Analyzing contents of OpenPGP data in Android -OpenPGP Examples in Android

In the usual scenario when exchanging OpenPGP encrypted data with our partners, we have an upfront agreement of the details and format in which the data will be. In this case the methods of com.didisoft.pgp.PGPLib class re enough to handle the data.

But there may be cases when we need to analyze the incoming .pgp data and take additional steps according to specific details in it. In order to handle this situation we have to use the methods of com.didisoft.pgp.inspect.PGPInspectLib. In this article we are going to demonstrate is usage.

Analyzing OpenPGP archives

The flow chart below illustrates the possible scenarios that we can handle. A sample code follows underneath:

import java.io.IOException;
import com.didisoft.pgp.KeyPairInformation;
import com.didisoft.pgp.PGPException;
import com.didisoft.pgp.PGPLib;
import com.didisoft.pgp.inspect.PGPInspectLib;
 
public class AnalyzeOpenPGPFile {
 
    public static void main(String[] args) throws IOException, PGPException {
        String openpgpFile = "examples/DataFiles/encrypted.pgp";
 
        // create an instance of the main library which we shall use for data extraction
        PGPLib pgp = new PGPLib();        
        boolean asciiArmor = true;                
        pgp.encryptFile("examples/DataFiles/INPUT.txt", 
                        "examples/DataFiles/public.key", 
                        openpgpFile, 
                        asciiArmor);
 
        // create an instance of the inspection library 
        PGPInspectLib inspect = new PGPInspectLib();
 
        // check is this a signed only archive
        if (inspect.isSignedOnly(openpgpFile)) {
            // inspect the which key ID's have signed it
            long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile);            
            for (int i=0; i&lt;signingKeyIds.length; i++) {
                System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i]));
            }
 
            // We can now call one of the pgp.verify methods to extract the data            
        } // check is this a key encrypted archive 
        else if (inspect.isPublicKeyEncrypted(openpgpFile)) {
            // inspect the which key ID's have encrypted it
            long[] encryptionKeyIds = inspect.listEncryptionKeyIds(openpgpFile);
            for (int i=0; i&lt;encryptionKeyIds.length; i++) {                 
              System.out.println("Encrypted with Key ID : " + KeyPairInformation.keyId2Hex(encryptionKeyIds[i]));
            }
 
            String privateKeyFileName = "examples/DataFiles/private.key";             
            String privateKeyPassword = "changeit";                          
            // inspect the which key ID's have signed it             
            long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile, privateKeyFileName, privateKeyPassword);                     
            if (signingKeyIds.length &gt; 0) {
                // this is a signed and encrypted archive
                for (int i=0; i&lt;signingKeyIds.length; i++) {
                    System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i]));
                }                
                // We can call one of the pgp.decryptAndVerify methods to extract the data 
            } else {
             // this is an encrypted only archive
             // We can call one of the pgp.decrypt methods to extract the data
            }
        } // check is this a password encrypted (PBE) archive
        else if (inspect.isPBEEncrypted(openpgpFile)) {
            // We can call pgp.decryptFilePBE to extract the data
        } else {
            // other unknown OpenPGP archive
            // we must probably log an error 
        }        
    }
}

import java.io.IOException; import com.didisoft.pgp.KeyPairInformation; import com.didisoft.pgp.PGPException; import com.didisoft.pgp.PGPLib; import com.didisoft.pgp.inspect.PGPInspectLib; public class AnalyzeOpenPGPFile { public static void main(String[] args) throws IOException, PGPException { String openpgpFile = "examples/DataFiles/encrypted.pgp"; // create an instance of the main library which we shall use for data extraction PGPLib pgp = new PGPLib(); boolean asciiArmor = true; pgp.encryptFile("examples/DataFiles/INPUT.txt", "examples/DataFiles/public.key", openpgpFile, asciiArmor); // create an instance of the inspection library PGPInspectLib inspect = new PGPInspectLib(); // check is this a signed only archive if (inspect.isSignedOnly(openpgpFile)) { // inspect the which key ID's have signed it long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile); for (int i=0; i<signingKeyIds.length; i++) { System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i])); } // We can now call one of the pgp.verify methods to extract the data } // check is this a key encrypted archive else if (inspect.isPublicKeyEncrypted(openpgpFile)) { // inspect the which key ID's have encrypted it long[] encryptionKeyIds = inspect.listEncryptionKeyIds(openpgpFile); for (int i=0; i<encryptionKeyIds.length; i++) { System.out.println("Encrypted with Key ID : " + KeyPairInformation.keyId2Hex(encryptionKeyIds[i])); } String privateKeyFileName = "examples/DataFiles/private.key"; String privateKeyPassword = "changeit"; // inspect the which key ID's have signed it long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile, privateKeyFileName, privateKeyPassword); if (signingKeyIds.length > 0) { // this is a signed and encrypted archive for (int i=0; i<signingKeyIds.length; i++) { System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i])); } // We can call one of the pgp.decryptAndVerify methods to extract the data } else { // this is an encrypted only archive // We can call one of the pgp.decrypt methods to extract the data } } // check is this a password encrypted (PBE) archive else if (inspect.isPBEEncrypted(openpgpFile)) { // We can call pgp.decryptFilePBE to extract the data } else { // other unknown OpenPGP archive // we must probably log an error } } }

Summary

This chapter is a quick introduction how to examine an arbitrary OpenPGP archive. It uses the methods of the com.didisoft.pgp.PGPInspectLib class.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Analyzing contents of OpenPGP data in Android

Analyzing OpenPGP archives

Summary

Contact Us

Announcements

Subscribe for Updates

Updates