View Javadoc

1   /*
2    * $Id: KeyBasedEncryptionStrategy.java 20310 2010-11-24 10:40:35Z esteban.robles $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.pgp;
12  
13  import org.mule.RequestContext;
14  import org.mule.api.MuleEvent;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.CredentialsAccessor;
17  import org.mule.api.security.CryptoFailureException;
18  import org.mule.config.i18n.CoreMessages;
19  import org.mule.module.pgp.i18n.PGPMessages;
20  import org.mule.security.AbstractNamedEncryptionStrategy;
21  
22  import java.io.InputStream;
23  import java.util.Calendar;
24  
25  import org.apache.commons.logging.Log;
26  import org.apache.commons.logging.LogFactory;
27  import org.bouncycastle.jce.provider.BouncyCastleProvider;
28  import org.bouncycastle.openpgp.PGPPublicKey;
29  
30  public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy
31  {
32      /**
33       * logger used by this class
34       */
35      protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
36  
37      private PGPKeyRing keyManager;
38      private CredentialsAccessor credentialsAccessor;
39      private boolean checkKeyExpirity = false;
40  
41      public void initialise() throws InitialisationException
42      {
43          try
44          {
45              java.security.Security.addProvider(new BouncyCastleProvider());
46          }
47          catch (Exception e)
48          {
49              throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e,
50                  this);
51          }
52      }
53  
54      public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
55      {
56          try
57          {
58              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
59              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
60              return new LazyInputStream(new EncryptOutputStreamWriter(data, publicKey));
61          }
62          catch (Exception e)
63          {
64              throw new CryptoFailureException(this, e);
65          }
66      }
67  
68      public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
69      {
70          try
71          {
72              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
73              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
74              return new LazyInputStream(new DecryptOutputStreamWriter(data, publicKey,
75                  this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase()));
76          }
77          catch (Exception e)
78          {
79              throw new CryptoFailureException(this, e);
80          }
81      }
82  
83      private PGPCryptInfo safeGetCryptInfo(Object cryptInfo)
84      {
85          if (cryptInfo == null)
86          {
87              MuleEvent event = RequestContext.getEvent();
88              PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event));
89              this.checkKeyExpirity(publicKey);
90              return new PGPCryptInfo(publicKey, false);
91          }
92          else
93          {
94              PGPCryptInfo info = (PGPCryptInfo) cryptInfo;
95              this.checkKeyExpirity(info.getPublicKey());
96              return info;
97          }
98      }
99  
100     private void checkKeyExpirity(PGPPublicKey publicKey)
101     {
102         if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0)
103         {
104             Calendar calendar = Calendar.getInstance();
105             calendar.setTime(publicKey.getCreationTime());
106             calendar.add(Calendar.DATE, publicKey.getValidDays());
107 
108             if (!calendar.getTime().after(Calendar.getInstance().getTime()))
109             {
110                 throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired());
111             }
112         }
113     }
114 
115     public PGPKeyRing getKeyManager()
116     {
117         return keyManager;
118     }
119 
120     public void setKeyManager(PGPKeyRing keyManager)
121     {
122         this.keyManager = keyManager;
123     }
124 
125     public CredentialsAccessor getCredentialsAccessor()
126     {
127         return credentialsAccessor;
128     }
129 
130     public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
131     {
132         this.credentialsAccessor = credentialsAccessor;
133     }
134 
135     public boolean isCheckKeyExpirity()
136     {
137         return checkKeyExpirity;
138     }
139 
140     public void setCheckKeyExpirity(boolean checkKeyExpirity)
141     {
142         this.checkKeyExpirity = checkKeyExpirity;
143     }
144 }