static PGPSecretKey getSecretKey(String privateKeyData) throws IOException, PGPException { PGPPrivateKey privKey = null; try (InputStream privStream = new ArmoredInputStream(new ByteArrayInputStream(privateKeyData.getBytes("UTF-8")))) { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(privStream), new JcaKeyFingerprintCalculator()); Iterator keyRingIter = pgpSec.getKeyRings(); while (keyRingIter.hasNext()) { PGPSecretKeyRing keyRing = (PGPSecretKeyRing)keyRingIter.next(); Iterator keyIter = keyRing.getSecretKeys(); while (keyIter.hasNext()) { PGPSecretKey key = (PGPSecretKey)keyIter.next(); if (key.isSigningKey()) { return key; } } } } throw new IllegalArgumentException("Can't find signing key in key ring."); }
/** * Loads all keys from the specified input stream, * and adds them to this ring's existing list of keys. */ public List<Key> load(InputStream stream) throws IOException, PGPException { ArrayList<Key> keys = new ArrayList<Key>(); Iterator packets = parse(unarmor(stream)); while (packets.hasNext()) { Object packet = packets.next(); if (packet instanceof PGPSecretKeyRing) keys.add(newKey((PGPSecretKeyRing) packet)); else if (packet instanceof PGPPublicKeyRing) keys.add(newKey((PGPPublicKeyRing) packet)); } this.keys.addAll(keys); return keys; }
private void checkSecretKeyRingWithPersonalCertificate(byte[] keyRing) throws Exception { PGPSecretKeyRingCollection secCol = new PGPSecretKeyRingCollection(keyRing, new BcKeyFingerprintCalculator()); int count = 0; for (Iterator rIt = secCol.getKeyRings(); rIt.hasNext();) { PGPSecretKeyRing ring = (PGPSecretKeyRing)rIt.next(); for (Iterator it = ring.getExtraPublicKeys(); it.hasNext();) { it.next(); count++; } } if (count != 1) { fail("personal certificate data subkey not found - count = " + count); } }
public static PGPSecretKey readSecretKey( PGPSecretKeyRing keyRing ) throws PGPException { try { Iterator keyIter = keyRing.getSecretKeys(); while ( keyIter.hasNext() ) { PGPSecretKey key = ( PGPSecretKey ) keyIter.next(); if ( key.isSigningKey() ) { return key; } } } catch ( Exception e ) { LOG.error( e.getMessage() ); } return null; }
@Test public void testVerifySignature() throws Exception { PGPPublicKey encryptingKey = PGPEncryptionUtil.findPublicKeyByFingerprint( findFile( PUBLIC_KEYRING ), PUBLIC_KEY_FINGERPRINT ); PGPSecretKeyRing secretKeys = PGPKeyUtil.readSecretKeyRing( findFile( SECRET_KEYRING ) ); byte[] signedAndEncryptedMessage = PGPEncryptionUtil .signAndEncrypt( MESSAGE.getBytes(), secretKeys.getSecretKey(), SECRET_PWD, encryptingKey, true ); ContentAndSignatures contentAndSignatures = PGPEncryptionUtil.decryptAndReturnSignatures( signedAndEncryptedMessage, secretKeys, SECRET_PWD ); assertTrue( PGPEncryptionUtil.verifySignature( contentAndSignatures, secretKeys.getPublicKey() ) ); }
private static PGPSecretKey readSecretKey( InputStream is ) throws IOException, PGPException { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection( PGPUtil.getDecoderStream( is ), new JcaKeyFingerprintCalculator() ); Iterator keyRingIter = pgpSec.getKeyRings(); while ( keyRingIter.hasNext() ) { PGPSecretKeyRing keyRing = ( PGPSecretKeyRing ) keyRingIter.next(); Iterator keyIter = keyRing.getSecretKeys(); while ( keyIter.hasNext() ) { PGPSecretKey key = ( PGPSecretKey ) keyIter.next(); if ( key.isSigningKey() ) { return key; } } } throw new IllegalArgumentException( "Can't find signing key in key ring." ); }
