mirror of
https://codeberg.org/PGPainless/cert-d-pgpainless.git
synced 2025-12-05 04:41:09 +01:00
Bump PGPainless to 2.0.0, cert-d-java to 0.2.3
This commit is contained in:
parent
7a0b79254d
commit
3cbd2a9317
GPG key ID:
62BEE9264BF17311
11 changed files with 223 additions and 152 deletions
|
|
@ -4,11 +4,9 @@
|
|||
|
||||
package pgp.cert_d.cli.commands;
|
||||
|
||||
import org.bouncycastle.bcpg.ArmoredOutputStream;
|
||||
import org.bouncycastle.openpgp.PGPKeyRing;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
|
||||
import org.bouncycastle.util.io.Streams;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.util.ArmorUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import pgp.cert_d.SpecialNames;
|
||||
|
|
@ -54,10 +52,10 @@ public class Get implements Runnable {
|
|||
}
|
||||
|
||||
if (armor) {
|
||||
PGPKeyRing keyRing = PGPainless.readKeyRing().keyRing(record.getInputStream());
|
||||
ArmoredOutputStream armorOut = ArmorUtils.toAsciiArmoredStream(keyRing, System.out);
|
||||
Streams.pipeAll(record.getInputStream(), armorOut);
|
||||
armorOut.close();
|
||||
OpenPGPCertificate certOrKey = PGPainless.getInstance().readKey().parseCertificateOrKey(record.getInputStream());
|
||||
// CHECKSTYLE:OFF
|
||||
System.out.println(certOrKey.toAsciiArmoredString());
|
||||
// CHECKSTYLE:ON
|
||||
} else {
|
||||
Streams.pipeAll(record.getInputStream(), System.out);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,10 +4,8 @@
|
|||
|
||||
package pgp.cert_d.cli.commands;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
||||
import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPCertificate;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.key.OpenPgpFingerprint;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.pgpainless.certificate_store.MergeCallbacks;
|
||||
|
|
@ -28,19 +26,19 @@ public class Import implements Runnable {
|
|||
@Override
|
||||
public void run() {
|
||||
try {
|
||||
PGPPublicKeyRingCollection certificates = PGPainless.readKeyRing().publicKeyRingCollection(System.in);
|
||||
for (PGPPublicKeyRing cert : certificates) {
|
||||
ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded());
|
||||
java.util.List<OpenPGPCertificate> certsOrKeys = PGPainless.getInstance().readKey().parseKeysOrCertificates(System.in);
|
||||
for (OpenPGPCertificate toInsert : certsOrKeys) {
|
||||
try {
|
||||
Certificate certificate = PGPCertDCli.getCertificateDirectory()
|
||||
.insert(certIn, MergeCallbacks.mergeWithExisting());
|
||||
LOGGER.info(certificate.getFingerprint());
|
||||
Certificate inserted = PGPCertDCli.getCertificateDirectory().insert(
|
||||
new ByteArrayInputStream(toInsert.getEncoded()),
|
||||
MergeCallbacks.mergeWithExisting());
|
||||
LOGGER.info(inserted.getFingerprint());
|
||||
} catch (BadDataException e) {
|
||||
LOGGER.error("Certificate " + OpenPgpFingerprint.of(cert) + " contains bad data.", e);
|
||||
LOGGER.error("Certificate " + toInsert.getKeyIdentifier() + " contains bad data.", e);
|
||||
} catch (IOException e) {
|
||||
LOGGER.error("IO error importing certificate " + OpenPgpFingerprint.of(cert), e);
|
||||
LOGGER.error("IO error importing certificate " + toInsert.getKeyIdentifier(), e);
|
||||
} catch (InterruptedException e) {
|
||||
LOGGER.error("Thread interrupted while importing certificate " + OpenPgpFingerprint.of(cert), e);
|
||||
LOGGER.error("Thread interrupted while importing certificate " + toInsert.getKeyIdentifier(), e);
|
||||
System.exit(1);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,9 +4,10 @@
|
|||
|
||||
package pgp.cert_d.cli.commands;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.algorithm.KeyFlag;
|
||||
import org.pgpainless.algorithm.OpenPGPKeyVersion;
|
||||
import org.pgpainless.key.generation.KeyRingBuilder;
|
||||
import org.pgpainless.key.generation.KeySpec;
|
||||
import org.pgpainless.key.generation.type.KeyType;
|
||||
|
|
@ -46,7 +47,7 @@ public class Setup implements Runnable {
|
|||
|
||||
@Override
|
||||
public void run() {
|
||||
PGPSecretKeyRing trustRoot;
|
||||
OpenPGPKey trustRoot;
|
||||
if (exclusive == null) {
|
||||
trustRoot = generateTrustRoot(Passphrase.emptyPassphrase());
|
||||
} else {
|
||||
|
|
@ -76,9 +77,9 @@ public class Setup implements Runnable {
|
|||
}
|
||||
}
|
||||
|
||||
private PGPSecretKeyRing generateTrustRoot(Passphrase passphrase) {
|
||||
PGPSecretKeyRing trustRoot;
|
||||
KeyRingBuilder builder = PGPainless.buildKeyRing()
|
||||
private OpenPGPKey generateTrustRoot(Passphrase passphrase) {
|
||||
OpenPGPKey trustRoot;
|
||||
KeyRingBuilder builder = PGPainless.getInstance().buildKey(OpenPGPKeyVersion.v4)
|
||||
