本文整理汇总了Java中org.bouncycastle.openpgp.PGPSignatureList.get方法的典型用法代码示例。如果您正苦于以下问题:Java PGPSignatureList.get方法的具体用法?Java PGPSignatureList.get怎么用?Java PGPSignatureList.get使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.openpgp.PGPSignatureList的用法示例。
在下文中一共展示了PGPSignatureList.get方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifySignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
/**
* Verify a PGP signature.
*
* @param file the file
* @param signature the signature
* @param key the public key
* @return true if the signature is verified
* @throws Exception anything preventing the verification to happen
*/
public static boolean verifySignature(
InputStream file,
InputStream signature,
PGPPublicKey key)
throws Exception {
InputStream sigInputStream = PGPUtil.getDecoderStream(signature);
PGPObjectFactory pgpObjectFactory = new PGPObjectFactory(sigInputStream, new BcKeyFingerprintCalculator());
PGPSignatureList sigList = (PGPSignatureList) pgpObjectFactory.nextObject();
PGPSignature pgpSignature = sigList.get(0);
pgpSignature.init(new BcPGPContentVerifierBuilderProvider(), key);
try (InputStream inArtifact = new BufferedInputStream(file)) {
int t;
while ((t = inArtifact.read()) >= 0) {
pgpSignature.update((byte) t);
}
}
return pgpSignature.verify();
}
示例2: verifyGoodSignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
@Test
public void verifyGoodSignature() throws Exception {
final PGPPublicKeyRingCollection publicKeyRing = getPublicKeyRingWithTrustedKeys();
final PGPSignatureList sl = readSignatureFile("/content1.sig");
assertThat(sl.isEmpty()).isFalse();
assertThat(sl.size()).isEqualTo(1);
PGPSignature signature = sl.get(0);
signature.init(new BcPGPContentVerifierBuilderProvider(), publicKeyRing.getPublicKey(signature.getKeyID()));
InputStream contentIn = PGPTest.class.getResourceAsStream("/content1");
byte[] buf = new byte[4096];
int len;
while (0 <= (len = contentIn.read(buf))) {
signature.update(buf, 0, len);
}
contentIn.close();
assertThat(signature.verify()).isTrue();
}
示例3: verifyBadSignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
@Test
public void verifyBadSignature() throws Exception {
final PGPPublicKeyRingCollection publicKeyRing = getPublicKeyRingWithTrustedKeys();
final PGPSignatureList sl = readSignatureFile("/content1.sig");
assertThat(sl.isEmpty()).isFalse();
assertThat(sl.size()).isEqualTo(1);
PGPSignature signature = sl.get(0);
signature.init(new BcPGPContentVerifierBuilderProvider(), publicKeyRing.getPublicKey(signature.getKeyID()));
InputStream contentIn = PGPTest.class.getResourceAsStream("/content1");
byte[] buf = new byte[4096];
int len;
while (0 <= (len = contentIn.read(buf))) {
buf[0] = 0;
signature.update(buf, 0, len);
}
contentIn.close();
assertThat(signature.verify()).isFalse();
}
示例4: pgpExtractSignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
/**
* Extracts a {@link PGPSignature} object from a blob of {@code .sig} data.
*
* @throws SignatureException if a signature object couldn't be extracted for any reason.
*/
private static PGPSignature pgpExtractSignature(@Tainted byte[] signature)
throws SignatureException {
try {
ByteArrayInputStream input = new ByteArrayInputStream(signature);
PGPObjectFactory decoder = new BcPGPObjectFactory(PGPUtil.getDecoderStream(input));
Object object = decoder.nextObject();
if (object == null) {
throw new SignatureException(String.format(
"No OpenPGP packets found in signature.\n%s",
dumpHex(signature)));
}
if (!(object instanceof PGPSignatureList)) {
throw new SignatureException(String.format(
"Expected PGPSignatureList packet but got %s\n%s",
object.getClass().getSimpleName(),
dumpHex(signature)));
}
PGPSignatureList sigs = (PGPSignatureList) object;
if (sigs.isEmpty()) {
throw new SignatureException(String.format(
"PGPSignatureList doesn't have a PGPSignature.\n%s",
dumpHex(signature)));
}
return sigs.get(0);
} catch (IOException e) {
throw new SignatureException(String.format(
"Failed to extract PGPSignature object from .sig blob.\n%s",
dumpHex(signature)), e);
}
}
示例5: testSignVerify_Detached
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
@Test
public void testSignVerify_Detached() throws Exception {
// Load the keys.
PGPPublicKeyRing publicKeyRing = new BcPGPPublicKeyRing(PUBLIC_KEY);
PGPSecretKeyRing privateKeyRing = new BcPGPSecretKeyRing(PRIVATE_KEY);
PGPPublicKey publicKey = publicKeyRing.getPublicKey();
PGPPrivateKey privateKey = extractPrivateKey(privateKeyRing.getSecretKey());
// Sign the data and write signature data to "signatureFile".
// Note: RSA_GENERAL will encrypt AND sign. RSA_SIGN and RSA_ENCRYPT are deprecated.
PGPSignatureGenerator signer = new PGPSignatureGenerator(
new BcPGPContentSignerBuilder(RSA_GENERAL, SHA256));
signer.init(PGPSignature.BINARY_DOCUMENT, privateKey);
addUserInfoToSignature(publicKey, signer);
signer.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
ByteArrayOutputStream output = new ByteArrayOutputStream();
signer.generate().encode(output);
byte[] signatureFileData = output.toByteArray();
logger.info(".sig file data: " + dumpHex(signatureFileData));
// Load algorithm information and signature data from "signatureFileData".
PGPSignature sig;
try (ByteArrayInputStream input = new ByteArrayInputStream(signatureFileData)) {
PGPObjectFactory pgpFact = new BcPGPObjectFactory(input);
PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
assertThat(sigList.size()).isEqualTo(1);
sig = sigList.get(0);
}
// Use "onePass" and "sig" to verify "publicKey" signed the text.
sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
sig.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
assertThat(sig.verify()).isTrue();
// Verify that they DIDN'T sign the text "hello monster".
sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
sig.update("hello monster".getBytes(UTF_8));
assertThat(sig.verify()).isFalse();
}
示例6: getSignatureWithKeyId
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
protected PGPSignature getSignatureWithKeyId(long keyID, PGPSignatureList sigList) {
for (int i = 0; i < sigList.size(); i++) {
PGPSignature signature = sigList.get(i);
if (keyID == signature.getKeyID()) {
return signature;
}
}
throw new IllegalStateException("PGP signature is inconsistent");
}
示例7: readSignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
private PGPSignature readSignature(PushCertificate cert) throws IOException {
ArmoredInputStream in =
new ArmoredInputStream(new ByteArrayInputStream(Constants.encode(cert.getSignature())));
PGPObjectFactory factory = new BcPGPObjectFactory(in);
Object obj;
while ((obj = factory.nextObject()) != null) {
if (obj instanceof PGPSignatureList) {
PGPSignatureList sigs = (PGPSignatureList) obj;
if (!sigs.isEmpty()) {
return sigs.get(0);
}
}
}
return null;
}
示例8: verifySignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
private static DecryptionResult verifySignature(DecryptionResult result,
PGPObjectFactory pgpFact, PGPOnePassSignature ops) throws PGPException, IOException {
Object object = pgpFact.nextObject(); // nullable
if (!(object instanceof PGPSignatureList)) {
LOGGER.warning("invalid signature packet");
result.errors.add(Coder.Error.INVALID_SIGNATURE_DATA);
return result;
}
PGPSignatureList signatureList = (PGPSignatureList) object;
if (signatureList.isEmpty()) {
LOGGER.warning("no signature in signature list");
result.errors.add(Coder.Error.INVALID_SIGNATURE_DATA);
return result;
}
PGPSignature signature = signatureList.get(0);
// TODO signature.getCreationTime()
if (ops.verify(signature)) {
// signature verification successful!
result.signing = Coder.Signing.VERIFIED;
} else {
LOGGER.warning("signature verification failed");
result.errors.add(Coder.Error.INVALID_SIGNATURE);
}
return result;
}
示例9: verify
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
/**
* Verify the specified {@code file}.
* @param file the file to be verified. Must not be <code>null</code>. There must be a second file
* with the same name and the additional suffix ".sig" next to this file (in the same directory).
* This secondary file is a so-called detached signature.
* @throws PGPVerifyException if the given {@code file} could not be verified successfully. Either
* there is no detached-signature-file, or its signature is broken or its signature does not match
* any of the {@linkplain #getPublicKeyRingWithTrustedKeys() trusted keys}.
*/
public void verify(final File file, final File signatureFile) throws PGPVerifyException {
AssertUtil.assertNotNull(file, "file");
AssertUtil.assertNotNull(signatureFile, "signatureFile");
final PGPSignatureList sl = readSignatureFile(signatureFile);
final PGPPublicKeyRingCollection publicKeyRing = getPublicKeyRingWithTrustedKeys();
for (int index = 0; index < sl.size(); ++index) {
try {
final PGPSignature signature = sl.get(index);
signature.init(new BcPGPContentVerifierBuilderProvider(), publicKeyRing.getPublicKey(signature.getKeyID()));
final InputStream contentIn = castStream(file.createInputStream());
try {
final byte[] buf = new byte[16 * 1024];
int len;
while (0 <= (len = contentIn.read(buf))) {
if (len > 0)
signature.update(buf, 0, len);
}
} finally {
contentIn.close();
}
if (signature.verify())
return;
} catch (final Exception e) {
throw new PGPVerifyException(file.getAbsolutePath() + ": " + e, e);
}
}
throw new PGPVerifyException(file.getAbsolutePath());
}
示例10: getPgpSignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
private PGPSignature getPgpSignature() {
try {
final InputStream decoderStream = PGPUtil.getDecoderStream(new ByteArrayInputStream(signature));
final PGPObjectFactory objectFactory = new BcPGPObjectFactory(decoderStream);
final PGPSignatureList signatureList = (PGPSignatureList) objectFactory.nextObject();
if ((signatureList == null) || (signatureList.size() != 1)) {
throw new IllegalArgumentException("Couldn't read PGP signature");
}
return signatureList.get(0);
} catch (IOException e) {
throw new IllegalArgumentException(e);
}
}
示例11: verifyClearSign
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
public static boolean verifyClearSign( byte[] message, PGPPublicKeyRing pgpRings )
throws IOException, PGPException, SignatureException
{
ArmoredInputStream aIn = new ArmoredInputStream( new ByteArrayInputStream( message ) );
ByteArrayOutputStream bout = new ByteArrayOutputStream();
//
// write out signed section using the local line separator.
// note: trailing white space needs to be removed from the end of
// each line RFC 4880 Section 7.1
//
ByteArrayOutputStream lineOut = new ByteArrayOutputStream();
boolean isFirstLineClearText = aIn.isClearText();
int lookAhead = readInputLine( lineOut, aIn );
if ( lookAhead != -1 && isFirstLineClearText )
{
bout.write( lineOut.toByteArray() );
while ( lookAhead != -1 && aIn.isClearText() )
{
lookAhead = readInputLine( lineOut, lookAhead, aIn );
bout.write( lineOut.toByteArray() );
}
}
JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory( aIn );
PGPSignatureList p3 = ( PGPSignatureList ) pgpFact.nextObject();
PGPSignature sig = p3.get( 0 );
PGPPublicKey publicKey = pgpRings.getPublicKey( sig.getKeyID() );
sig.init( new JcaPGPContentVerifierBuilderProvider().setProvider( "BC" ), publicKey );
//
// read the input, making sure we ignore the last newline.
