View Javadoc

1   /*
2    * $Id: PGPSecurityProvider.java 20310 2010-11-24 10:40:35Z esteban.robles $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.pgp;
12  
13  import org.mule.api.lifecycle.InitialisationException;
14  import org.mule.api.security.Authentication;
15  import org.mule.api.security.SecurityException;
16  import org.mule.api.security.UnauthorisedException;
17  import org.mule.config.i18n.CoreMessages;
18  import org.mule.module.pgp.i18n.PGPMessages;
19  import org.mule.security.AbstractSecurityProvider;
20  
21  import org.bouncycastle.jce.provider.BouncyCastleProvider;
22  import org.bouncycastle.openpgp.PGPPublicKey;
23  
24  public class PGPSecurityProvider extends AbstractSecurityProvider
25  {
26      private PGPKeyRing keyManager;
27  
28      public PGPSecurityProvider()
29      {
30          super("pgp");
31      }
32      
33      public Authentication authenticate(Authentication authentication) throws SecurityException
34      {
35          PGPAuthentication auth = (PGPAuthentication) authentication;
36  
37          String userId = (String) auth.getPrincipal();
38  
39          if (userId == null)
40          {
41              throw new UnauthorisedException(CoreMessages.objectIsNull("UserId"));
42          }
43  
44          PGPPublicKey publicKey = keyManager.getPublicKey(userId);
45  
46          if (publicKey == null)
47          {
48              throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId));
49          }
50  
51          Message msg = (Message) auth.getCredentials();
52  
53          if (msg instanceof SignedMessage)
54          {
55              try
56              {
57                  if (!((SignedMessage) msg).verify())
58                  {
59                      throw new UnauthorisedException(PGPMessages.invalidSignature());
60                  }
61              }
62              catch (Exception e)
63              {
64                  throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e);
65              }
66          }
67  
68          auth.setAuthenticated(true);
69          auth.setDetails(publicKey);
70  
71          return auth;
72      }
73  
74      @Override
75      public boolean supports(Class aClass)
76      {
77          return PGPAuthentication.class.isAssignableFrom(aClass);
78      }
79  
80      @Override
81      protected void doInitialise() throws InitialisationException
82      {
83          try
84          {
85              java.security.Security.addProvider(new BouncyCastleProvider());
86              setSecurityContextFactory(new PGPSecurityContextFactory());
87          }
88          catch (Exception e)
89          {
90              throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this);
91          }
92      }
93  
94      public PGPKeyRing getKeyManager()
95      {
96          return keyManager;
97      }
98  
99      public void setKeyManager(PGPKeyRing keyManager)
100     {
101         this.keyManager = keyManager;
102     }
103 }