1
2
3
4
5
6
7 package org.mule.module.pgp;
8
9 import org.mule.RequestContext;
10 import org.mule.api.MuleEvent;
11 import org.mule.api.lifecycle.InitialisationException;
12 import org.mule.api.security.CredentialsAccessor;
13 import org.mule.api.security.CryptoFailureException;
14 import org.mule.config.i18n.CoreMessages;
15 import org.mule.module.pgp.i18n.PGPMessages;
16 import org.mule.security.AbstractNamedEncryptionStrategy;
17
18 import java.io.InputStream;
19 import java.util.Calendar;
20
21 import org.apache.commons.logging.Log;
22 import org.apache.commons.logging.LogFactory;
23 import org.bouncycastle.jce.provider.BouncyCastleProvider;
24 import org.bouncycastle.openpgp.PGPPublicKey;
25
26 public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy
27 {
28
29
30
31 protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
32
33 private PGPKeyRing keyManager;
34 private CredentialsAccessor credentialsAccessor;
35 private boolean checkKeyExpirity = false;
36
37 public void initialise() throws InitialisationException
38 {
39 try
40 {
41 java.security.Security.addProvider(new BouncyCastleProvider());
42 }
43 catch (Exception e)
44 {
45 throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e,
46 this);
47 }
48 }
49
50 public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
51 {
52 try
53 {
54 PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
55 PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
56 StreamTransformer transformer = new EncryptStreamTransformer(data, publicKey);
57 return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
58 }
59 catch (Exception e)
60 {
61 throw new CryptoFailureException(this, e);
62 }
63 }
64
65 public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
66 {
67 try
68 {
69 PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
70 PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
71 StreamTransformer transformer = new DecryptStreamTransformer(data, publicKey,
72 this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase());
73 return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
74 }
75 catch (Exception e)
76 {
77 throw new CryptoFailureException(this, e);
78 }
79 }
80
81 private PGPCryptInfo safeGetCryptInfo(Object cryptInfo)
82 {
83 if (cryptInfo == null)
84 {
85 MuleEvent event = RequestContext.getEvent();
86 PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event));
87 this.checkKeyExpirity(publicKey);
88 return new PGPCryptInfo(publicKey, false);
89 }
90 else
91 {
92 PGPCryptInfo info = (PGPCryptInfo) cryptInfo;
93 this.checkKeyExpirity(info.getPublicKey());
94 return info;
95 }
96 }
97
98 private void checkKeyExpirity(PGPPublicKey publicKey)
99 {
100 if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0)
101 {
102 Calendar calendar = Calendar.getInstance();
103 calendar.setTime(publicKey.getCreationTime());
104 calendar.add(Calendar.DATE, publicKey.getValidDays());
105
106 if (!calendar.getTime().after(Calendar.getInstance().getTime()))
107 {
108 throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired());
109 }
110 }
111 }
112
113 public PGPKeyRing getKeyManager()
114 {
115 return keyManager;
116 }
117
118 public void setKeyManager(PGPKeyRing keyManager)
119 {
120 this.keyManager = keyManager;
121 }
122
123 public CredentialsAccessor getCredentialsAccessor()
124 {
125 return credentialsAccessor;
126 }
127
128 public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
129 {
130 this.credentialsAccessor = credentialsAccessor;
131 }
132
133 public boolean isCheckKeyExpirity()
134 {
135 return checkKeyExpirity;
136 }
137
138 public void setCheckKeyExpirity(boolean checkKeyExpirity)
139 {
140 this.checkKeyExpirity = checkKeyExpirity;
141 }
142 }