Examples of org.bouncycastle.openpgp.PGPSecretKey

org.bouncycastle.openpgp.PGPSecretKey
general class to handle a PGP secret key object.

            PGPSecretKeyRing keyRing = (PGPSecretKeyRing)keyRingIter.next();


            Iterator keyIter = keyRing.getSecretKeys();
            while (keyIter.hasNext())
            {
                PGPSecretKey key = (PGPSecretKey)keyIter.next();


                if (key.isSigningKey())
                {
                    return key;
                }
            }
        }

View Full Code Here

    {
        //
        // RSA tests
        //
        PGPSecretKeyRing pgpPriv = new PGPSecretKeyRing(rsaKeyRing);         
        PGPSecretKey secretKey = pgpPriv.getSecretKey();        
        PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(rsaPass, "BC");


        try
        {
            testSig(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, secretKey.getPublicKey(), pgpPrivKey);


            fail("RSA wrong key test failed.");
        }
        catch (PGPException e)
        {
            // expected
        }
        
        try
        {
            testSigV3(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, secretKey.getPublicKey(), pgpPrivKey);


            fail("RSA V3 wrong key test failed.");
        }
        catch (PGPException e)
        {
            // expected
        }


        //
        // certifications
        //
        PGPSignatureGenerator sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1, "BC");
        
        sGen.initSign(PGPSignature.KEY_REVOCATION, pgpPrivKey);


        PGPSignature sig = sGen.generateCertification(secretKey.getPublicKey());
        
        sig.initVerify(secretKey.getPublicKey(), "BC");
        
        if (!sig.verifyCertification(secretKey.getPublicKey()))
        {
            fail("revocation verification failed.");
        }
        
        PGPSecretKeyRing pgpDSAPriv = new PGPSecretKeyRing(dsaKeyRing);         
        PGPSecretKey secretDSAKey = pgpDSAPriv.getSecretKey();        
        PGPPrivateKey pgpPrivDSAKey = secretDSAKey.extractPrivateKey(dsaPass, "BC");
        
        sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, "BC");
        
        sGen.initSign(PGPSignature.SUBKEY_BINDING, pgpPrivDSAKey);


        PGPSignatureSubpacketGenerator    unhashedGen = new PGPSignatureSubpacketGenerator();
        PGPSignatureSubpacketGenerator    hashedGen = new PGPSignatureSubpacketGenerator();
        
        hashedGen.setSignatureExpirationTime(false, TEST_EXPIRATION_TIME);
        hashedGen.setSignerUserID(true, TEST_USER_ID);
        hashedGen.setPreferredCompressionAlgorithms(false, PREFERRED_COMPRESSION_ALGORITHMS);
        hashedGen.setPreferredHashAlgorithms(false, PREFERRED_HASH_ALGORITHMS);
        hashedGen.setPreferredSymmetricAlgorithms(false, PREFERRED_SYMMETRIC_ALGORITHMS);


        sGen.setHashedSubpackets(hashedGen.generate());
        sGen.setUnhashedSubpackets(unhashedGen.generate());
        
        sig = sGen.generateCertification(secretDSAKey.getPublicKey(), secretKey.getPublicKey());


        byte[] sigBytes = sig.getEncoded();
        
        PGPObjectFactory f = new PGPObjectFactory(sigBytes);
        
        sig = ((PGPSignatureList) f.nextObject()).get(0);
        
        sig.initVerify(secretDSAKey.getPublicKey(), "BC");
        
        if (!sig.verifyCertification(secretDSAKey.getPublicKey(), secretKey.getPublicKey()))
        {
            fail("subkey binding verification failed.");
        }
        
        PGPSignatureSubpacketVector hashedPcks = sig.getHashedSubPackets();
        PGPSignatureSubpacketVector unhashedPcks = sig.getUnhashedSubPackets();
        
        if (hashedPcks.size() != 6)
        {
            fail("wrong number of hashed packets found.");
        }


        if (unhashedPcks.size() != 1)
        {
            fail("wrong number of unhashed packets found.");
        }


        if (!hashedPcks.getSignerUserID().equals(TEST_USER_ID))
        {
            fail("test userid not matching");
        }
        
        if (hashedPcks.getSignatureExpirationTime() != TEST_EXPIRATION_TIME)
        {
            fail("test signature expiration time not matching");
        }
        
        if (unhashedPcks.getIssuerKeyID() != secretDSAKey.getKeyID())
        {
            fail("wrong issuer key ID found in certification");
        }
        