@Override public PGPPublicKeyRing signKey( PGPSecretKeyRing sourceSecRing, PGPPublicKeyRing targetPubRing, int trustLevel ) { try { String sigId = PGPKeyUtil.encodeNumericKeyId( targetPubRing.getPublicKey().getKeyID() ); targetPubRing = encryptionTool.signPublicKey( targetPubRing, sigId, sourceSecRing.getSecretKey(), "" ); } catch ( Exception ignored ) { //ignore } return targetPubRing; }
@Override public String signPublicKey( String sourceIdentityId, String keyText, int trustLevel ) { String keyStr = ""; try { PGPPublicKeyRing targetPubRing = PGPKeyUtil.readPublicKeyRing( keyText ); PGPSecretKeyRing sourceSecRing = getSecretKeyRing( sourceIdentityId ); targetPubRing = signKey( sourceSecRing, targetPubRing, trustLevel ); keyStr = encryptionTool.armorByteArrayToString( targetPubRing.getEncoded() ); } catch ( Exception ex ) { LOG.error( "**** Error !!! Error signing key, IdentityId: " + sourceIdentityId, ex ); } return keyStr; }
@Override public void saveSecretKeyRing( String identityId, int type, PGPSecretKeyRing secretKeyRing ) { try { PGPPublicKey publicKey = secretKeyRing.getPublicKey(); if ( publicKey != null ) { // Store secretKey String fingerprint = PGPKeyUtil.getFingerprint( publicKey.getFingerprint() ); String pwd = keyData.getSecretKeyringPwd(); //******************* securityDataService.saveSecretKeyData( fingerprint, secretKeyRing.getEncoded(), pwd, type ); securityDataService.saveKeyData( identityId, fingerprint, "", type ); //******************* } } catch ( Exception ex ) { LOG.error( " ******** Error storing Public key:" + ex.toString(), ex ); } }
@Override public PGPSecretKeyRing getSecretKeyRingByFingerprint( String fingerprint ) { try { SecretKeyStore secData = securityDataService.getSecretKeyData( fingerprint ); if ( secData != null ) { return PGPKeyUtil.readSecretKeyRing( secData.getData() ); } else { return null; } } catch ( PGPException e ) { return null; } }
PGPSecretKeyRing createEnvironmentKeyPair( EnvironmentId envId ) throws EnvironmentCreationException { KeyManager keyManager = securityManager.getKeyManager(); String pairId = envId.getId(); try { KeyPair keyPair = keyManager.generateKeyPair( pairId, false ); //******Create PEK ***************************************************************** PGPSecretKeyRing secRing = pgpKeyUtil.getSecretKeyRing( keyPair.getSecKeyring() ); PGPPublicKeyRing pubRing = pgpKeyUtil.getPublicKeyRing( keyPair.getPubKeyring() ); //***************Save Keys ********************************************************* keyManager.saveSecretKeyRing( pairId, SecurityKeyType.ENVIRONMENT_KEY.getId(), secRing ); keyManager.savePublicKeyRing( pairId, SecurityKeyType.ENVIRONMENT_KEY.getId(), pubRing ); return secRing; } catch ( PGPException ex ) { throw new EnvironmentCreationException( ex ); } }
@Test public void testCreateEnvironmentKeyPair() throws Exception { KeyPair keyPair = mock( KeyPair.class ); doReturn( keyPair ).when( keyManager ).generateKeyPair( TestHelper.ENV_ID, false ); PGPSecretKeyRing secRing = mock( PGPSecretKeyRing.class ); PGPPublicKeyRing pubRing = mock( PGPPublicKeyRing.class ); doReturn( secRing ).when( pgpKeyUtil ).getSecretKeyRing( any( byte[].class ) ); doReturn( pubRing ).when( pgpKeyUtil ).getPublicKeyRing( any( byte[].class ) ); environmentManager.createEnvironmentKeyPair( TestHelper.ENVIRONMENT_ID ); verify( keyManager ).saveSecretKeyRing( TestHelper.ENV_ID, SecurityKeyType.ENVIRONMENT_KEY.getId(), secRing ); verify( keyManager ).savePublicKeyRing( TestHelper.ENV_ID, SecurityKeyType.ENVIRONMENT_KEY.getId(), pubRing ); }
