1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.pgp;
12
13 import org.mule.RequestContext;
14 import org.mule.api.MuleEvent;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.security.CredentialsAccessor;
17 import org.mule.api.security.CryptoFailureException;
18 import org.mule.config.i18n.CoreMessages;
19 import org.mule.module.pgp.i18n.PGPMessages;
20 import org.mule.security.AbstractNamedEncryptionStrategy;
21
22 import java.io.InputStream;
23 import java.util.Calendar;
24
25 import org.apache.commons.logging.Log;
26 import org.apache.commons.logging.LogFactory;
27 import org.bouncycastle.jce.provider.BouncyCastleProvider;
28 import org.bouncycastle.openpgp.PGPPublicKey;
29
30 public class KeyBasedEncryptionStrategy extends AbstractNamedEncryptionStrategy
31 {
32
33
34
35 protected static final Log logger = LogFactory.getLog(KeyBasedEncryptionStrategy.class);
36
37 private PGPKeyRing keyManager;
38 private CredentialsAccessor credentialsAccessor;
39 private boolean checkKeyExpirity = false;
40
41 public void initialise() throws InitialisationException
42 {
43 try
44 {
45 java.security.Security.addProvider(new BouncyCastleProvider());
46 }
47 catch (Exception e)
48 {
49 throw new InitialisationException(CoreMessages.failedToCreate("KeyBasedEncryptionStrategy"), e,
50 this);
51 }
52 }
53
54 public InputStream encrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
55 {
56 try
57 {
58 PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
59 PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
60 StreamTransformer transformer = new EncryptStreamTransformer(data, publicKey);
61 return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
62 }
63 catch (Exception e)
64 {
65 throw new CryptoFailureException(this, e);
66 }
67 }
68
69 public InputStream decrypt(InputStream data, Object cryptInfo) throws CryptoFailureException
70 {
71 try
72 {
73 PGPCryptInfo pgpCryptInfo = this.safeGetCryptInfo(cryptInfo);
74 PGPPublicKey publicKey = pgpCryptInfo.getPublicKey();
75 StreamTransformer transformer = new DecryptStreamTransformer(data, publicKey,
76 this.keyManager.getSecretKey(), this.keyManager.getSecretPassphrase());
77 return new LazyTransformedInputStream(new TransformContinuouslyPolicy(), transformer);
78 }
79 catch (Exception e)
80 {
81 throw new CryptoFailureException(this, e);
82 }
83 }
84
85 private PGPCryptInfo safeGetCryptInfo(Object cryptInfo)
86 {
87 if (cryptInfo == null)
88 {
89 MuleEvent event = RequestContext.getEvent();
90 PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event));
91 this.checkKeyExpirity(publicKey);
92 return new PGPCryptInfo(publicKey, false);
93 }
94 else
95 {
96 PGPCryptInfo info = (PGPCryptInfo) cryptInfo;
97 this.checkKeyExpirity(info.getPublicKey());
98 return info;
99 }
100 }
101
102 private void checkKeyExpirity(PGPPublicKey publicKey)
103 {
104 if (this.isCheckKeyExpirity() && publicKey.getValidDays() != 0)
105 {
106 Calendar calendar = Calendar.getInstance();
107 calendar.setTime(publicKey.getCreationTime());
108 calendar.add(Calendar.DATE, publicKey.getValidDays());
109
110 if (!calendar.getTime().after(Calendar.getInstance().getTime()))
111 {
112 throw new InvalidPublicKeyException(PGPMessages.pgpPublicKeyExpired());
113 }
114 }
115 }
116
117 public PGPKeyRing getKeyManager()
118 {
119 return keyManager;
120 }
121
122 public void setKeyManager(PGPKeyRing keyManager)
123 {
124 this.keyManager = keyManager;
125 }
126
127 public CredentialsAccessor getCredentialsAccessor()
128 {
129 return credentialsAccessor;
130 }
131
132 public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
133 {
134 this.credentialsAccessor = credentialsAccessor;
135 }
136
137 public boolean isCheckKeyExpirity()
138 {
139 return checkKeyExpirity;
140 }
141
142 public void setCheckKeyExpirity(boolean checkKeyExpirity)
143 {
144 this.checkKeyExpirity = checkKeyExpirity;
145 }
146 }