2023-01-09 19:48:25 +01:00
|
|
|
// SPDX-FileCopyrightText: 2023 Paul Schaub <vanitasvitae@fsfe.org>
|
|
|
|
//
|
|
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
package sop.external.operation;
|
|
|
|
|
2023-10-31 15:54:54 +01:00
|
|
|
import sop.EncryptionResult;
|
|
|
|
import sop.ReadyWithResult;
|
|
|
|
import sop.SessionKey;
|
2023-01-09 19:48:25 +01:00
|
|
|
import sop.enums.EncryptAs;
|
|
|
|
import sop.exception.SOPGPException;
|
|
|
|
import sop.external.ExternalSOP;
|
|
|
|
import sop.operation.Encrypt;
|
|
|
|
|
2023-11-15 13:52:36 +01:00
|
|
|
import javax.annotation.Nonnull;
|
2023-10-31 15:54:54 +01:00
|
|
|
import java.io.File;
|
|
|
|
import java.io.FileInputStream;
|
2023-01-09 19:48:25 +01:00
|
|
|
import java.io.IOException;
|
|
|
|
import java.io.InputStream;
|
2023-10-31 15:54:54 +01:00
|
|
|
import java.io.OutputStream;
|
2023-01-09 19:48:25 +01:00
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Properties;
|
|
|
|
|
2023-01-19 17:29:29 +01:00
|
|
|
/**
|
|
|
|
* Implementation of the {@link Encrypt} operation using an external SOP binary.
|
|
|
|
*/
|
2023-01-09 19:48:25 +01:00
|
|
|
public class EncryptExternal implements Encrypt {
|
|
|
|
|
2023-10-31 15:54:54 +01:00
|
|
|
private final ExternalSOP.TempDirProvider tempDirProvider;
|
2023-01-09 19:48:25 +01:00
|
|
|
private final List<String> commandList = new ArrayList<>();
|
|
|
|
private final List<String> envList;
|
|
|
|
private int SIGN_WITH_COUNTER = 0;
|
|
|
|
private int KEY_PASSWORD_COUNTER = 0;
|
|
|
|
private int PASSWORD_COUNTER = 0;
|
|
|
|
private int CERT_COUNTER = 0;
|
|
|
|
|
2023-10-31 15:54:54 +01:00
|
|
|
public EncryptExternal(String binary, Properties environment, ExternalSOP.TempDirProvider tempDirProvider) {
|
|
|
|
this.tempDirProvider = tempDirProvider;
|
2023-01-09 19:48:25 +01:00
|
|
|
this.commandList.add(binary);
|
|
|
|
this.commandList.add("encrypt");
|
|
|
|
this.envList = ExternalSOP.propertiesToEnv(environment);
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
2023-01-09 19:48:25 +01:00
|
|
|
public Encrypt noArmor() {
|
|
|
|
this.commandList.add("--no-armor");
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt mode(@Nonnull EncryptAs mode)
|
2023-01-09 19:48:25 +01:00
|
|
|
throws SOPGPException.UnsupportedOption {
|
|
|
|
this.commandList.add("--as=" + mode);
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt signWith(@Nonnull InputStream key)
|
2023-01-09 19:48:25 +01:00
|
|
|
throws SOPGPException.KeyCannotSign, SOPGPException.UnsupportedAsymmetricAlgo, SOPGPException.BadData,
|
|
|
|
IOException {
|
|
|
|
String envVar = "SIGN_WITH_" + SIGN_WITH_COUNTER++;
|
|
|
|
commandList.add("--sign-with=@ENV:" + envVar);
|
2023-01-22 15:07:17 +01:00
|
|
|
envList.add(envVar + "=" + ExternalSOP.readString(key));
|
2023-01-09 19:48:25 +01:00
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt withKeyPassword(@Nonnull byte[] password)
|
2023-01-09 19:48:25 +01:00
|
|
|
throws SOPGPException.PasswordNotHumanReadable, SOPGPException.UnsupportedOption {
|
|
|
|
String envVar = "KEY_PASSWORD_" + KEY_PASSWORD_COUNTER++;
|
|
|
|
commandList.add("--with-key-password=@ENV:" + envVar);
|
|
|
|
envList.add(envVar + "=" + new String(password));
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt withPassword(@Nonnull String password)
|
2023-01-09 19:48:25 +01:00
|
|
|
throws SOPGPException.PasswordNotHumanReadable, SOPGPException.UnsupportedOption {
|
|
|
|
String envVar = "PASSWORD_" + PASSWORD_COUNTER++;
|
|
|
|
commandList.add("--with-password=@ENV:" + envVar);
|
|
|
|
envList.add(envVar + "=" + password);
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt withCert(@Nonnull InputStream cert)
|
2023-01-09 19:48:25 +01:00
|
|
|
throws SOPGPException.CertCannotEncrypt, SOPGPException.UnsupportedAsymmetricAlgo, SOPGPException.BadData,
|
|
|
|
IOException {
|
|
|
|
String envVar = "CERT_" + CERT_COUNTER++;
|
|
|
|
commandList.add("@ENV:" + envVar);
|
2023-01-22 15:07:17 +01:00
|
|
|
envList.add(envVar + "=" + ExternalSOP.readString(cert));
|
2023-01-09 19:48:25 +01:00
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
2023-04-14 15:04:51 +02:00
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public Encrypt profile(@Nonnull String profileName) {
|
2023-04-14 15:04:51 +02:00
|
|
|
commandList.add("--profile=" + profileName);
|
|
|
|
return this;
|
|
|
|
}
|
|
|
|
|
2023-01-09 19:48:25 +01:00
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
@Nonnull
|
|
|
|
public ReadyWithResult<EncryptionResult> plaintext(@Nonnull InputStream plaintext)
|
2023-10-31 15:54:54 +01:00
|
|
|
throws SOPGPException.KeyIsProtected, IOException {
|
|
|
|
File tempDir = tempDirProvider.provideTempDirectory();
|
|
|
|
|
|
|
|
File sessionKeyOut = new File(tempDir, "session-key-out");
|
|
|
|
sessionKeyOut.delete();
|
|
|
|
commandList.add("--session-key-out=" + sessionKeyOut.getAbsolutePath());
|
|
|
|
|
|
|
|
String[] command = commandList.toArray(new String[0]);
|
|
|
|
String[] env = envList.toArray(new String[0]);
|
|
|
|
try {
|
|
|
|
Process process = Runtime.getRuntime().exec(command, env);
|
|
|
|
OutputStream processOut = process.getOutputStream();
|
|
|
|
InputStream processIn = process.getInputStream();
|
|
|
|
|
|
|
|
return new ReadyWithResult<EncryptionResult>() {
|
|
|
|
@Override
|
2023-11-15 13:52:36 +01:00
|
|
|
public EncryptionResult writeTo(@Nonnull OutputStream outputStream) throws IOException {
|
2023-10-31 15:54:54 +01:00
|
|
|
byte[] buf = new byte[4096];
|
|
|
|
int r;
|
|
|
|
while ((r = plaintext.read(buf)) > 0) {
|
|
|
|
processOut.write(buf, 0, r);
|
|
|
|
}
|
|
|
|
|
|
|
|
plaintext.close();
|
|
|
|
processOut.close();
|
|
|
|
|
|
|
|
while ((r = processIn.read(buf)) > 0) {
|
|
|
|
outputStream.write(buf, 0 , r);
|
|
|
|
}
|
|
|
|
|
|
|
|
processIn.close();
|
|
|
|
outputStream.close();
|
|
|
|
|
|
|
|
ExternalSOP.finish(process);
|
|
|
|
|
|
|
|
FileInputStream sessionKeyOutIn = new FileInputStream(sessionKeyOut);
|
|
|
|
String line = ExternalSOP.readString(sessionKeyOutIn);
|
|
|
|
SessionKey sessionKey = SessionKey.fromString(line.trim());
|
|
|
|
sessionKeyOutIn.close();
|
|
|
|
sessionKeyOut.delete();
|
|
|
|
|
|
|
|
return new EncryptionResult(sessionKey);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
} catch (IOException e) {
|
|
|
|
throw new RuntimeException(e);
|
|
|
|
}
|
2023-01-09 19:48:25 +01:00
|
|
|
}
|
|
|
|
}
|