private PGPSecretKey readSecretKey() throws IOException, PGPException { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection( PGPUtil.getDecoderStream(new ByteArrayInputStream(config.keypair.getBytes())), new JcaKeyFingerprintCalculator()); Iterator<PGPSecretKeyRing> keyRings = pgpSec.getKeyRings(); while (keyRings.hasNext()) { PGPSecretKeyRing keyRing = (PGPSecretKeyRing) keyRings.next(); Iterator<PGPSecretKey> keys = keyRing.getSecretKeys(); while (keys.hasNext()) { PGPSecretKey key = (PGPSecretKey) keys.next(); if (key.isSigningKey()) { return key; } } } throw new IllegalStateException("Can't find signing key in key ring."); }
static PGPSecretKey readSecretKey() throws Exception { InputStream input = new ByteArrayInputStream(getSecKeyRing()); PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(input), new BcKeyFingerprintCalculator()); @SuppressWarnings("rawtypes") Iterator keyRingIter = pgpSec.getKeyRings(); while (keyRingIter.hasNext()) { PGPSecretKeyRing keyRing = (PGPSecretKeyRing) keyRingIter.next(); @SuppressWarnings("rawtypes") Iterator keyIter = keyRing.getSecretKeys(); while (keyIter.hasNext()) { PGPSecretKey key = (PGPSecretKey) keyIter.next(); if (key.isSigningKey()) { return key; } } } throw new IllegalArgumentException("Can't find signing key in key ring."); }
private static List<PGPSecretKeyRing> extractSecrectKeyRings(InputStream inputStream) { InputStream decodedInput; try { decodedInput = PGPUtil.getDecoderStream(inputStream); } catch (final IOException e) { throw JkUtilsThrowable.unchecked(e); } final KeyFingerPrintCalculator fingerPrintCalculator = new JcaKeyFingerprintCalculator(); final InnerPGPObjectFactory pgpFact = new InnerPGPObjectFactory(decodedInput, fingerPrintCalculator); PGPSecretKeyRing secKeyRing; final List<PGPSecretKeyRing> result = new LinkedList<>(); while ((secKeyRing = pgpFact.nextSecretKey()) != null) { result.add(secKeyRing); } return result; }
@Override public PgpKey createPgpKey(final CreatePgpKeyParam createPgpKeyParam) { assertNotNull(createPgpKeyParam, "createPgpKeyParam"); try { final Pair<PGPPublicKeyRing, PGPSecretKeyRing> pair = createPGPSecretKeyRing(createPgpKeyParam); final PGPPublicKeyRing pgpPublicKeyRing = pair.a; final PGPSecretKeyRing pgpSecretKeyRing = pair.b; final ImportKeysResult importKeysResult = new ImportKeysResult(); synchronized (this) { importPublicKeyRing(importKeysResult, pgpPublicKeyRing); importSecretKeyRing(importKeysResult, pgpSecretKeyRing); } final PGPSecretKey secretKey = pgpSecretKeyRing.getSecretKey(); final PgpKey pgpKey = getPgpKey(new PgpKeyId(secretKey.getKeyID())); assertNotNull(pgpKey, "pgpKey"); return pgpKey; } catch (IOException | NoSuchAlgorithmException | PGPException e) { throw new RuntimeException(e); } }
public OpenPGPSecretKey(String keyId, InputStream secretKeyRing, char[] password) throws IOException { PGPObjectFactory pgpObjectFactory = new BcPGPObjectFactory(PGPUtil.getDecoderStream(secretKeyRing)); for (Object it = pgpObjectFactory.nextObject(); it != null; it = pgpObjectFactory.nextObject()) { PGPSecretKeyRing pgpSecretKeyRing = (PGPSecretKeyRing) it; PGPSecretKey pgpSecretKey = pgpSecretKeyRing.getSecretKey(); if (keyId == null || keyId.isEmpty() || Long.valueOf(keyId, 16) == (pgpSecretKey.getKeyID() & MASK)) { this.secretKey = pgpSecretKey; break; } } // sanity check if (secretKey == null) { throw new IllegalArgumentException("Secret key " + keyId + " not found"); } this.password = password; }
