Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java
diff options
context:
space:
mode:
Diffstat (limited to 'pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java')
-rw-r--r--pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java216
1 files changed, 216 insertions, 0 deletions
diff --git a/pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java b/pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java
new file mode 100644
index 00000000..4cd79133
--- /dev/null
+++ b/pg/src/main/java/org/spongycastle/openpgp/examples/SignedFileProcessor.java
@@ -0,0 +1,216 @@
+package org.spongycastle.openpgp.examples;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Security;
+import java.security.SignatureException;
+import java.util.Iterator;
+
+import org.spongycastle.bcpg.ArmoredOutputStream;
+import org.spongycastle.bcpg.BCPGOutputStream;
+import org.spongycastle.jce.provider.BouncyCastleProvider;
+import org.spongycastle.openpgp.PGPCompressedData;
+import org.spongycastle.openpgp.PGPCompressedDataGenerator;
+import org.spongycastle.openpgp.PGPException;
+import org.spongycastle.openpgp.PGPLiteralData;
+import org.spongycastle.openpgp.PGPLiteralDataGenerator;
+import org.spongycastle.openpgp.PGPOnePassSignature;
+import org.spongycastle.openpgp.PGPOnePassSignatureList;
+import org.spongycastle.openpgp.PGPPrivateKey;
+import org.spongycastle.openpgp.PGPPublicKey;
+import org.spongycastle.openpgp.PGPPublicKeyRingCollection;
+import org.spongycastle.openpgp.PGPSecretKey;
+import org.spongycastle.openpgp.PGPSignature;
+import org.spongycastle.openpgp.PGPSignatureGenerator;
+import org.spongycastle.openpgp.PGPSignatureList;
+import org.spongycastle.openpgp.PGPSignatureSubpacketGenerator;
+import org.spongycastle.openpgp.PGPUtil;
+import org.spongycastle.openpgp.jcajce.JcaPGPObjectFactory;
+import org.spongycastle.openpgp.operator.jcajce.JcaKeyFingerprintCalculator;
+import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
+import org.spongycastle.openpgp.operator.jcajce.JcaPGPContentVerifierBuilderProvider;
+import org.spongycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
+
+/**
+ * A simple utility class that signs and verifies files.
+ * <p>
+ * To sign a file: SignedFileProcessor -s [-a] fileName secretKey passPhrase.<br>
+ * If -a is specified the output file will be "ascii-armored".
+ * <p>
+ * To decrypt: SignedFileProcessor -v fileName publicKeyFile.
+ * <p>
+ * <b>Note</b>: this example will silently overwrite files, nor does it pay any attention to
+ * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase
+ * will have been used.
+ * <p>
+ * <b>Note</b>: the example also makes use of PGP compression. If you are having difficulty getting it
+ * to interoperate with other PGP programs try removing the use of compression first.
+ */
+public class SignedFileProcessor
+{
+ /*
+ * verify the passed in file as being correctly signed.
+ */
+ private static void verifyFile(
+ InputStream in,
+ InputStream keyIn)
+ throws Exception
+ {
+ in = PGPUtil.getDecoderStream(in);
+
+ JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(in);
+
+ PGPCompressedData c1 = (PGPCompressedData)pgpFact.nextObject();
+
+ pgpFact = new JcaPGPObjectFactory(c1.getDataStream());
+
+ PGPOnePassSignatureList p1 = (PGPOnePassSignatureList)pgpFact.nextObject();
+
+ PGPOnePassSignature ops = p1.get(0);
+
+ PGPLiteralData p2 = (PGPLiteralData)pgpFact.nextObject();
+
+ InputStream dIn = p2.getInputStream();
+ int ch;
+ PGPPublicKeyRingCollection pgpRing = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(keyIn), new JcaKeyFingerprintCalculator());
+
+ PGPPublicKey key = pgpRing.getPublicKey(ops.getKeyID());
+ FileOutputStream out = new FileOutputStream(p2.getFileName());
+
+ ops.init(new JcaPGPContentVerifierBuilderProvider().setProvider("SC"), key);
+
+ while ((ch = dIn.read()) >= 0)
+ {
+ ops.update((byte)ch);
+ out.write(ch);
+ }
+
+ out.close();
+
+ PGPSignatureList p3 = (PGPSignatureList)pgpFact.nextObject();
+
+ if (ops.verify(p3.get(0)))
+ {
+ System.out.println("signature verified.");
+ }
+ else
+ {
+ System.out.println("signature verification failed.");
+ }
+ }
+
+ /**
+ * Generate an encapsulated signed file.
+ *
+ * @param fileName
+ * @param keyIn
+ * @param out
+ * @param pass
+ * @param armor
+ * @throws IOException
+ * @throws NoSuchAlgorithmException
+ * @throws NoSuchProviderException
+ * @throws PGPException
+ * @throws SignatureException
+ */
+ private static void signFile(
+ String fileName,
+ InputStream keyIn,
+ OutputStream out,
+ char[] pass,
+ boolean armor)
+ throws IOException, NoSuchAlgorithmException, NoSuchProviderException, PGPException, SignatureException
+ {
+ if (armor)
+ {
+ out = new ArmoredOutputStream(out);
+ }
+
+ PGPSecretKey pgpSec = PGPExampleUtil.readSecretKey(keyIn);
+ PGPPrivateKey pgpPrivKey = pgpSec.extractPrivateKey(new JcePBESecretKeyDecryptorBuilder().setProvider("SC").build(pass));
+ PGPSignatureGenerator sGen = new PGPSignatureGenerator(new JcaPGPContentSignerBuilder(pgpSec.getPublicKey().getAlgorithm(), PGPUtil.SHA1).setProvider("SC"));
+
+ sGen.init(PGPSignature.BINARY_DOCUMENT, pgpPrivKey);
+
+ Iterator it = pgpSec.getPublicKey().getUserIDs();
+ if (it.hasNext())
+ {
+ PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator();
+
+ spGen.setSignerUserID(false, (String)it.next());
+ sGen.setHashedSubpackets(spGen.generate());
+ }
+
+ PGPCompressedDataGenerator cGen = new PGPCompressedDataGenerator(
+ PGPCompressedData.ZLIB);
+
+ BCPGOutputStream bOut = new BCPGOutputStream(cGen.open(out));
+
+ sGen.generateOnePassVersion(false).encode(bOut);
+
+ File file = new File(fileName);
+ PGPLiteralDataGenerator lGen = new PGPLiteralDataGenerator();
+ OutputStream lOut = lGen.open(bOut, PGPLiteralData.BINARY, file);
+ FileInputStream fIn = new FileInputStream(file);
+ int ch;
+
+ while ((ch = fIn.read()) >= 0)
+ {
+ lOut.write(ch);
+ sGen.update((byte)ch);
+ }
+
+ lGen.close();
+
+ sGen.generate().encode(bOut);
+
+ cGen.close();
+
+ if (armor)
+ {
+ out.close();
+ }
+ }
+
+ public static void main(
+ String[] args)
+ throws Exception
+ {
+ Security.addProvider(new BouncyCastleProvider());
+
+ if (args[0].equals("-s"))
+ {
+ if (args[1].equals("-a"))
+ {
+ FileInputStream keyIn = new FileInputStream(args[3]);
+ FileOutputStream out = new FileOutputStream(args[2] + ".asc");
+
+ signFile(args[2], keyIn, out, args[4].toCharArray(), true);
+ }
+ else
+ {
+ FileInputStream keyIn = new FileInputStream(args[2]);
+ FileOutputStream out = new FileOutputStream(args[1] + ".bpg");
+
+ signFile(args[1], keyIn, out, args[3].toCharArray(), false);
+ }
+ }
+ else if (args[0].equals("-v"))
+ {
+ FileInputStream in = new FileInputStream(args[1]);
+ FileInputStream keyIn = new FileInputStream(args[2]);
+
+ verifyFile(in, keyIn);
+ }
+ else
+ {
+ System.err.println("usage: SignedFileProcessor -v|-s [-a] file keyfile [passPhrase]");
+ }
+ }
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 05:59:37 +0300