.addUserId("trust-root");
|
||||
if (passphrase != null) {
|
||||
builder.setPassphrase(passphrase);
|
||||
|
|
@ -88,9 +89,9 @@ public class Setup implements Runnable {
|
|||
return trustRoot;
|
||||
}
|
||||
|
||||
private PGPSecretKeyRing readTrustRoot(InputStream inputStream) {
|
||||
private OpenPGPKey readTrustRoot(InputStream inputStream) {
|
||||
try {
|
||||
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(inputStream);
|
||||
OpenPGPKey secretKeys = PGPainless.getInstance().readKey().parseKey(inputStream);
|
||||
if (secretKeys == null) {
|
||||
throw new BadDataException();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,16 +5,13 @@
|
|||
package pgp.cert_d.cli.commands;
|
||||
|
||||
import org.bouncycastle.openpgp.PGPException;
|
||||
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
||||
import org.bouncycastle.openpgp.api.OpenPGPKey;
|
||||
import org.junit.jupiter.api.AfterEach;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.pgpainless.PGPainless;
|
||||
import org.pgpainless.certificate_store.PGPainlessCertD;
|
||||
import org.pgpainless.key.OpenPgpFingerprint;
|
||||
import org.pgpainless.key.info.KeyInfo;
|
||||
import org.pgpainless.key.protection.UnlockSecretKey;
|
||||
import org.pgpainless.util.Passphrase;
|
||||
import pgp.cert_d.cli.InstantiateCLI;
|
||||
import pgp.cert_d.cli.PGPCertDCli;
|
||||
import pgp.certificate_store.certificate.Key;
|
||||
|
|
@ -24,12 +21,14 @@ import pgp.certificate_store.exception.BadDataException;
|
|||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.nio.charset.Charset;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.NoSuchElementException;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertInstanceOf;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotEquals;
|
||||
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||
import static org.junit.jupiter.api.Assertions.assertThrows;
|
||||
|
|
@ -59,29 +58,29 @@ public class SetupTest {
|
|||
PGPCertDCli.main(new String[] {"setup"});
|
||||
KeyMaterial trustRoot = store.getTrustRoot();
|
||||
assertNotNull(trustRoot);
|
||||
assertTrue(trustRoot instanceof Key);
|
||||
assertInstanceOf(Key.class, trustRoot);
|
||||
|
||||
// Check that key has no password
|
||||
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream());
|
||||
assertTrue(KeyInfo.isDecrypted(secretKeys.getSecretKey()));
|
||||
OpenPGPKey key = PGPainless.getInstance().readKey().parseKey(trustRoot.getInputStream());
|
||||
assertFalse(key.getPrimarySecretKey().isLocked(), "trust-root MUST NOT be passphrase protected here");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testSetupWithPassword()
|
||||
throws BadDataException, IOException, PGPException {
|
||||
throws BadDataException, IOException {
|
||||
assertThrows(NoSuchElementException.class, () -> store.getTrustRoot());
|
||||
|
||||
PGPCertDCli.main(new String[] {"setup", "--with-password", "sw0rdf1sh"});
|
||||
KeyMaterial trustRoot = store.getTrustRoot();
|
||||
assertNotNull(trustRoot);
|
||||
assertTrue(trustRoot instanceof Key);
|
||||
assertInstanceOf(Key.class, trustRoot);
|
||||
|
||||
// Check that key is encrypted
|
||||
PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream());
|
||||
assertTrue(KeyInfo.isEncrypted(secretKeys.getSecretKey()));
|
||||
OpenPGPKey key = PGPainless.getInstance().readKey().parseKey(trustRoot.getInputStream());
|
||||
assertTrue(key.getPrimarySecretKey().isLocked());
|
||||
// Check that password matches
|
||||
assertNotNull(UnlockSecretKey.unlockSecretKey(
|
||||
secretKeys.getSecretKey(), Passphrase.fromPassword("sw0rdf1sh")));
|
||||
assertTrue(key.getPrimarySecretKey().isPassphraseCorrect("sw0rdf1sh".toCharArray()),
|
||||
"Key MUST be able to be unlocked using passphrase");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -90,12 +89,12 @@ public class SetupTest {
|
|||
BadDataException, IOException {
|
||||
assertThrows(NoSuchElementException.class, () -> store.getTrustRoot());
|
||||
|
||||
PGPSecretKeyRing trustRoot = PGPainless.generateKeyRing()
|
||||
OpenPGPKey trustRoot = PGPainless.getInstance().generateKey()
|
||||
.modernKeyRing("trust-root");
|
||||
OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(trustRoot);
|
||||
String armored = PGPainless.asciiArmor(trustRoot);
|
||||
String armored = trustRoot.toAsciiArmoredString();
|
||||
ByteArrayInputStream trustRootIn = new ByteArrayInputStream(
|
||||
armored.getBytes(Charset.forName("UTF8")));
|
||||
armored.getBytes(StandardCharsets.UTF_8));
|
||||
|
||||
InputStream originalStdin = System.in;
|
||||
System.setIn(trustRootIn);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue