View Javadoc

1   /*
2    * $Id: PGPSecurityProvider.java 7963 2007-08-21 08:53:15Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.extras.pgp;
12  
13  import org.mule.config.i18n.CoreMessages;
14  import org.mule.extras.pgp.i18n.PGPMessages;
15  import org.mule.umo.lifecycle.InitialisationException;
16  import org.mule.umo.security.SecurityException;
17  import org.mule.umo.security.UMOAuthentication;
18  import org.mule.umo.security.UMOSecurityContext;
19  import org.mule.umo.security.UMOSecurityContextFactory;
20  import org.mule.umo.security.UMOSecurityProvider;
21  import org.mule.umo.security.UnauthorisedException;
22  import org.mule.umo.security.UnknownAuthenticationTypeException;
23  
24  import cryptix.message.Message;
25  import cryptix.message.MessageException;
26  import cryptix.message.SignedMessage;
27  import cryptix.pki.KeyBundle;
28  
29  public class PGPSecurityProvider implements UMOSecurityProvider
30  {
31      private String name = "PGPSecurityProvider";
32  
33      private PGPKeyRing keyManager;
34  
35      private UMOSecurityContextFactory factory;
36  
37      /*
38       * (non-Javadoc)
39       * 
40       * @see org.mule.umo.security.UMOSecurityProvider#setName(java.lang.String)
41       */
42      public void setName(String name)
43      {
44          this.name = name;
45      }
46  
47      /*
48       * (non-Javadoc)
49       * 
50       * @see org.mule.umo.security.UMOSecurityProvider#getName()
51       */
52      public String getName()
53      {
54          return name;
55      }
56  
57      /*
58       * (non-Javadoc)
59       * 
60       * @see org.mule.umo.security.UMOSecurityProvider#authenticate(org.mule.umo.security.UMOAuthentication)
61       */
62      public UMOAuthentication authenticate(UMOAuthentication authentication) throws SecurityException
63      {
64          PGPAuthentication auth = (PGPAuthentication)authentication;
65  
66          String userId = (String)auth.getPrincipal();
67  
68          if (userId == null)
69          {
70              throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
71          }
72  
73          KeyBundle userKeyBundle = keyManager.getKeyBundle(userId);
74  
75          if (userKeyBundle == null)
76          {
77              throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId));
78          }
79  
80          Message msg = (Message)auth.getCredentials();
81  
82          if (!((msg != null) && msg instanceof SignedMessage))
83          {
84              throw new UnauthorisedException(PGPMessages.noSignedMessageFound());
85          }
86  
87          try
88          {
89              if (!((SignedMessage)msg).verify(userKeyBundle))
90              {
91                  throw new UnauthorisedException(PGPMessages.invalidSignature());
92              }
93          }
94          catch (MessageException e)
95          {
96              throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
97          }
98  
99          auth.setAuthenticated(true);
100         auth.setDetails(userKeyBundle);
101 
102         return auth;
103     }
104 
105     /*
106      * (non-Javadoc)
107      * 
108      * @see org.mule.umo.security.UMOSecurityProvider#supports(java.lang.Class)
109      */
110     public boolean supports(Class aClass)
111     {
112         return PGPAuthentication.class.isAssignableFrom(aClass);
113     }
114 
115     /*
116      * (non-Javadoc)
117      * 
118      * @see org.mule.umo.security.UMOSecurityProvider#createSecurityContext(org.mule.umo.security.UMOAuthentication)
119      */
120     public UMOSecurityContext createSecurityContext(UMOAuthentication auth)
121         throws UnknownAuthenticationTypeException
122     {
123         return factory.create(auth);
124     }
125 
126     /*
127      * (non-Javadoc)
128      * 
129      * @see org.mule.umo.lifecycle.Initialisable#initialise()
130      */
131     public void initialise() throws InitialisationException
132     {
133         try
134         {
135             java.security.Security.addProvider(new cryptix.jce.provider.CryptixCrypto());
136             java.security.Security.addProvider(new cryptix.openpgp.provider.CryptixOpenPGP());
137 
138             factory = new PGPSecurityContextFactory();
139         }
140         catch (Exception e)
141         {
142             throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e);
143         }
144     }
145 
146     public PGPKeyRing getKeyManager()
147     {
148         return keyManager;
149     }
150 
151     public void setKeyManager(PGPKeyRing keyManager)
152     {
153         this.keyManager = keyManager;
154     }
155 }