public static PgpUserIdNameHash createFromUserAttribute(final PGPUserAttributeSubpacketVector userAttribute) { assertNotNull(userAttribute, "userAttribute"); final RIPEMD160Digest digest = new RIPEMD160Digest(); // TODO this needs to be extended, if there is ever any other attribute possible, too! // Currently, image seems to be the only supported attribute. Alternatively, we could get the data via reflection... final UserAttributeSubpacket subpacket = userAttribute.getSubpacket(UserAttributeSubpacketTags.IMAGE_ATTRIBUTE); assertNotNull(subpacket, "subpacket"); final byte[] data = assertNotNull(subpacket.getData(), "subpacket.data"); digest.update(data, 0, data.length); final byte[] out = new byte[digest.getDigestSize()]; digest.doFinal(out, 0); return new PgpUserIdNameHash(out); }
private final static boolean isGoodAttributeSignature (PGPSignature sig, PGPPublicKey masterpk, PGPUserAttributeSubpacketVector attr, boolean self, PrimaryKeyFinder kf, KeyInfo signer_info, StringBuilder errors) throws PGPException,SignatureException,IOException { List<PGPPublicKey> signers = findSigners (sig, masterpk, self, kf, "attribute", errors); if (signers == null) { return false; } for (PGPPublicKey signer: signers) { sig.init(new BcPGPContentVerifierBuilderProvider(), signer); if (!sig.verifyCertification(attr, masterpk)) { errors.append ("Skipping certification "+niceSig(sig)+ " for attribute because the signature is invalid.\n"); continue; } if (isSignatureCurrent(sig, errors)) { signer_info.setKey(signer); return true; } } return false; }
private PGPPublicKey mergeUserAttributeSignature(PGPPublicKey publicKey, final PGPUserAttributeSubpacketVector userAttribute, final PGPSignature signature) { assertNotNull(publicKey, "publicKey"); assertNotNull(userAttribute, "userAttribute"); assertNotNull(signature, "signature"); PGPSignature oldSignature = getUserAttributeSignature(publicKey, userAttribute, signature); if (oldSignature == null) publicKey = PGPPublicKey.addCertification(publicKey, userAttribute, signature); return publicKey; }
private static PGPSignature getUserAttributeSignature(final PGPPublicKey publicKey, final PGPUserAttributeSubpacketVector userAttribute, final PGPSignature signature) { assertNotNull(publicKey, "publicKey"); assertNotNull(userAttribute, "userAttribute"); assertNotNull(signature, "signature"); for (@SuppressWarnings("unchecked") final Iterator<?> it = nullToEmpty(publicKey.getSignaturesForUserAttribute(userAttribute)); it.hasNext(); ) { final PGPSignature s = (PGPSignature) it.next(); if (isSignatureEqual(s, signature)) return s; } return null; }
private UserAttribute(PGPUserAttributeSubpacketVector attr, List<PGPSignature> sigs, List<Certification> certs) { m_attr = attr; m_sigs = sigs; m_certs = certs; }
private void existingEmbeddedJpegTest() throws Exception { PGPPublicKeyRing pgpPub = new PGPPublicKeyRing(embeddedJPEGKey, new BcKeyFingerprintCalculator()); PGPPublicKey pubKey = pgpPub.getPublicKey(); Iterator it = pubKey.getUserAttributes(); int count = 0; while (it.hasNext()) { PGPUserAttributeSubpacketVector attributes = (PGPUserAttributeSubpacketVector)it.next(); Iterator sigs = pubKey.getSignaturesForUserAttribute(attributes); int sigCount = 0; while (sigs.hasNext()) { PGPSignature sig = (PGPSignature)sigs.next(); sig.init(new BcPGPContentVerifierBuilderProvider(), pubKey); if (!sig.verifyCertification(attributes, pubKey)) { fail("signature failed verification"); } sigCount++; } if (sigCount != 1) { fail("Failed user attributes signature check"); } count++; } if (count != 1) { fail("didn't find user attributes"); } }
private void embeddedJpegTest() throws Exception { PGPPublicKeyRing pgpPub = new PGPPublicKeyRing(testPubKey, new BcKeyFingerprintCalculator()); PGPSecretKeyRing pgpSec = new PGPSecretKeyRing(testPrivKey, new BcKeyFingerprintCalculator()); PGPPublicKey pubKey = pgpPub.getPublicKey(); PGPUserAttributeSubpacketVectorGenerator vGen = new PGPUserAttributeSubpacketVectorGenerator(); vGen.setImageAttribute(ImageAttribute.JPEG, jpegImage); PGPUserAttributeSubpacketVector uVec = vGen.generate(); PGPSignatureGenerator sGen = new PGPSignatureGenerator(new BcPGPContentSignerBuilder(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1)); sGen.init(PGPSignature.POSITIVE_CERTIFICATION, pgpSec.getSecretKey().extractPrivateKey(new BcPBESecretKeyDecryptorBuilder(new BcPGPDigestCalculatorProvider()).build(pass))); PGPSignature sig = sGen.generateCertification(uVec, pubKey); PGPPublicKey nKey = PGPPublicKey.addCertification(pubKey, uVec, sig); Iterator it = nKey.getUserAttributes(); int count = 0; while (it.hasNext()) { PGPUserAttributeSubpacketVector attributes = (PGPUserAttributeSubpacketVector)it.next(); Iterator sigs = nKey.getSignaturesForUserAttribute(attributes); int sigCount = 0; while (sigs.hasNext()) { PGPSignature s = (PGPSignature)sigs.next(); s.init(new BcPGPContentVerifierBuilderProvider(), pubKey); if (!s.verifyCertification(attributes, pubKey)) { fail("added signature failed verification"); } sigCount++; } if (sigCount != 1) { fail("Failed added user attributes signature check"); } count++; } if (count != 1) { fail("didn't find added user attributes"); } nKey = PGPPublicKey.removeCertification(nKey, uVec); count = 0; for (it = nKey.getUserAttributes(); it.hasNext();) { count++; } if (count != 0) { fail("found attributes where none expected"); } }
private void existingEmbeddedJpegTest() throws Exception { PGPPublicKeyRing pgpPub = new PGPPublicKeyRing(embeddedJPEGKey); PGPPublicKey pubKey = pgpPub.getPublicKey(); Iterator it = pubKey.getUserAttributes(); int count = 0; while (it.hasNext()) { PGPUserAttributeSubpacketVector attributes = (PGPUserAttributeSubpacketVector)it.next(); Iterator sigs = pubKey.getSignaturesForUserAttribute(attributes); int sigCount = 0; while (sigs.hasNext()) { PGPSignature sig = (PGPSignature)sigs.next(); sig.initVerify(pubKey, "BC"); if (!sig.verifyCertification(attributes, pubKey)) { fail("signature failed verification"); } sigCount++; } if (sigCount != 1) { fail("Failed user attributes signature check"); } count++; } if (count != 1) { fail("didn't find user attributes"); } }
private void embeddedJpegTest() throws Exception { PGPPublicKeyRing pgpPub = new PGPPublicKeyRing(testPubKey, new JcaKeyFingerprintCalculator()); PGPSecretKeyRing pgpSec = new PGPSecretKeyRing(testPrivKey, new JcaKeyFingerprintCalculator()); PGPPublicKey pubKey = pgpPub.getPublicKey(); PGPUserAttributeSubpacketVectorGenerator vGen = new PGPUserAttributeSubpacketVectorGenerator(); vGen.setImageAttribute(ImageAttribute.JPEG, jpegImage); PGPUserAttributeSubpacketVector uVec = vGen.generate(); PGPSignatureGenerator sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1, "BC"); sGen.initSign(PGPSignature.POSITIVE_CERTIFICATION, pgpSec.getSecretKey().extractPrivateKey(pass, "BC")); PGPSignature sig = sGen.generateCertification(uVec, pubKey); PGPPublicKey nKey = PGPPublicKey.addCertification(pubKey, uVec, sig); Iterator it = nKey.getUserAttributes(); int count = 0; while (it.hasNext()) { PGPUserAttributeSubpacketVector attributes = (PGPUserAttributeSubpacketVector)it.next(); Iterator sigs = nKey.getSignaturesForUserAttribute(attributes); int sigCount = 0; while (sigs.hasNext()) { PGPSignature s = (PGPSignature)sigs.next(); s.initVerify(pubKey, "BC"); if (!s.verifyCertification(attributes, pubKey)) { fail("added signature failed verification"); } sigCount++; } if (sigCount != 1) { fail("Failed added user attributes signature check"); } count++; } if (count != 1) { fail("didn't find added user attributes"); } nKey = PGPPublicKey.removeCertification(nKey, uVec); count = 0; for (it = nKey.getUserAttributes(); it.hasNext();) { count++; } if (count != 0) { fail("found attributes where none expected"); } }
public PGPUserAttributeSubpacketVector getUserAttribute() { return m_attr; }
