BouncycastleMessageDecryptionVerificationHandler.java
来源:互联网 发布:淘宝男内裤 买家秀 编辑:程序博客网 时间:2024/06/04 00:39
1 |
2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | package de.nachtlicht_media.epoint.redcent.crypto;17 | 18 | import java.beans.beancontext.BeanContextSupport;19 | import java.io.BufferedReader;20 | import java.io.ByteArrayInputStream;21 | import java.io.ByteArrayOutputStream;22 | import java.io.IOException;23 | import java.io.InputStream;24 | import java.io.InputStreamReader;25 | import java.net.URI;26 | import java.net.URISyntaxException;27 | import java.util.Iterator;28 | 29 | import org.apache.commons.codec.binary.Hex;30 | import org.apache.commons.logging.Log;31 | import org.apache.commons.logging.LogFactory;32 | import org.bouncycastle.bcpg.ArmoredInputStream;33 | import org.bouncycastle.bcpg.ArmoredOutputStream;34 | import org.bouncycastle.openpgp.PGPCompressedData;35 | import org.bouncycastle.openpgp.PGPEncryptedDataList;36 | import org.bouncycastle.openpgp.PGPException;37 | import org.bouncycastle.openpgp.PGPLiteralData;38 | import org.bouncycastle.openpgp.PGPObjectFactory;39 | import org.bouncycastle.openpgp.PGPOnePassSignature;40 | import org.bouncycastle.openpgp.PGPOnePassSignatureList;41 | import org.bouncycastle.openpgp.PGPPrivateKey;42 | import org.bouncycastle.openpgp.PGPPublicKey;43 | import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;44 | import org.bouncycastle.openpgp.PGPPublicKeyRing;45 | import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;46 | import org.bouncycastle.openpgp.PGPSecretKey;47 | import org.bouncycastle.openpgp.PGPSecretKeyRing;48 | import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;49 | import org.bouncycastle.openpgp.PGPSignature;50 | import org.bouncycastle.openpgp.PGPSignatureList;51 | import org.bouncycastle.openpgp.PGPUtil;52 | import org.springframework.beans.factory.BeanFactoryUtils;53 | import org.springframework.beans.factory.annotation.Autowired;54 | import org.springframework.context.ApplicationContext;55 | import org.springframework.context.support.ApplicationObjectSupport;56 | import org.springframework.context.support.StaticApplicationContext;57 | 58 | import de.nachtlicht_media.epoint.redcent.AuthorizedIssuer;59 | import de.nachtlicht_media.epoint.redcent.exception.BadsignatureException;60 | import de.nachtlicht_media.epoint.redcent.exception.InvalidPGPMessageException;61 | import de.nachtlicht_media.epoint.redcent.interfaces.AuthorizedIssuerStore;62 | import de.nachtlicht_media.epoint.redcent.interfaces.MessageDecryptionVerificationHandler;63 | 64 | public class BouncycastleMessageDecryptionVerificationHandlerimplements MessageDecryptionVerificationHandler65 | {66 | AuthorizedIssuerStore authorizedIssuerStore;67 | 68 | public static final String THE_KEY_THAT_WAS_USED_TO_SIGN_THE_MESSAGE_IS_NO_MORE_VALID ="The key that was used to sign the message is no more valid.";69 | public static final String THE_KEY_THAT_WAS_USED_TO_SIGN_THE_MESSAGE_IS_REVOKED ="The key that was used to sign the message is revoked.";70 | 71 | private static final Log log = LogFactory.getLog(BouncycastleMessageDecryptionVerificationHandler.class);72 | 73 | private byte[] message;74 | 75 | private String clearText =null;76 | private String encryptedTo =null;77 | private String signedByMaster =null;78 | private String signedBy =null;79 | private Long keyId = null;80 | 81 | private Boolean signerIsNotary =null;82 | private Boolean signerIsAuthorizedIssuer =null;83 | private Boolean signerIsIssuersMasterKey=null;84 | 85 | private Boolean isValid =null;86 | private Boolean isEncrypted =null;87 | private Boolean isClearText =null;88 | 89 | private PGPPublicKeyRingCollection pubRing;90 | private PGPSecretKeyRingCollection secRing;91 | private String issuersSecretKeyPassword;92 | private PGPPublicKeyRingCollection embeddedNotaryPubRing;93 | private PGPPublicKeyRing issuerMasterPubRing;94 | 95 | public BouncycastleMessageDecryptionVerificationHandler(AuthorizedIssuerStore authorizedIssuerStore, PGPPublicKeyRingCollection pubRing, PGPSecretKeyRingCollection secRing, String issuersKeyPassword, PGPPublicKeyRing issuerMasterPubRing, PGPPublicKeyRingCollection trustedPubRing)throws Exception96 | {97 | this.authorizedIssuerStore = authorizedIssuerStore;98 | this.pubRing = pubRing;99 | this.secRing = secRing;100 | this.embeddedNotaryPubRing = trustedPubRing;101 | this.issuersSecretKeyPassword = issuersKeyPassword;102 | this.issuerMasterPubRing = issuerMasterPubRing;103 | }104 | 105 | public synchronized void setMessage(byte[] message)106 | {107 | if (this.message ==null)108 | this.message = message;109 | else110 | throw new IllegalArgumentException("Multiple calls to setMessage() are not permitted.");111 | }112 | 113 | public byte[] getMessage()114 | {115 | return message;116 | }117 | 118 | public void analyse() throws InvalidPGPMessageException119 | {120 | try121 | {122 | byte[] decodedMessage = getMessage();123 | log.debug("Decoded Message from UTF-8:\n" +new String(decodedMessage, "UTF-8"));124 | 125 | 126 | ArmoredInputStream aIn =new ArmoredInputStream(new ByteArrayInputStream(decodedMessage));127 | 128 | if (aIn.isClearText())129 | {130 | log.debug("Processing clearsigned message...");131 | verifyClearSignedMessage(new ByteArrayInputStream(decodedMessage));132 | isClearText = Boolean.TRUE;133 | }134 | else135 | {136 | log.debug("Processing signed/encrypted message...");137 | decrypt(new ByteArrayInputStream(decodedMessage));138 | isClearText = Boolean.FALSE;139 | }140 | }141 | catch(Exception ex)142 | {143 | throw new InvalidPGPMessageException(ex);144 | }145 | }146 | 147 | private void debugDumpKeyRings(PGPSecretKeyRingCollection secRing, PGPPublicKeyRingCollection pubRing)148 | {149 | Iterator outIter = pubRing.getKeyRings();150 | while(outIter.hasNext())151 | {152 | PGPPublicKeyRing ring = (PGPPublicKeyRing)outIter.next();153 | Iterator iter = ring.getPublicKeys();154 | while(iter.hasNext())155 | {156 | PGPPublicKey publicKey = ((PGPPublicKey)iter.next());157 | log.trace("Got public key: " + publicKey.getKeyID() +" algo: " + publicKey.getAlgorithm() +" FingerPrint: " + new String(Hex.encodeHex(publicKey.getFingerprint()))158 | + " daysvalid " + publicKey.getValidDays());159 | }160 | }161 | 162 | outIter = secRing.getKeyRings();163 | while(outIter.hasNext())164 | {165 | PGPSecretKeyRing ring = (PGPSecretKeyRing)outIter.next();166 | 167 | Iterator iter = ring.getSecretKeys();168 | while(iter.hasNext())169 | {170 | PGPSecretKey secretKey = ((PGPSecretKey)iter.next());171 | log.trace("Got secret key: " + secretKey.getKeyID() + secretKey.isMasterKey() + secretKey.isSigningKey());172 | }173 | }174 | }175 | 176 | public String getClearText()177 | {178 | return clearText;179 | }180 | 181 | public String getEncryptedTo()182 | {183 | return encryptedTo;184 | }185 | 186 | public String getSigner()187 | {188 | return signedBy;189 | }190 | 191 | public String getSignerMaster()192 | {193 | return signedByMaster;194 | }195 | 196 | public Boolean signerIsAuthorizedIssuer()197 | {198 | return signerIsAuthorizedIssuer;199 | }200 | 201 | public Boolean signerIsNotary()202 | {203 | return signerIsNotary;204 | }205 | 206 | public Boolean signerIsIssuersMasterKey()207 | {208 | return signerIsIssuersMasterKey;209 | }210 | 211 | public Boolean isClearText()212 | {213 | return isClearText;214 | }215 | 216 | public Boolean isEncrypted()217 | {218 | return isEncrypted;219 | }220 | 221 | public Boolean isValid()222 | {223 | return isValid;224 | }225 | 226 | private void decrypt(InputStream in) throws Exception227 | {228 | 229 | ArmoredInputStream aIn =new ArmoredInputStream(in);230 | 231 | PGPObjectFactory fac = new PGPObjectFactory(aIn);232 | 233 | Object o = null;234 | 235 | if((o = fac.nextObject()) !=null)236 | {237 | log.trace(o);238 | 239 | if (oinstanceof PGPEncryptedDataList)240 | {241 | PGPEncryptedDataList dl = (PGPEncryptedDataList)o;242 | Iterator iter = dl.getEncryptedDataObjects();243 | while(iter.hasNext())244 | {245 | Object dataItem = iter.next();246 | 247 | log.debug("Read next dataItem from PGPEncryptedDataList: " + dataItem);248 | 249 | if (dataIteminstanceof PGPPublicKeyEncryptedData)250 | {251 | PGPPublicKeyEncryptedData pubEncData = (PGPPublicKeyEncryptedData)dataItem;252 | log.debug("Data was encrypted using public key: " + pubEncData.getKeyID());253 | 254 | isEncrypted = Boolean.TRUE;255 | 256 | PGPSecretKey secKey = secRing.getSecretKey(pubEncData.getKeyID());257 | if (secKey ==null)258 | {259 | log.debug("Could not locate private key with id " + pubEncData.getKeyID());260 | continue;261 | }262 | else263 | log.debug("Secret key is: " + secKey);264 | 265 | PGPPublicKey pubKey = pubRing.getPublicKey(pubEncData.getKeyID());266 | if (pubKey ==null)267 | {268 | log.debug("Could not locate public key with id " + pubEncData.getKeyID());269 | continue;270 | }271 | 272 | log.debug("Public key data was encrypted to found: " + pubKey +" using algorithm " + pubKey.getAlgorithm());273 | 274 | encryptedTo = String.valueOf(pubKey.getFingerprint());275 | 276 | PGPPrivateKey privKey = secKey.extractPrivateKey(issuersSecretKeyPassword.toCharArray(),"BC");277 | log.debug("Private key is: " + privKey);278 | 279 | log.debug("Reading data... ");280 | InputStream dataStream = pubEncData.getDataStream(privKey,"BC");281 | 282 | PGPObjectFactory plainFac = new PGPObjectFactory(dataStream);283 | 284 | Object decO = null;285 | if((decO = plainFac.nextObject()) !=null)286 | {287 | log.trace("Found decrypted Object: " + decO);288 | if(decOinstanceof PGPCompressedData)289 | {290 | PGPCompressedData data = (PGPCompressedData)decO;291 | PGPObjectFactory dataFac =new PGPObjectFactory(data.getDataStream());292 | 293 | Object decompO =null;294 | while((decompO = dataFac.nextObject()) !