FAILED);
} finally {
try {
if (privateKeyStream != null) {
privateKeyStream.close();
}
aOut.close();
result.close();
} catch (IOException e) {
// Could not close the streams
}
}
}
