View Javadoc

1   /*
2    * $Id: PGPSecurityProvider.java 11517 2008-03-31 21:34:19Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.pgp;
12  
13  import org.mule.api.lifecycle.InitialisationException;
14  import org.mule.api.security.Authentication;
15  import org.mule.api.security.SecurityContext;
16  import org.mule.api.security.SecurityContextFactory;
17  import org.mule.api.security.SecurityException;
18  import org.mule.api.security.SecurityProvider;
19  import org.mule.api.security.UnauthorisedException;
20  import org.mule.api.security.UnknownAuthenticationTypeException;
21  import org.mule.config.i18n.CoreMessages;
22  import org.mule.module.pgp.i18n.PGPMessages;
23  
24  import cryptix.message.Message;
25  import cryptix.message.MessageException;
26  import cryptix.message.SignedMessage;
27  import cryptix.pki.KeyBundle;
28  
29  public class PGPSecurityProvider implements SecurityProvider
30  {
31      private String name = "PGPSecurityProvider";
32  
33      private PGPKeyRing keyManager;
34  
35      private SecurityContextFactory factory;
36  
37      /*
38       * (non-Javadoc)
39       * 
40       * @see org.mule.api.security.SecurityProvider#setName(java.lang.String)
41       */
42      public void setName(String name)
43      {
44          this.name = name;
45      }
46  
47      /*
48       * (non-Javadoc)
49       * 
50       * @see org.mule.api.security.SecurityProvider#getName()
51       */
52      public String getName()
53      {
54          return name;
55      }
56  
57      /*
58       * (non-Javadoc)
59       * 
60       * @see org.mule.api.security.SecurityProvider#authenticate(org.mule.api.security.Authentication)
61       */
62      public Authentication authenticate(Authentication authentication) throws SecurityException
63      {
64          PGPAuthentication auth = (PGPAuthentication) authentication;
65  
66          String userId = (String) auth.getPrincipal();
67  
68          if (userId == null)
69          {
70              throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
71          }
72  
73          KeyBundle userKeyBundle = keyManager.getKeyBundle(userId);
74  
75          if (userKeyBundle == null)
76          {
77              throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId));
78          }
79  
80          Message msg = (Message) auth.getCredentials();
81  
82          if (!((msg != null) && msg instanceof SignedMessage))
83          {
84              throw new UnauthorisedException(PGPMessages.noSignedMessageFound());
85          }
86  
87          try
88          {
89              if (!((SignedMessage) msg).verify(userKeyBundle))
90              {
91                  throw new UnauthorisedException(PGPMessages.invalidSignature());
92              }
93          }
94          catch (MessageException e)
95          {
96              throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
97          }
98  
99          auth.setAuthenticated(true);
100         auth.setDetails(userKeyBundle);
101 
102         return auth;
103     }
104 
105     /*
106      * (non-Javadoc)
107      * 
108      * @see org.mule.api.security.SecurityProvider#supports(java.lang.Class)
109      */
110     public boolean supports(Class aClass)
111     {
112         return PGPAuthentication.class.isAssignableFrom(aClass);
113     }
114 
115     /*
116      * (non-Javadoc)
117      * 
118      * @see org.mule.api.security.SecurityProvider#createSecurityContext(org.mule.api.security.Authentication)
119      */
120     public SecurityContext createSecurityContext(Authentication auth)
121             throws UnknownAuthenticationTypeException
122     {
123         return factory.create(auth);
124     }
125 
126     public void initialise() throws InitialisationException
127     {
128         try
129         {
130             java.security.Security.addProvider(new cryptix.jce.provider.CryptixCrypto());
131             java.security.Security.addProvider(new cryptix.openpgp.provider.CryptixOpenPGP());
132 
133             factory = new PGPSecurityContextFactory();
134         }
135         catch (Exception e)
136         {
137             throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this);
138         }
139     }
140 
141     public PGPKeyRing getKeyManager()
142     {
143         return keyManager;
144     }
145 
146     public void setKeyManager(PGPKeyRing keyManager)
147     {
148         this.keyManager = keyManager;
149     }
150 }