//
InputStream sigIn = new ByteArrayInputStream( bout.toByteArray() );
lookAhead = readInputLine( lineOut, sigIn );
processLine( sig, lineOut.toByteArray() );
if ( lookAhead != -1 )
{
do
{
lookAhead = readInputLine( lineOut, lookAhead, sigIn );
sig.update( ( byte ) '\r' );
sig.update( ( byte ) '\n' );
processLine( sig, lineOut.toByteArray() );
}
while ( lookAhead != -1 );
}
sigIn.close();
return sig.verify();
}
示例12: verifySignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
public String verifySignature(String message)
throws PGPInvalidSignatureException, PGPSignatureVerificationException {
try {
ArmoredInputStream aIn = new ArmoredInputStream(new ByteArrayInputStream(message.getBytes(StandardCharsets.UTF_8)));
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
int ch;
while ((ch = aIn.read()) >= 0 && aIn.isClearText()) {
bOut.write((byte) ch);
}
JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(aIn);
PGPSignatureList p3 = (PGPSignatureList) pgpFact.nextObject();
checkState(p3 != null && p3.size() >= 1, "No signatures");
PGPSignature sig = p3.get(0);
sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey.getSigningKey());
ByteArrayOutputStream lineOut = new ByteArrayOutputStream();
byte[] content = bOut.toByteArray();
InputStream sigIn = new ByteArrayInputStream(content);
int lookAhead = readInputLine(lineOut, sigIn);
processLine(sig, lineOut.toByteArray());
if (lookAhead != -1) {
do {
lookAhead = readInputLine(lineOut, lookAhead, sigIn);
sig.update((byte) '\r');
sig.update((byte) '\n');
processLine(sig, lineOut.toByteArray());
} while (lookAhead != -1);
}
if (sig.verify()) {
return new String(content, StandardCharsets.UTF_8);
}
throw new PGPInvalidSignatureException(
"Invalid signature, received keyId=" + Long.toHexString(sig.getKeyID()).toUpperCase()
);
} catch (IOException | PGPException e) {
throw new PGPSignatureVerificationException("Error verifying message", e);
}
}
示例13: testSignVerify_OnePass
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
@Test
public void testSignVerify_OnePass() throws Exception {
// Load the keys.
PGPPublicKeyRing publicKeyRing = new BcPGPPublicKeyRing(PUBLIC_KEY);
PGPSecretKeyRing privateKeyRing = new BcPGPSecretKeyRing(PRIVATE_KEY);
PGPPublicKey publicKey = publicKeyRing.getPublicKey();
PGPPrivateKey privateKey = extractPrivateKey(privateKeyRing.getSecretKey());
// Sign the data and write signature data to "signatureFile".
PGPSignatureGenerator signer = new PGPSignatureGenerator(
new BcPGPContentSignerBuilder(RSA_GENERAL, SHA256));
signer.init(PGPSignature.BINARY_DOCUMENT, privateKey);
addUserInfoToSignature(publicKey, signer);
ByteArrayOutputStream output = new ByteArrayOutputStream();
signer.generateOnePassVersion(false).encode(output);
signer.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
signer.generate().encode(output);
byte[] signatureFileData = output.toByteArray();
logger.info(".sig file data: " + dumpHex(signatureFileData));
// Load algorithm information and signature data from "signatureFileData".
PGPSignature sig;
PGPOnePassSignature onePass;
try (ByteArrayInputStream input = new ByteArrayInputStream(signatureFileData)) {
PGPObjectFactory pgpFact = new BcPGPObjectFactory(input);
PGPOnePassSignatureList onePassList = (PGPOnePassSignatureList) pgpFact.nextObject();
PGPSignatureList sigList = (PGPSignatureList) pgpFact.nextObject();
assertThat(onePassList.size()).isEqualTo(1);
assertThat(sigList.size()).isEqualTo(1);
onePass = onePassList.get(0);
sig = sigList.get(0);
}
// Use "onePass" and "sig" to verify "publicKey" signed the text.
onePass.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
onePass.update(FALL_OF_HYPERION_A_DREAM.getBytes(UTF_8));
assertThat(onePass.verify(sig)).isTrue();
// Verify that they DIDN'T sign the text "hello monster".
onePass.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
onePass.update("hello monster".getBytes(UTF_8));
assertThat(onePass.verify(sig)).isFalse();
}
示例14: validateLicense
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
/**
* Validate pgp signature of license
*
* @param licenseText base64 encoded pgp signed license
* @return The plain license in json (if validation is successful)
* @throws PGPException if validation fails
*/
public static String validateLicense(String licenseText) throws PGPException {
licenseText = licenseText.trim().replaceAll("\\r|\\n", "");
licenseText = licenseText.replace("---- SCHNIPP (Armored PGP signed JSON as base64) ----","");
licenseText = licenseText.replace("---- SCHNAPP ----","");
try {
final byte[] armoredPgp = BaseEncoding.base64().decode(licenseText);
final ArmoredInputStream in = new ArmoredInputStream(new ByteArrayInputStream(armoredPgp));
//
// read the input, making sure we ignore the last newline.
