2

I'm trying to PGP encrypt a message using Mule, but I'm getting a "publicKey should not be null" error.

I replaced local_policy.jar and US_export_policy.jar here: C:\Program Files\Java\jdk1.7.0_45\jre\lib\security

In my Library I have: bcpg-jdk15on-150.jar. I also added local_policy.jar (not sure I need it but I tried with and without and got the same error).

I'm running MuleStudio 3.5 and the CE-3.4 runtime.

<?xml version="1.0" encoding="UTF-8"?>

<mule xmlns:json="http://www.mulesoft.org/schema/mule/json" xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns:pgp="http://www.mulesoft.org/schema/mule/pgp" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:jms="http://www.mulesoft.org/schema/mule/jms" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans" version="CE-3.4.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core     http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/jms     http://www.mulesoft.org/schema/mule/jms/current/mule-jms.xsd
http://www.mulesoft.org/schema/mule/pgp     http://www.mulesoft.org/schema/mule/pgp/current/mule-pgp.xsd
http://www.mulesoft.org/schema/mule/json http://www.mulesoft.org/schema/mule/json/current/mule-json.xsd
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd">
<jms:activemq-connector name="Active_MQ" specification="1.1" username="removed" password="removed" brokerURL="tcp://127.0.0.1:61613" validateConnections="true" doc:name="Active MQ"/>
<spring:beans>
    <spring:bean id="pgpKeyManager" class="org.mule.module.pgp.PGPKeyRingImpl" init-method="initialise">
        <spring:property name="publicKeyRingFileName" value="pubring.gpg"/>
        <spring:property name="secretKeyRingFileName" value="secring.gpg"/>
        <spring:property name="secretAliasId" value="-2461745123444227218"/>
        <spring:property name="secretPassphrase" value="removed"/>
    </spring:bean>
    <spring:bean id="credentialAccessor" class="org.mule.security.MuleHeaderCredentialsAccessor"/>
</spring:beans>

<pgp:security-manager>
    <pgp:security-provider name="pgpSecurityProvider" keyManager-ref="pgpKeyManager" />
    <pgp:keybased-encryption-strategy name="keyBasedEncryptionStrategy" keyManager-ref="pgpKeyManager" credentialsAccessor-ref="credentialAccessor" />
</pgp:security-manager>

<flow name="activemq_password_encryptionFlow1" doc:name="activemq_password_encryptionFlow1">
    <http:inbound-endpoint exchange-pattern="request-response" host="localhost" port="8082" doc:name="HTTP"/>
    <encrypt-transformer strategy-ref="keyBasedEncryptionStrategy" />
    <jms:outbound-endpoint queue="test" connector-ref="Active_MQ" doc:name="JMS"/>
    <echo-component doc:name="Echo"/>
</flow>

Here's the error:

INFO  2014-03-10 14:44:04,480 [[activemq_password_encryption].connector.http.mule.default.receiver.02] org.mule.component.simple.LogComponent: 
********************************************************************************
* Message received in service: activemq_password_encryptionFlow1. Content is:  *
* '/helloworld2'                                                               *
********************************************************************************
ERROR 2014-03-10 14:44:04,489 [[activemq_password_encryption].connector.http.mule.default.receiver.02] org.mule.exception.DefaultMessagingExceptionStrategy: 
********************************************************************************
Message               : Crypto Failure
Code                  : MULE_ERROR-111
--------------------------------------------------------------------------------
Exception stack is:
1. The publicKey should not be null (java.lang.IllegalArgumentException)
  org.apache.commons.lang.Validate:203 (null)
2. Crypto Failure (org.mule.api.security.CryptoFailureException)
  org.mule.module.pgp.KeyBasedEncryptionStrategy:65 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/security/CryptoFailureException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
java.lang.IllegalArgumentException: The publicKey should not be null
    at org.apache.commons.lang.Validate.notNull(Validate.java:203)
    at org.mule.module.pgp.EncryptStreamTransformer.<init>(EncryptStreamTransformer.java:46)
    at org.mule.module.pgp.KeyBasedEncryptionStrategy.encrypt(KeyBasedEncryptionStrategy.java:60)
    + 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
Benjamin Bryan
  • 351
  • 1
  • 8
  • 21
  • Where are `pubring.gpg` and `secring.gpg` located? – David Dossot Mar 10 '14 at 22:09
  • 1
    They are in C:\Users\bbryan\AppData\Roaming\gnupg, but I did import them into the root directory of the project. I'm pretty sure it's picking up the files because the only way I knew to try "-2461745123444227218" was by it suggesting that in the error when I put something else as the secretAliasId. BTW, I'm actually trying this as a result of reading chapter 10 in your book. – Benjamin Bryan Mar 10 '14 at 22:16
  • Alright :) As you see, we're placing the gpg files in `src/main/resources`, i.e. at the root of the classpath. Not sure placing it at the root of the project will work. – David Dossot Mar 10 '14 at 22:34
  • 1
    Thanks, I moved them to src/main/resources but I'm still getting the same error. Just to make sure it's picking up the files I temporarily removed them from the project and got a different error: "Failed to create PGPKeyRingImpl" so I'm pretty sure Mule is picking up the files. – Benjamin Bryan Mar 10 '14 at 22:46
  • Did you ever resolve this? I'm seeing similar issues. – codeLes Sep 10 '14 at 19:12
  • No, I never did get this resolved. – Benjamin Bryan Sep 10 '14 at 22:27

2 Answers2

0

The exception occurs since you are using MuleHeaderCredentialsAccessor and have not set the header MULE_USER or it is set to a value that does not match any uid in the keyring.

Either you have to set this header (inbound property) or implement your own CredentialsAccessor that returns the correct credentials.

You can find the code for MuleHeaderCredentialsAccessor and on this page there is a simple example CredentialsAccessor that returns hard coded credential.

Pontus Ullgren
  • 697
  • 6
  • 24
0

i got it resolved. please check the credentialAccessor's credentials value and pgp set of keys got imported. easy way is to debug the org.mule.module.pgp.KeyBasedEncryptionStrategy on method private PGPCryptInfo safeGetCryptInfo(Object cryptInfo) line PGPPublicKey publicKey = keyManager.getPublicKey((String) this.getCredentialsAccessor().getCredentials(event)); will give you the keys and their credentials from both flow and keys that you imported as well.

Sharaf Navas
  • 53
  • 1
  • 6