/** * Same as {@link #lookupPublicKey} but also retrieves the associated private key. * * @throws VerifyException if either keys couldn't be found. * @see #lookupPublicKey */ @SuppressWarnings("deprecation") public static PGPKeyPair lookupKeyPair( PGPPublicKeyRingCollection publics, PGPSecretKeyRingCollection privates, String query, KeyRequirement want) { PGPPublicKey publicKey = lookupPublicKey(publics, query, want); PGPPrivateKey privateKey; try { PGPSecretKey secret = verifyNotNull(privates.getSecretKey(publicKey.getKeyID()), "Keyring missing private key associated with public key id: %x (query '%s')", publicKey.getKeyID(), query); // We do not support putting a password on the private key so we're just going to // put char[0] here. privateKey = secret.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(new char[0])); } catch (PGPException e) { throw new VerifyException(e.getMessage()); } return new PGPKeyPair(publicKey, privateKey); }
private static PGPPrivateKey extractPrivateKey(PGPSecretKey pgpSecKey, char[] passPhrase) throws PGPException { PGPPrivateKey privateKey = null; BcPGPDigestCalculatorProvider calculatorProvider = new BcPGPDigestCalculatorProvider(); BcPBESecretKeyDecryptorBuilder secretKeyDecryptorBuilder = new BcPBESecretKeyDecryptorBuilder( calculatorProvider); PBESecretKeyDecryptor pBESecretKeyDecryptor = secretKeyDecryptorBuilder.build(passPhrase); try { privateKey = pgpSecKey.extractPrivateKey(pBESecretKeyDecryptor); } catch (PGPException e) { throw new PGPException("invalid privateKey passPhrase: " + String.valueOf(passPhrase), e); } return privateKey; }
private PGPPrivateKey createPrivateKey(PGPSecretKey secretKey, String password) { try { PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(password.toCharArray()); return secretKey.extractPrivateKey(decryptor); } catch (PGPException e) { throw new UncheckedException(e); } }
/** * Builds a secret key decryptor for the specified passphrase. */ protected PBESecretKeyDecryptor buildDecryptor(String passphrase) { char[] chars = !Util.isEmpty(passphrase) ? passphrase.toCharArray() : new char[0]; return new BcPBESecretKeyDecryptorBuilder( new BcPGPDigestCalculatorProvider()).build(chars); }
private void rewrapTest() throws Exception { SecureRandom rand = new SecureRandom(); // Read the secret key rings PGPSecretKeyRingCollection privRings = new PGPSecretKeyRingCollection( new ByteArrayInputStream(rewrapKey), new BcKeyFingerprintCalculator()); Iterator rIt = privRings.getKeyRings(); if (rIt.hasNext()) { PGPSecretKeyRing pgpPriv = (PGPSecretKeyRing)rIt.next(); Iterator it = pgpPriv.getSecretKeys(); while (it.hasNext()) { PGPSecretKey pgpKey = (PGPSecretKey)it.next(); // re-encrypt the key with an empty password pgpPriv = PGPSecretKeyRing.removeSecretKey(pgpPriv, pgpKey); pgpKey = PGPSecretKey.copyWithNewPassword( pgpKey, new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(rewrapPass), null); pgpPriv = PGPSecretKeyRing.insertSecretKey(pgpPriv, pgpKey); // this should succeed PGPPrivateKey privTmp = pgpKey.extractPrivateKey(null); } } }
BcPrivateKey(String armoredKeyString, char[] passphrase) throws PGPKeyInitialisationException { try { PGPSecretKeyRing secKeyRing = new PGPSecretKeyRing( new ArmoredInputStream(new ByteArrayInputStream(armoredKeyString.getBytes(StandardCharsets.US_ASCII))), new BcKeyFingerprintCalculator()); PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(passphrase); ImmutableMap.Builder<Long, PGPPrivateKey> builder = ImmutableMap.builder(); List<PGPPublicKey> pubKeys = new ArrayList<>(2); for (Iterator iterator = secKeyRing.getSecretKeys(); iterator.hasNext(); ) { PGPSecretKey secretKey = (PGPSecretKey) iterator.next(); PGPPrivateKey privateKey = secretKey.extractPrivateKey(decryptor); builder.put(privateKey.getKeyID(), privateKey); pubKeys.add(secretKey.getPublicKey()); } this.secretKey = secKeyRing.getSecretKey(); this.privateKeys = builder.build(); this.privateKey = this.secretKey.extractPrivateKey(decryptor); if (pubKeys.size() >= 2) { this.publicKey = new BcPublicKey(pubKeys.get(0), pubKeys.get(1)); } else { this.publicKey = new BcPublicKey(pubKeys.get(0), pubKeys.get(0)); } } catch (PGPException | RuntimeException | IOException e) { throw new PGPKeyInitialisationException("Error instantiating a private key", e); } checkNotNull(this.secretKey); checkNotNull(this.privateKey); this.fingerprint = BcPublicKey.hexFingerprint(secretKey.getPublicKey()); }