        int[] prefAlgs = hashedPcks.getPreferredCompressionAlgorithms();
        preferredAlgorithmCheck("compression", PREFERRED_COMPRESSION_ALGORITHMS, prefAlgs);


        prefAlgs = hashedPcks.getPreferredHashAlgorithms();
        preferredAlgorithmCheck("hash", PREFERRED_HASH_ALGORITHMS, prefAlgs);
        
        prefAlgs = hashedPcks.getPreferredSymmetricAlgorithms();
        preferredAlgorithmCheck("symmetric", PREFERRED_SYMMETRIC_ALGORITHMS, prefAlgs);
        
        int[] criticalHashed = hashedPcks.getCriticalTags();
        
        if (criticalHashed.length != 1)
        {
            fail("wrong number of critical packets found.");
        }
        
        if (criticalHashed[0] != SignatureSubpacketTags.SIGNER_USER_ID)
        {
            fail("wrong critical packet found in tag list.");
        }
        
        //
        // no packets passed
        //
        sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, "BC");
        
        sGen.initSign(PGPSignature.SUBKEY_BINDING, pgpPrivDSAKey);


        sGen.setHashedSubpackets(null);
        sGen.setUnhashedSubpackets(null);


        sig = sGen.generateCertification(TEST_USER_ID, secretKey.getPublicKey());
        
        sig.initVerify(secretDSAKey.getPublicKey(), "BC");
        
        if (!sig.verifyCertification(TEST_USER_ID, secretKey.getPublicKey()))
        {
            fail("subkey binding verification failed.");
        }
        
        hashedPcks = sig.getHashedSubPackets();
        
        if (hashedPcks.size() != 1)
        {
            fail("found wrong number of hashed packets");
        }
        
        unhashedPcks = sig.getUnhashedSubPackets();
        
        if (unhashedPcks.size() != 1)
        {
            fail("found wrong number of unhashed packets");
        }
        
        try
        {
            sig.verifyCertification(secretKey.getPublicKey());
            
            fail("failed to detect non-key signature.");
        }
        catch (PGPException e)
        {
            // expected
        }
        
        //
        // override hash packets
        //
        sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.DSA, HashAlgorithmTags.SHA1, "BC");
        
        sGen.initSign(PGPSignature.SUBKEY_BINDING, pgpPrivDSAKey);


        hashedGen = new PGPSignatureSubpacketGenerator();
        
        hashedGen.setSignatureCreationTime(false, new Date(0L));
        
        sGen.setHashedSubpackets(hashedGen.generate());
        
        sGen.setUnhashedSubpackets(null);


        sig = sGen.generateCertification(TEST_USER_ID, secretKey.getPublicKey());
        
        sig.initVerify(secretDSAKey.getPublicKey(), "BC");
        
        if (!sig.verifyCertification(TEST_USER_ID, secretKey.getPublicKey()))
        {
            fail("subkey binding verification failed.");
        }

View Full Code Here

        InputStream    in)
        throws IOException, PGPException
    {
        PGPSecretKeyRingCollection        pgpSec = new PGPSecretKeyRingCollection(in);


        PGPSecretKey    key = null;


        //
        // iterate through the key rings.
        //
        Iterator rIt = pgpSec.getKeyRings();


        while (key == null && rIt.hasNext())
        {
            PGPSecretKeyRing    kRing = (PGPSecretKeyRing)rIt.next();
            Iterator            kIt = kRing.getSecretKeys();
    
            while (key == null && kIt.hasNext())
            {
                PGPSecretKey    k = (PGPSecretKey)kIt.next();
    
                if (k.isSigningKey())
                {
                    key = k;
                }
            }
        }

View Full Code Here

    private void generateTest(
        String message,
        String type)
        throws Exception
    {
        PGPSecretKey                    pgpSecKey = readSecretKey(new ByteArrayInputStream(secretKey));
        PGPPrivateKey                   pgpPrivKey = pgpSecKey.extractPrivateKey("".toCharArray(), "BC");
        PGPSignatureGenerator           sGen = new PGPSignatureGenerator(pgpSecKey.getPublicKey().getAlgorithm(), PGPUtil.SHA256, "BC");
        PGPSignatureSubpacketGenerator  spGen = new PGPSignatureSubpacketGenerator();


        sGen.initSign(PGPSignature.CANONICAL_TEXT_DOCUMENT, pgpPrivKey);