=null)295 | {296 | log.trace("Decrypted decompressed data is: " + decompO);297 | if (decompO instanceof PGPLiteralData)298 | {299 | PGPLiteralData lit = (PGPLiteralData)decompO;300 | clearText = extractClearTextFromPGPLiteral(lit);301 | log.debug("Extracted cleartext:" + clearText);302 | isValid = applyValidityChecks(Boolean.TRUE, pubKey);303 | 304 | return;305 | }306 | else if (decompOinstanceof PGPOnePassSignatureList)307 | {308 | PGPOnePassSignatureList sigLst = (PGPOnePassSignatureList)decompO;309 | 310 | for (int i = 0; i < sigLst.size(); i++)311 | {312 | PGPOnePassSignature sig = sigLst.get(i);313 | log.debug("Found signature created with key " + sig.getKeyID() +" type " + sig.getSignatureType());314 | 315 | PGPPublicKey sigVKey = getEmbeddedNotaryPubRing().getPublicKey(sig.getKeyID());316 | 317 | if (sigVKey == null)318 | {319 | 320 | sigVKey = getPubRing().getPublicKey(sig.getKeyID());321 | signerIsNotary = Boolean.FALSE;322 | signerIsAuthorizedIssuer = Boolean.FALSE;323 | 324 | AuthorizedIssuer ai = authorizedIssuerStore.findAuthorizedIssuerByKeyID(sig.getKeyID());325 | if (ai != null) {326 | 327 | ArmoredInputStream aiKeyIn =new ArmoredInputStream(new ByteArrayInputStream(ai.getPublicKey().getBytes("UTF-8")));328 | sigVKey =new PGPPublicKeyRing(aiKeyIn).getPublicKey(sig.getKeyID());329 | aiKeyIn.close();330 | 331 | if (sigVKey != null) {332 | log.debug("Public key for signature verification is " + sigVKey);333 | signerIsNotary = ai.hasNotaryRights();334 | signerIsAuthorizedIssuer = Boolean.TRUE;335 | }336 | }337 | }338 | else339 | {340 | log.debug("Public key for signature verification is an embedded NOTARY key " + sigVKey);341 | signerIsNotary = Boolean.TRUE;342 | 343 | AuthorizedIssuer ai = authorizedIssuerStore.findAuthorizedIssuerByKeyID(findMasterKey(getEmbeddedNotaryPubRing(), sig.getKeyID()).getKeyID());344 | 345 | if (ai != null) {346 | if (!ai.hasNotaryRights())347 | log.warn("Encoutered embedded notary " + ai.getFingerprint() +" who does does not have notary rights granted in authorizedIssuerStore!");348 | 349 | signerIsAuthorizedIssuer = Boolean.TRUE;350 | }351 | }352 | 353 | 354 | PGPPublicKey sigIssuerMasterKey = issuerMasterPubRing.getPublicKey(sig.getKeyID());355 | signerIsIssuersMasterKey = (sigIssuerMasterKey !=null);356 | 357 | 358 | signedBy =new String(Hex.encodeHex(sigVKey.getFingerprint())).toUpperCase();359 | 360 | if (sigVKey.isMasterKey())361 | signedByMaster =new String(Hex.encodeHex(sigVKey.getFingerprint())).toUpperCase();362 | else363 | {364 | 365 | PGPPublicKey masterKey = findMasterKey(getEmbeddedNotaryPubRing(), sig.getKeyID());366 | 367 | if (masterKey == null)368 | masterKey = findMasterKey(pubRing, sig.getKeyID());369 | 370 | if (masterKey != null)371 | signedByMaster =new String(Hex.encodeHex(masterKey.getFingerprint())).toUpperCase();372 | else373 | signedByMaster =null;374 | }375 | 376 | keyId =new Long(sigVKey.getKeyID());377 | 378 | PGPLiteralData p2 = (PGPLiteralData)dataFac.nextObject();379 | InputStream dIn = p2.getInputStream();380 | ByteArrayOutputStream