/** * Get private key using the given passphrase * @param pgpSecKey The secret key * @param pass passphrase to decrypt secret key with * @return Private key * @throws PGPException */ private PGPPrivateKey findPrivateKey(PGPSecretKey pgpSecKey, char[] pass) throws PGPException { if (pgpSecKey == null) return null; PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(pass); return pgpSecKey.extractPrivateKey(decryptor); }
static PGPKeyPair getKeyPair() throws Exception { PGPSecretKey secretKey = getPrivateKeyring().getSecretKey(); return new PGPKeyPair( secretKey.getPublicKey(), secretKey.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(new char[0]))); }
private static PGPPrivateKey extractPrivateKey(PGPSecretKey secretKey, String password) { try { return secretKey.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(password.toCharArray())); } catch (PGPException e) { throw new Error(e); } }
public static PGPPrivateKey loadPrivateKey ( final InputStream input, final String keyId, final char[] passPhrase ) throws IOException, PGPException { final PGPSecretKey secretKey = loadSecretKey ( input, keyId ); if ( secretKey == null ) { return null; } return secretKey.extractPrivateKey ( new BcPBESecretKeyDecryptorBuilder ( new BcPGPDigestCalculatorProvider () ).build ( passPhrase ) ); }
/** * read the private key from the given secret key * * @param pgpSecretKey * the secret key * @param password * the password to unlock the private key * @return the unlocked private key * @throws PGPException */ protected PGPPrivateKey findPrivateKey(PGPSecretKey pgpSecretKey, String password) throws PGPException { LOGGER.trace("findPrivateKey(PGPSecretKey, String)"); LOGGER.trace("Secret Key: {}, Password: {}", pgpSecretKey == null ? "not set" : "set", password == null ? "not set" : "********"); PGPPrivateKey result = null; PBESecretKeyDecryptor pbeSecretKeyDecryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(password.toCharArray()); LOGGER.info("Extracting private key"); result = pgpSecretKey.extractPrivateKey(pbeSecretKeyDecryptor); if( result == null && LOGGER.isErrorEnabled() ) { LOGGER.error("No private key could be extracted"); } return result; }
public PGPPrivateKey getPrivateKey() throws PGPException { return getSecretKey() .extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) // All test keys have no passphrase. .build(new char[0])); }
private static PGPPrivateKey findSecretKey( PGPSecretKeyRingCollection pgpSec, long keyID, char[] pass) throws PGPException, NoSuchProviderException { PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) { return null; } final PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder( new BcPGPDigestCalculatorProvider()).build(pass); return pgpSecKey.extractPrivateKey(decryptor); }
public static PGPPrivateKey findSecretKey(final InputStream keyIn, final long keyID, final char[] pass) throws IOException, PGPException { final PGPSecretKeyRingCollection pgpSec = new PGPSecretKeyRingCollection(PGPUtil.getDecoderStream(keyIn), new BcKeyFingerprintCalculator()); final PGPSecretKey pgpSecKey = pgpSec.getSecretKey(keyID); if (pgpSecKey == null) return null; final PBESecretKeyDecryptor decryptor = new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(pass); return pgpSecKey.extractPrivateKey(decryptor); }
private static PGPPrivateKey getPgpPrivateKeyOrFail(final long keyId, final char[] passphrase) throws IOException, PGPException { final PGPSecretKey secretKey = getPgpSecretKeyOrFail(keyId); final PGPDigestCalculatorProvider calculatorProvider = new BcPGPDigestCalculatorProvider(); final BcPBESecretKeyDecryptorBuilder secretKeyDecryptorBuilder = new BcPBESecretKeyDecryptorBuilder(calculatorProvider); final PBESecretKeyDecryptor secretKeyDecryptor = secretKeyDecryptorBuilder.build(passphrase); final PGPPrivateKey privateKey = secretKey.extractPrivateKey(secretKeyDecryptor); return privateKey; }
public PgpSigningService ( final InputStream keyring, final String keyId, final String passphrase ) throws IOException, PGPException { this.secretKey = PgpHelper.loadSecretKey ( keyring, keyId ); if ( this.secretKey == null ) { throw new IllegalStateException ( String.format ( "Signing key '%08X' could not be found", keyId ) ); } this.privateKey = this.secretKey.extractPrivateKey ( new BcPBESecretKeyDecryptorBuilder ( new BcPGPDigestCalculatorProvider () ).build ( passphrase.toCharArray () ) ); }
