View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.module.pgp;
8   
9   import org.mule.RequestContext;
10  import org.mule.api.MuleEvent;
11  import org.mule.api.lifecycle.InitialisationException;
12  import org.mule.api.security.CredentialsAccessor;
13  import org.mule.api.security.CryptoFailureException;
14  import org.mule.config.i18n.CoreMessages;
15  import org.mule.module.pgp.i18n.PGPMessages;
16  import org.mule.security.AbstractNamedEncryptionStrategy;
17  
18  import java.io.InputStream;
19  import java.util.Calendar;
20  
21  import org.apache.commons.logging.Log;
22  import org.apache.commons.logging.LogFactory;
23  import org.bouncycastle.jce.provider.BouncyCastleProvider;
24  import org.bouncycastle.openpgp.PGPPublicKey;
25  
26  public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy
27  {
28      /**
29       * logger used by this class
30       */
31      protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
32  
33      private PGPKeyRing keyManager;
34      private CredentialsAccessor credentialsAccessor;
35      private boolean checkKeyExpirity = false;
36  
37      public void initialise() throws InitialisationException
38      {
39          try
40          {
41              java.security.Security.addProvider(new BouncyCastleProvider());
42          }
43          catch (Exception e)
44          {
45              throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e,
46                  this);
47          }
48      }
49  
50      public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
51      {
52          try
53          {
54              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
55              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
56              StreamTransformer transformer = new EncryptStreamTransformer(data, publicKey);
57              return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
58          }
59          catch (Exception e)
60          {
61              throw new CryptoFailureException(this, e);
62          }
63      }
64  
65      public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
66      {
67          try
68          {
69              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
70              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
71              StreamTransformer transformer = new DecryptStreamTransformer(data, publicKey,
72                  this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase());
73              return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
74          }
75          catch (Exception e)
76          {
77              throw new CryptoFailureException(this, e);
78          }
79      }
80  
81      private PGPCryptInfo safeGetCryptInfo(Object cryptInfo)
82      {
83          if (cryptInfo == null)
84          {
85              MuleEvent event = RequestContext.getEvent();
86              PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event));
87              this.checkKeyExpirity(publicKey);
88              return new PGPCryptInfo(publicKey, false);
89          }
90          else
91          {
92              PGPCryptInfo info = (PGPCryptInfo) cryptInfo;
93              this.checkKeyExpirity(info.getPublicKey());
94              return info;
95          }
96      }
97  
98      private void checkKeyExpirity(PGPPublicKey publicKey)
99      {
100         if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0)
101         {
102             Calendar calendar = Calendar.getInstance();
103             calendar.setTime(publicKey.getCreationTime());
104             calendar.add(Calendar.DATE, publicKey.getValidDays());
105 
106             if (!calendar.getTime().after(Calendar.getInstance().getTime()))
107             {
108                 throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired());
109             }
110         }
111     }
112 
113     public PGPKeyRing getKeyManager()
114     {
115         return keyManager;
116     }
117 
118     public void setKeyManager(PGPKeyRing keyManager)
119     {
120         this.keyManager = keyManager;
121     }
122 
123     public CredentialsAccessor getCredentialsAccessor()
124     {
125         return credentialsAccessor;
126     }
127 
128     public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
129     {
130         this.credentialsAccessor = credentialsAccessor;
131     }
132 
133     public boolean isCheckKeyExpirity()
134     {
135         return checkKeyExpirity;
136     }
137 
138     public void setCheckKeyExpirity(boolean checkKeyExpirity)
139     {
140         this.checkKeyExpirity = checkKeyExpirity;
141     }
142 }