org.pgpainless.signature.SignatureUtils Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pgpainless-core Show documentation
Show all versions of pgpainless-core Show documentation
Simple to use OpenPGP API for Java based on Bouncycastle
// SPDX-FileCopyrightText: 2020 Paul Schaub
//
// SPDX-License-Identifier: Apache-2.0
package org.pgpainless.signature;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.annotation.Nonnull;
import org.bouncycastle.bcpg.sig.IssuerKeyID;
import org.bouncycastle.bcpg.sig.KeyExpirationTime;
import org.bouncycastle.bcpg.sig.RevocationReason;
import org.bouncycastle.bcpg.sig.SignatureExpirationTime;
import org.bouncycastle.openpgp.PGPCompressedData;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPObjectFactory;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.bouncycastle.openpgp.PGPSignatureGenerator;
import org.bouncycastle.openpgp.PGPSignatureList;
import org.bouncycastle.openpgp.operator.PGPContentSignerBuilder;
import org.bouncycastle.util.encoders.Hex;
import org.bouncycastle.util.io.Streams;
import org.pgpainless.PGPainless;
import org.pgpainless.algorithm.HashAlgorithm;
import org.pgpainless.algorithm.SignatureType;
import org.pgpainless.algorithm.negotiation.HashAlgorithmNegotiator;
import org.pgpainless.implementation.ImplementationFactory;
import org.pgpainless.key.OpenPgpFingerprint;
import org.pgpainless.key.util.OpenPgpKeyAttributeUtil;
import org.pgpainless.key.util.RevocationAttributes;
import org.pgpainless.signature.subpackets.SignatureSubpacketsUtil;
import org.pgpainless.util.ArmorUtils;
/**
* Utility methods related to signatures.
*/
public final class SignatureUtils {
public static final int MAX_ITERATIONS = 10000;
private SignatureUtils() {
}
/**
* Return a signature generator for the provided signing key.
* The signature generator will follow the hash algorithm preferences of the signing key and pick the best algorithm.
*
* @param singingKey signing key
* @return signature generator
*/
public static PGPSignatureGenerator getSignatureGeneratorFor(PGPSecretKey singingKey) {
return getSignatureGeneratorFor(singingKey.getPublicKey());
}
/**
* Return a signature generator for the provided signing key.
* The signature generator will follow the hash algorithm preferences of the signing key and pick the best algorithm.
*
* @param signingPubKey signing key
* @return signature generator
*/
public static PGPSignatureGenerator getSignatureGeneratorFor(PGPPublicKey signingPubKey) {
PGPSignatureGenerator signatureGenerator = new PGPSignatureGenerator(
getPgpContentSignerBuilderForKey(signingPubKey));
return signatureGenerator;
}
/**
* Return a content signer builder for the passed public key.
*
* The content signer will use a hash algorithm derived from the keys' algorithm preferences.
* If no preferences can be derived, the key will fall back to the default hash algorithm as set in
* the {@link org.pgpainless.policy.Policy}.
*
* @param publicKey public key
* @return content signer builder
*/
public static PGPContentSignerBuilder getPgpContentSignerBuilderForKey(PGPPublicKey publicKey) {
Set hashAlgorithmSet = OpenPgpKeyAttributeUtil.getOrGuessPreferredHashAlgorithms(publicKey);
HashAlgorithm hashAlgorithm = HashAlgorithmNegotiator.negotiateSignatureHashAlgorithm(PGPainless.getPolicy())
.negotiateHashAlgorithm(hashAlgorithmSet);
return ImplementationFactory.getInstance().getPGPContentSignerBuilder(publicKey.getAlgorithm(), hashAlgorithm.getAlgorithmId());
}
/**
* Extract and return the key expiration date value from the given signature.
* If the signature does not carry a {@link KeyExpirationTime} subpacket, return null.
*
* @param keyCreationDate creation date of the key
* @param signature signature
* @return key expiration date as given by the signature
*/
public static Date getKeyExpirationDate(Date keyCreationDate, PGPSignature signature) {
KeyExpirationTime keyExpirationTime = SignatureSubpacketsUtil.getKeyExpirationTime(signature);
long expiresInSecs = keyExpirationTime == null ? 0 : keyExpirationTime.getTime();
return datePlusSeconds(keyCreationDate, expiresInSecs);
}
/**
* Return the expiration date of the signature.
* If the signature has no expiration date, {@link #datePlusSeconds(Date, long)} will return null.
*
* @param signature signature
* @return expiration date of the signature, or null if it does not expire.
*/
public static Date getSignatureExpirationDate(PGPSignature signature) {
Date creationDate = signature.getCreationTime();
SignatureExpirationTime signatureExpirationTime = SignatureSubpacketsUtil.getSignatureExpirationTime(signature);
long expiresInSecs = signatureExpirationTime == null ? 0 : signatureExpirationTime.getTime();
return datePlusSeconds(creationDate, expiresInSecs);
}
/**
* Return a new date which represents the given date plus the given amount of seconds added.
*
* Since '0' is a special date value in the OpenPGP specification
* (e.g. '0' means no expiration for expiration dates), this method will return 'null' if seconds is 0.
*
* @param date date
* @param seconds number of seconds to be added
* @return date plus seconds or null if seconds is '0'
*/
public static Date datePlusSeconds(Date date, long seconds) {
if (seconds == 0) {
return null;
}
return new Date(date.getTime() + 1000 * seconds);
}
/**
* Return true, if the expiration date of the {@link PGPSignature} lays in the past.
* If no expiration date is present in the signature, it is considered non-expired.
*
* @param signature signature
* @return true if expired, false otherwise
*/
public static boolean isSignatureExpired(PGPSignature signature) {
return isSignatureExpired(signature, new Date());
}
/**
* Return true, if the expiration date of the given {@link PGPSignature} is past the given comparison {@link Date}.
* If no expiration date is present in the signature, it is considered non-expiring.
*
* @param signature signature
* @param comparisonDate reference date
* @return true if sig is expired at reference date, false otherwise
*/
public static boolean isSignatureExpired(PGPSignature signature, Date comparisonDate) {
Date expirationDate = getSignatureExpirationDate(signature);
return expirationDate != null && comparisonDate.after(expirationDate);
}
/**
* Return true if the provided signature is a hard revocation.
* Hard revocations are revocation signatures which either carry a revocation reason of
* {@link RevocationAttributes.Reason#KEY_COMPROMISED} or {@link RevocationAttributes.Reason#NO_REASON},
* or no reason at all.
*
* @param signature signature
* @return true if signature is a hard revocation
*/
public static boolean isHardRevocation(PGPSignature signature) {
SignatureType type = SignatureType.valueOf(signature.getSignatureType());
if (type != SignatureType.KEY_REVOCATION && type != SignatureType.SUBKEY_REVOCATION && type != SignatureType.CERTIFICATION_REVOCATION) {
// Not a revocation
return false;
}
RevocationReason reasonSubpacket = SignatureSubpacketsUtil.getRevocationReason(signature);
if (reasonSubpacket == null) {
// no reason -> hard revocation
return true;
}
return RevocationAttributes.Reason.isHardRevocation(reasonSubpacket.getRevocationReason());
}
/**
* Parse an ASCII encoded list of OpenPGP signatures into a {@link PGPSignatureList}
* and return it as a {@link List}.
*
* @param encodedSignatures ASCII armored signature list
* @return signature list
*
* @throws IOException if the signatures cannot be read
* @throws PGPException in case of a broken signature
*/
public static List readSignatures(String encodedSignatures) throws IOException, PGPException {
@SuppressWarnings("CharsetObjectCanBeUsed")
Charset utf8 = Charset.forName("UTF-8");
byte[] bytes = encodedSignatures.getBytes(utf8);
return readSignatures(bytes);
}
/**
* Read a single, or a list of {@link PGPSignature PGPSignatures} and return them as a {@link List}.
*
* @param encodedSignatures ASCII armored or binary signatures
* @return signatures
* @throws IOException if the signatures cannot be read
* @throws PGPException in case of an OpenPGP error
*/
public static List readSignatures(byte[] encodedSignatures) throws IOException, PGPException {
InputStream inputStream = new ByteArrayInputStream(encodedSignatures);
return readSignatures(inputStream);
}
/**
* Read and return {@link PGPSignature PGPSignatures}.
* This method can deal with signatures that may be armored, compressed and may contain marker packets.
*
* @param inputStream input stream
* @return list of encountered signatures
* @throws IOException in case of a stream error
* @throws PGPException in case of an OpenPGP error
*/
public static List readSignatures(InputStream inputStream) throws IOException, PGPException {
return readSignatures(inputStream, MAX_ITERATIONS);
}
/**
* Read and return {@link PGPSignature PGPSignatures}.
* This method can deal with signatures that may be binary, armored and may contain marker packets.
*
* @param inputStream input stream
* @param maxIterations number of loop iterations until reading is aborted
* @return list of encountered signatures
* @throws IOException in case of a stream error
* @throws PGPException in case of an OpenPGP error
*/
public static List readSignatures(InputStream inputStream, int maxIterations) throws IOException, PGPException {
List signatures = new ArrayList<>();
InputStream pgpIn = ArmorUtils.getDecoderStream(inputStream);
PGPObjectFactory objectFactory = ImplementationFactory.getInstance().getPGPObjectFactory(pgpIn);
int i = 0;
Object nextObject;
while (i++ < maxIterations && (nextObject = objectFactory.nextObject()) != null) {
// Since signatures are indistinguishable from randomness, there is no point in having them compressed,
// except for an attacker who is trying to exploit flaws in the decompression algorithm.
// Therefore, we ignore compressed data packets without attempting decompression.
if (nextObject instanceof PGPCompressedData) {
PGPCompressedData compressedData = (PGPCompressedData) nextObject;
// getInputStream() does not do decompression, contrary to getDataStream().
Streams.drain(compressedData.getInputStream()); // Skip packet without decompressing
}
if (nextObject instanceof PGPSignatureList) {
PGPSignatureList signatureList = (PGPSignatureList) nextObject;
for (PGPSignature s : signatureList) {
signatures.add(s);
}
}
if (nextObject instanceof PGPSignature) {
signatures.add((PGPSignature) nextObject);
}
}
pgpIn.close();
return signatures;
}
/**
* Determine the issuer key-id of a {@link PGPSignature}.
* This method first inspects the {@link IssuerKeyID} subpacket of the signature and returns the key-id if present.
* If not, it inspects the {@link org.bouncycastle.bcpg.sig.IssuerFingerprint} packet and retrieves the key-id from the fingerprint.
*
* Otherwise, it returns 0.
* @param signature signature
* @return signatures issuing key id
*/
public static long determineIssuerKeyId(PGPSignature signature) {
if (signature.getVersion() == 3) {
// V3 sigs do not contain subpackets
return signature.getKeyID();
}
IssuerKeyID issuerKeyId = SignatureSubpacketsUtil.getIssuerKeyId(signature);
OpenPgpFingerprint fingerprint = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpFingerprint(signature);
if (issuerKeyId != null && issuerKeyId.getKeyID() != 0) {
return issuerKeyId.getKeyID();
}
if (issuerKeyId == null && fingerprint != null) {
return fingerprint.getKeyId();
}
return 0;
}
/**
* Return the digest prefix of the signature as hex-encoded String.
*
* @param signature signature
* @return digest prefix
*/
public static String getSignatureDigestPrefix(PGPSignature signature) {
return Hex.toHexString(signature.getDigestPrefix());
}
public static List toList(PGPSignatureList signatures) {
List list = new ArrayList<>();
for (PGPSignature signature : signatures) {
list.add(signature);
}
return list;
}
public static boolean wasIssuedBy(byte[] fingerprint, PGPSignature signature) {
try {
OpenPgpFingerprint fp = OpenPgpFingerprint.parseFromBinary(fingerprint);
OpenPgpFingerprint issuerFp = SignatureSubpacketsUtil.getIssuerFingerprintAsOpenPgpFingerprint(signature);
if (issuerFp == null) {
return fp.getKeyId() == signature.getKeyID();
}
return fp.equals(issuerFp);
} catch (IllegalArgumentException e) {
// Unknown fingerprint length
return false;
}
}
/**
* Extract all signatures from the given key
which were issued by issuerKeyId
* over userId
.
*
* @param key public key
* @param userId user-id
* @param issuerKeyId issuer key-id
* @return (potentially empty) list of signatures
*/
public static @Nonnull List getSignaturesOverUserIdBy(
@Nonnull PGPPublicKey key,
@Nonnull String userId,
long issuerKeyId) {
List signaturesByKeyId = new ArrayList<>();
Iterator userIdSignatures = key.getSignaturesForID(userId);
// getSignaturesForID() is nullable for some reason -.-
if (userIdSignatures == null) {
return signaturesByKeyId;
}
// filter for signatures by key-id
while (userIdSignatures.hasNext()) {
PGPSignature signature = userIdSignatures.next();
if (signature.getKeyID() == issuerKeyId) {
signaturesByKeyId.add(signature);
}
}
return Collections.unmodifiableList(signaturesByKeyId);
}
}