out =new ByteArrayOutputStream();381 | int ch;382 | 383 | sig.initVerify(sigVKey,"BC");384 | 385 | while ((ch = dIn.read()) >= 0)386 | {387 | sig.update((byte)ch);388 | out.write(ch);389 | }390 | out.close();391 | PGPSignatureList p3 = (PGPSignatureList)dataFac.nextObject();392 | 393 | if (sig.verify(p3.get(0)))394 | {395 | log.debug("signature verified: " + out.toString("UTF-8"));396 | clearText = out.toString("UTF-8");397 | isValid = Boolean.TRUE;398 | }399 | else400 | {401 | log.debug("signature verification failed.");402 | isValid = Boolean.FALSE;403 | signerIsAuthorizedIssuer =null;404 | signerIsIssuersMasterKey =null;405 | signerIsNotary =null;406 | }407 | }408 | }409 | }410 | }411 | }412 | }413 | }414 | }415 | else416 | throw new Exception("Found unsupported Data: " + o);417 | }418 | else419 | {420 | isValid = Boolean.FALSE;421 | throw new Exception("Message contains no valid object or is not a valid PGP Message");422 | }423 | }424 | 425 | private Boolean applyValidityChecks(Boolean valueToSet, PGPPublicKey pubKey)throws InvalidPGPMessageException426 | {427 | log.debug("The key "+pubKey.getKeyID()+" (Version "+pubKey.getVersion()+") that was used to sign the message is "+(pubKey.isMasterKey()?"":" not ")+"a master key.");428 | log.debug("The key "+pubKey.getKeyID()+" that was used to sign the message is valid for " + pubKey.getValidSeconds() +" seconds.");429 | log.debug("The key "+pubKey.getKeyID()+" that was used to sign the message is valid for " + pubKey.getValidDays() +" days.");430 | 431 | if (Boolean.TRUE.equals(valueToSet))432 | {433 | if (pubKey.isRevoked())434 | throw new InvalidPGPMessageException(THE_KEY_THAT_WAS_USED_TO_SIGN_THE_MESSAGE_IS_REVOKED);435 | else if (pubKey.getValidSeconds() != 0 && BouncycastleUtil.keyHasExpired(pubKey))436 | {437 | throw new InvalidPGPMessageException(THE_KEY_THAT_WAS_USED_TO_SIGN_THE_MESSAGE_IS_NO_MORE_VALID);438 | }439 | else440 | return Boolean.TRUE;441 | }442 | else443 | return Boolean.FALSE;444 | }445 | 446 | private PGPPublicKey findMasterKey(PGPPublicKeyRingCollection publicKeyRingCollection,long keyID) throws PGPException447 | {448 | PGPPublicKeyRing masterKeyRing = publicKeyRingCollection.getPublicKeyRing(keyID);449 | 450 | if (masterKeyRing !=null)451 | {452 | return extractMasterKeyFromRing(masterKeyRing);453 | }454 | 455 | return null;456 | }457 | 458 | private static PGPPublicKey extractMasterKeyFromRing(PGPPublicKeyRing searchRing)459 | {460 | Iterator<PGPPublicKey> iter = searchRing.getPublicKeys();461 | while(iter.hasNext())462 | {463 | PGPPublicKey key = iter.next();464 | if (key.isMasterKey())465 | return key;466 | }467 | 468 | return null;469 | }470 | 471 | private URI extractURIDataFromPGPLiteral(PGPLiteralData lit)throws IOException, URISyntaxException472 | {473 | log.trace("Decrypted decompressed literal's format is: " + (char)lit.getFormat());474 | BufferedReader reader = new BufferedReader(new InputStreamReader(lit.getDataStream()));475 | 476 | String request = reader.readLine();477 | URI uri = new URI(request);478 | 479 | log.trace("URI: " + uri);480 | log.trace("Path: " + uri.getPath());481 | log.trace("Query: " + uri.getQuery());482 | 483 | return uri;484 | }485 | 486 | private String extractClearTextFromPGPLiteral(PGPLiteralData lit)throws IOException, URISyntaxException487 | {488 | log.trace("Decrypted decompressed literal's format is: " + (char)lit.getFormat());489 | BufferedReader reader = new BufferedReader(new InputStreamReader(lit.getDataStream(),"UTF8"));490 | 491 | StringBuffer clearTextBuffer = new StringBuffer();492 | 493 | String line;494 | while((line = reader.readLine()) !