Inspect pgp data in Java -Examples with OpenPGP Library for Java

When two organizations start to exchange OpenPGP encrypted data, they have usually settled an upfront agreement about how the data will be packaged. But there may also be cases when we receive arbitrary OpenPGP archives.

In this chapter, we will discuss how to create an inspection strategy for arbitrary OpenPGP data and what actions to take in each of the known cases. We will also illustrate how to check the contents of an OpenPGP archive without decrypting it.

Table of contents

1. Analyzing OpenPGP data
2. Listing the contents of an OpenPGP archive

Analyzing OpenPGP data

In order to analyze an OpenPGP archive, we must use a special inspection class PGPInspectLib that is located in the com.didisoft.pgp.inspect package. This class provides functionality for listing the contents of an OpenPGP file, checking which Key ID’s have encrypted it, checking which Key ID’s have signed it, etc.

Here you can see a sample diagram of actions that we can use in order to investigate what kind of OpenPGP archive we are dealing with.

And the example source code in Java derived from the above diagram can be seen below:

import java.io.IOException;
import com.didisoft.pgp.*;
import com.didisoft.pgp.inspect.*;
 
public class AnalyzeOpenPGPFile {
 public static void main(String[] args) throws IOException, PGPException {
  // The OpenPGP file to analyzed
  String dataFileName = args[0];
 
  // create an instance of the main library which we shall use for data extraction
  PGPLib pgp = new PGPLib();
 
  // create an instance of the inspection library 
  PGPInspectLib inspect = new PGPInspectLib();
 
  // check is this a signed only archive
  if (inspect.isSignedOnly(dataFileName)) {
	// inspect the which key ID's have signed it
	long[] signingKeyIds = inspect.listSigningKeyIds(dataFileName);
 
	// We can now call one of the pgp.verify methods to extract the data            
  } // check is this a key encrypted archive 
  else if (inspect.isPublicKeyEncrypted(dataFileName)) {
	// inspect which key ID's have encrypted it
	long[] encryptionKeyIds = inspect.listEncryptionKeyIds(dataFileName);
 
	String privateKeyFileName = "my_private_key.asc";
	String privateKeyPassword = "my private key password";
 
	 // inspect the which key ID's have signed it
	long[] signingKeyIds = inspect.listSigningKeyIds(dataFileName, 
                                                         privateKeyFileName, 
                                                         privateKeyPassword);
	if (signingKeyIds.length == 0) {
	 // this is an encrypted only archive
	 // We can call one of the pgp.decrypt methods to extract the data
	} else {
	 // this is a signed and encrypted archive
	 // We can call one of the pgp.decryptAndVerify methods to extract the data 
	}
  } // check is this a password encrypted (PBE) archive
  else if (inspect.isPBEEncrypted(dataFileName)) {
	// We can call pgp.decryptFilePBE to extract the data
  } else {
	// other unknown OpenPGP archive
	// we must probably log an error 
  }        
 }
}

Listing the contents of an OpenPGP archive

The library API allows to list the contents of an OpenPGP archive prior decrypting it. The example below illustrates how can this be achieved.

import com.didisoft.pgp.inspect.*;
 
public class PGPInspect {
 public static void main(String a[]) throws Exception {
  PGPInspectLib inspectLib = new PGPInspectLib();
 
  String privateKey = "C:\\Projects\\PGPKeys\\private.key";
  String privateKeyPassword = "changeit";
  String encryptedFile = "C:\\Projects\\PGPKeys\\Output\\output.pgp";
 
  ContentItem[] files = inspectLib.listOpenPGPFile(encryptedFile, privateKey, privateKeyPassword);
  for (int i=0; i &lt; files.length; i++) {
	System.out.print(files[i].getFileName());
	System.out.print(files[i].isDirectory() ? " [DIR] " : "     ");
	System.out.println(files[i].getModificationDate());
  }
 }
}

Summary

In this chapter we have discussed how to analyze an arbitrary OpenPGP archive and how to list its contents. This can be very useful in cases when we want to handle arbitrary OpenPGP data.

List of methods used:

PGPInspectLib.listOpenPGPFile	Lists the contents of an OpenPGP archive
PGPInspectLib.listOpenPGPStream	Lists the contents of an OpenPGP stream
PGPInspectLib.isSignedOnly	Checks is an OpenPGP archive clear signed or signed only
PGPInspectLib.isPublicKeyEncrypted	Checks is an OpenPGP archive private key encrypted
PGPInspectLib.isPBEEncrypted	Checks is an OpenPGP archive password encrypted
PGPInspectLib.listSigningKeyIds	Returns a list of the Key ID’s that have signed an OpenPGP archive
PGPInspectLib.listEncryptionKeyIds	Returns a list of the Key ID’s that have encrypted an OpenPGP archive

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Inspect pgp data in Java

Analyzing OpenPGP data

Listing the contents of an OpenPGP archive

Summary

Contact Us

Announcements

Subscribe for Updates