private void checkSecretKeyRingWithPersonalCertificate(byte[] keyRing) throws Exception { PGPSecretKeyRingCollection secCol = new PGPSecretKeyRingCollection(keyRing); int count = 0; for (Iterator rIt = secCol.getKeyRings(); rIt.hasNext();) { PGPSecretKeyRing ring = (PGPSecretKeyRing)rIt.next(); for (Iterator it = ring.getExtraPublicKeys(); it.hasNext();) { it.next(); count++; } } if (count != 1) { fail("personal certificate data subkey not found - count = " + count); } }
public void performTest() throws Exception { PGPUtil.setDefaultProvider("BC"); // // Read the public key // PGPPublicKeyRing pubKeyRing = new PGPPublicKeyRing(testPubKey, new JcaKeyFingerprintCalculator()); doBasicKeyRingCheck(pubKeyRing); // // Read the private key // PGPSecretKeyRing secretKeyRing = new PGPSecretKeyRing(testPrivKey, new JcaKeyFingerprintCalculator()); testDecrypt(secretKeyRing); encryptDecryptTest(); generate(); }
private static PGPSecretKey readSecretKey(InputStream input, String keyId) throws IOException, PGPException { for (@SuppressWarnings("unchecked") Iterator<PGPSecretKeyRing> keyRingIter = new PGPSecretKeyRingCollection( PGPUtil.getDecoderStream(input)).getKeyRings(); keyRingIter .hasNext();) { for (@SuppressWarnings("unchecked") Iterator<PGPSecretKey> keyIter = keyRingIter.next().getSecretKeys(); keyIter .hasNext();) { PGPSecretKey key = keyIter.next(); String id = bytArrayToHex(key.getPublicKey().getFingerprint()); if ((keyId == null || keyId.equalsIgnoreCase(id.substring(id .length() - 8))) && key.isSigningKey()) { return key; } } } throw new IllegalArgumentException("No signing key in keyring"); }
public static PGPSecretKeyRing copySecretKeyRingWithNewPassword(byte[] privateKeyData, char[] oldPassphrase, char[] newPassphrase) throws PGPException, IOException, KonException { // load the secret key ring PGPSecretKeyRing secRing = new PGPSecretKeyRing(privateKeyData, FP_CALC); PGPDigestCalculatorProvider calcProv = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(calcProv) .setProvider(PGPUtils.PROVIDER) .build(oldPassphrase); PGPDigestCalculator calc = new JcaPGPDigestCalculatorProviderBuilder().build().get(HashAlgorithmTags.SHA256); PBESecretKeyEncryptor encryptor = new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, calc) .setProvider(PROVIDER).build(newPassphrase); try { return PGPSecretKeyRing.copyWithNewPassword(secRing, decryptor, encryptor); } catch (PGPException ex) { // treat this special, cause most like the decryption password was wrong throw new KonException(KonException.Error.CHANGE_PASS_COPY, ex); } }
public void performTest() throws Exception { PGPUtil.setDefaultProvider("BC"); // // Read the public key // PGPPublicKeyRing pubKeyRing = new PGPPublicKeyRing(testPubKey, new JcaKeyFingerprintCalculator()); doBasicKeyRingCheck(pubKeyRing); // // Read the private key // PGPSecretKeyRing secretKeyRing = new PGPSecretKeyRing(testPrivKey, new JcaKeyFingerprintCalculator()); generate(); }
/** * Loads a {@link KeySet} from an {@link java.io.InputStream}. */ public KeySet read(InputStream input) throws CryptographicException, IOException { try { final KeySet keySet = new KeySet(new PGPSecretKeyRing(input, new JcaKeyFingerprintCalculator())); final MasterKey masterKey = keySet.getMasterKey(); final SubKey subKey = keySet.getSubKey(); final KeySignature masterSig = masterKey.signature; if (masterSig == null || !masterSig.verifyCertification(masterKey)) { throw new CryptographicException("Key set has no self-signed master key"); } final KeySignature subSig = subKey.signature; if (subSig == null || !subSig.verifyCertification(subKey, masterKey)) { throw new CryptographicException("Key set has no valid subkey"); } return keySet; } catch (PGPException e) { throw new CryptographicException(e); } finally { input.close(); } }
@Nullable private PGPSecretKey findSecretKey(PGPSecretKeyRingCollection keyRings, PgpKeyId keyId) { Iterator<PGPSecretKeyRing> keyRingIterator = uncheckedCast(keyRings.getKeyRings()); while (keyRingIterator.hasNext()) { PGPSecretKeyRing keyRing = keyRingIterator.next(); Iterator<PGPSecretKey> secretKeyIterator = uncheckedCast(keyRing.getSecretKeys()); while (secretKeyIterator.hasNext()) { PGPSecretKey secretKey = secretKeyIterator.next(); if (hasId(keyId, secretKey)) { return secretKey; } } } return null; }
public static PGPSecretKey readSecretKey(InputStream in) throws IOException, PGPException { in = PGPUtil.getDecoderStream(in); PGPSecretKeyRingCollection keyRingCollection = new PGPSecretKeyRingCollection(in, new JcaKeyFingerprintCalculator()); // // We just loop through the collection till we find a key suitable for signing. // In the real world you would probably want to be a bit smarter about this. // PGPSecretKey secretKey = null; Iterator<PGPSecretKeyRing> rIt = keyRingCollection.getKeyRings(); while (secretKey == null && rIt.hasNext()) { PGPSecretKeyRing keyRing = rIt.next(); Iterator<PGPSecretKey> kIt = keyRing.getSecretKeys(); while (secretKey == null && kIt.hasNext()) { PGPSecretKey key = kIt.next(); if (key.isSigningKey()) { secretKey = key; } } } // Validate secret key if (secretKey == null) { throw new IllegalArgumentException("Can't find private key in the key ring."); } if (!secretKey.isSigningKey()) { throw new IllegalArgumentException("Private key does not allow signing."); } if (secretKey.getPublicKey().isRevoked()) { throw new IllegalArgumentException("Private key has been revoked."); } return secretKey; }
/** * A simple routine that opens a key ring file and loads the first available * key suitable for signature generation. * * @param input * stream to read the secret key ring collection from. * @return a secret key. * @throws IOException * on a problem with using the input stream. * @throws PGPException * if there is an issue parsing the input stream. */ static PGPSecretKey readSecretKey(InputStream input) throws IOException, PGPException { PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(input), new JcaKeyFingerprintCalculator()); // // we just loop through the collection till we find a key suitable for // encryption, in the real // world you would probably want to be a bit smarter about this. // Iterator keyRingIter = pgpSec.getKeyRings(); while (keyRingIter.hasNext()) { PGPSecretKeyRing keyRing = (PGPSecretKeyRing) keyRingIter.next(); Iterator keyIter = keyRing.getSecretKeys(); while (keyIter.hasNext()) { PGPSecretKey key = (PGPSecretKey) keyIter.next(); if (key.isSigningKey()) { return key; } } } throw new IllegalArgumentException("Can't find signing key in key ring."); }
@Override protected Void doInBackground() throws Exception { Main.logger.info("Neue Schlüssel werden generiert..."); PGPKeyRingGenerator pkg = RSAGen.generateKeyRingGenerator(mail, pass, this); PGPPublicKeyRing pkr = pkg.generatePublicKeyRing(); PGPSecretKeyRing skr = pkg.generateSecretKeyRing(); Main.psk = skr.getSecretKey(); Iterator<PGPPublicKey> rIt = pkr.getPublicKeys(); // Sucht den Verschlüsselungsschlüssel while (Main.ppk == null && rIt.hasNext()) { PGPPublicKey temp_key = rIt.next(); if (temp_key.isEncryptionKey()) { Main.ppk = temp_key; break; } } PBESecretKeyDecryptor secretKeyDecryptor = new JcePBESecretKeyDecryptorBuilder() .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(pass); Main.pprk = Main.psk.extractPrivateKey(secretKeyDecryptor); setProgress(90); // Speichern der Schlüssel PGPSecretKeyRing pskr = pkg.generateSecretKeyRing(); ArmoredOutputStream secout = new ArmoredOutputStream( new BufferedOutputStream(new FileOutputStream(Main.secKey))); // Geheimer Schlüssel pskr.encode(secout); secout.close(); ArmoredOutputStream pubout = new ArmoredOutputStream( new BufferedOutputStream(new FileOutputStream(Main.pubKey))); pkr.encode(pubout); pubout.close(); setProgress(100); return null; }
public static String getKeyInfo(PGPSecretKeyRingCollection coll) { StringBuffer info = new StringBuffer(); // Iterate through key rings Iterator<?> rings = coll.getKeyRings(); while (rings.hasNext()) { PGPSecretKeyRing ring = (PGPSecretKeyRing)rings.next(); Iterator<?> keys = ring.getSecretKeys(); while (keys.hasNext()) { info.append(getKeyInfo((PGPSecretKey)keys.next())).append("\n"); } } return info.toString(); }
@ReactMethod public void generateKeyPair(final String userId, final int numBits, final String passphrase, Promise promise) { Log.d("ReactNativePGP", "generateKeyPair"); try { WritableMap resultMap = Arguments.createMap(); PGPKeyRingGenerator keyGenerator = PGPUtils.generateKeyRingGenerator(userId, numBits, passphrase.toCharArray()); // public key PGPPublicKeyRing publicKeyRing = keyGenerator.generatePublicKeyRing(); ByteArrayOutputStream publicKeyOutputStream = new ByteArrayOutputStream(); ArmoredOutputStream armoredPubOutputStream = new ArmoredOutputStream(publicKeyOutputStream); publicKeyRing.encode(armoredPubOutputStream); armoredPubOutputStream.close(); resultMap.putString("publicKey", publicKeyOutputStream.toString("UTF-8")); // private key PGPSecretKeyRing secretKeyRing = keyGenerator.generateSecretKeyRing(); ByteArrayOutputStream privateKeyOutputStream = new ByteArrayOutputStream(); ArmoredOutputStream armoredPrivOutputStream = new ArmoredOutputStream(privateKeyOutputStream); secretKeyRing.encode(armoredPrivOutputStream); armoredPrivOutputStream.close(); resultMap.putString("privateKey", privateKeyOutputStream.toString("UTF-8")); resultMap.putString("fingerPrint", Utils.bytesToHex(secretKeyRing.getPublicKey().getFingerprint())); promise.resolve(resultMap); } catch(Exception e) { promise.reject(new Exception(e.getMessage())); } }
static public void addPrivateKeyToKeyring(final String gpgHomeDirectory, final String keyringFile) throws FileNotFoundException, IOException, PGPException { Security.addProvider(new BouncyCastleProvider()); // Read user secret keyring FileInputStream inPriv = new FileInputStream(gpgHomeDirectory + "/secring.gpg"); PGPSecretKeyRingCollection privRings = new PGPSecretKeyRingCollection(inPriv, new JcaKeyFingerprintCalculator()); // Read keys (public and private) from armored file PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection( PGPUtil.getDecoderStream(new FileInputStream(keyringFile)), new JcaKeyFingerprintCalculator()); // Iterate over the keys Iterator keyRingIter = pgpSec.getKeyRings(); while (keyRingIter.hasNext()) { PGPSecretKeyRing keyRing = (PGPSecretKeyRing) keyRingIter.next(); privRings = PGPSecretKeyRingCollection.addSecretKeyRing(privRings, keyRing); Iterator keyIter = keyRing.getSecretKeys(); while (keyIter.hasNext()) { PGPSecretKey key = (PGPSecretKey) keyIter.next(); if (key.isSigningKey()) { System.out.println("Private key imported " + Long.toHexString(key.getKeyID()).toUpperCase()); } } } try (FileOutputStream out = new FileOutputStream(new File(gpgHomeDirectory + "/secring.gpg"))) { privRings.encode(out); } }