1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.pgp; |
12 | |
|
13 | |
import org.mule.api.lifecycle.InitialisationException; |
14 | |
import org.mule.api.security.Authentication; |
15 | |
import org.mule.api.security.SecurityException; |
16 | |
import org.mule.api.security.UnauthorisedException; |
17 | |
import org.mule.config.i18n.CoreMessages; |
18 | |
import org.mule.module.pgp.i18n.PGPMessages; |
19 | |
import org.mule.security.AbstractSecurityProvider; |
20 | |
|
21 | |
import org.bouncycastle.jce.provider.BouncyCastleProvider; |
22 | |
import org.bouncycastle.openpgp.PGPPublicKey; |
23 | |
|
24 | |
public class PGPSecurityProvider extends AbstractSecurityProvider |
25 | |
{ |
26 | |
private PGPKeyRing keyManager; |
27 | |
|
28 | |
public PGPSecurityProvider() |
29 | |
{ |
30 | 0 | super("pgp"); |
31 | 0 | } |
32 | |
|
33 | |
public Authentication authenticate(Authentication authentication) throws SecurityException |
34 | |
{ |
35 | 0 | PGPAuthentication auth = (PGPAuthentication) authentication; |
36 | |
|
37 | 0 | String userId = (String) auth.getPrincipal(); |
38 | |
|
39 | 0 | if (userId == null) |
40 | |
{ |
41 | 0 | throw new UnauthorisedException(CoreMessages.objectIsNull("UserId")); |
42 | |
} |
43 | |
|
44 | 0 | PGPPublicKey publicKey = keyManager.getPublicKey(userId); |
45 | |
|
46 | 0 | if (publicKey == null) |
47 | |
{ |
48 | 0 | throw new UnauthorisedException(PGPMessages.noPublicKeyForUser(userId)); |
49 | |
} |
50 | |
|
51 | 0 | Message msg = (Message) auth.getCredentials(); |
52 | |
|
53 | 0 | if (msg instanceof SignedMessage) |
54 | |
{ |
55 | |
try |
56 | |
{ |
57 | 0 | if (!((SignedMessage) msg).verify()) |
58 | |
{ |
59 | 0 | throw new UnauthorisedException(PGPMessages.invalidSignature()); |
60 | |
} |
61 | |
} |
62 | 0 | catch (Exception e) |
63 | |
{ |
64 | 0 | throw new UnauthorisedException(PGPMessages.errorVerifySignature(), e); |
65 | 0 | } |
66 | |
} |
67 | |
|
68 | 0 | auth.setAuthenticated(true); |
69 | 0 | auth.setDetails(publicKey); |
70 | |
|
71 | 0 | return auth; |
72 | |
} |
73 | |
|
74 | |
@Override |
75 | |
public boolean supports(Class aClass) |
76 | |
{ |
77 | 0 | return PGPAuthentication.class.isAssignableFrom(aClass); |
78 | |
} |
79 | |
|
80 | |
@Override |
81 | |
protected void doInitialise() throws InitialisationException |
82 | |
{ |
83 | |
try |
84 | |
{ |
85 | 0 | java.security.Security.addProvider(new BouncyCastleProvider()); |
86 | 0 | setSecurityContextFactory(new PGPSecurityContextFactory()); |
87 | |
} |
88 | 0 | catch (Exception e) |
89 | |
{ |
90 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("PGPProvider"), e, this); |
91 | 0 | } |
92 | 0 | } |
93 | |
|
94 | |
public PGPKeyRing getKeyManager() |
95 | |
{ |
96 | 0 | return keyManager; |
97 | |
} |
98 | |
|
99 | |
public void setKeyManager(PGPKeyRing keyManager) |
100 | |
{ |
101 | 0 | this.keyManager = keyManager; |
102 | 0 | } |
103 | |
} |