All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.bouncycastle.openpgp.examples.DirectKeySignature Maven / Gradle / Ivy

package org.bouncycastle.openpgp.examples;

import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.bcpg.BCPGOutputStream;
import org.bouncycastle.bcpg.sig.NotationData;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openpgp.PGPPrivateKey;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
import org.bouncycastle.openpgp.PGPSignatureSubpacketVector;
import org.bouncycastle.openpgp.PGPUtil;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.Security;
import java.util.Iterator;

/**
 * A simple utility class that directly signs a public key and writes the signed key to "SignedKey.asc" in 
 * the current working directory.
 * 

* To sign a key: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue.
*

* To display a NotationData packet from a publicKey previously signed: DirectKeySignature signedPublicKeyFile.
*

* Note: this example will silently overwrite files, nor does it pay any attention to * the specification of "_CONSOLE" in the filename. It also expects that a single pass phrase * will have been used. *

*/ public class DirectKeySignature { public static void main( String[] args) throws Exception { Security.addProvider(new BouncyCastleProvider()); if (args.length == 1) { PGPPublicKeyRing ring = new PGPPublicKeyRing(PGPUtil.getDecoderStream(new FileInputStream(args[0]))); PGPPublicKey key = ring.getPublicKey(); // iterate through all direct key signautures and look for NotationData subpackets Iterator iter = key.getSignaturesOfType(PGPSignature.DIRECT_KEY); while(iter.hasNext()) { PGPSignature sig = (PGPSignature)iter.next(); System.out.println("Signature date is: " + sig.getHashedSubPackets().getSignatureCreationTime()); NotationData[] data = sig.getHashedSubPackets().getNotationDataOccurences();//.getSubpacket(SignatureSubpacketTags.NOTATION_DATA); for (int i = 0; i < data.length; i++) { System.out.println("Found Notaion named '"+data[i].getNotationName()+"' with content '"+data[i].getNotationValue()+"'."); } } } else if (args.length == 5) { // gather command line arguments PGPSecretKeyRing secRing = new PGPSecretKeyRing(PGPUtil.getDecoderStream(new FileInputStream(args[0]))); String secretKeyPass = args[1]; PGPPublicKeyRing ring = new PGPPublicKeyRing(PGPUtil.getDecoderStream(new FileInputStream(args[2]))); String notationName = args[3]; String notationValue = args[4]; // create the signed keyRing PGPPublicKeyRing sRing = null; sRing = new PGPPublicKeyRing(new ByteArrayInputStream(signPublicKey(secRing.getSecretKey(), secretKeyPass, ring.getPublicKey(), notationName, notationValue, true))); ring = sRing; // write the created keyRing to file ArmoredOutputStream out = new ArmoredOutputStream(new FileOutputStream("SignedKey.asc")); sRing.encode(out); out.flush(); out.close(); } else { System.err.println("usage: DirectKeySignature secretKeyFile secretKeyPass publicKeyFile(key to be signed) NotationName NotationValue"); System.err.println("or: DirectKeySignature signedPublicKeyFile"); } } private static byte[] signPublicKey(PGPSecretKey secretKey, String secretKeyPass, PGPPublicKey keyToBeSigned, String notationName, String notationValue, boolean armor) throws Exception { OutputStream out = new ByteArrayOutputStream(); if (armor) { out = new ArmoredOutputStream(out); } PGPPrivateKey pgpPrivKey = secretKey.extractPrivateKey(secretKeyPass.toCharArray(), "BC"); PGPSignatureGenerator sGen = new PGPSignatureGenerator(secretKey.getPublicKey().getAlgorithm(), PGPUtil.SHA1, "BC"); sGen.initSign(PGPSignature.DIRECT_KEY, pgpPrivKey); BCPGOutputStream bOut = new BCPGOutputStream(out); sGen.generateOnePassVersion(false).encode(bOut); PGPSignatureSubpacketGenerator spGen = new PGPSignatureSubpacketGenerator(); boolean isHumanReadable = true; spGen.setNotationData(true, isHumanReadable, notationName, notationValue); PGPSignatureSubpacketVector packetVector = spGen.generate(); sGen.setHashedSubpackets(packetVector); bOut.flush(); if (armor) { out.close(); } return PGPPublicKey.addCertification(keyToBeSigned, sGen.generate()).getEncoded(); } }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy