mirror of
https://codeberg.org/PGPainless/cert-d-java.git
synced 2025-12-05 12:51:11 +01:00
Compare commits
8 commits
| Author | SHA1 | Date | |
|---|---|---|---|
3782eb438c
|
|||
|
b9083c4394
|
|||
|
b471b7cc8d
|
|||
|
9d85141f32
|
|||
|
b4683292f8
|
|||
|
10881662a9
|
|||
|
eaa4e669f8
|
|||
|
4079eaa5a4
|
9 changed files with 45 additions and 18 deletions
|
|
@ -5,7 +5,11 @@ SPDX-License-Identifier: CC0-1.0
|
||||||
|
|
||||||
# Cert-D-Java Changelog
|
# Cert-D-Java Changelog
|
||||||
|
|
||||||
## 0.2.3-SNAPSHOT
|
## 0.2.4-SNAPSHOT
|
||||||
|
- Add constructor parameters to `BadDataException`
|
||||||
|
- Add support for OpenPGP v6 fingerprints
|
||||||
|
|
||||||
|
## 0.2.3
|
||||||
- Bump Bouncy Castle to `1.82` and switch to `jdk18on`-variants
|
- Bump Bouncy Castle to `1.82` and switch to `jdk18on`-variants
|
||||||
- Upgrade build system
|
- Upgrade build system
|
||||||
- Bump gradle to `8.8`
|
- Bump gradle to `8.8`
|
||||||
|
|
|
||||||
|
|
@ -31,6 +31,7 @@ public class PGPCertificateDirectory
|
||||||
final Backend backend;
|
final Backend backend;
|
||||||
final SubkeyLookup subkeyLookup;
|
final SubkeyLookup subkeyLookup;
|
||||||
private final Pattern openPgpV4FingerprintPattern = Pattern.compile("^[a-f0-9]{40}$");
|
private final Pattern openPgpV4FingerprintPattern = Pattern.compile("^[a-f0-9]{40}$");
|
||||||
|
private final Pattern openPgpV6FingerprintPattern = Pattern.compile("^[a-f0-9]{64}$");
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor for a PGP certificate directory.
|
* Constructor for a PGP certificate directory.
|
||||||
|
|
@ -45,12 +46,13 @@ public class PGPCertificateDirectory
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Certificate getByFingerprint(String fingerprint) throws BadDataException, BadNameException, IOException {
|
public Certificate getByFingerprint(String fingerprint) throws BadDataException, BadNameException, IOException {
|
||||||
if (!openPgpV4FingerprintPattern.matcher(fingerprint).matches()) {
|
if (!openPgpV4FingerprintPattern.matcher(fingerprint).matches() &&
|
||||||
throw new BadNameException();
|
!openPgpV6FingerprintPattern.matcher(fingerprint).matches()) {
|
||||||
|
throw new BadNameException("Queried fingerprint '" + fingerprint + "' does neither match OpenPGP v4 nor OpenPGP v6 format.");
|
||||||
}
|
}
|
||||||
Certificate certificate = backend.readByFingerprint(fingerprint);
|
Certificate certificate = backend.readByFingerprint(fingerprint);
|
||||||
if (certificate == null) {
|
if (certificate == null) {
|
||||||
throw new NoSuchElementException();
|
throw new NoSuchElementException("No certificate with fingerprint '" + fingerprint + "' found.");
|
||||||
}
|
}
|
||||||
return certificate;
|
return certificate;
|
||||||
}
|
}
|
||||||
|
|
@ -72,7 +74,7 @@ public class PGPCertificateDirectory
|
||||||
if (keyMaterial != null) {
|
if (keyMaterial != null) {
|
||||||
return keyMaterial.asCertificate();
|
return keyMaterial.asCertificate();
|
||||||
}
|
}
|
||||||
throw new NoSuchElementException();
|
throw new NoSuchElementException("No certificate with special name '" + specialName + "' found.");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -129,7 +131,7 @@ public class PGPCertificateDirectory
|
||||||
try {
|
try {
|
||||||
KeyMaterial keyMaterial = backend.readBySpecialName(SpecialNames.TRUST_ROOT);
|
KeyMaterial keyMaterial = backend.readBySpecialName(SpecialNames.TRUST_ROOT);
|
||||||
if (keyMaterial == null) {
|
if (keyMaterial == null) {
|
||||||
throw new NoSuchElementException();
|
throw new NoSuchElementException("No trust-root found.");
|
||||||
}
|
}
|
||||||
return keyMaterial;
|
return keyMaterial;
|
||||||
} catch (BadNameException e) {
|
} catch (BadNameException e) {
|
||||||
|
|
|
||||||
|
|
@ -181,7 +181,9 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
Certificate certificate = reader.read(bufferedIn, tag).asCertificate();
|
Certificate certificate = reader.read(bufferedIn, tag).asCertificate();
|
||||||
if (!certificate.getFingerprint().equals(fingerprint)) {
|
if (!certificate.getFingerprint().equals(fingerprint)) {
|
||||||
// TODO: Figure out more suitable exception
|
// TODO: Figure out more suitable exception
|
||||||
throw new BadDataException();
|
throw new BadDataException("Identified certificate fingerprint does not match queried fingerprint:\n" +
|
||||||
|
"found: " + certificate.getFingerprint() + "\n" +
|
||||||
|
"query: " + fingerprint);
|
||||||
}
|
}
|
||||||
|
|
||||||
return certificate;
|
return certificate;
|
||||||
|
|
@ -242,7 +244,9 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
long tag = getTag(certFile);
|
long tag = getTag(certFile);
|
||||||
Certificate certificate = reader.read(new FileInputStream(certFile), tag).asCertificate();
|
Certificate certificate = reader.read(new FileInputStream(certFile), tag).asCertificate();
|
||||||
if (!(subdirectory.getName() + certFile.getName()).equals(certificate.getFingerprint())) {
|
if (!(subdirectory.getName() + certFile.getName()).equals(certificate.getFingerprint())) {
|
||||||
throw new BadDataException();
|
throw new BadDataException("Certificate fingerprint does not match file location+name.\n" +
|
||||||
|
"Fingerprint: " + certificate.getFingerprint() + "\n" +
|
||||||
|
"Location+name: " + subdirectory.getName() + certFile.getName());
|
||||||
}
|
}
|
||||||
return certificate;
|
return certificate;
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
|
|
@ -279,7 +283,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
existingCertificate = readBySpecialName(SpecialNames.TRUST_ROOT);
|
existingCertificate = readBySpecialName(SpecialNames.TRUST_ROOT);
|
||||||
certFile = resolver.getCertFileBySpecialName(SpecialNames.TRUST_ROOT);
|
certFile = resolver.getCertFileBySpecialName(SpecialNames.TRUST_ROOT);
|
||||||
} catch (BadNameException e) {
|
} catch (BadNameException e) {
|
||||||
throw new BadDataException();
|
throw new BadDataException("Unknown special name '" + SpecialNames.TRUST_ROOT + "'");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (existingCertificate != null) {
|
if (existingCertificate != null) {
|
||||||
|
|
@ -304,7 +308,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
existingCertificate = readByFingerprint(newCertificate.getFingerprint());
|
existingCertificate = readByFingerprint(newCertificate.getFingerprint());
|
||||||
certFile = resolver.getCertFileByFingerprint(newCertificate.getFingerprint());
|
certFile = resolver.getCertFileByFingerprint(newCertificate.getFingerprint());
|
||||||
} catch (BadNameException e) {
|
} catch (BadNameException e) {
|
||||||
throw new BadDataException();
|
throw new BadDataException("Malformed key fingerprint: " + newCertificate.getFingerprint());
|
||||||
}
|
}
|
||||||
|
|
||||||
if (existingCertificate != null) {
|
if (existingCertificate != null) {
|
||||||
|
|
@ -324,7 +328,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
existingCertificate = readBySpecialName(specialName);
|
existingCertificate = readBySpecialName(specialName);
|
||||||
certFile = resolver.getCertFileBySpecialName(specialName);
|
certFile = resolver.getCertFileBySpecialName(specialName);
|
||||||
} catch (BadNameException e) {
|
} catch (BadNameException e) {
|
||||||
throw new BadDataException();
|
throw new BadDataException("Unknown special name '" + specialName + "'");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (existingCertificate != null) {
|
if (existingCertificate != null) {
|
||||||
|
|
@ -349,7 +353,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
|
|
||||||
private Long getTag(File file) throws IOException {
|
private Long getTag(File file) throws IOException {
|
||||||
if (!file.exists()) {
|
if (!file.exists()) {
|
||||||
throw new NoSuchElementException();
|
throw new NoSuchElementException("File '" + file.getAbsolutePath() + "' does not exist.");
|
||||||
}
|
}
|
||||||
Path path = file.toPath();
|
Path path = file.toPath();
|
||||||
BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class);
|
BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class);
|
||||||
|
|
@ -409,7 +413,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec
|
||||||
*/
|
*/
|
||||||
public File getCertFileByFingerprint(String fingerprint) throws BadNameException {
|
public File getCertFileByFingerprint(String fingerprint) throws BadNameException {
|
||||||
if (!isFingerprint(fingerprint)) {
|
if (!isFingerprint(fingerprint)) {
|
||||||
throw new BadNameException();
|
throw new BadNameException("Malformed query fingerprint '" + fingerprint + "'");
|
||||||
}
|
}
|
||||||
|
|
||||||
// is fingerprint
|
// is fingerprint
|
||||||
|
|
|
||||||
|
|
@ -43,7 +43,7 @@ public class TestKeyMaterialReaderBackend implements KeyMaterialReaderBackend {
|
||||||
try {
|
try {
|
||||||
return readCertificate(new ByteArrayInputStream(out.toByteArray()), tag);
|
return readCertificate(new ByteArrayInputStream(out.toByteArray()), tag);
|
||||||
} catch (IOException e1) {
|
} catch (IOException e1) {
|
||||||
throw new BadDataException();
|
throw new BadDataException("Cannot read certificate", e1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -11,8 +11,7 @@ import java.util.Set;
|
||||||
public interface KeyMaterial {
|
public interface KeyMaterial {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the fingerprint of the certificate as 40 lowercase hex characters.
|
* Return the fingerprint of the certificate as lowercase hex characters.
|
||||||
* TODO: Allow OpenPGP V5 fingerprints
|
|
||||||
*
|
*
|
||||||
* @return fingerprint
|
* @return fingerprint
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
|
|
@ -9,4 +9,20 @@ package pgp.certificate_store.exception;
|
||||||
*/
|
*/
|
||||||
public class BadDataException extends Exception {
|
public class BadDataException extends Exception {
|
||||||
|
|
||||||
|
@Deprecated // pass cause and/or message
|
||||||
|
public BadDataException() {
|
||||||
|
super();
|
||||||
|
}
|
||||||
|
|
||||||
|
public BadDataException(Throwable cause) {
|
||||||
|
super(cause);
|
||||||
|
}
|
||||||
|
|
||||||
|
public BadDataException(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
}
|
||||||
|
|
||||||
|
public BadDataException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ package pgp.certificate_store.exception;
|
||||||
*/
|
*/
|
||||||
public class BadNameException extends Exception {
|
public class BadNameException extends Exception {
|
||||||
|
|
||||||
|
@Deprecated // pass message
|
||||||
public BadNameException() {
|
public BadNameException() {
|
||||||
super();
|
super();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ package pgp.certificate_store.exception;
|
||||||
*/
|
*/
|
||||||
public class NotAStoreException extends Exception {
|
public class NotAStoreException extends Exception {
|
||||||
|
|
||||||
|
@Deprecated // pass message
|
||||||
public NotAStoreException() {
|
public NotAStoreException() {
|
||||||
super();
|
super();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,8 +4,8 @@
|
||||||
|
|
||||||
allprojects {
|
allprojects {
|
||||||
ext {
|
ext {
|
||||||
shortVersion = '0.2.3'
|
shortVersion = '0.2.4'
|
||||||
isSnapshot = false
|
isSnapshot = true
|
||||||
javaSourceCompatibility = 11
|
javaSourceCompatibility = 11
|
||||||
bouncycastleVersion = '1.82'
|
bouncycastleVersion = '1.82'
|
||||||
bouncyPgVersion = "$bouncycastleVersion"
|
bouncyPgVersion = "$bouncycastleVersion"
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue