예제 #1
0
 /**
  * Verify this signature for a {@link SubKey} signed by a {@link MasterKey}.
  *
  * @param key a subkey
  * @param masterKey the signing master key
  * @return {@code true} if the signature is valid, {@code false} otherwise
  */
 public boolean verifyCertification(SubKey key, MasterKey masterKey) {
   try {
     signature.initVerify(masterKey.getPublicKey(), "BC");
     return signature.verifyCertification(masterKey.getPublicKey(), key.getPublicKey());
   } catch (Exception e) {
     return false;
   }
 }
예제 #2
0
 private void initVerify(PGPSignature pgpSignature, PGPPublicKey pgpSigningKey)
     throws PGPException, NoSuchProviderException {
   try {
     pgpSignature.initVerify(pgpSigningKey, "BC");
   } catch (NoSuchProviderException e) {
     LOGGER.debug(
         "No security provider found. Adding bouncy castle. This message can be ignored", e);
     Security.addProvider(new BouncyCastleProvider());
     pgpSignature.initVerify(pgpSigningKey, "BC");
   }
 }
예제 #3
0
 /**
  * Verify this signature for a self-signed {@link MasterKey}.
  *
  * @param key a self-signed master key
  * @return {@code true} if the signature is valid, {@code false} otherwise
  */
 public boolean verifyCertification(MasterKey key) {
   try {
     signature.initVerify(key.getPublicKey(), "BC");
     return signature.verifyCertification(key.getUserID(), key.getPublicKey());
   } catch (PGPException e) {
     return false;
   } catch (SignatureException e) {
     return false;
   } catch (Exception e) {
     throw new RuntimeException(e);
   }
 }
예제 #4
0
  /**
   * Create a clear sign signature over the input data. (Not detached)
   *
   * @param input the content to be signed
   * @param keyring the keyring
   * @param keyId the 4 bytes identifier of the key, in hexadecimal format
   * @param passphrase the passphrase to retrieve the private key
   * @param output the output destination of the signature
   */
  public static void clearSign(
      InputStream input, InputStream keyring, String keyId, String passphrase, OutputStream output)
      throws IOException, PGPException, GeneralSecurityException {
    PGPSecretKey secretKey = getSecretKey(keyring, keyId);
    PGPPrivateKey privateKey =
        secretKey.extractPrivateKey(
            new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider())
                .build(passphrase.toCharArray()));

    int digest = PGPUtil.SHA1;

    PGPSignatureGenerator signatureGenerator =
        new PGPSignatureGenerator(
            new BcPGPContentSignerBuilder(secretKey.getPublicKey().getAlgorithm(), digest));
    signatureGenerator.init(PGPSignature.CANONICAL_TEXT_DOCUMENT, privateKey);

    ArmoredOutputStream armoredOutput = new ArmoredOutputStream(output);
    armoredOutput.beginClearText(digest);

    BufferedReader reader = new BufferedReader(new InputStreamReader(input));

    String line;
    while ((line = reader.readLine()) != null) {
      // trailing spaces must be removed for signature calculation (see
      // http://tools.ietf.org/html/rfc4880#section-7.1)
      byte[] data = trim(line).getBytes("UTF-8");

      armoredOutput.write(data);
      armoredOutput.write(EOL);

      signatureGenerator.update(data);
      signatureGenerator.update(EOL);
    }

    armoredOutput.endClearText();

    PGPSignature signature = signatureGenerator.generate();
    signature.encode(new BCPGOutputStream(armoredOutput));

    armoredOutput.close();
  }
예제 #5
0
  public Boolean check() throws SignatureException {
    final PGPPublicKey pgpSigningKey =
        readPublicKey(new ByteArrayInputStream(publicKey.getBytes()));

    final ArmoredInputStream armoredInputStream;
    try {
      armoredInputStream = new ArmoredInputStream(new ByteArrayInputStream(signature.getBytes()));
    } catch (IOException e) {
      throw new SignatureException("Failed to verify signature", e);
    }

    final PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(armoredInputStream);

    try {
      final Object nextObject = pgpObjectFactory.nextObject();
      PGPSignature pgpSignature = null;
      if (nextObject instanceof PGPSignatureList) {
        PGPSignatureList list = (PGPSignatureList) nextObject;
        if (!list.isEmpty()) {
          pgpSignature = list.get(0);
        }
      }

      if (pgpSignature == null) {
        return false;
      }

      initVerify(pgpSignature, pgpSigningKey);

      pgpSignature.update(signedData.getBytes());
      return pgpSignature.verify();
    } catch (IOException
        | PGPException
        | NoSuchProviderException
        | java.security.SignatureException e) {
      throw new SignatureException("Failed to verify signature", e);
    }
  }
예제 #6
0
 /** Returns the key ID of the key that made the signature. */
 public long getKeyID() {
   return signature.getKeyID();
 }
예제 #7
0
 /** Returns the {@link AsymmetricAlgorithm} used to make the signature. */
 public AsymmetricAlgorithm getKeyAlgorithm() {
   return IntegerEquivalents.fromInt(AsymmetricAlgorithm.class, signature.getKeyAlgorithm());
 }
예제 #8
0
 /** Returns the timestamp at which the signature was made. */
 public DateTime getCreatedAt() {
   return new DateTime(signature.getCreationTime(), DateTimeZone.UTC);
 }
예제 #9
0
 /** Returns the {@link HashAlgorithm} used to make the signature. */
 public HashAlgorithm getHashAlgorithm() {
   return IntegerEquivalents.fromInt(HashAlgorithm.class, signature.getHashAlgorithm());
 }
예제 #10
0
 /** Returns the type of signature {@code this} is. */
 public SignatureType getSignatureType() {
   return IntegerEquivalents.fromInt(SignatureType.class, signature.getSignatureType());
 }
예제 #11
0
 /**
  * Creates a new {@link KeySignature} given a {@link PGPSignature}.
  *
  * @param signature a {@link PGPSignature} instance
  */
 public KeySignature(PGPSignature signature) {
   this.signature = signature;
   this.subpackets = signature.getHashedSubPackets();
 }