        Iterator    it = pgpSecKey.getPublicKey().getUserIDs();
        if (it.hasNext())
        {
            spGen.setSignerUserID(false, (String)it.next());
            sGen.setHashedSubpackets(spGen.generate());
        }

View Full Code Here

    
        kpg.initialize(1024);
    
        KeyPair                    kp = kpg.generateKeyPair();


        PGPSecretKey    secretKey = new PGPSecretKey(PGPSignature.DEFAULT_CERTIFICATION, PublicKeyAlgorithmTags.RSA_GENERAL, kp.getPublic(), kp.getPrivate(), new Date(), "fred", SymmetricKeyAlgorithmTags.CAST5, passPhrase, null, null, new SecureRandom(), "BC");
    
        PGPPublicKey    key = secretKey.getPublicKey();


        it = key.getUserIDs();


        uid = (String)it.next();


        it = key.getSignaturesForID(uid);


        sig = (PGPSignature)it.next();


        sig.initVerify(key, "BC");


        if (!sig.verifyCertification(uid, key))
        {
            fail("failed to verify certification");
        }


        pgpPrivKey = secretKey.extractPrivateKey(passPhrase, "BC");
        
        key = PGPPublicKey.removeCertification(key, uid, sig);
        
        if (key == null)
        {
            fail("failed certification removal");
        }
        
        byte[]    keyEnc = key.getEncoded();
        
        key = PGPPublicKey.addCertification(key, uid, sig);
        
        keyEnc = key.getEncoded();


        PGPSignatureGenerator sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1, "BC");
        
        sGen.initSign(PGPSignature.KEY_REVOCATION, secretKey.extractPrivateKey(passPhrase, "BC"));


        sig = sGen.generateCertification(key);


        key = PGPPublicKey.addCertification(key, sig);


        keyEnc = key.getEncoded();


        PGPPublicKeyRing    tmpRing = new PGPPublicKeyRing(keyEnc);


        key = tmpRing.getPublicKey();


        Iterator            sgIt = key.getSignaturesOfType(PGPSignature.KEY_REVOCATION);


        sig = (PGPSignature)sgIt.next();


        sig.initVerify(key, "BC");


        if (!sig.verifyCertification(key))
        {
            fail("failed to verify revocation certification");
        }


        //
        // use of PGPKeyPair
        //
        PGPKeyPair    pgpKp = new PGPKeyPair(PGPPublicKey.RSA_GENERAL , kp.getPublic(), kp.getPrivate(), new Date());
        
        PGPPublicKey k1 = pgpKp.getPublicKey();
        
        PGPPrivateKey k2 = pgpKp.getPrivateKey();
        
        k1.getEncoded();


        mixedTest(k2, k1);


        //
        // key pair generation - AES_256 encryption.
        //
        kp = kpg.generateKeyPair();


        secretKey = new PGPSecretKey(PGPSignature.DEFAULT_CERTIFICATION, PublicKeyAlgorithmTags.RSA_GENERAL, kp.getPublic(), kp.getPrivate(), new Date(), "fred", SymmetricKeyAlgorithmTags.AES_256, passPhrase, null, null, new SecureRandom(), "BC");
    
        secretKey.extractPrivateKey(passPhrase, "BC");
        
        secretKey.encode(new ByteArrayOutputStream());
        
        //
        // secret key password changing.
        //
        String  newPass = "newPass";
        
        secretKey = PGPSecretKey.copyWithNewPassword(secretKey, passPhrase, newPass.toCharArray(), secretKey.getKeyEncryptionAlgorithm(), new SecureRandom(), "BC");
        
        secretKey.extractPrivateKey(newPass.toCharArray(), "BC");
        
        secretKey.encode(new ByteArrayOutputStream());
        
        key = secretKey.getPublicKey();


        key.encode(new ByteArrayOutputStream());
        
        it = key.getUserIDs();


        uid = (String)it.next();


        it = key.getSignaturesForID(uid);


        sig = (PGPSignature)it.next();


        sig.initVerify(key, "BC");


        if (!sig.verifyCertification(uid, key))
        {
            fail("failed to verify certification");
        }


        pgpPrivKey = secretKey.extractPrivateKey(newPass.toCharArray(), "BC");
        
        //
        // signature generation
        //
        String                                data = "hello world!";
        
        bOut = new ByteArrayOutputStream();
        