//
// https://github.com/bcgit/bc-java/blob/master/pg/src/test/java/org/bouncycastle/openpgp/test/PGPClearSignedSignatureTest.java
final ByteArrayOutputStream bout = new ByteArrayOutputStream();
int ch;
while ((ch = in.read()) >= 0 && in.isClearText()) {
bout.write((byte) ch);
}
final KeyFingerPrintCalculator c = new BcKeyFingerprintCalculator();
final PGPObjectFactory factory = new PGPObjectFactory(in, c);
final PGPSignatureList sigL = (PGPSignatureList) factory.nextObject();
final PGPPublicKeyRingCollection pgpRings = new PGPPublicKeyRingCollection(new ArmoredInputStream(
LicenseHelper.class.getResourceAsStream("/KEYS")), c);
if (sigL == null || pgpRings == null || sigL.size() == 0 || pgpRings.size() == 0) {
throw new PGPException("Cannot find license signature");
}
final PGPSignature sig = sigL.get(0);
final PGPPublicKey publicKey = pgpRings.getPublicKey(sig.getKeyID());
if (publicKey == null || sig == null) {
throw new PGPException("license signature key mismatch");
}
sig.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
final ByteArrayOutputStream lineOut = new ByteArrayOutputStream();
final InputStream sigIn = new ByteArrayInputStream(bout.toByteArray());
int lookAhead = readInputLine(lineOut, sigIn);
processLine(sig, lineOut.toByteArray());
if (lookAhead != -1) {
do {
lookAhead = readInputLine(lineOut, lookAhead, sigIn);
sig.update((byte) '\r');
sig.update((byte) '\n');
processLine(sig, lineOut.toByteArray());
} while (lookAhead != -1);
}
if (!sig.verify()) {
throw new PGPException("Invalid license signature");
}
return bout.toString();
} catch (final Exception e) {
throw new PGPException(e.toString(), e);
}
}
示例15: verifySignature
import org.bouncycastle.openpgp.PGPSignatureList; //导入方法依赖的package包/类
private void verifySignature(final PGPOnePassSignatureList onePassSignatureList, final PGPSignatureList signatureList, final InputStream signedDataIn, final OutputStream signedDataOut) throws SignatureException, IOException {
assertNotNull(onePassSignatureList, "onePassSignatureList");
assertNotNull(signatureList, "signatureList");
assertNotNull(signedDataIn, "signedDataIn");
setSignPgpKey(null);
setPgpSignature(null);
setSignPgpKeyIds(null);
if (onePassSignatureList.size() == 0)
return; // there is no signature
final Set<PgpKeyId> pgpKeyIds = new HashSet<>();
try {
PGPPublicKey publicKey = null;
for (int i = 0; i < onePassSignatureList.size(); i++) {
final PGPOnePassSignature ops = onePassSignatureList.get(i);
pgpKeyIds.add(new PgpKeyId(ops.getKeyID()));
if (getPgpSignature() != null)
continue;
final BcPgpKey bcPgpKey = pgp.getBcPgpKey(new PgpKeyId(ops.getKeyID()));
if (bcPgpKey != null) {
publicKey = bcPgpKey.getPublicKey();
ops.init(new BcPGPContentVerifierBuilderProvider(), publicKey);
final byte[] buf = new byte[64 * 1024];
int bytesRead;
while ((bytesRead = signedDataIn.read(buf)) > 0) {
ops.update(buf, 0, bytesRead);
if (signedDataOut != null)
signedDataOut.write(buf, 0, bytesRead);
}
final PGPSignature signature = signatureList.get(i);
if (ops.verify(signature)) {
setSignPgpKey(bcPgpKey.getPgpKey());
setPgpSignature(pgp.createPgpSignature(signature));
} else
throw new SignatureException("Signature verification failed!");
}
}
} catch (final PGPException x) {
throw new IOException(x);
}
setSignPgpKeyIds(pgpKeyIds);
logger.debug("verifySignature: signingPgpKeyIds={}", pgpKeyIds);
if (getPgpSignature() == null && isFailOnMissingSignPgpKey())
throw new MissingSigningPgpKeyException(pgpKeyIds,
"The data was signed using the following PGP-keys, of which none could be found in the local key-ring: " + pgpKeyIds);
}