diff --git a/CHANGELOG.md b/CHANGELOG.md index d4705c5..9e9e351 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,11 @@ SPDX-License-Identifier: CC0-1.0 # Cert-D-Java Changelog -## 0.2.3-SNAPSHOT +## 0.2.4-SNAPSHOT +- Add constructor parameters to `BadDataException` +- Add support for OpenPGP v6 fingerprints + +## 0.2.3 - Bump Bouncy Castle to `1.82` and switch to `jdk18on`-variants - Upgrade build system - Bump gradle to `8.8` diff --git a/pgp-cert-d-java/src/main/java/pgp/cert_d/PGPCertificateDirectory.java b/pgp-cert-d-java/src/main/java/pgp/cert_d/PGPCertificateDirectory.java index 87d2512..dfcdd8a 100644 --- a/pgp-cert-d-java/src/main/java/pgp/cert_d/PGPCertificateDirectory.java +++ b/pgp-cert-d-java/src/main/java/pgp/cert_d/PGPCertificateDirectory.java @@ -31,6 +31,7 @@ public class PGPCertificateDirectory final Backend backend; final SubkeyLookup subkeyLookup; private final Pattern openPgpV4FingerprintPattern = Pattern.compile("^[a-f0-9]{40}$"); + private final Pattern openPgpV6FingerprintPattern = Pattern.compile("^[a-f0-9]{64}$"); /** * Constructor for a PGP certificate directory. @@ -45,12 +46,13 @@ public class PGPCertificateDirectory @Override public Certificate getByFingerprint(String fingerprint) throws BadDataException, BadNameException, IOException { - if (!openPgpV4FingerprintPattern.matcher(fingerprint).matches()) { - throw new BadNameException(); + if (!openPgpV4FingerprintPattern.matcher(fingerprint).matches() && + !openPgpV6FingerprintPattern.matcher(fingerprint).matches()) { + throw new BadNameException("Queried fingerprint '" + fingerprint + "' does neither match OpenPGP v4 nor OpenPGP v6 format."); } Certificate certificate = backend.readByFingerprint(fingerprint); if (certificate == null) { - throw new NoSuchElementException(); + throw new NoSuchElementException("No certificate with fingerprint '" + fingerprint + "' found."); } return certificate; } @@ -72,7 +74,7 @@ public class PGPCertificateDirectory if (keyMaterial != null) { return keyMaterial.asCertificate(); } - throw new NoSuchElementException(); + throw new NoSuchElementException("No certificate with special name '" + specialName + "' found."); } @Override @@ -129,7 +131,7 @@ public class PGPCertificateDirectory try { KeyMaterial keyMaterial = backend.readBySpecialName(SpecialNames.TRUST_ROOT); if (keyMaterial == null) { - throw new NoSuchElementException(); + throw new NoSuchElementException("No trust-root found."); } return keyMaterial; } catch (BadNameException e) { diff --git a/pgp-cert-d-java/src/main/java/pgp/cert_d/backend/FileBasedCertificateDirectoryBackend.java b/pgp-cert-d-java/src/main/java/pgp/cert_d/backend/FileBasedCertificateDirectoryBackend.java index 08ac356..affc5b8 100644 --- a/pgp-cert-d-java/src/main/java/pgp/cert_d/backend/FileBasedCertificateDirectoryBackend.java +++ b/pgp-cert-d-java/src/main/java/pgp/cert_d/backend/FileBasedCertificateDirectoryBackend.java @@ -181,7 +181,9 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec Certificate certificate = reader.read(bufferedIn, tag).asCertificate(); if (!certificate.getFingerprint().equals(fingerprint)) { // TODO: Figure out more suitable exception - throw new BadDataException(); + throw new BadDataException("Identified certificate fingerprint does not match queried fingerprint:\n" + + "found: " + certificate.getFingerprint() + "\n" + + "query: " + fingerprint); } return certificate; @@ -242,7 +244,9 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec long tag = getTag(certFile); Certificate certificate = reader.read(new FileInputStream(certFile), tag).asCertificate(); if (!(subdirectory.getName() + certFile.getName()).equals(certificate.getFingerprint())) { - throw new BadDataException(); + throw new BadDataException("Certificate fingerprint does not match file location+name.\n" + + "Fingerprint: " + certificate.getFingerprint() + "\n" + + "Location+name: " + subdirectory.getName() + certFile.getName()); } return certificate; } catch (IOException e) { @@ -279,7 +283,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec existingCertificate = readBySpecialName(SpecialNames.TRUST_ROOT); certFile = resolver.getCertFileBySpecialName(SpecialNames.TRUST_ROOT); } catch (BadNameException e) { - throw new BadDataException(); + throw new BadDataException("Unknown special name '" + SpecialNames.TRUST_ROOT + "'"); } if (existingCertificate != null) { @@ -304,7 +308,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec existingCertificate = readByFingerprint(newCertificate.getFingerprint()); certFile = resolver.getCertFileByFingerprint(newCertificate.getFingerprint()); } catch (BadNameException e) { - throw new BadDataException(); + throw new BadDataException("Malformed key fingerprint: " + newCertificate.getFingerprint()); } if (existingCertificate != null) { @@ -324,7 +328,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec existingCertificate = readBySpecialName(specialName); certFile = resolver.getCertFileBySpecialName(specialName); } catch (BadNameException e) { - throw new BadDataException(); + throw new BadDataException("Unknown special name '" + specialName + "'"); } if (existingCertificate != null) { @@ -349,7 +353,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec private Long getTag(File file) throws IOException { if (!file.exists()) { - throw new NoSuchElementException(); + throw new NoSuchElementException("File '" + file.getAbsolutePath() + "' does not exist."); } Path path = file.toPath(); BasicFileAttributes attrs = Files.readAttributes(path, BasicFileAttributes.class); @@ -409,7 +413,7 @@ public class FileBasedCertificateDirectoryBackend implements PGPCertificateDirec */ public File getCertFileByFingerprint(String fingerprint) throws BadNameException { if (!isFingerprint(fingerprint)) { - throw new BadNameException(); + throw new BadNameException("Malformed query fingerprint '" + fingerprint + "'"); } // is fingerprint diff --git a/pgp-cert-d-java/src/test/java/pgp/cert_d/dummy/TestKeyMaterialReaderBackend.java b/pgp-cert-d-java/src/test/java/pgp/cert_d/dummy/TestKeyMaterialReaderBackend.java index 2ef392d..68f6cd8 100644 --- a/pgp-cert-d-java/src/test/java/pgp/cert_d/dummy/TestKeyMaterialReaderBackend.java +++ b/pgp-cert-d-java/src/test/java/pgp/cert_d/dummy/TestKeyMaterialReaderBackend.java @@ -43,7 +43,7 @@ public class TestKeyMaterialReaderBackend implements KeyMaterialReaderBackend { try { return readCertificate(new ByteArrayInputStream(out.toByteArray()), tag); } catch (IOException e1) { - throw new BadDataException(); + throw new BadDataException("Cannot read certificate", e1); } } } diff --git a/pgp-certificate-store/src/main/java/pgp/certificate_store/certificate/KeyMaterial.java b/pgp-certificate-store/src/main/java/pgp/certificate_store/certificate/KeyMaterial.java index 1438b47..782aee6 100644 --- a/pgp-certificate-store/src/main/java/pgp/certificate_store/certificate/KeyMaterial.java +++ b/pgp-certificate-store/src/main/java/pgp/certificate_store/certificate/KeyMaterial.java @@ -11,8 +11,7 @@ import java.util.Set; public interface KeyMaterial { /** - * Return the fingerprint of the certificate as 40 lowercase hex characters. - * TODO: Allow OpenPGP V5 fingerprints + * Return the fingerprint of the certificate as lowercase hex characters. * * @return fingerprint */ diff --git a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadDataException.java b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadDataException.java index 3bb7019..87a1af6 100644 --- a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadDataException.java +++ b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadDataException.java @@ -9,4 +9,20 @@ package pgp.certificate_store.exception; */ public class BadDataException extends Exception { + @Deprecated // pass cause and/or message + public BadDataException() { + super(); + } + + public BadDataException(Throwable cause) { + super(cause); + } + + public BadDataException(String message, Throwable cause) { + super(message, cause); + } + + public BadDataException(String message) { + super(message); + } } diff --git a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadNameException.java b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadNameException.java index 957126e..e028739 100644 --- a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadNameException.java +++ b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/BadNameException.java @@ -9,6 +9,7 @@ package pgp.certificate_store.exception; */ public class BadNameException extends Exception { + @Deprecated // pass message public BadNameException() { super(); } diff --git a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/NotAStoreException.java b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/NotAStoreException.java index a19aa9c..401b757 100644 --- a/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/NotAStoreException.java +++ b/pgp-certificate-store/src/main/java/pgp/certificate_store/exception/NotAStoreException.java @@ -9,6 +9,7 @@ package pgp.certificate_store.exception; */ public class NotAStoreException extends Exception { + @Deprecated // pass message public NotAStoreException() { super(); } diff --git a/version.gradle b/version.gradle index 98e8f08..0f736ed 100644 --- a/version.gradle +++ b/version.gradle @@ -4,8 +4,8 @@ allprojects { ext { - shortVersion = '0.2.3' - isSnapshot = false + shortVersion = '0.2.4' + isSnapshot = true javaSourceCompatibility = 11 bouncycastleVersion = '1.82' bouncyPgVersion = "$bouncycastleVersion"