private void rewrapTest() throws Exception { SecureRandom rand = new SecureRandom(); // Read the secret key rings PGPSecretKeyRingCollection privRings = new PGPSecretKeyRingCollection( new ByteArrayInputStream(rewrapKey)); Iterator rIt = privRings.getKeyRings(); if (rIt.hasNext()) { PGPSecretKeyRing pgpPriv = (PGPSecretKeyRing)rIt.next(); Iterator it = pgpPriv.getSecretKeys(); while (it.hasNext()) { PGPSecretKey pgpKey = (PGPSecretKey)it.next(); // re-encrypt the key with an empty password pgpPriv = PGPSecretKeyRing.removeSecretKey(pgpPriv, pgpKey); pgpKey = PGPSecretKey.copyWithNewPassword( pgpKey, new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(rewrapPass), null); pgpPriv = PGPSecretKeyRing.insertSecretKey(pgpPriv, pgpKey); // this should succeed PGPPrivateKey privTmp = pgpKey.extractPrivateKey(null); } } }
public PGPSigner(InputStream keyring, String keyId, String passphrase, int digest) throws IOException, PGPException { secretKey = getSecretKey(keyring, keyId); if(secretKey == null) { throw new PGPException(String.format("Specified key %s does not exist in key ring %s", keyId, keyring)); } privateKey = secretKey.extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passphrase.toCharArray())); this.digest = digest; }
private void embeddedJpegTest() throws Exception { PGPPublicKeyRing pgpPub = new PGPPublicKeyRing(testPubKey, new BcKeyFingerprintCalculator()); PGPSecretKeyRing pgpSec = new PGPSecretKeyRing(testPrivKey, new BcKeyFingerprintCalculator()); PGPPublicKey pubKey = pgpPub.getPublicKey(); PGPUserAttributeSubpacketVectorGenerator vGen = new PGPUserAttributeSubpacketVectorGenerator(); vGen.setImageAttribute(ImageAttribute.JPEG, jpegImage); PGPUserAttributeSubpacketVector uVec = vGen.generate(); PGPSignatureGenerator sGen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1)); sGen.init(PGPSignature.POSITIVE_CERTIFICATION, pgpSec.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(pass))); PGPSignature sig = sGen.generateCertification(uVec, pubKey); PGPPublicKey nKey = PGPPublicKey.addCertification(pubKey, uVec, sig); Iterator it = nKey.getUserAttributes(); int count = 0; while (it.hasNext()) { PGPUserAttributeSubpacketVector attributes = (PGPUserAttributeSubpacketVector)it.next(); Iterator sigs = nKey.getSignaturesForUserAttribute(attributes); int sigCount = 0; while (sigs.hasNext()) { PGPSignature s = (PGPSignature)sigs.next(); s.init(new BcPGPContentVerifierBuilderProvider(), pubKey); if (!s.verifyCertification(attributes, pubKey)) { fail("added signature failed verification"); } sigCount++; } if (sigCount != 1) { fail("Failed added user attributes signature check"); } count++; } if (count != 1) { fail("didn't find added user attributes"); } nKey = PGPPublicKey.removeCertification(nKey, uVec); count = 0; for (it = nKey.getUserAttributes(); it.hasNext();) { count++; } if (count != 0) { fail("found attributes where none expected"); } }
public void generateTest() throws Exception { char[] passPhrase = "hello".toCharArray(); DSAParametersGenerator dsaPGen = new DSAParametersGenerator(); dsaPGen.init(512, 10, new SecureRandom()); DSAKeyPairGenerator dsaKpg = new DSAKeyPairGenerator(); dsaKpg.init(new DSAKeyGenerationParameters(new SecureRandom(), dsaPGen.generateParameters())); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.generateKeyPair(); ElGamalKeyPairGenerator elgKpg = new ElGamalKeyPairGenerator(); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); elgKpg.init(new ElGamalKeyGenerationParameters(new SecureRandom(), elParams)); // // this is quicker because we are using pregenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new BcPGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new BcPGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", null, null, null, new BcPGPContentSignerBuilder(PGPPublicKey.DSA, HashAlgorithmTags.SHA1), new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256).build(passPhrase)); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
