Analyzing contents of OpenPGP data in Android

In the usual scenario when exchanging OpenPGP encrypted data with our partners, we have an upfront agreement of the details and format in which the data will be. In this case the methods of com.didisoft.pgp.PGPLib class re enough to handle the data.

But there may be cases when we need to analyze the incoming .pgp data and take additional steps according to specific details in it. In order to handle this situation we have to use the methods of com.didisoft.pgp.inspect.PGPInspectLib. In this article we are going to demonstrate is usage.

Analyzing OpenPGP archives

The flow chart below illustrates the possible scenarios that we can handle. A sample code follows underneath:

Algorithm for analyzing an OpenPGP archive

import java.io.IOException;
import com.didisoft.pgp.KeyPairInformation;
import com.didisoft.pgp.PGPException;
import com.didisoft.pgp.PGPLib;
import com.didisoft.pgp.inspect.PGPInspectLib;
 
public class AnalyzeOpenPGPFile {
 
    public static void main(String[] args) throws IOException, PGPException {
        String openpgpFile = "examples/DataFiles/encrypted.pgp";
 
        // create an instance of the main library which we shall use for data extraction
        PGPLib pgp = new PGPLib();        
        boolean asciiArmor = true;                
        pgp.encryptFile("examples/DataFiles/INPUT.txt", 
                        "examples/DataFiles/public.key", 
                        openpgpFile, 
                        asciiArmor);
 
        // create an instance of the inspection library 
        PGPInspectLib inspect = new PGPInspectLib();
 
        // check is this a signed only archive
        if (inspect.isSignedOnly(openpgpFile)) {
            // inspect the which key ID's have signed it
            long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile);            
            for (int i=0; i<signingKeyIds.length; i++) {
                System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i]));
            }
 
            // We can now call one of the pgp.verify methods to extract the data            
        } // check is this a key encrypted archive 
        else if (inspect.isPublicKeyEncrypted(openpgpFile)) {
            // inspect the which key ID's have encrypted it
            long[] encryptionKeyIds = inspect.listEncryptionKeyIds(openpgpFile);
            for (int i=0; i<encryptionKeyIds.length; i++) {                 
              System.out.println("Encrypted with Key ID : " + KeyPairInformation.keyId2Hex(encryptionKeyIds[i]));
            }
 
            String privateKeyFileName = "examples/DataFiles/private.key";             
            String privateKeyPassword = "changeit";                          
            // inspect the which key ID's have signed it             
            long[] signingKeyIds = inspect.listSigningKeyIds(openpgpFile, privateKeyFileName, privateKeyPassword);                     
            if (signingKeyIds.length > 0) {
                // this is a signed and encrypted archive
                for (int i=0; i<signingKeyIds.length; i++) {
                    System.out.println("Signed with Key ID : " + KeyPairInformation.keyId2Hex(signingKeyIds[i]));
                }                
                // We can call one of the pgp.decryptAndVerify methods to extract the data 
            } else {
             // this is an encrypted only archive
             // We can call one of the pgp.decrypt methods to extract the data
            }
        } // check is this a password encrypted (PBE) archive
        else if (inspect.isPBEEncrypted(openpgpFile)) {
            // We can call pgp.decryptFilePBE to extract the data
        } else {
            // other unknown OpenPGP archive
            // we must probably log an error 
        }        
    }
}

Summary

This chapter is a quick introduction how to examine an arbitrary OpenPGP archive. It uses the methods of the com.didisoft.pgp.PGPInspectLib class.