=null)495 | {496 | log.debug("Read line: " + line);497 | clearTextBuffer.append(line + "\n");498 | }499 | 500 | return clearTextBuffer.toString();501 | }502 | 503 | private void verifyClearSignedMessage(InputStream in) throws Exception504 | {505 | ArmoredInputStream aIn = new ArmoredInputStream(in);506 | 507 | 508 | 509 | 510 | int ch, lastCh;511 | boolean newLine =false;512 | ByteArrayOutputStream bOut = new ByteArrayOutputStream();513 | 514 | lastCh = 0;515 | 516 | while ((ch = aIn.read()) >= 0 && aIn.isClearText())517 | {518 | if (lastCh == '\r' && ch == '\n')519 | {520 | continue;521 | }522 | 523 | if (newLine)524 | {525 | bOut.write(lastCh);526 | newLine = false;527 | }528 | 529 | if (ch == '\r' || ch == '\n')530 | {531 | lastCh = ch;532 | newLine = true;533 | continue;534 | }535 | 536 | bOut.write((byte)ch);537 | lastCh = ch;538 | }539 | 540 | PGPObjectFactory pgpFact = new PGPObjectFactory(aIn);541 | PGPSignatureList p3 = (PGPSignatureList)pgpFact.nextObject();542 | PGPSignature sig = p3.get(0);543 | 544 | PGPPublicKey signKey = getEmbeddedNotaryPubRing().getPublicKey(sig.getKeyID());545 | if (signKey == null)546 | {547 | AuthorizedIssuer ai = authorizedIssuerStore.findAuthorizedIssuerByKeyID(sig.getKeyID());548 | 549 | if (ai != null) {550 | ArmoredInputStream aiKeyIn = new ArmoredInputStream(new ByteArrayInputStream(ai.getPublicKey().getBytes("UTF-8")));551 | signKey = new PGPPublicKeyRing(aiKeyIn).getPublicKey(sig.getKeyID());552 | aiKeyIn.close();553 | 554 | if (signKey !=null) {555 | log.debug("Public key for signature verification is " + signKey);556 | signerIsNotary = ai.hasNotaryRights();557 | signerIsAuthorizedIssuer = Boolean.TRUE;558 | } else559 | log.warn("AI retrieved from DB does not contain requested key " + sig.getKeyID());560 | 561 | } else {562 | log.debug("Cannot resolve AI key for id " + sig.getKeyID());563 | }564 | 565 | if (signKey ==null) {566 | 567 | signKey = getPubRing().getPublicKey(sig.getKeyID());568 | 569 | if (signKey !=null)570 | log.debug("Public key for clearsigned message verification is contained in the issuer's collection of public keys" + signKey);571 | else572 | log.debug("Encountered unknown public key + " + sig.getKeyID());573 | }574 | }575 | else576 | {577 | log.debug("Public key for clearsigned message verification is an embedded NOTARY key " + signKey);578 | signerIsNotary = Boolean.TRUE;579 | 580 | AuthorizedIssuer ai = authorizedIssuerStore.findAuthorizedIssuerByKeyID(sig.getKeyID());581 | if (ai !=null) {582 | if (!ai.hasNotaryRights())583 | log.warn("Encoutered embedded notary " + ai.getFingerprint() +" who does does not have notaryRights granted in authorizedIssuerStore!");584 | 585 | signerIsAuthorizedIssuer = Boolean.TRUE;586 | }587 | }588 | 589 | 590 | PGPPublicKey sigIssuerMasterKey = issuerMasterPubRing.getPublicKey(sig.getKeyID());591 | signerIsIssuersMasterKey = (sigIssuerMasterKey != null);592 | 593 | log.debug("The key used to sign is: " + signKey + (signKey !=null ? " id: 0x" + String.valueOf(Hex.encodeHex(signKey.getFingerprint())) +" isMaster: " + signKey.isMasterKey() +" isNotary: " + signerIsNotary +" isAuthorizedIssuer: " + signerIsAuthorizedIssuer +" signerIsIssuersMasterKey: " + signerIsIssuersMasterKey :""));594 | 595 | sig.initVerify(signKey, "BC");596 | 597 | sig.update(bOut.toByteArray());598 | 599 | if (sig.verify())600 | {601 | log.debug("signature verified.");602 | isValid = applyValidityChecks(Boolean.TRUE, signKey);603 | clearText = new String(bOut.toByteArray(),"UTF-8") + "\n";604 | signedBy = new String(Hex.encodeHex(signKey.getFingerprint())).toUpperCase();605 | 606 | if (signKey.isMasterKey())607 | signedByMaster = new String(Hex.encodeHex(signKey.getFingerprint())).toUpperCase();608 | else609 | {610 | 611 | PGPPublicKey masterKey = findMasterKey(getEmbeddedNotaryPubRing(), sig.getKeyID());612 | 613 | if (masterKey ==null)614 | masterKey = findMasterKey(getPubRing(), sig.getKeyID());615 | 616 | if (masterKey !=null)617 | signedByMaster = new String(Hex.encodeHex(masterKey.getFingerprint())).toUpperCase();618 | else619 | signedByMaster = null;620 | }621 | 622 | keyId = new Long(sig.getKeyID());623 | }624 | else625 | {626 | log.debug("signature verification failed.");627 | isValid = Boolean.FALSE;628 | signerIsAuthorizedIssuer = null;629 | signerIsIssuersMasterKey = null;630 | signerIsNotary = null;631 | }632 | }633 | 634 | 635 | publicvoid addPublicKey(String asciiArmoredPublicKey)throws Exception636 | {637 | PGPPublicKeyRingCollection pCol = new PGPPublicKeyRingCollection(PGPUtil.getDecoderStream(new ByteArrayInputStream(asciiArmoredPublicKey.getBytes())));638 | if (pCol.size() == 0)639 | throw new Exception("No valid public key could be extracted from data: " + asciiArmoredPublicKey);640 | else641 | {642 | Iterator iter = pCol.getKeyRings();643 | 644 | while(iter.hasNext())645 | PGPPublicKeyRingCollection.addPublicKeyRing(getPubRing(), (PGPPublicKeyRing)iter.next());646 | }647 | }648 | 649 | public String getSignersPublicKey()throws Exception650 | {651 | if (isValid() !=null && Boolean.TRUE.equals(isValid()) && getSigner() !=null && keyId != null)652 | {653 | 654 | PGPPublicKey key = getPubRing().getPublicKey(keyId.longValue());655 | 656 | 657 | if (key ==null)658 | getEmbeddedNotaryPubRing().getPublicKey(keyId.longValue());659 | 660 | if (key !=null)661 | {662 | ByteArrayOutputStream bOut = new ByteArrayOutputStream();663 | ArmoredOutputStream aOut = new ArmoredOutputStream(bOut);664 | aOut.write(key.getEncoded());665 | 666 | 667 | aOut.flush();668 | aOut.close();669 | 670 | 671 | return bOut.toString();672 | }673 | }674 | 675 | return null;676 | }677 | 678 | private PGPPublicKeyRingCollection getPubRing()throws Exception679 | {680 | return pubRing;681 | }682 | 683 | private PGPSecretKeyRingCollection getSecRing()throws Exception684 | {685 | return secRing;686 | }687 | 688 | private PGPPublicKeyRingCollection getEmbeddedNotaryPubRing()throws Exception689 | {690 | return embeddedNotaryPubRing;691 | }692 | }