public void generateSha1Test() throws Exception { char[] passPhrase = "hello".toCharArray(); DSAParametersGenerator dsaPGen = new DSAParametersGenerator(); dsaPGen.init(512, 10, new SecureRandom()); DSAKeyPairGenerator dsaKpg = new DSAKeyPairGenerator(); dsaKpg.init(new DSAKeyGenerationParameters(new SecureRandom(), dsaPGen.generateParameters())); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.generateKeyPair(); ElGamalKeyPairGenerator elgKpg = new ElGamalKeyPairGenerator(); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); elgKpg.init(new ElGamalKeyGenerationParameters(new SecureRandom(), elParams)); // // this is quicker because we are using pregenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new BcPGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new BcPGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPDigestCalculator chkSumCalc = new BcPGPDigestCalculatorProvider().get(HashAlgorithmTags.SHA1); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", chkSumCalc, null, null, new BcPGPContentSignerBuilder(PGPPublicKey.DSA, HashAlgorithmTags.SHA1), new BcPBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256).build(passPhrase)); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
private static PBESecretKeyDecryptor createSecretKeyDecryptor() { // There shouldn't be a passphrase on the key return new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(new char[0]); }
private static PGPPrivateKey extractPrivateKey(PGPSecretKey secretKey) throws PGPException { return secretKey.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()) .build(PASSWORD)); }
public AbstractSecretKeySigningService ( final PGPSecretKey secretKey, final String passphrase ) throws PGPException { this.secretKey = secretKey; this.privateKey = this.secretKey.extractPrivateKey ( new BcPBESecretKeyDecryptorBuilder ( new BcPGPDigestCalculatorProvider () ).build ( passphrase.toCharArray () ) ); }
private static PGPPrivateKey extractPrivateKey(final PGPSecretKey secretKey, final char[] passphrase) throws PGPException { final PGPPrivateKey privateKey = secretKey.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passphrase)); return privateKey; }
@Override public void certify(final CertifyPgpKeyParam certifyPgpKeyParam) { try { assertNotNull(certifyPgpKeyParam, "certifyPgpKeyParam"); PgpKey pgpKey = assertNotNull(certifyPgpKeyParam.getPgpKey(), "certifyPgpKeyParam.pgpKey"); PgpKey signPgpKey = assertNotNull(certifyPgpKeyParam.getSignPgpKey(), "certifyPgpKeyParam.signPgpKey"); final PgpSignatureType certificationLevel = assertNotNull(certifyPgpKeyParam.getCertificationLevel(), "certifyPgpKeyParam.certificationLevel"); final HashAlgorithm hashAlgorithm = assertNotNull(certifyPgpKeyParam.getHashAlgorithm(), "certifyPgpKeyParam.hashAlgorithm"); if (pgpKey.getMasterKey() != null) pgpKey = pgpKey.getMasterKey(); if (signPgpKey.getMasterKey() != null) signPgpKey = signPgpKey.getMasterKey(); final BcPgpKey bcPgpKey = getBcPgpKeyOrFail(pgpKey); final BcPgpKey bcSignPgpKey = getBcPgpKeyOrFail(signPgpKey); if (! PgpSignatureType.CERTIFICATIONS.contains(certificationLevel)) throw new IllegalArgumentException("certifyPgpKeyParam.certificationLevel is not contained in PgpSignatureType.CERTIFICATIONS."); final PgpAuthenticationCallback callback = getPgpAuthenticationCallbackOrFail(); final char[] signPassphrase = callback.getPassphrase(signPgpKey); PGPPublicKeyRing publicKeyRing = bcPgpKey.getPublicKeyRing(); final PGPSecretKey signSecretKey = bcSignPgpKey.getSecretKey(); if (signSecretKey == null) throw new IllegalArgumentException("signPgpKey does not have a secret key assigned!"); final PGPPrivateKey signPrivKey = signSecretKey.extractPrivateKey( new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(signPassphrase)); final PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator( new BcPGPContentSignerBuilder(signSecretKey.getPublicKey().getAlgorithm(), hashAlgorithm.getHashAlgorithmTag())); signatureGenerator.init(signatureTypeFromEnum(certificationLevel), signPrivKey); if (pgpKey.getUserIds().isEmpty()) throw new IllegalArgumentException("certifyPgpKeyParam.pgpKey.userIds is empty!"); for (final String userId : pgpKey.getUserIds()) { final PGPPublicKey publicKey = publicKeyRing.getPublicKey(); PGPSignature signature = signatureGenerator.generateCertification(userId, publicKey); PGPPublicKey newKey = PGPPublicKey.addCertification(publicKey, userId, signature); PGPPublicKeyRing newPublicKeyRing = PGPPublicKeyRing.removePublicKey(publicKeyRing, publicKey); newPublicKeyRing = PGPPublicKeyRing.insertPublicKey(newPublicKeyRing, newKey); publicKeyRing = newPublicKeyRing; } final ImportKeysResult importKeysResult = new ImportKeysResult(); final boolean modified = importPublicKeyRing(importKeysResult, publicKeyRing); if (modified) // make sure the localRevision is incremented, even if the timestamp does not change (e.g. because the time resolution of the file system is too low). incLocalRevision(); } catch (IOException | PGPException e) { throw new RuntimeException(e); } }
public void generateTest() throws Exception { char[] passPhrase = "hello".toCharArray(); KeyPairGenerator dsaKpg = KeyPairGenerator.getInstance("DSA", "BC"); dsaKpg.initialize(512); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // KeyPair dsaKp = dsaKpg.generateKeyPair(); KeyPairGenerator elgKpg = KeyPairGenerator.getInstance("ELGAMAL", "BC"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g); elgKpg.initialize(elParams); // // this is quicker because we are using pregenerated parameters. // KeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", PGPEncryptedData.AES_256, passPhrase, null, null, new SecureRandom(), "BC"); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
public void generateSha1Test() throws Exception { char[] passPhrase = "hello".toCharArray(); KeyPairGenerator dsaKpg = KeyPairGenerator.getInstance("DSA", "BC"); dsaKpg.initialize(512); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // KeyPair dsaKp = dsaKpg.generateKeyPair(); KeyPairGenerator elgKpg = KeyPairGenerator.getInstance("ELGAMAL", "BC"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g); elgKpg.initialize(elParams); // // this is quicker because we are using pregenerated parameters. // KeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", PGPEncryptedData.AES_256, passPhrase, true, null, null, new SecureRandom(), "BC"); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
public void generateTest() throws Exception { char[] passPhrase = "hello".toCharArray(); KeyPairGenerator dsaKpg = KeyPairGenerator.getInstance("DSA", "BC"); dsaKpg.initialize(512); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // KeyPair dsaKp = dsaKpg.generateKeyPair(); KeyPairGenerator elgKpg = KeyPairGenerator.getInstance("ELGAMAL", "BC"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g); elgKpg.initialize(512); // // this is quicker because we are using pregenerated parameters. // KeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", PGPEncryptedData.AES_256, passPhrase, null, null, new SecureRandom(), "BC"); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
public void generateSha1Test() throws Exception { char[] passPhrase = "hello".toCharArray(); KeyPairGenerator dsaKpg = KeyPairGenerator.getInstance("DSA", "BC"); dsaKpg.initialize(512); // // this takes a while as the key generator has to generate some DSA params // before it generates the key. // KeyPair dsaKp = dsaKpg.generateKeyPair(); KeyPairGenerator elgKpg = KeyPairGenerator.getInstance("ELGAMAL", "BC"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameterSpec elParams = new ElGamalParameterSpec(p, g); elgKpg.initialize(512); // // this is quicker because we are using pregenerated parameters. // KeyPair elgKp = elgKpg.generateKeyPair(); PGPKeyPair dsaKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date()); PGPKeyPair elgKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date()); PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair, "test", PGPEncryptedData.AES_256, passPhrase, true, null, null, new SecureRandom(), "BC"); keyRingGen.addSubKey(elgKeyPair); PGPSecretKeyRing keyRing = keyRingGen.generateSecretKeyRing(); keyRing.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(passPhrase)); PGPPublicKeyRing pubRing = keyRingGen.generatePublicKeyRing(); PGPPublicKey vKey = null; PGPPublicKey sKey = null; Iterator it = pubRing.getPublicKeys(); while (it.hasNext()) { PGPPublicKey pk = (PGPPublicKey)it.next(); if (pk.isMasterKey()) { vKey = pk; } else { sKey = pk; } } Iterator sIt = sKey.getSignatures(); while (sIt.hasNext()) { PGPSignature sig = (PGPSignature)sIt.next(); if (sig.getKeyID() == vKey.getKeyID() && sig.getSignatureType() == PGPSignature.SUBKEY_BINDING) { sig.init(new BcPGPContentVerifierBuilderProvider(), vKey); if (!sig.verifyCertification(vKey, sKey)) { fail("failed to verify sub-key signature."); } } } }
