Inspect pgp data in Java

When two organizations start to exchange OpenPGP encrypted data, they have usually settled an upfront agreement how the data will be packaged.

But there may be cases when we receive OpenPGP archives that we know nothing about. In this chapter we will discuss how to create an inspection strategy for arbitrary OpenPGP data and what actions to take in each of the known cases.

We will also illustrate how to check the contents of an OpenPGP archive without decrypting it.

Table of contents

1. Analyzing OpenPGP data
2. Listing the contents of an OpenPGP archive

Analyzing OpenPGP data

In order to analyze an OpenPGP archive, we must use a special inspection class PGPInspectLib that is located in the com.didisoft.pgp.inspect package. This class provides functionality for listing the contents of an OpenPGP file, checking which Key ID’s have encrypted it, checking which Key ID’s have signed it, etc.

Here you can see a sample diagram of actions that we can use in order to investigate what kind of OpenPGP archive we are dealing with.

Algorithm for analyzing an OpenPGP archive

And the example source code in Java derived from the above diagram can be seen below:

import java.io.IOException;
import com.didisoft.pgp.*;
import com.didisoft.pgp.inspect.*;
 
public class AnalyzeOpenPGPFile {
 public static void main(String[] args) throws IOException, PGPException {
  // The OpenPGP file to analyzed
  String dataFileName = args[0];
 
  // create an instance of the main library which we shall use for data extraction
  PGPLib pgp = new PGPLib();
 
  // create an instance of the inspection library 
  PGPInspectLib inspect = new PGPInspectLib();
 
  // check is this a signed only archive
  if (inspect.isSignedOnly(dataFileName)) {
	// inspect the which key ID's have signed it
	long[] signingKeyIds = inspect.listSigningKeyIds(dataFileName);
 
	// We can now call one of the pgp.verify methods to extract the data            
  } // check is this a key encrypted archive 
  else if (inspect.isPublicKeyEncrypted(dataFileName)) {
	// inspect which key ID's have encrypted it
	long[] encryptionKeyIds = inspect.listEncryptionKeyIds(dataFileName);
 
	String privateKeyFileName = "my_private_key.asc";
	String privateKeyPassword = "my private key password";
 
	 // inspect the which key ID's have signed it
	long[] signingKeyIds = inspect.listSigningKeyIds(dataFileName, 
                                                         privateKeyFileName, 
                                                         privateKeyPassword);
	if (signingKeyIds.length == 0) {
	 // this is an encrypted only archive
	 // We can call one of the pgp.decrypt methods to extract the data
	} else {
	 // this is a signed and encrypted archive
	 // We can call one of the pgp.decryptAndVerify methods to extract the data 
	}
  } // check is this a password encrypted (PBE) archive
  else if (inspect.isPBEEncrypted(dataFileName)) {
	// We can call pgp.decryptFilePBE to extract the data
  } else {
	// other unknown OpenPGP archive
	// we must probably log an error 
  }        
 }
}

Back to Top

Listing the contents of an OpenPGP archive

The library API allows to list the contents of an OpenPGP archive prior decrypting it. The example below illustrates how can this be achieved.

import com.didisoft.pgp.inspect.*;
 
public class PGPInspect {
 public static void main(String a[]) throws Exception {
  PGPInspectLib inspectLib = new PGPInspectLib();
 
  String privateKey = "C:\\Projects\\PGPKeys\\private.key";
  String privateKeyPassword = "changeit";
  String encryptedFile = "C:\\Projects\\PGPKeys\\Output\\output.pgp";
 
  ContentItem[] files = inspectLib.listOpenPGPFile(encryptedFile, privateKey, privateKeyPassword);
  for (int i=0; i < files.length; i++) {
	System.out.print(files[i].getFileName());
	System.out.print(files[i].isDirectory() ? " [DIR] " : "     ");
	System.out.println(files[i].getModificationDate());
  }
 }
}

Back to Top

Summary

In this chapter we have discussed how to analyze an arbitrary OpenPGP archive and how to list its contents. This can be very useful in cases when we want to handle arbitrary OpenPGP data.

List of methods used:

PGPInspectLib.listOpenPGPFile Lists the contents of an OpenPGP archive
PGPInspectLib.listOpenPGPStream Lists the contents of an OpenPGP stream
PGPInspectLib.isSignedOnly Checks is an OpenPGP archive clear signed or signed only
PGPInspectLib.isPublicKeyEncrypted Checks is an OpenPGP archive private key encrypted
PGPInspectLib.isPBEEncrypted Checks is an OpenPGP archive password encrypted
PGPInspectLib.listSigningKeyIds Returns a list of the Key ID’s that have signed an OpenPGP archive
PGPInspectLib.listEncryptionKeyIds Returns a list of the Key ID’s that have encrypted an OpenPGP archive