View Javadoc

1   /*
2    * $Id: PGPSecurityProvider.java 19191 2010-08-25 21:05:23Z tcarlson $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.pgp;
12  
13  import org.mule.api.lifecycle.InitialisationException;
14  import org.mule.api.security.Authentication;
15  import org.mule.api.security.SecurityException;
16  import org.mule.api.security.UnauthorisedException;
17  import org.mule.config.i18n.CoreMessages;
18  import org.mule.module.pgp.i18n.PGPMessages;
19  import org.mule.security.AbstractSecurityProvider;
20  
21  import cryptix.message.Message;
22  import cryptix.message.MessageException;
23  import cryptix.message.SignedMessage;
24  import cryptix.pki.KeyBundle;
25  
26  public class PGPSecurityProvider extends AbstractSecurityProvider
27  {
28      private PGPKeyRing keyManager;
29  
30      public PGPSecurityProvider()
31      {
32          super("pgp");
33      }
34      
35      public Authentication authenticate(Authentication authentication) throws SecurityException
36      {
37          PGPAuthentication auth = (PGPAuthentication) authentication;
38  
39          String userId = (String) auth.getPrincipal();
40  
41          if (userId == null)
42          {
43              throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
44          }
45  
46          KeyBundle userKeyBundle = keyManager.getKeyBundle(userId);
47  
48          if (userKeyBundle == null)
49          {
50              throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId));
51          }
52  
53          Message msg = (Message) auth.getCredentials();
54  
55          if (msg instanceof SignedMessage)
56          {
57              try
58              {
59                  if (!((SignedMessage) msg).verify(userKeyBundle))
60                  {
61                      throw new UnauthorisedException(PGPMessages.invalidSignature());
62                  }
63              }
64              catch (MessageException e)
65              {
66                  throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
67              }
68          }
69  
70          auth.setAuthenticated(true);
71          auth.setDetails(userKeyBundle);
72  
73          return auth;
74      }
75  
76      @Override
77      public boolean supports(Class aClass)
78      {
79          return PGPAuthentication.class.isAssignableFrom(aClass);
80      }
81  
82      @Override
83      protected void doInitialise() throws InitialisationException
84      {
85          try
86          {
87              java.security.Security.addProvider(new cryptix.jce.provider.CryptixCrypto());
88              java.security.Security.addProvider(new cryptix.openpgp.provider.CryptixOpenPGP());
89  
90              setSecurityContextFactory(new PGPSecurityContextFactory());
91          }
92          catch (Exception e)
93          {
94              throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this);
95          }
96      }
97  
98      public PGPKeyRing getKeyManager()
99      {
100         return keyManager;
101     }
102 
103     public void setKeyManager(PGPKeyRing keyManager)
104     {
105         this.keyManager = keyManager;
106     }
107 }