View Javadoc

1   /*
2    * $Id: KeyBasedEncryptionStrategy.java 22865 2011-09-05 17:23:45Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.pgp;
12  
13  import org.mule.RequestContext;
14  import org.mule.api.MuleEvent;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.CredentialsAccessor;
17  import org.mule.api.security.CryptoFailureException;
18  import org.mule.config.i18n.CoreMessages;
19  import org.mule.module.pgp.i18n.PGPMessages;
20  import org.mule.security.AbstractNamedEncryptionStrategy;
21  
22  import java.io.InputStream;
23  import java.util.Calendar;
24  
25  import org.apache.commons.logging.Log;
26  import org.apache.commons.logging.LogFactory;
27  import org.bouncycastle.jce.provider.BouncyCastleProvider;
28  import org.bouncycastle.openpgp.PGPPublicKey;
29  
30  public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy
31  {
32      /**
33       * logger used by this class
34       */
35      protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
36  
37      private PGPKeyRing keyManager;
38      private CredentialsAccessor credentialsAccessor;
39      private boolean checkKeyExpirity = false;
40  
41      public void initialise() throws InitialisationException
42      {
43          try
44          {
45              java.security.Security.addProvider(new BouncyCastleProvider());
46          }
47          catch (Exception e)
48          {
49              throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e,
50                  this);
51          }
52      }
53  
54      public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
55      {
56          try
57          {
58              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
59              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
60              StreamTransformer transformer = new EncryptStreamTransformer(data, publicKey);
61              return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
62          }
63          catch (Exception e)
64          {
65              throw new CryptoFailureException(this, e);
66          }
67      }
68  
69      public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
70      {
71          try
72          {
73              PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
74              PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
75              StreamTransformer transformer = new DecryptStreamTransformer(data, publicKey,
76                  this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase());
77              return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
78          }
79          catch (Exception e)
80          {
81              throw new CryptoFailureException(this, e);
82          }
83      }
84  
85      private PGPCryptInfo safeGetCryptInfo(Object cryptInfo)
86      {
87          if (cryptInfo == null)
88          {
89              MuleEvent event = RequestContext.getEvent();
90              PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event));
91              this.checkKeyExpirity(publicKey);
92              return new PGPCryptInfo(publicKey, false);
93          }
94          else
95          {
96              PGPCryptInfo info = (PGPCryptInfo) cryptInfo;
97              this.checkKeyExpirity(info.getPublicKey());
98              return info;
99          }
100     }
101 
102     private void checkKeyExpirity(PGPPublicKey publicKey)
103     {
104         if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0)
105         {
106             Calendar calendar = Calendar.getInstance();
107             calendar.setTime(publicKey.getCreationTime());
108             calendar.add(Calendar.DATE, publicKey.getValidDays());
109 
110             if (!calendar.getTime().after(Calendar.getInstance().getTime()))
111             {
112                 throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired());
113             }
114         }
115     }
116 
117     public PGPKeyRing getKeyManager()
118     {
119         return keyManager;
120     }
121 
122     public void setKeyManager(PGPKeyRing keyManager)
123     {
124         this.keyManager = keyManager;
125     }
126 
127     public CredentialsAccessor getCredentialsAccessor()
128     {
129         return credentialsAccessor;
130     }
131 
132     public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
133     {
134         this.credentialsAccessor = credentialsAccessor;
135     }
136 
137     public boolean isCheckKeyExpirity()
138     {
139         return checkKeyExpirity;
140     }
141 
142     public void setCheckKeyExpirity(boolean checkKeyExpirity)
143     {
144         this.checkKeyExpirity = checkKeyExpirity;
145     }
146 }