1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.pgp; |
12 | |
|
13 | |
import org.mule.RequestContext; |
14 | |
import org.mule.api.MuleEvent; |
15 | |
import org.mule.api.lifecycle.InitialisationException; |
16 | |
import org.mule.api.security.CredentialsAccessor; |
17 | |
import org.mule.api.security.CryptoFailureException; |
18 | |
import org.mule.config.i18n.CoreMessages; |
19 | |
import org.mule.module.pgp.i18n.PGPMessages; |
20 | |
import org.mule.security.AbstractNamedEncryptionStrategy; |
21 | |
|
22 | |
import java.io.InputStream; |
23 | |
import java.util.Calendar; |
24 | |
|
25 | |
import org.apache.commons.logging.Log; |
26 | |
import org.apache.commons.logging.LogFactory; |
27 | |
import org.bouncycastle.jce.provider.BouncyCastleProvider; |
28 | |
import org.bouncycastle.openpgp.PGPPublicKey; |
29 | |
|
30 | 0 | public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy |
31 | |
{ |
32 | |
|
33 | |
|
34 | |
|
35 | 0 | protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class); |
36 | |
|
37 | |
private PGPKeyRing keyManager; |
38 | |
private CredentialsAccessor credentialsAccessor; |
39 | 0 | private boolean checkKeyExpirity = false; |
40 | |
|
41 | |
public void initialise() throws InitialisationException |
42 | |
{ |
43 | |
try |
44 | |
{ |
45 | 0 | java.security.Security.addProvider(new BouncyCastleProvider()); |
46 | |
} |
47 | 0 | catch (Exception e) |
48 | |
{ |
49 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e, |
50 | |
this); |
51 | 0 | } |
52 | 0 | } |
53 | |
|
54 | |
public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException |
55 | |
{ |
56 | |
try |
57 | |
{ |
58 | 0 | PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo); |
59 | 0 | PGPPublicKey publicKey = pgpCryptInfo.getPublicKey(); |
60 | 0 | return new LazyInputStream(new EncryptOutputStreamWriter(data, publicKey)); |
61 | |
} |
62 | 0 | catch (Exception e) |
63 | |
{ |
64 | 0 | throw new CryptoFailureException(this, e); |
65 | |
} |
66 | |
} |
67 | |
|
68 | |
public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException |
69 | |
{ |
70 | |
try |
71 | |
{ |
72 | 0 | PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo); |
73 | 0 | PGPPublicKey publicKey = pgpCryptInfo.getPublicKey(); |
74 | 0 | return new LazyInputStream(new DecryptOutputStreamWriter(data, publicKey, |
75 | |
this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase())); |
76 | |
} |
77 | 0 | catch (Exception e) |
78 | |
{ |
79 | 0 | throw new CryptoFailureException(this, e); |
80 | |
} |
81 | |
} |
82 | |
|
83 | |
private PGPCryptInfo safeGetCryptInfo(Object cryptInfo) |
84 | |
{ |
85 | 0 | if (cryptInfo == null) |
86 | |
{ |
87 | 0 | MuleEvent event = RequestContext.getEvent(); |
88 | 0 | PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event)); |
89 | 0 | this.checkKeyExpirity(publicKey); |
90 | 0 | return new PGPCryptInfo(publicKey, false); |
91 | |
} |
92 | |
else |
93 | |
{ |
94 | 0 | PGPCryptInfo info = (PGPCryptInfo) cryptInfo; |
95 | 0 | this.checkKeyExpirity(info.getPublicKey()); |
96 | 0 | return info; |
97 | |
} |
98 | |
} |
99 | |
|
100 | |
private void checkKeyExpirity(PGPPublicKey publicKey) |
101 | |
{ |
102 | 0 | if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0) |
103 | |
{ |
104 | 0 | Calendar calendar = Calendar.getInstance(); |
105 | 0 | calendar.setTime(publicKey.getCreationTime()); |
106 | 0 | calendar.add(Calendar.DATE, publicKey.getValidDays()); |
107 | |
|
108 | 0 | if (!calendar.getTime().after(Calendar.getInstance().getTime())) |
109 | |
{ |
110 | 0 | throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired()); |
111 | |
} |
112 | |
} |
113 | 0 | } |
114 | |
|
115 | |
public PGPKeyRing getKeyManager() |
116 | |
{ |
117 | 0 | return keyManager; |
118 | |
} |
119 | |
|
120 | |
public void setKeyManager(PGPKeyRing keyManager) |
121 | |
{ |
122 | 0 | this.keyManager = keyManager; |
123 | 0 | } |
124 | |
|
125 | |
public CredentialsAccessor getCredentialsAccessor() |
126 | |
{ |
127 | 0 | return credentialsAccessor; |
128 | |
} |
129 | |
|
130 | |
public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor) |
131 | |
{ |
132 | 0 | this.credentialsAccessor = credentialsAccessor; |
133 | 0 | } |
134 | |
|
135 | |
public boolean isCheckKeyExpirity() |
136 | |
{ |
137 | 0 | return checkKeyExpirity; |
138 | |
} |
139 | |
|
140 | |
public void setCheckKeyExpirity(boolean checkKeyExpirity) |
141 | |
{ |
142 | 0 | this.checkKeyExpirity = checkKeyExpirity; |
143 | 0 | } |
144 | |
} |