1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.pgp;
12
13 import org.mule.api.lifecycle.InitialisationException;
14 import org.mule.api.security.Authentication;
15 import org.mule.api.security.SecurityContext;
16 import org.mule.api.security.SecurityContextFactory;
17 import org.mule.api.security.SecurityException;
18 import org.mule.api.security.SecurityProvider;
19 import org.mule.api.security.UnauthorisedException;
20 import org.mule.api.security.UnknownAuthenticationTypeException;
21 import org.mule.config.i18n.CoreMessages;
22 import org.mule.module.pgp.i18n.PGPMessages;
23
24 import cryptix.message.Message;
25 import cryptix.message.MessageException;
26 import cryptix.message.SignedMessage;
27 import cryptix.pki.KeyBundle;
28
29 public class PGPSecurityProvider implements SecurityProvider
30 {
31 private String name = "PGPSecurityProvider";
32
33 private PGPKeyRing keyManager;
34
35 private SecurityContextFactory factory;
36
37
38
39
40
41
42 public void setName(String name)
43 {
44 this.name = name;
45 }
46
47
48
49
50
51
52 public String getName()
53 {
54 return name;
55 }
56
57
58
59
60
61
62 public Authentication authenticate(Authentication authentication) throws SecurityException
63 {
64 PGPAuthentication auth = (PGPAuthentication) authentication;
65
66 String userId = (String) auth.getPrincipal();
67
68 if (userId == null)
69 {
70 throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
71 }
72
73 KeyBundle userKeyBundle = keyManager.getKeyBundle(userId);
74
75 if (userKeyBundle == null)
76 {
77 throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId));
78 }
79
80 Message msg = (Message) auth.getCredentials();
81
82 if (!((msg != null) && msg instanceof SignedMessage))
83 {
84 throw new UnauthorisedException(PGPMessages.noSignedMessageFound());
85 }
86
87 try
88 {
89 if (!((SignedMessage) msg).verify(userKeyBundle))
90 {
91 throw new UnauthorisedException(PGPMessages.invalidSignature());
92 }
93 }
94 catch (MessageException e)
95 {
96 throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
97 }
98
99 auth.setAuthenticated(true);
100 auth.setDetails(userKeyBundle);
101
102 return auth;
103 }
104
105
106
107
108
109
110 public boolean supports(Class aClass)
111 {
112 return PGPAuthentication.class.isAssignableFrom(aClass);
113 }
114
115
116
117
118
119
120 public SecurityContext createSecurityContext(Authentication auth)
121 throws UnknownAuthenticationTypeException
122 {
123 return factory.create(auth);
124 }
125
126 public void initialise() throws InitialisationException
127 {
128 try
129 {
130 java.security.Security.addProvider(new cryptix.jce.provider.CryptixCrypto());
131 java.security.Security.addProvider(new cryptix.openpgp.provider.CryptixOpenPGP());
132
133 factory = new PGPSecurityContextFactory();
134 }
135 catch (Exception e)
136 {
137 throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this);
138 }
139 }
140
141 public PGPKeyRing getKeyManager()
142 {
143 return keyManager;
144 }
145
146 public void setKeyManager(PGPKeyRing keyManager)
147 {
148 this.keyManager = keyManager;
149 }
150 }