        ByteArrayInputStream        testIn = new ByteArrayInputStream(data.getBytes());
        
        sGen = new PGPSignatureGenerator(PublicKeyAlgorithmTags.RSA_GENERAL, HashAlgorithmTags.SHA1, "BC");
    
        sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);


        PGPCompressedDataGenerator cGen = new PGPCompressedDataGenerator(
            PGPCompressedData.ZIP);


        BCPGOutputStream bcOut = new BCPGOutputStream(
            cGen.open(new UncloseableOutputStream(bOut)));


        sGen.generateOnePassVersion(false).encode(bcOut);


        PGPLiteralDataGenerator    lGen = new PGPLiteralDataGenerator();


        Date testDate = new Date((System.currentTimeMillis() / 1000) * 1000);
        OutputStream lOut = lGen.open(
            new UncloseableOutputStream(bcOut),
            PGPLiteralData.BINARY,
            "_CONSOLE",
            data.getBytes().length,
            testDate);


        while ((ch = testIn.read()) >= 0)
        {
            lOut.write(ch);
            sGen.update((byte)ch);
        }


        lOut.close();


        sGen.generate().encode(bcOut);


        bcOut.close();


        //
        // verify generated signature
        //
        pgpFact = new PGPObjectFactory(bOut.toByteArray());


        c1 = (PGPCompressedData)pgpFact.nextObject();


        pgpFact = new PGPObjectFactory(c1.getDataStream());
        
        p1 = (PGPOnePassSignatureList)pgpFact.nextObject();
        
        ops = p1.get(0);
        
        p2 = (PGPLiteralData)pgpFact.nextObject();
        if (!p2.getModificationTime().equals(testDate))
        {
            fail("Modification time not preserved: " + p2.getModificationTime() + " " + testDate);
        }


        dIn = p2.getInputStream();


        ops.initVerify(secretKey.getPublicKey(), "BC");
        
        while ((ch = dIn.read()) >= 0)
        {
            ops.update((byte)ch);
        }


        p3 = (PGPSignatureList)pgpFact.nextObject();


        if (!ops.verify(p3.get(0)))
        {
            fail("Failed generated signature check");
        }
        
        //
        // signature generation - version 3
        //
        bOut = new ByteArrayOutputStream();
        
        testIn = new ByteArrayInputStream(data.getBytes());
        PGPV3SignatureGenerator    sGenV3 = new PGPV3SignatureGenerator(PGPPublicKey.RSA_GENERAL, PGPUtil.SHA1, "BC");
    
        sGen.initSign(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);


        cGen = new PGPCompressedDataGenerator(
                                                                PGPCompressedData.ZIP);


        bcOut = new BCPGOutputStream(cGen.open(bOut));


        sGen.generateOnePassVersion(false).encode(bcOut);


        lGen = new PGPLiteralDataGenerator();
        lOut = lGen.open(
            new UncloseableOutputStream(bcOut),
            PGPLiteralData.BINARY,
            "_CONSOLE",
            data.getBytes().length,
            testDate);


        while ((ch = testIn.read()) >= 0)
        {
            lOut.write(ch);
            sGen.update((byte)ch);
        }


        lOut.close();


        sGen.generate().encode(bcOut);


        bcOut.close();


        //
        // verify generated signature
        //
        pgpFact = new PGPObjectFactory(bOut.toByteArray());


        c1 = (PGPCompressedData)pgpFact.nextObject();


        pgpFact = new PGPObjectFactory(c1.getDataStream());
        
        p1 = (PGPOnePassSignatureList)pgpFact.nextObject();
        
        ops = p1.get(0);
        
        p2 = (PGPLiteralData)pgpFact.nextObject();
        if (!p2.getModificationTime().equals(testDate))
        {
            fail("Modification time not preserved");
        }


        dIn = p2.getInputStream();


        ops.initVerify(secretKey.getPublicKey(), "BC");
        
        while ((ch = dIn.read()) >= 0)
        {
            ops.update((byte)ch);
        }


        p3 = (PGPSignatureList)pgpFact.nextObject();


        if (!ops.verify(p3.get(0)))
        {
            fail("Failed v3 generated signature check");
        }
        
        //
        // extract PGP 8 private key
        //
        pgpPriv = new PGPSecretKeyRing(pgp8Key);
        
        secretKey = pgpPriv.getSecretKey();
        
        pgpPrivKey = secretKey.extractPrivateKey(pgp8Pass, "BC");


