You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@gobblin.apache.org by hu...@apache.org on 2017/10/19 18:26:24 UTC
incubator-gobblin git commit: [GOBBLIN-289] fix the issue that PGP file only partially depcrypted

Repository: incubator-gobblin
Updated Branches:
  refs/heads/master 6dd36a506 -> 8f32ab4c1


[GOBBLIN-289] fix the issue that PGP file only partially depcrypted

Closes #2141 from jerrybai2009/master


Project: http://git-wip-us.apache.org/repos/asf/incubator-gobblin/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-gobblin/commit/8f32ab4c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-gobblin/tree/8f32ab4c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-gobblin/diff/8f32ab4c

Branch: refs/heads/master
Commit: 8f32ab4c16e6832a1a156cfd16e4f54e8d8c1dce
Parents: 6dd36a5
Author: jbai <jb...@linkedin.com>
Authored: Thu Oct 19 11:26:19 2017 -0700
Committer: Hung Tran <hu...@linkedin.com>
Committed: Thu Oct 19 11:26:19 2017 -0700

----------------------------------------------------------------------
 .../apache/gobblin/crypto/GPGFileDecryptor.java | 34 ++++++++++++++------
 1 file changed, 25 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-gobblin/blob/8f32ab4c/gobblin-modules/gobblin-crypto/src/main/java/org/apache/gobblin/crypto/GPGFileDecryptor.java
----------------------------------------------------------------------
diff --git a/gobblin-modules/gobblin-crypto/src/main/java/org/apache/gobblin/crypto/GPGFileDecryptor.java b/gobblin-modules/gobblin-crypto/src/main/java/org/apache/gobblin/crypto/GPGFileDecryptor.java
index ec28273..7d62439 100644
--- a/gobblin-modules/gobblin-crypto/src/main/java/org/apache/gobblin/crypto/GPGFileDecryptor.java
+++ b/gobblin-modules/gobblin-crypto/src/main/java/org/apache/gobblin/crypto/GPGFileDecryptor.java
@@ -16,6 +16,8 @@
  */
 package org.apache.gobblin.crypto;
 
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.Security;
@@ -34,6 +36,7 @@ import org.bouncycastle.openpgp.PGPPrivateKey;
 import org.bouncycastle.openpgp.PGPPublicKeyEncryptedData;
 import org.bouncycastle.openpgp.PGPSecretKey;
 import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
+import org.bouncycastle.openpgp.PGPSignatureList;
 import org.bouncycastle.openpgp.PGPUtil;
 import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
 import org.bouncycastle.openpgp.operator.bc.BcKeyFingerprintCalculator;
@@ -41,6 +44,7 @@ import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBu
 import org.bouncycastle.openpgp.operator.jcajce.JcePBEDataDecryptorFactoryBuilder;
 import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
 import org.bouncycastle.openpgp.operator.jcajce.JcePublicKeyDataDecryptorFactoryBuilder;
+import org.bouncycastle.util.io.Streams;
 
 
 /**
@@ -113,23 +117,35 @@ public class GPGFileDecryptor {
       throw new IllegalArgumentException("secret key for message not found.");
     }
 
+    ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+
     try (InputStream clear = pbe.getDataStream(
         new JcePublicKeyDataDecryptorFactoryBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build(sKey))) {
 
       JcaPGPObjectFactory pgpFact = new JcaPGPObjectFactory(clear);
       Object pgpfObject = pgpFact.nextObject();
 
-      if (pgpfObject instanceof PGPCompressedData) {
-        PGPCompressedData cData = (PGPCompressedData) pgpfObject;
-        pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
+      while (pgpfObject != null) {
+        if (pgpfObject instanceof PGPCompressedData) {
+          PGPCompressedData cData = (PGPCompressedData) pgpfObject;
+          pgpFact = new JcaPGPObjectFactory(cData.getDataStream());
+          pgpfObject = pgpFact.nextObject();
+        }
+
+        if (pgpfObject instanceof PGPLiteralData) {
+          Streams.pipeAll(((PGPLiteralData) pgpfObject).getInputStream(), outputStream);
+        } else if (pgpfObject instanceof PGPOnePassSignatureList) {
+          throw new PGPException("encrypted message contains PGPOnePassSignatureList message - not literal data.");
+        } else if (pgpfObject instanceof PGPSignatureList) {
+          throw new PGPException("encrypted message contains PGPSignatureList message - not literal data.");
+        } else {
+          throw new PGPException("message is not a simple encrypted file - type unknown.");
+        }
         pgpfObject = pgpFact.nextObject();
-        PGPLiteralData ld = (PGPLiteralData) pgpfObject;
-        return ld.getInputStream();
-      } else if (pgpfObject instanceof PGPOnePassSignatureList) {
-        throw new PGPException("encrypted message contains a signed message - not literal data.");
-      } else {
-        throw new PGPException("message is not a simple encrypted file - type unknown.");
       }
+      return new ByteArrayInputStream(outputStream.toByteArray());
+    } finally {
+      outputStream.close();
     }
   }