1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.module.pgp; |
8 | |
|
9 | |
import org.mule.RequestContext; |
10 | |
import org.mule.api.MuleEvent; |
11 | |
import org.mule.api.lifecycle.InitialisationException; |
12 | |
import org.mule.api.security.CredentialsAccessor; |
13 | |
import org.mule.api.security.CryptoFailureException; |
14 | |
import org.mule.config.i18n.CoreMessages; |
15 | |
import org.mule.module.pgp.i18n.PGPMessages; |
16 | |
import org.mule.security.AbstractNamedEncryptionStrategy; |
17 | |
|
18 | |
import java.io.InputStream; |
19 | |
import java.util.Calendar; |
20 | |
|
21 | |
import org.apache.commons.logging.Log; |
22 | |
import org.apache.commons.logging.LogFactory; |
23 | |
import org.bouncycastle.jce.provider.BouncyCastleProvider; |
24 | |
import org.bouncycastle.openpgp.PGPPublicKey; |
25 | |
|
26 | 0 | public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy |
27 | |
{ |
28 | |
|
29 | |
|
30 | |
|
31 | 0 | protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class); |
32 | |
|
33 | |
private PGPKeyRing keyManager; |
34 | |
private CredentialsAccessor credentialsAccessor; |
35 | 0 | private boolean checkKeyExpirity = false; |
36 | |
|
37 | |
public void initialise() throws InitialisationException |
38 | |
{ |
39 | |
try |
40 | |
{ |
41 | 0 | java.security.Security.addProvider(new BouncyCastleProvider()); |
42 | |
} |
43 | 0 | catch (Exception e) |
44 | |
{ |
45 | 0 | throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e, |
46 | |
this); |
47 | 0 | } |
48 | 0 | } |
49 | |
|
50 | |
public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException |
51 | |
{ |
52 | |
try |
53 | |
{ |
54 | 0 | PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo); |
55 | 0 | PGPPublicKey publicKey = pgpCryptInfo.getPublicKey(); |
56 | 0 | StreamTransformer transformer = new EncryptStreamTransformer(data, publicKey); |
57 | 0 | return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer); |
58 | |
} |
59 | 0 | catch (Exception e) |
60 | |
{ |
61 | 0 | throw new CryptoFailureException(this, e); |
62 | |
} |
63 | |
} |
64 | |
|
65 | |
public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException |
66 | |
{ |
67 | |
try |
68 | |
{ |
69 | 0 | PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo); |
70 | 0 | PGPPublicKey publicKey = pgpCryptInfo.getPublicKey(); |
71 | 0 | StreamTransformer transformer = new DecryptStreamTransformer(data, publicKey, |
72 | |
this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase()); |
73 | 0 | return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer); |
74 | |
} |
75 | 0 | catch (Exception e) |
76 | |
{ |
77 | 0 | throw new CryptoFailureException(this, e); |
78 | |
} |
79 | |
} |
80 | |
|
81 | |
private PGPCryptInfo safeGetCryptInfo(Object cryptInfo) |
82 | |
{ |
83 | 0 | if (cryptInfo == null) |
84 | |
{ |
85 | 0 | MuleEvent event = RequestContext.getEvent(); |
86 | 0 | PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event)); |
87 | 0 | this.checkKeyExpirity(publicKey); |
88 | 0 | return new PGPCryptInfo(publicKey, false); |
89 | |
} |
90 | |
else |
91 | |
{ |
92 | 0 | PGPCryptInfo info = (PGPCryptInfo) cryptInfo; |
93 | 0 | this.checkKeyExpirity(info.getPublicKey()); |
94 | 0 | return info; |
95 | |
} |
96 | |
} |
97 | |
|
98 | |
private void checkKeyExpirity(PGPPublicKey publicKey) |
99 | |
{ |
100 | 0 | if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0) |
101 | |
{ |
102 | 0 | Calendar calendar = Calendar.getInstance(); |
103 | 0 | calendar.setTime(publicKey.getCreationTime()); |
104 | 0 | calendar.add(Calendar.DATE, publicKey.getValidDays()); |
105 | |
|
106 | 0 | if (!calendar.getTime().after(Calendar.getInstance().getTime())) |
107 | |
{ |
108 | 0 | throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired()); |
109 | |
} |
110 | |
} |
111 | 0 | } |
112 | |
|
113 | |
public PGPKeyRing getKeyManager() |
114 | |
{ |
115 | 0 | return keyManager; |
116 | |
} |
117 | |
|
118 | |
public void setKeyManager(PGPKeyRing keyManager) |
119 | |
{ |
120 | 0 | this.keyManager = keyManager; |
121 | 0 | } |
122 | |
|
123 | |
public CredentialsAccessor getCredentialsAccessor() |
124 | |
{ |
125 | 0 | return credentialsAccessor; |
126 | |
} |
127 | |
|
128 | |
public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor) |
129 | |
{ |
130 | 0 | this.credentialsAccessor = credentialsAccessor; |
131 | 0 | } |
132 | |
|
133 | |
public boolean isCheckKeyExpirity() |
134 | |
{ |
135 | 0 | return checkKeyExpirity; |
136 | |
} |
137 | |
|
138 | |
public void setCheckKeyExpirity(boolean checkKeyExpirity) |
139 | |
{ |
140 | 0 | this.checkKeyExpirity = checkKeyExpirity; |
141 | 0 | } |
142 | |
} |