        //
        // expiry
        //
        testExpiry(expiry60and30daysSig13Key, 60, 30);

View Full Code Here

        while (rIt.hasNext()) {
            PGPSecretKeyRing kRing = (PGPSecretKeyRing) rIt.next();
            Iterator kIt = kRing.getSecretKeys();


            while (kIt.hasNext()) {
                PGPSecretKey key = (PGPSecretKey) kIt.next();
                
                if (key.isSigningKey() && Long.toHexString(key.getKeyID() & 0xFFFFFFFFL).equals(keyId.toLowerCase())) {
                    return key;
                }
            }
        }

View Full Code Here

   * @throws CryptographicException
   *             if {@code oldPassphrase} is incorrect
   */
  public KeySet relock(char[] oldPassphrase, char[] newPassphrase, SecureRandom random) throws CryptographicException {
    try {
      final PGPSecretKey masterSecretKey = PGPSecretKey.copyWithNewPassword(
        getUnlockedMasterKey().getSecretKey(),
        oldPassphrase,
        newPassphrase,
        SymmetricAlgorithm.DEFAULT.toInteger(),
        random,
        "BC"
      );
      final PGPSecretKey subSecretKey = PGPSecretKey.copyWithNewPassword(
        getUnlockedSubKey().getSecretKey(),
        oldPassphrase,
        newPassphrase,
        SymmetricAlgorithm.DEFAULT.toInteger(),
        random,

View Full Code Here


        if (sigKeyFileName == null || sigKeyUserid == null || sigKeyPassword == null) {
            return null;
        }


        PGPSecretKey sigSecretKey = PGPDataFormatUtil.findSecretKey(exchange.getContext(), sigKeyFileName, sigKeyPassword);
        if (sigSecretKey == null) {
            throw new IllegalArgumentException("Signature secret key is null, cannot proceed");
        }


        PGPPrivateKey sigPrivateKey = sigSecretKey.extractPrivateKey(sigKeyPassword.toCharArray(), "BC");
        if (sigPrivateKey == null) {
            throw new IllegalArgumentException("Signature private key is null, cannot proceed");
        }


        PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
        spGen.setSignerUserID(false, sigKeyUserid);


        int algorithm = sigSecretKey.getPublicKey().getAlgorithm();
        PGPSignatureGenerator sigGen = new PGPSignatureGenerator(algorithm, HashAlgorithmTags.SHA1, "BC");
        sigGen.initSign(PGPSignature.BINARY_DOCUMENT, sigPrivateKey);
        sigGen.setHashedSubpackets(spGen.generate());
        sigGen.generateOnePassVersion(false).encode(out);
        return sigGen;

View Full Code Here

        Iterator<?> encryptedDataObjects = enc.getEncryptedDataObjects();
        PGPPrivateKey privateKey = null;
        PGPPublicKeyEncryptedData encryptedData;
        while (privateKey == null && encryptedDataObjects.hasNext()) {
            encryptedData = (PGPPublicKeyEncryptedData) encryptedDataObjects.next();
            PGPSecretKey pgpSecKey = pgpSec.getSecretKey(encryptedData.getKeyID());
            privateKey = pgpSecKey.extractPrivateKey(passphrase.toCharArray(), "BC");
        }
        return privateKey;
    }

View Full Code Here

    public static PGPSecretKey findSecretKey(CamelContext context, String keychainFilename, String passphrase)
        throws IOException, PGPException, NoSuchProviderException {


        InputStream keyChainInputStream = ResourceHelper.resolveMandatoryResourceAsInputStream(context.getClassResolver(), keychainFilename);


        PGPSecretKey secKey = null;
        try {
            secKey = findSecretKey(keyChainInputStream, passphrase);
        } finally {
            IOHelper.close(keyChainInputStream);
        }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.bouncycastle.openpgp.PGPSecretKey

code.pgp.PgpEncryption

com.github.sannies.nexusaptplugin.sign.PGPSigner

com.wesabe.grendel.openpgp.UnlockedKeySet

org.apache.camel.converter.crypto.PGPDataFormat

org.apache.camel.converter.crypto.PGPDataFormatTest

org.apache.camel.converter.crypto.PGPDataFormatUtil

org.apache.ivy.plugins.signer.bouncycastle.OpenPGPSignatureGenerator

org.bouncycastle.bcpg.BCPGInputStream

org.bouncycastle.bcpg.BCPGObject

org.bouncycastle.bcpg.BCPGOutputStream

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.