1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.pgp; |
12 | |
|
13 | |
import org.mule.api.lifecycle.InitialisationException; |
14 | |
import org.mule.api.security.Authentication; |
15 | |
import org.mule.api.security.SecurityException; |
16 | |
import org.mule.api.security.UnauthorisedException; |
17 | |
import org.mule.config.i18n.CoreMessages; |
18 | |
import org.mule.module.pgp.i18n.PGPMessages; |
19 | |
import org.mule.security.AbstractSecurityProvider; |
20 | |
|
21 | |
import cryptix.message.Message; |
22 | |
import cryptix.message.MessageException; |
23 | |
import cryptix.message.SignedMessage; |
24 | |
import cryptix.pki.KeyBundle; |
25 | |
|
26 | |
public class PGPSecurityProvider extends AbstractSecurityProvider |
27 | |
{ |
28 | |
private PGPKeyRing keyManager; |
29 | |
|
30 | |
public PGPSecurityProvider() |
31 | |
{ |
32 | 0 | super("pgp"); |
33 | 0 | } |
34 | |
|
35 | |
public Authentication authenticate(Authentication authentication) throws SecurityException |
36 | |
{ |
37 | 0 | PGPAuthentication auth = (PGPAuthentication) authentication; |
38 | |
|
39 | 0 | String userId = (String) auth.getPrincipal(); |
40 | |
|
41 | 0 | if (userId == null) |
42 | |
{ |
43 | 0 | throw new UnauthorisedException(CoreMessages.objectIsNull("UserId")); |
44 | |
} |
45 | |
|
46 | 0 | KeyBundle userKeyBundle = keyManager.getKeyBundle(userId); |
47 | |
|
48 | 0 | if (userKeyBundle == null) |
49 | |
{ |
50 | 0 | throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId)); |
51 | |
} |
52 | |
|
53 | 0 | Message msg = (Message) auth.getCredentials(); |
54 | |
|
55 | 0 | if (msg instanceof SignedMessage) |
56 | |
{ |
57 | |
try |
58 | |
{ |
59 | 0 | if (!((SignedMessage) msg).verify(userKeyBundle)) |
60 | |
{ |
61 | 0 | throw new UnauthorisedException(PGPMessages.invalidSignature()); |
62 | |
} |
63 | |
} |
64 | 0 | catch (MessageException e) |
65 | |
{ |
66 | 0 | throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e); |
67 | 0 | } |
68 | |
} |
69 | |
|
70 | 0 | auth.setAuthenticated(true); |
71 | 0 | auth.setDetails(userKeyBundle); |
72 | |
|
73 | 0 | return auth; |
74 | |
} |
75 | |
|
76 | |
@Override |
77 | |
public boolean supports(Class aClass) |
78 | |
{ |
79 | 0 | return PGPAuthentication.class.isAssignableFrom(aClass); |
80 | |
} |
81 | |
|
82 | |
@Override |
83 | |
protected void doInitialise() throws InitialisationException |
84 | |
{ |
85 | |
try |
86 | |
{ |
87 | 0 | java.security.Security.addProvider(new cryptix.jce.provider.CryptixCrypto()); |
88 | 0 | java.security.Security.addProvider(new cryptix.openpgp.provider.CryptixOpenPGP()); |
89 | |
|
90 | 0 | setSecurityContextFactory(new PGPSecurityContextFactory()); |
91 | |
} |
92 | 0 | catch (Exception e) |
93 | |
{ |
94 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this); |
95 | 0 | } |
96 | 0 | } |
97 | |
|
98 | |
public PGPKeyRing getKeyManager() |
99 | |
{ |
100 | 0 | return keyManager; |
101 | |
} |
102 | |
|
103 | |
public void setKeyManager(PGPKeyRing keyManager) |
104 | |
{ |
105 | 0 | this.keyManager = keyManager; |
106 | 0 | } |
107 | |
} |