diff --git a/.reuse/dep5 b/.reuse/dep5 index 3bc4763..2853568 100644 --- a/.reuse/dep5 +++ b/.reuse/dep5 @@ -14,7 +14,3 @@ Files: gradle* Copyright: 2015 the original author or authors. License: Apache-2.0 -# Woodpecker build files -Files: .woodpecker/* -Copyright: 2022 the original author or authors. -License: Apache-2.0 diff --git a/.woodpecker/.build.yml b/.woodpecker/.build.yml deleted file mode 100644 index f504b44..0000000 --- a/.woodpecker/.build.yml +++ /dev/null @@ -1,12 +0,0 @@ -pipeline: - run: - image: gradle:7.5-jdk8 - commands: - - git checkout $CI_COMMIT_BRANCH - # Code works - - gradle test - # Code is clean - - gradle check javadocAll - # Code has coverage - - gradle jacocoRootReport coveralls - secrets: [COVERALLS_REPO_TOKEN] diff --git a/.woodpecker/.reuse.yml b/.woodpecker/.reuse.yml deleted file mode 100644 index 58f17e6..0000000 --- a/.woodpecker/.reuse.yml +++ /dev/null @@ -1,7 +0,0 @@ -# Code is licensed properly -# See https://reuse.software/ -pipeline: - reuse: - image: fsfe/reuse:latest - commands: - - reuse lint \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index dd257fd..18fccce 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,38 +5,5 @@ SPDX-License-Identifier: CC0-1.0 # Cert-D-PGPainless Changelog -## 0.2.2 -- Bump `pgpainless-core` to `1.5.6` -- Bump `cert-d-java` to `0.2.2` - -## 0.2.1 -- Bump `pgpainless-core` to `1.3.12` - -## 0.2.0 -- `get`: Apply `toLowerCase()` to fingerprints -- Use BCs `PGPPublicKeyRing.join(first, second)` method to properly merge certificates -- Implement storing of `trust-root` key -- Bump `cert-d-java` to `0.2.1` -- Changes to CLI - - Add support for i18n using resource bundles - - Rename `import` command to `insert` - - Rename `multi-import` command to `import` - - Add `export` command - - Add basic `list` command - - `get` command: Allow querying by special name - - Add armor headers to output of `get` command - -## 0.1.2 -- Add name and description to main command -- Bump `pgpainless-core` to `1.2.1` -- Bump `cert-d-java` to `0.1.1` -- Bump `slf4j` to `1.7.36` -- Bump `logback` to `1.2.11` -- Bump `mockito` to `4.5.1` -- Bump `picocli` to `4.6.3` - -## 0.1.1 -- Bump `pgpainless-core` to 1.1.3 - -## 0.1.0 +# 0.1.0 - Initial Release diff --git a/README.md b/README.md index 4535866..d661028 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,6 @@ - # Shared PGP Certificate Directory for Java -[![status-badge](https://ci.codeberg.org/api/badges/PGPainless/cert-d-pgpainless/status.svg)](https://ci.codeberg.org/PGPainless/cert-d-pgpainless) -[![Coverage Status](https://coveralls.io/repos/github/pgpainless/cert-d-pgpainless/badge.svg?branch=main)](https://coveralls.io/github/pgpainless/cert-d-pgpainless?branch=main) -[![REUSE status](https://api.reuse.software/badge/github.com/pgpainless/cert-d-pgpainless)](https://api.reuse.software/info/github.com/pgpainless/cert-d-pgpainless) - -This repository contains implementations of the [Shared PGP Certificate Directory](https://sequoia-pgp.gitlab.io/pgp-cert-d/) -specification using [PGPainless](https://pgpainless.org) as backend. +This repository contains implementations of the [Shared PGP Certificate Directory](https://sequoia-pgp.gitlab.io/pgp-cert-d/) specification using [PGPainless](https://pgpainless.org) as backend. The module `pgpainless-cert-d` can be used as a drop-in implementation of `pgp-certificate-store`. diff --git a/build.gradle b/build.gradle index da3d624..1fdc782 100644 --- a/build.gradle +++ b/build.gradle @@ -49,7 +49,6 @@ allprojects { repositories { mavenCentral() - mavenLocal() } // Reproducible Builds @@ -59,6 +58,12 @@ allprojects { } project.ext { + slf4jVersion = '1.7.32' + logbackVersion = '1.2.9' + junitVersion = '5.8.2' + mockitoVersion = '4.2.0' + pgpainlessVersion = '1.1.1' + pgpCertDJavaVersion = '0.1.0' rootConfigDir = new File(rootDir, 'config') gitCommit = getGitCommit() isContinuousIntegrationEnvironment = Boolean.parseBoolean(System.getenv('CI')) diff --git a/pgpainless-cert-d-cli/README.md b/pgpainless-cert-d-cli/README.md index 6747349..86735bb 100644 --- a/pgpainless-cert-d-cli/README.md +++ b/pgpainless-cert-d-cli/README.md @@ -6,8 +6,5 @@ SPDX-License-Identifier: Apache-2.0 # Command Line Interface for pgpainless-cert-d -[![javadoc](https://javadoc.io/badge2/org.pgpainless/pgpainless-cert-d-cli/javadoc.svg)](https://javadoc.io/doc/org.pgpainless/pgpainless-cert-d-cli) -[![Maven Central](https://badgen.net/maven/v/maven-central/org.pgpainless/pgpainless-cert-d-cli)](https://search.maven.org/artifact/org.pgpainless/pgpainless-cert-d-cli) - This module utilizes [picocli](https://picocli.info) to provide a CLI application for use with the [Shared PGP Certificate Directory](https://sequoia-pgp.gitlab.io/pgp-cert-d/). diff --git a/pgpainless-cert-d-cli/build.gradle b/pgpainless-cert-d-cli/build.gradle index 4c64b45..5c5ad6c 100644 --- a/pgpainless-cert-d-cli/build.gradle +++ b/pgpainless-cert-d-cli/build.gradle @@ -4,7 +4,6 @@ plugins { id 'application' - id "com.github.johnrengelman.shadow" version "6.1.0" } group 'org.pgpainless' @@ -14,21 +13,17 @@ repositories { } dependencies { - // Junit testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion" testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion" // Logging - implementation ("org.slf4j:slf4j-nop:$slf4jVersion") + testImplementation "ch.qos.logback:logback-classic:$logbackVersion" - // pgp.cert.d using PGPainless implementation project(":pgpainless-cert-d") - - // SQL subkey table implementation "org.pgpainless:pgp-cert-d-java-jdbc-sqlite-lookup:$pgpCertDJavaVersion" // picocli for cli - implementation "info.picocli:picocli:$picocliVersion" + implementation "info.picocli:picocli:4.6.2" } test { @@ -37,13 +32,8 @@ test { mainClassName = 'pgp.cert_d.cli.PGPCertDCli' -application { - mainClass = mainClassName -} - -/* jar { - dependsOn(":pgpainless-cert-d:jar") + dependsOn(":pgpainless-cert-d:assemble") manifest { attributes 'Main-Class': "$mainClassName" } @@ -58,5 +48,4 @@ jar { exclude "META-INF/*.RSA" } } - */ diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java index b22d47f..859dd2f 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java @@ -4,66 +4,60 @@ package pgp.cert_d.cli; -import org.pgpainless.certificate_store.PGPainlessCertD; +import org.pgpainless.certificate_store.CertificateReader; +import org.pgpainless.certificate_store.SharedPGPCertificateDirectoryAdapter; import pgp.cert_d.BaseDirectoryProvider; -import pgp.cert_d.cli.commands.Export; -import pgp.cert_d.cli.commands.Find; +import pgp.cert_d.SharedPGPCertificateDirectoryImpl; import pgp.cert_d.cli.commands.Get; -import pgp.cert_d.cli.commands.Insert; import pgp.cert_d.cli.commands.Import; -import pgp.cert_d.cli.commands.List; -import pgp.cert_d.cli.commands.Setup; -import pgp.cert_d.jdbc.sqlite.DatabaseSubkeyLookupFactory; +import pgp.cert_d.cli.commands.MultiImport; +import pgp.cert_d.jdbc.sqlite.DatabaseSubkeyLookup; +import pgp.cert_d.jdbc.sqlite.SqliteSubkeyLookupDaoImpl; +import pgp.certificate_store.SubkeyLookup; import pgp.certificate_store.exception.NotAStoreException; +import pgp.certificate_store.CertificateDirectory; import picocli.CommandLine; import java.io.File; import java.sql.SQLException; @CommandLine.Command( - name = "certificate-store", - resourceBundle = "msg_pgp-cert-d", subcommands = { - CommandLine.HelpCommand.class, - Export.class, - Insert.class, Import.class, + MultiImport.class, Get.class, - Setup.class, - List.class, - Find.class } ) public class PGPCertDCli { - @CommandLine.Option(names = {"-s", "--store"}, paramLabel = "DIRECTORY", - scope = CommandLine.ScopeType.INHERIT) + @CommandLine.Option(names = "--base-directory", paramLabel = "DIRECTORY", description = "Overwrite the default certificate directory") File baseDirectory; - static PGPainlessCertD certificateDirectory; - - // https://www.cyberciti.biz/faq/linux-bash-exit-status-set-exit-statusin-bash/ - public static final int EXIT_CODE_NOT_A_STORE = 30; + private static CertificateDirectory certificateDirectory; private int executionStrategy(CommandLine.ParseResult parseResult) { try { initStore(); } catch (NotAStoreException | SQLException e) { - return EXIT_CODE_NOT_A_STORE; + return -1; } return new CommandLine.RunLast().execute(parseResult); } private void initStore() throws NotAStoreException, SQLException { - if (certificateDirectory != null) { - return; - } - + SharedPGPCertificateDirectoryImpl certificateDirectory; + SubkeyLookup subkeyLookup; if (baseDirectory == null) { baseDirectory = BaseDirectoryProvider.getDefaultBaseDir(); } - PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory, new DatabaseSubkeyLookupFactory()); + certificateDirectory = new SharedPGPCertificateDirectoryImpl( + baseDirectory, + new CertificateReader()); + subkeyLookup = new DatabaseSubkeyLookup( + SqliteSubkeyLookupDaoImpl.forDatabaseFile(new File(baseDirectory, "_pgpainless_subkey_map.db"))); + + PGPCertDCli.certificateDirectory = new SharedPGPCertificateDirectoryAdapter(certificateDirectory, subkeyLookup); } public static void main(String[] args) { @@ -73,7 +67,7 @@ public class PGPCertDCli { .execute(args); } - public static PGPainlessCertD getCertificateDirectory() { + public static CertificateDirectory getCertificateDirectory() { return certificateDirectory; } } diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java deleted file mode 100644 index 4bfc24f..0000000 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java +++ /dev/null @@ -1,53 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import org.bouncycastle.bcpg.ArmoredOutputStream; -import org.bouncycastle.util.io.Streams; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.Certificate; -import picocli.CommandLine; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.util.Iterator; - -@CommandLine.Command(name = "export", - resourceBundle = "msg_export") -public class Export implements Runnable { - - private static final Logger LOGGER = LoggerFactory.getLogger(Export.class); - - @CommandLine.Option(names = {"-a", "--armor"}) - boolean armor = false; - - @Override - public void run() { - Iterator certificates = PGPCertDCli.getCertificateDirectory() - .items(); - OutputStream out = armor ? new ArmoredOutputStream(System.out) : System.out; - while (certificates.hasNext()) { - try { - Certificate certificate = certificates.next(); - InputStream inputStream = certificate.getInputStream(); - Streams.pipeAll(inputStream, out); - inputStream.close(); - } catch (IOException e) { - LOGGER.error("IO Error", e); - System.exit(-1); - } - } - if (armor) { - try { - out.close(); - } catch (IOException e) { - throw new RuntimeException(e); - } - } - } -} diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Find.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Find.java deleted file mode 100644 index 445a347..0000000 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Find.java +++ /dev/null @@ -1,57 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import org.pgpainless.key.OpenPgpFingerprint; -import pgp.cert_d.cli.PGPCertDCli; -import picocli.CommandLine; - -import java.io.IOException; -import java.math.BigInteger; -import java.util.Set; -import java.util.regex.Pattern; - -@CommandLine.Command(name = "find", - resourceBundle = "msg_find") -public class Find implements Runnable { - - private static final Pattern LONG_KEY_ID = Pattern.compile("^[0-9A-Fa-f]{16}$"); - - @CommandLine.Parameters( - paramLabel = "IDENTIFIER", - arity = "1") - String identifier; - - @Override - public void run() { - if (identifier == null) { - throw new IllegalArgumentException("No subkey ID provided."); - } - identifier = identifier.trim(); - long subkeyId = 0; - try { - OpenPgpFingerprint fingerprint = OpenPgpFingerprint.parse(identifier); - subkeyId = fingerprint.getKeyId(); - } catch (IllegalArgumentException e) { - if (!LONG_KEY_ID.matcher(identifier).matches()) { - throw new IllegalArgumentException("Provided long key-id does not match expected format. " + - "A long key-id consists of 16 hexadecimal characters."); - } - subkeyId = new BigInteger(identifier, 16).longValue(); - } - - try { - Set fingerprints = PGPCertDCli.getCertificateDirectory() - .getCertificateFingerprintsForSubkeyId(subkeyId); - for (String fingerprint : fingerprints) { - // CHECKSTYLE:OFF - System.out.println(fingerprint); - // CHECKSTYLE:ON - } - } catch (IOException e) { - throw new RuntimeException(e); - } - } -} diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java index 6e35ecc..bbcbe0d 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java @@ -4,70 +4,42 @@ package pgp.cert_d.cli.commands; -import org.bouncycastle.bcpg.ArmoredOutputStream; -import org.bouncycastle.openpgp.PGPKeyRing; +import java.io.IOException; + import org.bouncycastle.util.io.Streams; -import org.pgpainless.PGPainless; -import org.pgpainless.util.ArmorUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import pgp.cert_d.SpecialNames; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.KeyMaterial; +import pgp.certificate_store.Certificate; import pgp.certificate_store.exception.BadDataException; import pgp.certificate_store.exception.BadNameException; import picocli.CommandLine; -import java.io.IOException; -import java.util.NoSuchElementException; - @CommandLine.Command(name = "get", - resourceBundle = "msg_get") + description = "Retrieve certificates from the store") public class Get implements Runnable { private static final Logger LOGGER = LoggerFactory.getLogger(Get.class); - // https://www.cyberciti.biz/faq/linux-bash-exit-status-set-exit-statusin-bash/ - public static final int EXIT_CODE_NO_SUCH_ELEMENT = 2; - public static final int EXIT_CODE_IO_ERROR = 5; - - @CommandLine.Option(names = {"-a", "--armor"}) - boolean armor = false; - @CommandLine.Parameters( paramLabel = "IDENTIFIER", - arity = "1" + arity = "1", + description = "Certificate identifier (fingerprint or special name)" ) - String identifier; + String identifer; @Override public void run() { try { - KeyMaterial record; - if (SpecialNames.lookupSpecialName(identifier) != null) { - record = PGPCertDCli.getCertificateDirectory().getBySpecialName(identifier); - } else { - record = PGPCertDCli.getCertificateDirectory().getByFingerprint(identifier.toLowerCase()); - } - if (record == null) { + Certificate certificate = PGPCertDCli.getCertificateDirectory() + .getCertificate(identifer); + if (certificate == null) { return; } - - if (armor) { - PGPKeyRing keyRing = PGPainless.readKeyRing().keyRing(record.getInputStream()); - ArmoredOutputStream armorOut = ArmorUtils.toAsciiArmoredStream(keyRing, System.out); - Streams.pipeAll(record.getInputStream(), armorOut); - armorOut.close(); - } else { - Streams.pipeAll(record.getInputStream(), System.out); - } - - } catch (NoSuchElementException e) { - LOGGER.debug("Certificate not found.", e); - System.exit(EXIT_CODE_NO_SUCH_ELEMENT); + Streams.pipeAll(certificate.getInputStream(), System.out); } catch (IOException e) { LOGGER.error("IO Error", e); - System.exit(EXIT_CODE_IO_ERROR); + System.exit(-1); } catch (BadDataException e) { LOGGER.error("Certificate file contains bad data.", e); System.exit(-1); diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java index 9e92e9f..de2cbcd 100644 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java @@ -4,38 +4,37 @@ package pgp.cert_d.cli.commands; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; -import org.pgpainless.PGPainless; +import java.io.IOException; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.pgpainless.certificate_store.MergeCallbacks; import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.Certificate; +import pgp.certificate_store.Certificate; +import pgp.certificate_store.MergeCallback; import pgp.certificate_store.exception.BadDataException; import picocli.CommandLine; -import java.io.ByteArrayInputStream; -import java.io.IOException; - @CommandLine.Command(name = "import", - resourceBundle = "msg_import") + description = "Import or update a certificate") public class Import implements Runnable { private static final Logger LOGGER = LoggerFactory.getLogger(Import.class); + // TODO: Replace with proper merge callback + private final MergeCallback dummyMerge = new MergeCallback() { + @Override + public Certificate merge(Certificate data, Certificate existing) throws IOException { + return data; + } + }; + @Override public void run() { try { - PGPPublicKeyRingCollection certificates = PGPainless.readKeyRing().publicKeyRingCollection(System.in); - for (PGPPublicKeyRing cert : certificates) { - ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); - Certificate certificate = PGPCertDCli.getCertificateDirectory() - .insert(certIn, MergeCallbacks.mergeWithExisting()); - // CHECKSTYLE:OFF - System.out.println(certificate.getFingerprint()); - // CHECKSTYLE:ON - } + Certificate certificate = PGPCertDCli.getCertificateDirectory().insertCertificate(System.in, dummyMerge); + // CHECKSTYLE:OFF + System.out.println(certificate.getFingerprint()); + // CHECKSTYLE:ON } catch (IOException e) { LOGGER.error("IO-Error.", e); System.exit(-1); diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java deleted file mode 100644 index cf62fd8..0000000 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java +++ /dev/null @@ -1,42 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.pgpainless.certificate_store.MergeCallbacks; -import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.Certificate; -import pgp.certificate_store.exception.BadDataException; -import picocli.CommandLine; - -import java.io.IOException; - -@CommandLine.Command(name = "insert", - resourceBundle = "msg_insert") -public class Insert implements Runnable { - - private static final Logger LOGGER = LoggerFactory.getLogger(Insert.class); - - @Override - public void run() { - try { - Certificate certificate = PGPCertDCli.getCertificateDirectory() - .insert(System.in, MergeCallbacks.mergeWithExisting()); - // CHECKSTYLE:OFF - System.out.println(certificate.getFingerprint()); - // CHECKSTYLE:ON - } catch (IOException e) { - LOGGER.error("IO-Error.", e); - System.exit(-1); - } catch (InterruptedException e) { - LOGGER.error("Thread interrupted.", e); - System.exit(-1); - } catch (BadDataException e) { - LOGGER.error("Certificate contains bad data.", e); - System.exit(-1); - } - } -} diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java deleted file mode 100644 index 2ce37a0..0000000 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java +++ /dev/null @@ -1,29 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.Certificate; -import picocli.CommandLine; - -import java.util.Iterator; - -@CommandLine.Command(name = "list", - resourceBundle = "msg_list" -) -public class List implements Runnable { - - @Override - public void run() { - Iterator certificates = PGPCertDCli.getCertificateDirectory() - .items(); - while (certificates.hasNext()) { - Certificate certificate = certificates.next(); - // CHECKSTYLE:OFF - System.out.println(certificate.getFingerprint()); - // CHECKSTYLE:ON - } - } -} diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/MultiImport.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/MultiImport.java new file mode 100644 index 0000000..112403d --- /dev/null +++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/MultiImport.java @@ -0,0 +1,62 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package pgp.cert_d.cli.commands; + +import org.bouncycastle.openpgp.PGPException; +import org.bouncycastle.openpgp.PGPPublicKeyRing; +import org.bouncycastle.openpgp.PGPPublicKeyRingCollection; +import org.pgpainless.PGPainless; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import pgp.cert_d.cli.PGPCertDCli; +import pgp.certificate_store.Certificate; +import pgp.certificate_store.MergeCallback; +import pgp.certificate_store.exception.BadDataException; +import picocli.CommandLine; + +import java.io.ByteArrayInputStream; +import java.io.IOException; + +@CommandLine.Command(name = "multi-import", + description = "Import or update multiple certificates") +public class MultiImport implements Runnable { + + private static final Logger LOGGER = LoggerFactory.getLogger(MultiImport.class); + + // TODO: Replace with proper merge callback + private final MergeCallback dummyMerge = new MergeCallback() { + @Override + public Certificate merge(Certificate data, Certificate existing) throws IOException { + return data; + } + }; + + @Override + public void run() { + try { + PGPPublicKeyRingCollection certificates = PGPainless.readKeyRing().publicKeyRingCollection(System.in); + for (PGPPublicKeyRing cert : certificates) { + ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); + Certificate certificate = PGPCertDCli.getCertificateDirectory() + .insertCertificate(certIn, dummyMerge); + // CHECKSTYLE:OFF + System.out.println(certificate.getFingerprint()); + // CHECKSTYLE:ON + } + } catch (IOException e) { + LOGGER.error("IO-Error.", e); + System.exit(-1); + } catch (InterruptedException e) { + LOGGER.error("Thread interrupted.", e); + System.exit(-1); + } catch (BadDataException e) { + LOGGER.error("Certificate contains bad data.", e); + System.exit(-1); + } catch (PGPException e) { + LOGGER.error("PGP Exception.", e); + System.exit(-1); + } + } +} diff --git a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java deleted file mode 100644 index 070c284..0000000 --- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java +++ /dev/null @@ -1,111 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.pgpainless.PGPainless; -import org.pgpainless.algorithm.KeyFlag; -import org.pgpainless.key.generation.KeyRingBuilder; -import org.pgpainless.key.generation.KeySpec; -import org.pgpainless.key.generation.type.KeyType; -import org.pgpainless.key.generation.type.eddsa.EdDSACurve; -import org.pgpainless.util.Passphrase; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.pgpainless.certificate_store.MergeCallbacks; -import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.exception.BadDataException; -import picocli.CommandLine; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; - -@CommandLine.Command(name = "setup", - resourceBundle = "msg_setup") -public class Setup implements Runnable { - - public static final Logger LOGGER = LoggerFactory.getLogger(Setup.class); - - @CommandLine.ArgGroup() - Exclusive exclusive; - - static class Exclusive { - @CommandLine.Option(names = "--with-password", - paramLabel = "PASSWORD") - String password; - - @CommandLine.Option(names = "--import-from-stdin", - description = "Import trust-root from stdin") - boolean importFromStdin; - } - - - @Override - public void run() { - PGPSecretKeyRing trustRoot; - if (exclusive == null) { - trustRoot = generateTrustRoot(Passphrase.emptyPassphrase()); - } else { - if (exclusive.importFromStdin) { - trustRoot = readTrustRoot(System.in); - } else { - trustRoot = generateTrustRoot(Passphrase.fromPassword(exclusive.password.trim())); - } - } - - try { - InputStream inputStream = new ByteArrayInputStream(trustRoot.getEncoded()); - KeyMaterial inserted = PGPCertDCli.getCertificateDirectory() - .insertTrustRoot(inputStream, MergeCallbacks.overrideExisting()); - // CHECKSTYLE:OFF - System.out.println(inserted.getFingerprint()); - // CHECKSTYLE:ON - - } catch (BadDataException e) { - throw new RuntimeException(e); - } catch (IOException e) { - LOGGER.error("IO error.", e); - System.exit(-1); - } catch (InterruptedException e) { - LOGGER.error("Thread interrupted.", e); - System.exit(-1); - } - } - - private PGPSecretKeyRing generateTrustRoot(Passphrase passphrase) { - PGPSecretKeyRing trustRoot; - KeyRingBuilder builder = PGPainless.buildKeyRing() - .addUserId("trust-root"); - if (passphrase != null) { - builder.setPassphrase(passphrase); - } - builder.setPrimaryKey(KeySpec.getBuilder(KeyType.EDDSA(EdDSACurve._Ed25519), KeyFlag.CERTIFY_OTHER)); - try { - trustRoot = builder.build(); - } catch (NoSuchAlgorithmException | PGPException | InvalidAlgorithmParameterException e) { - throw new RuntimeException("Cannot generate trust-root OpenPGP key", e); - } - return trustRoot; - } - - private PGPSecretKeyRing readTrustRoot(InputStream inputStream) { - try { - PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(inputStream); - if (secretKeys == null) { - throw new BadDataException(); - } - return secretKeys; - } catch (IOException e) { - throw new RuntimeException("Cannot read trust-root OpenPGP key", e); - } catch (BadDataException e) { - throw new RuntimeException("trust-root does not contain OpenPGP key", e); - } - } -} diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_export.properties b/pgpainless-cert-d-cli/src/main/resources/msg_export.properties deleted file mode 100644 index 2798b4f..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_export.properties +++ /dev/null @@ -1,12 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Export all certificates in the store to Standard Output -armor=Wrap the output in ASCII armor - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_export_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_export_de.properties deleted file mode 100644 index a078ca4..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_export_de.properties +++ /dev/null @@ -1,12 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Exportiere alle gespeicherten Zertifikate zur Standardausgabe -armor=Verpacke the Ausgabe in ASCII Armor - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_find.properties b/pgpainless-cert-d-cli/src/main/resources/msg_find.properties deleted file mode 100644 index d2dd833..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_find.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Lookup primary certificate fingerprints by subkey ids or fingerprints - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_find_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_find_de.properties deleted file mode 100644 index 9fe69df..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_find_de.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Schlage primäre Fingerabdrücke von Zertifikaten per ID oder Fingerabdruck von Unterschlüsseln nach - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_get.properties b/pgpainless-cert-d-cli/src/main/resources/msg_get.properties deleted file mode 100644 index a031d99..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_get.properties +++ /dev/null @@ -1,13 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Retrieve certificates from the store -IDENTIFIER[0]=Certificate identifier (fingerprint or special name) -armor=Wrap the output in ASCII armor - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_get_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_get_de.properties deleted file mode 100644 index b0f82b1..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_get_de.properties +++ /dev/null @@ -1,13 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Frage Zertifikate aus dem Speicher ab -IDENTIFIER[0]=Zertifikatskennung (Fingerabdruck oder Spezialname) -armor=Verpacke the Ausgabe in ASCII Armor - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_import.properties b/pgpainless-cert-d-cli/src/main/resources/msg_import.properties deleted file mode 100644 index 329a392..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_import.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Import certificates into the store from Standard Input - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_import_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_import_de.properties deleted file mode 100644 index 82c0016..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_import_de.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Importiere Zertifikate von der Standardeingabe in den Speicher - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_insert.properties b/pgpainless-cert-d-cli/src/main/resources/msg_insert.properties deleted file mode 100644 index c1b81f8..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_insert.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Insert or update a certificate - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_insert_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_insert_de.properties deleted file mode 100644 index 1f479a2..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_insert_de.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Aktualisiere oder importiere ein Zertifikat - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_list.properties b/pgpainless-cert-d-cli/src/main/resources/msg_list.properties deleted file mode 100644 index f58dd82..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_list.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=List all certificates in the directory -store=Overwrite the default certificate directory path - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_list_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_list_de.properties deleted file mode 100644 index 2385597..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_list_de.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Liste alle Zertifikate im Verzeichnis auf -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d.properties b/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d.properties deleted file mode 100644 index 4882e8e..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Store and manage public OpenPGP certificates -store=Overwrite the default certificate directory path - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d_de.properties deleted file mode 100644 index 0c5c4fb..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_pgp-cert-d_de.properties +++ /dev/null @@ -1,11 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Speichere und verwalte öffentliche OpenPGP Zertifikate -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_setup.properties b/pgpainless-cert-d-cli/src/main/resources/msg_setup.properties deleted file mode 100644 index a6f60bb..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_setup.properties +++ /dev/null @@ -1,13 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Setup a new certificate directory -with-password=Ask for a password for the trust-root key -import-from-stdin=Import trust-root from stdin - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Usage:\u0020 -usage.commandListHeading = %nCommands:%n -usage.optionListHeading = %nOptions:%n -usage.footerHeading=Powered by picocli%n -store=Overwrite the default certificate directory path diff --git a/pgpainless-cert-d-cli/src/main/resources/msg_setup_de.properties b/pgpainless-cert-d-cli/src/main/resources/msg_setup_de.properties deleted file mode 100644 index 933f726..0000000 --- a/pgpainless-cert-d-cli/src/main/resources/msg_setup_de.properties +++ /dev/null @@ -1,13 +0,0 @@ -# SPDX-FileCopyrightText: 2022 Paul Schaub -# -# SPDX-License-Identifier: Apache-2.0 -usage.header=Richte ein neues Zertifikatsverzeichnis ein -with-password=Frage nach einem Passwort für den trust-root Schlüssel -import-from-stdin=Importiere trust-root Schlüssel von Standardeingabe - -# Generic TODO: Remove when bumping picocli to 4.7.0 -usage.synopsisHeading=Aufruf:\u0020 -usage.commandListHeading=%nBefehle:%n -usage.optionListHeading = %nOptionen:%n -usage.footerHeading=Powered by Picocli%n -store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses diff --git a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/DummyTest.java b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/DummyTest.java new file mode 100644 index 0000000..0d3c58d --- /dev/null +++ b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/DummyTest.java @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package pgp.cert_d.cli; + +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class DummyTest { + + @Test + public void test() { + assertTrue(true); + } +} diff --git a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java deleted file mode 100644 index 6a20ff6..0000000 --- a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/InstantiateCLI.java +++ /dev/null @@ -1,18 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli; - -import org.pgpainless.certificate_store.PGPainlessCertD; - -public class InstantiateCLI { - - public static void resetStore() { - PGPCertDCli.certificateDirectory = null; - } - - public static void setInMemoryStore() { - PGPCertDCli.certificateDirectory = PGPainlessCertD.inMemory(); - } -} diff --git a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java b/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java deleted file mode 100644 index d3a505a..0000000 --- a/pgpainless-cert-d-cli/src/test/java/pgp/cert_d/cli/commands/SetupTest.java +++ /dev/null @@ -1,126 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package pgp.cert_d.cli.commands; - -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.junit.jupiter.api.AfterEach; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.pgpainless.PGPainless; -import org.pgpainless.certificate_store.PGPainlessCertD; -import org.pgpainless.key.OpenPgpFingerprint; -import org.pgpainless.key.info.KeyInfo; -import org.pgpainless.key.protection.UnlockSecretKey; -import org.pgpainless.util.Passphrase; -import pgp.cert_d.cli.InstantiateCLI; -import pgp.cert_d.cli.PGPCertDCli; -import pgp.certificate_store.certificate.Key; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.exception.BadDataException; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.nio.charset.Charset; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.util.NoSuchElementException; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; - -public class SetupTest { - - private PGPainlessCertD store; - - @BeforeEach - public void setup() { - InstantiateCLI.setInMemoryStore(); - store = PGPCertDCli.getCertificateDirectory(); - } - - @AfterEach - public void teardown() { - InstantiateCLI.resetStore(); - store = null; - } - - @Test - public void testSetupGeneratesTrustRoot() - throws BadDataException, IOException { - assertThrows(NoSuchElementException.class, () -> store.getTrustRoot()); - - PGPCertDCli.main(new String[] {"setup"}); - KeyMaterial trustRoot = store.getTrustRoot(); - assertNotNull(trustRoot); - assertTrue(trustRoot instanceof Key); - - // Check that key has no password - PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream()); - assertTrue(KeyInfo.isDecrypted(secretKeys.getSecretKey())); - } - - @Test - public void testSetupWithPassword() - throws BadDataException, IOException, PGPException { - assertThrows(NoSuchElementException.class, () -> store.getTrustRoot()); - - PGPCertDCli.main(new String[] {"setup", "--with-password", "sw0rdf1sh"}); - KeyMaterial trustRoot = store.getTrustRoot(); - assertNotNull(trustRoot); - assertTrue(trustRoot instanceof Key); - - // Check that key is encrypted - PGPSecretKeyRing secretKeys = PGPainless.readKeyRing().secretKeyRing(trustRoot.getInputStream()); - assertTrue(KeyInfo.isEncrypted(secretKeys.getSecretKey())); - // Check that password matches - assertNotNull(UnlockSecretKey.unlockSecretKey( - secretKeys.getSecretKey(), Passphrase.fromPassword("sw0rdf1sh"))); - } - - @Test - public void testSetupImportFromStdin() - throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, - BadDataException, IOException { - assertThrows(NoSuchElementException.class, () -> store.getTrustRoot()); - - PGPSecretKeyRing trustRoot = PGPainless.generateKeyRing() - .modernKeyRing("trust-root"); - OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(trustRoot); - String armored = PGPainless.asciiArmor(trustRoot); - ByteArrayInputStream trustRootIn = new ByteArrayInputStream( - armored.getBytes(Charset.forName("UTF8"))); - - InputStream originalStdin = System.in; - System.setIn(trustRootIn); - PGPCertDCli.main(new String[] {"setup", "--import-from-stdin"}); - System.setIn(originalStdin); - - KeyMaterial importedTrustRoot = store.getTrustRoot(); - assertEquals(fingerprint.toString().toLowerCase(), importedTrustRoot.getFingerprint()); - } - - @Test - public void testSetupOverridesExistingTrustRoot() - throws BadDataException, IOException { - assertThrows(NoSuchElementException.class, () -> store.getTrustRoot()); - - PGPCertDCli.main(new String[] {"setup"}); - KeyMaterial trustRoot = store.getTrustRoot(); - assertNotNull(trustRoot); - String fingerprint = trustRoot.getFingerprint(); - - // Override trust-root by calling setup again - PGPCertDCli.main(new String[] {"setup"}); - trustRoot = store.getTrustRoot(); - assertNotNull(trustRoot); - - assertNotEquals(fingerprint, trustRoot.getFingerprint()); - } -} diff --git a/pgpainless-cert-d/README.md b/pgpainless-cert-d/README.md index 8e6ef55..c0ceb09 100644 --- a/pgpainless-cert-d/README.md +++ b/pgpainless-cert-d/README.md @@ -6,9 +6,4 @@ SPDX-License-Identifier: Apache-2.0 # Shared PGP Certificate Directory + PGPainless -[![javadoc](https://javadoc.io/badge2/org.pgpainless/pgpainless-cert-d/javadoc.svg)](https://javadoc.io/doc/org.pgpainless/pgpainless-cert-d) -[![Maven Central](https://badgen.net/maven/v/maven-central/org.pgpainless/pgpainless-cert-d)](https://search.maven.org/artifact/org.pgpainless/pgpainless-cert-d) - -This module makes use of [pgpainless-core](https://github.com/pgpainless/pgpainless) -to provide backend implementations of classes required by -[pgp-cert-d-java](https://github.com/pgpainless/cert-d-java). \ No newline at end of file +This module makes use of `pgpainless-core` to provide backend implementations of classes required by `pgp-cert-d-java`. \ No newline at end of file diff --git a/pgpainless-cert-d/build.gradle b/pgpainless-cert-d/build.gradle index ed891ec..d9b4308 100644 --- a/pgpainless-cert-d/build.gradle +++ b/pgpainless-cert-d/build.gradle @@ -15,26 +15,20 @@ repositories { apply plugin: 'ru.vyarus.animalsniffer' dependencies { - // animal sniffer for ensuring Android API compatibility + // animal sniffer signature "net.sf.androidscents.signature:android-api-level-${minAndroidSdk}:2.3.3_r2@signature" - // JUnit testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion" testImplementation "org.junit.jupiter:junit-jupiter-params:$junitVersion" testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion" - // Mockito for mocking during tests testImplementation "org.mockito:mockito-core:$mockitoVersion" // Logging testImplementation "ch.qos.logback:logback-classic:$logbackVersion" - // PGPainless for OpenPGP api "org.pgpainless:pgpainless-core:$pgpainlessVersion" - - // pgp.cert.d api "org.pgpainless:pgp-cert-d-java:$pgpCertDJavaVersion" - api "org.pgpainless:pgp-certificate-store:$pgpCertDJavaVersion" } animalsniffer { diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java index ceb1719..e4b40c1 100644 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java @@ -6,26 +6,54 @@ package org.pgpainless.certificate_store; import org.bouncycastle.openpgp.PGPPublicKey; import org.bouncycastle.openpgp.PGPPublicKeyRing; +import org.bouncycastle.util.encoders.Base64; import org.pgpainless.key.OpenPgpFingerprint; -import pgp.certificate_store.certificate.Certificate; +import pgp.certificate_store.Certificate; +import java.io.ByteArrayInputStream; import java.io.IOException; -import java.util.ArrayList; +import java.io.InputStream; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.HashSet; import java.util.Iterator; -import java.util.List; +import java.util.Set; public class CertificateFactory { - public static Certificate certificateFromPublicKeyRing(PGPPublicKeyRing publicKeyRing, Long tag) - throws IOException { - byte[] bytes = publicKeyRing.getEncoded(); - String fingerprint = OpenPgpFingerprint.of(publicKeyRing).toString().toLowerCase(); - List subkeyIds = new ArrayList<>(); - Iterator keys = publicKeyRing.getPublicKeys(); - while (keys.hasNext()) { - subkeyIds.add(keys.next().getKeyID()); - } + public static Certificate certificateFromPublicKeyRing(PGPPublicKeyRing publicKeyRing) { + return new Certificate() { + @Override + public String getFingerprint() { + return OpenPgpFingerprint.of(publicKeyRing).toString().toLowerCase(); + } - return new Certificate(bytes, fingerprint, subkeyIds, tag); + @Override + public InputStream getInputStream() throws IOException { + return new ByteArrayInputStream(publicKeyRing.getEncoded()); + } + + @Override + public String getTag() throws IOException { + MessageDigest digest; + try { + digest = MessageDigest.getInstance("SHA-256"); + } catch (NoSuchAlgorithmException e) { + throw new AssertionError("No MessageDigest for SHA-256 instantiated, although BC is on the classpath: " + e.getMessage()); + } + digest.update(publicKeyRing.getEncoded()); + return Base64.toBase64String(digest.digest()); + } + + @Override + public Set getSubkeyIds() throws IOException { + Set keyIds = new HashSet<>(); + Iterator keys = publicKeyRing.getPublicKeys(); + while (keys.hasNext()) { + keyIds.add(keys.next().getKeyID()); + } + return keyIds; + } + }; } } diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateReader.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateReader.java new file mode 100644 index 0000000..5e3068a --- /dev/null +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateReader.java @@ -0,0 +1,22 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.certificate_store; + +import java.io.IOException; +import java.io.InputStream; + +import org.bouncycastle.openpgp.PGPPublicKeyRing; +import org.pgpainless.PGPainless; +import pgp.certificate_store.Certificate; +import pgp.certificate_store.CertificateReaderBackend; + +public class CertificateReader implements CertificateReaderBackend { + + @Override + public Certificate readCertificate(InputStream inputStream) throws IOException { + final PGPPublicKeyRing certificate = PGPainless.readKeyRing().publicKeyRing(inputStream); + return CertificateFactory.certificateFromPublicKeyRing(certificate); + } +} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java deleted file mode 100644 index a43f76f..0000000 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java +++ /dev/null @@ -1,23 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.pgpainless.PGPainless; -import pgp.certificate_store.certificate.Certificate; -import pgp.certificate_store.certificate.Key; - -import java.io.IOException; - -public class KeyFactory { - - public static Key keyFromSecretKeyRing(PGPSecretKeyRing secretKeyRing, Long tag) throws IOException { - byte[] bytes = secretKeyRing.getEncoded(); - PGPPublicKeyRing publicKeyRing = PGPainless.extractCertificate(secretKeyRing); - Certificate certificate = CertificateFactory.certificateFromPublicKeyRing(publicKeyRing, tag); - return new Key(bytes, certificate, tag); - } -} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java deleted file mode 100644 index 8ba3b9d..0000000 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java +++ /dev/null @@ -1,46 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import org.bouncycastle.openpgp.PGPKeyRing; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.pgpainless.PGPainless; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.certificate.KeyMaterialReaderBackend; -import pgp.certificate_store.exception.BadDataException; - -import java.io.IOException; -import java.io.InputStream; - -public class KeyMaterialReader implements KeyMaterialReaderBackend { - - @Override - public KeyMaterial read(InputStream data, Long tag) throws IOException, BadDataException { - PGPKeyRing keyMaterial; - try { - keyMaterial = PGPainless.readKeyRing().keyRing(data); - } catch (IOException e) { - String msg = e.getMessage(); - if (msg == null) { - throw e; - } - if (msg.contains("unknown object in stream") || - msg.contains("unexpected end of file in armored stream.") || - msg.contains("invalid header encountered")) { - throw new BadDataException(); - } else { - throw e; - } - } - if (keyMaterial instanceof PGPSecretKeyRing) { - return KeyFactory.keyFromSecretKeyRing((PGPSecretKeyRing) keyMaterial, tag); - } else if (keyMaterial instanceof PGPPublicKeyRing) { - return CertificateFactory.certificateFromPublicKeyRing((PGPPublicKeyRing) keyMaterial, tag); - } else { - throw new BadDataException(); - } - } -} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/MergeCallbacks.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/MergeCallbacks.java deleted file mode 100644 index 000e935..0000000 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/MergeCallbacks.java +++ /dev/null @@ -1,174 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import org.bouncycastle.openpgp.PGPException; -import org.bouncycastle.openpgp.PGPKeyRing; -import org.bouncycastle.openpgp.PGPPublicKey; -import org.bouncycastle.openpgp.PGPPublicKeyRing; -import org.bouncycastle.openpgp.PGPSecretKeyRing; -import org.pgpainless.PGPainless; -import org.pgpainless.key.OpenPgpFingerprint; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.certificate.KeyMaterialMerger; -import pgp.certificate_store.exception.BadDataException; - -import java.io.IOException; -import java.util.Arrays; -import java.util.Iterator; - -public class MergeCallbacks { - - /** - * Return a {@link KeyMaterialMerger} that merges the two copies of the same certificate (same primary key) into one - * combined certificate. - * - * @return merging callback - */ - public static KeyMaterialMerger mergeWithExisting() { - return new KeyMaterialMerger() { - - @Override - public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) - throws IOException { - // Simple cases: one is null -> return other - if (data == null) { - return existing; - } - if (existing == null) { - return data; - } - - try { - PGPKeyRing existingKeyRing = PGPainless.readKeyRing().keyRing(existing.getInputStream()); - PGPKeyRing updatedKeyRing = PGPainless.readKeyRing().keyRing(data.getInputStream()); - - PGPKeyRing mergedKeyRing; - - if (existingKeyRing instanceof PGPPublicKeyRing) { - mergedKeyRing = mergeWithCert((PGPPublicKeyRing) existingKeyRing, updatedKeyRing); - } else if (existingKeyRing instanceof PGPSecretKeyRing) { - mergedKeyRing = mergeWithKey(existingKeyRing, updatedKeyRing); - } else { - throw new IOException(new BadDataException()); - } - - printOutDifferences(existingKeyRing, mergedKeyRing); - - return toKeyMaterial(mergedKeyRing); - - } catch (PGPException e) { - throw new RuntimeException(e); - } - } - - private PGPKeyRing mergeWithCert(PGPPublicKeyRing existingKeyRing, PGPKeyRing updatedKeyRing) - throws PGPException, IOException { - PGPKeyRing mergedKeyRing; - PGPPublicKeyRing existingCert = existingKeyRing; - if (updatedKeyRing instanceof PGPPublicKeyRing) { - mergedKeyRing = PGPPublicKeyRing.join(existingCert, (PGPPublicKeyRing) updatedKeyRing); - } else if (updatedKeyRing instanceof PGPSecretKeyRing) { - PGPPublicKeyRing updatedPublicKeys = PGPainless.extractCertificate((PGPSecretKeyRing) updatedKeyRing); - PGPPublicKeyRing mergedPublicKeys = PGPPublicKeyRing.join(existingCert, updatedPublicKeys); - updatedKeyRing = PGPSecretKeyRing.replacePublicKeys((PGPSecretKeyRing) updatedKeyRing, mergedPublicKeys); - mergedKeyRing = updatedKeyRing; - } else { - throw new IOException(new BadDataException()); - } - return mergedKeyRing; - } - - private PGPKeyRing mergeWithKey(PGPKeyRing existingKeyRing, PGPKeyRing updatedKeyRing) - throws PGPException, IOException { - PGPKeyRing mergedKeyRing; - PGPSecretKeyRing existingKey = (PGPSecretKeyRing) existingKeyRing; - PGPPublicKeyRing existingCert = PGPainless.extractCertificate(existingKey); - if (updatedKeyRing instanceof PGPPublicKeyRing) { - PGPPublicKeyRing updatedCert = (PGPPublicKeyRing) updatedKeyRing; - PGPPublicKeyRing mergedCert = PGPPublicKeyRing.join(existingCert, updatedCert); - mergedKeyRing = PGPSecretKeyRing.replacePublicKeys(existingKey, mergedCert); - } else if (updatedKeyRing instanceof PGPSecretKeyRing) { - // Merging keys is not supported - mergedKeyRing = existingKeyRing; - } else { - throw new IOException(new BadDataException()); - } - return mergedKeyRing; - } - - private KeyMaterial toKeyMaterial(PGPKeyRing mergedKeyRing) - throws IOException { - if (mergedKeyRing instanceof PGPPublicKeyRing) { - return CertificateFactory.certificateFromPublicKeyRing((PGPPublicKeyRing) mergedKeyRing, null); - } else { - return KeyFactory.keyFromSecretKeyRing((PGPSecretKeyRing) mergedKeyRing, null); - } - } - - private void printOutDifferences(PGPKeyRing existingCert, PGPKeyRing mergedCert) throws IOException { - int numSigsBefore = countSigs(existingCert); - int numSigsAfter = countSigs(mergedCert); - int newSigs = numSigsAfter - numSigsBefore; - int numUidsBefore = count(existingCert.getPublicKey().getUserIDs()); - int numUidsAfter = count(mergedCert.getPublicKey().getUserIDs()); - int newUids = numUidsAfter - numUidsBefore; - - if (!Arrays.equals(existingCert.getEncoded(), mergedCert.getEncoded())) { - OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(mergedCert); - StringBuilder sb = new StringBuilder(); - sb.append(String.format("Certificate %s has", fingerprint)); - if (newSigs != 0) { - sb.append(String.format(" %d new signatures", newSigs)); - } - if (newUids != 0) { - if (newSigs != 0) { - sb.append(" and"); - } - sb.append(String.format(" %d new UIDs", newUids)); - } - if (newSigs == 0 && newUids == 0) { - sb.append(" changed"); - } - - // In this case it is okay to print to stdout, since we are a CLI app - // CHECKSTYLE:OFF - System.out.println(sb); - // CHECKSTYLE:ON - } - } - - private int countSigs(PGPKeyRing keys) { - int numSigs = 0; - Iterator iterator = keys.getPublicKeys(); - while (iterator.hasNext()) { - PGPPublicKey key = iterator.next(); - numSigs += count(key.getSignatures()); - } - return numSigs; - } - - // TODO: Use CollectionUtils.count() once available - private int count(Iterator iterator) { - int num = 0; - while (iterator.hasNext()) { - iterator.next(); - num++; - } - return num; - } - }; - } - - public static KeyMaterialMerger overrideExisting() { - // noinspection Convert2Lambda - return new KeyMaterialMerger() { - @Override - public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) { - return data; - } - }; - } -} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java deleted file mode 100644 index a322301..0000000 --- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java +++ /dev/null @@ -1,43 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import pgp.cert_d.BaseDirectoryProvider; -import pgp.cert_d.backend.FileBasedCertificateDirectoryBackend; -import pgp.cert_d.backend.InMemoryCertificateDirectoryBackend; -import pgp.cert_d.PGPCertificateDirectory; -import pgp.cert_d.subkey_lookup.InMemorySubkeyLookup; -import pgp.cert_d.subkey_lookup.SubkeyLookup; -import pgp.cert_d.subkey_lookup.SubkeyLookupFactory; -import pgp.certificate_store.exception.NotAStoreException; - -import java.io.File; - -public class PGPainlessCertD extends PGPCertificateDirectory { - - private static final KeyMaterialReader keyMaterialReader = new KeyMaterialReader(); - - public PGPainlessCertD(Backend backend, SubkeyLookup subkeyLookup) { - super(backend, subkeyLookup); - } - - public static PGPainlessCertD inMemory() { - Backend backend = new InMemoryCertificateDirectoryBackend(keyMaterialReader); - SubkeyLookup subkeyLookup = new InMemorySubkeyLookup(); - return new PGPainlessCertD(backend, subkeyLookup); - } - - public static PGPainlessCertD fileBased(SubkeyLookupFactory subkeyLookupFactory) - throws NotAStoreException { - return fileBased(BaseDirectoryProvider.getDefaultBaseDir(), subkeyLookupFactory); - } - - public static PGPainlessCertD fileBased(File baseDirectory, SubkeyLookupFactory subkeyLookupFactory) - throws NotAStoreException { - Backend backend = new FileBasedCertificateDirectoryBackend(baseDirectory, keyMaterialReader); - SubkeyLookup subkeyLookup = subkeyLookupFactory.createFileBasedInstance(baseDirectory); - return new PGPainlessCertD(backend, subkeyLookup); - } -} diff --git a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java new file mode 100644 index 0000000..e7b2d81 --- /dev/null +++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/SharedPGPCertificateDirectoryAdapter.java @@ -0,0 +1,123 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.certificate_store; + +import java.io.IOException; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.Iterator; +import java.util.List; +import java.util.Set; + +import pgp.cert_d.SharedPGPCertificateDirectory; +import pgp.cert_d.SpecialNames; +import pgp.certificate_store.Certificate; +import pgp.certificate_store.CertificateDirectory; +import pgp.certificate_store.CertificateStore; +import pgp.certificate_store.MergeCallback; +import pgp.certificate_store.SubkeyLookup; +import pgp.certificate_store.exception.BadDataException; +import pgp.certificate_store.exception.BadNameException; + +/** + * Adapter class used to adapt the {@link SharedPGPCertificateDirectory} for use with + * {@link CertificateDirectory}. + */ +public class SharedPGPCertificateDirectoryAdapter + implements CertificateStore { + + private final SharedPGPCertificateDirectory directory; + private final SubkeyLookup subkeyLookup; + + /** + * Create an adapter to use {@link SharedPGPCertificateDirectory} objects as {@link CertificateDirectory CertificateStores}. + * + * @param directory directory instance + */ + public SharedPGPCertificateDirectoryAdapter(SharedPGPCertificateDirectory directory, SubkeyLookup subkeyLookup) { + this.directory = directory; + this.subkeyLookup = subkeyLookup; + } + + @Override + public Certificate getCertificate(String identifier) + throws IOException, BadDataException, BadNameException { + String specialName = SpecialNames.lookupSpecialName(identifier); + if (specialName != null) { + return directory.getBySpecialName(specialName); + } + + return directory.getByFingerprint(identifier); + + } + + @Override + public Certificate getCertificateIfChanged(String identifier, String tag) + throws IOException, BadDataException, BadNameException { + String specialName = SpecialNames.lookupSpecialName(identifier); + if (specialName != null) { + return directory.getBySpecialNameIfChanged(specialName, tag); + } + + return directory.getByFingerprintIfChanged(identifier, tag); + + } + + @Override + public Certificate insertCertificate(InputStream data, MergeCallback merge) + throws IOException, InterruptedException, BadDataException { + Certificate certificate = directory.insert(data, merge); + storeIdentifierForSubkeys(certificate); + return certificate; + } + + @Override + public Certificate tryInsertCertificate(InputStream data, MergeCallback merge) + throws IOException, BadDataException { + Certificate certificate = directory.tryInsert(data, merge); + storeIdentifierForSubkeys(certificate); + return certificate; + } + + @Override + public Certificate insertCertificateBySpecialName(String specialName, InputStream data, MergeCallback merge) + throws IOException, InterruptedException, BadDataException, BadNameException { + return directory.insertWithSpecialName(specialName, data, merge); + } + + @Override + public Certificate tryInsertCertificateBySpecialName(String specialName, InputStream data, MergeCallback merge) + throws IOException, BadDataException, BadNameException { + return directory.tryInsertWithSpecialName(specialName, data, merge); + } + + @Override + public Iterator getCertificates() { + return directory.items(); + } + + @Override + public Iterator getFingerprints() { + return directory.fingerprints(); + } + + private void storeIdentifierForSubkeys(Certificate certificate) throws IOException { + if (certificate == null) { + return; + } + String fingerprint = certificate.getFingerprint(); + storeCertificateSubkeyIds(fingerprint, new ArrayList<>(certificate.getSubkeyIds())); + } + + @Override + public Set getCertificateFingerprintsForSubkeyId(long subkeyId) throws IOException { + return subkeyLookup.getCertificateFingerprintsForSubkeyId(subkeyId); + } + + @Override + public void storeCertificateSubkeyIds(String certificate, List subkeyIds) throws IOException { + subkeyLookup.storeCertificateSubkeyIds(certificate, subkeyIds); + } +} diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java new file mode 100644 index 0000000..b82f151 --- /dev/null +++ b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java @@ -0,0 +1,230 @@ +// SPDX-FileCopyrightText: 2022 Paul Schaub +// +// SPDX-License-Identifier: Apache-2.0 + +package org.pgpainless.cert_d; + +import static org.junit.jupiter.api.Assertions.assertArrayEquals; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assertions.assertThrows; + +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.File; +import java.io.IOException; +import java.nio.file.Files; +import java.util.Arrays; +import java.util.Collections; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; + +import org.bouncycastle.util.encoders.Hex; +import org.bouncycastle.util.io.Streams; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.pgpainless.certificate_store.CertificateReader; +import org.pgpainless.certificate_store.SharedPGPCertificateDirectoryAdapter; +import pgp.cert_d.InMemorySubkeyLookup; +import pgp.cert_d.SharedPGPCertificateDirectoryImpl; +import pgp.certificate_store.CertificateStore; +import pgp.certificate_store.exception.BadDataException; +import pgp.certificate_store.exception.BadNameException; +import pgp.certificate_store.exception.NotAStoreException; +import pgp.certificate_store.Certificate; + +public class SharedPGPCertificateDirectoryAdapterTest { + + private static final String testCertificate = "98330462069cc616092b06010401da470f010107400db5906b09f701ab1f7f96087eedab6ba44c02fcbd2470137cfeacac5a2d032db405416c696365888f0413160a0041050262069cc609906f054e826378552516a104505b134a7e62f0f154ec3d036f054e8263785525029e01029b01059602030100048b09080705950a09080b0299010000a12600fd117925c0f2192ef5b2a44e3d3038e2a7ce5ba0343fc2dfb661a3a46d1276fb380100bf2872e7e36b63f61ae3556464c4a04344e7d36e0d7313e623effb0290ce0b0fb8380462069cc6120a2b06010401975501050101074034ffd523242385fe92034a5e326a82f4edff614516cc1028ca91fb653557f25b0301080788750418160a001d050262069cc6029e01029b0c059602030100048b09080705950a09080b000a09106f054e8263785525391400ff4eb85df8ddfc15e94c9cf28bc0aa9d0426b571ca64c5421be5889d5410d8632f00fd1ac5e9aed683e711282489d8980222d2ceff15c5ce0499fcb36716d850749406b8330462069cc616092b06010401da470f0101074058f296fb7ce456039856144db677f14018963a8bfd281c84aaeebe7e14df8f1c88d50418160a007d050262069cc6029e01029b02059602030100048b09080705950a09080b5f200419160a0006050262069cc6000a09108119c86e0a4c6dc73a7600ff5e25427da84d824cc3f8890bc6bd037f423f610006e1249b1aad3d7f70ac47a100fc08e67a6a945c1feec301df9dc27e7ea4e61d107d0720e814eea1dc4f1da20a08000a09106f054e8263785525359700ff4ce78cf267c261468322de906118d4f003ceefa72fa3b86119e26f99be3727fc00fe3895207c4aac814549f0189d2f494f5b1fcee7f6da344e63a0c32743b216b406"; + private static final String testCertFingerprint = "505b134a7e62f0f154ec3d036f054e8263785525"; + private static final long testCertificateSubkey1 = 7999886635015099685L; + private static final long testCertificateSubkey2 = -5375724347241457298L; + private static final long testCertificateSubkey3 = -9144057193454342713L; + + private SharedPGPCertificateDirectoryAdapter adapter; + private CertificateStore store; + + @BeforeEach + public void setupInstance() throws IOException, NotAStoreException { + adapter = new SharedPGPCertificateDirectoryAdapter( + new SharedPGPCertificateDirectoryImpl(tempDir(), new CertificateReader()), + new InMemorySubkeyLookup()); + store = adapter; + } + + private static File tempDir() throws IOException { + File tempDir = Files.createTempDirectory("pgp.cert.d-").toFile(); + tempDir.deleteOnExit(); + return tempDir; + } + + @Test + public void getNonExistentCertIsNull() throws IOException, BadDataException, BadNameException { + assertNull(store.getCertificate("eb85bb5fa33a75e15e944e63f231550c4f47e38e")); + } + + @Test + public void getInvalidIdentifierThrows() { + assertThrows(BadNameException.class, () -> store.getCertificate("invalid")); + } + + @Test + public void insertAndGet() throws IOException, InterruptedException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + + Certificate certificate = store.insertCertificate(byteIn, (data, existing) -> data); + + assertEquals(fingerprint, certificate.getFingerprint()); + Set expectedSubkeys = new HashSet<>(Arrays.asList(testCertificateSubkey1, testCertificateSubkey2, testCertificateSubkey3)); + Set subkeys = certificate.getSubkeyIds(); + assertEquals(expectedSubkeys, subkeys); + for (long subkey : subkeys) { + assertEquals(Collections.singleton(fingerprint), store.getCertificateFingerprintsForSubkeyId(subkey)); + } + + Certificate retrieved = store.getCertificate(fingerprint); + assertNotNull(retrieved); + ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); + Streams.pipeAll(retrieved.getInputStream(), retrievedOut); + + assertArrayEquals(bytes, retrievedOut.toByteArray()); + } + + + @Test + public void tryInsertAndGet() throws IOException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + + Certificate certificate = store.tryInsertCertificate(byteIn, (data, existing) -> data); + + assertEquals(fingerprint, certificate.getFingerprint()); + Set subkeys = certificate.getSubkeyIds(); + assertEquals(3, subkeys.size()); + for (long subkey : subkeys) { + assertEquals(Collections.singleton(fingerprint), store.getCertificateFingerprintsForSubkeyId(subkey)); + } + + Certificate retrieved = store.getCertificate(fingerprint); + assertNotNull(retrieved); + ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); + Streams.pipeAll(retrieved.getInputStream(), retrievedOut); + + assertArrayEquals(bytes, retrievedOut.toByteArray()); + } + + + @Test + public void insertAndGetIfChanged() throws IOException, InterruptedException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + + Certificate certificate = store.insertCertificate(byteIn, (data, existing) -> data); + String tag = certificate.getTag(); + + assertNull(store.getCertificateIfChanged(fingerprint, tag)); + assertNotNull(store.getCertificateIfChanged(fingerprint, "invalid")); + } + + @Test + public void insertBySpecialNameAndGet() throws IOException, InterruptedException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + String identifier = "trust-root"; + + Certificate certificate = store.insertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); + + assertEquals(fingerprint, certificate.getFingerprint()); + + Certificate retrieved = store.getCertificate(identifier); + assertNotNull(retrieved); + ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); + Streams.pipeAll(retrieved.getInputStream(), retrievedOut); + + assertArrayEquals(bytes, retrievedOut.toByteArray()); + } + + @Test + public void tryInsertBySpecialNameAndGet() throws IOException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + String identifier = "trust-root"; + + Certificate certificate = store.tryInsertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); + + assertEquals(fingerprint, certificate.getFingerprint()); + + Certificate retrieved = store.getCertificate(identifier); + assertNotNull(retrieved); + ByteArrayOutputStream retrievedOut = new ByteArrayOutputStream(); + Streams.pipeAll(retrieved.getInputStream(), retrievedOut); + + assertArrayEquals(bytes, retrievedOut.toByteArray()); + } + + @Test + public void insertBySpecialNameAndGetIfChanged() throws IOException, InterruptedException, BadDataException, BadNameException { + byte[] bytes = Hex.decode(testCertificate); + ByteArrayInputStream byteIn = new ByteArrayInputStream(bytes); + String fingerprint = testCertFingerprint; + String identifier = "trust-root"; + + Certificate certificate = store.insertCertificateBySpecialName(identifier, byteIn, (data, existing) -> data); + String tag = certificate.getTag(); + + certificate = store.getCertificateIfChanged(identifier, tag); + assertNull(certificate); + certificate = store.getCertificateIfChanged(identifier, "invalid"); + assertNotNull(certificate); + assertEquals(fingerprint, certificate.getFingerprint()); + } + + @Test + public void getItemsAndFingerprints() throws IOException, InterruptedException, BadDataException, BadNameException { + byte[] bytes1 = Hex.decode(testCertificate); + ByteArrayInputStream byteIn1 = new ByteArrayInputStream(bytes1); + Certificate firstCert = store.insertCertificate(byteIn1, (data, existing) -> data); + + byte[] bytes2 = Hex.decode("9833046206a37516092b06010401da470f010107409f55baab1599044096ba901d69854cf5307b84b0542871b15db3dd4c62664f37b403426f62888f0413160a004105026206a3750990ba01b5a9eea7e76716a104f1d47fb85ad74549a37974f3ba01b5a9eea7e767029e01029b01059602030100048b09080705950a09080b0299010000e6170100e08374a6fd32d0b4be2d3f7c75d3f6c13cb47b1b73589aa452a1b2a16b888b5000fe274e6565ab9faa34338cf4d805663f8775fdee4ec6a0fdf1ec2cf84b72907f05b838046206a375120a2b0601040197550105010107405641e74d2dda92003ce200422c3ab6f3562fc49a8ecc67ea02593988442b23780301080788750418160a001d05026206a375029e01029b0c059602030100048b09080705950a09080b000a0910ba01b5a9eea7e76732850100910a6049779773f455226cd91645884842b91017796287a634104ab5364a0c0d00fe20b5febb17de271394f31128f709c307c0bbca4f9502570744bd54e6dc9c2209b833046206a37516092b06010401da470f0101074059f008928cb69b48bed07a639f03f43a48808aade67109cd658f54bddefa5ec288d50418160a007d05026206a375029e01029b02059602030100048b09080705950a09080b5f200419160a000605026206a375000a0910dcdb34f4068368c0dffb010095fb1f6daac239bf3221d9d2ecc81b6cb258c2b058a300a7e103f7f36a58bf1900fe273a9eaaa03b613236df22bebcbbd69d7c02caf1b7af4fa29320c8d96d32310f000a0910ba01b5a9eea7e7671de20100a5044d24a9d860f9af7e8b9a095d4eac8820fad8b045e70be1ae5607fa4d6b4f010097b53d1527f3b3e3d3b78367c8269c999ee37575a51ffc582f73d2cba4df080f"); + ByteArrayInputStream byteIn2 = new ByteArrayInputStream(bytes2); + Certificate secondCert = store.insertCertificate(byteIn2, ((data, existing) -> data)); + + String trustRootHex = "9833046206a57e16092b06010401da470f010107401ad7351d9766843bf11a8414f68790df0649fad8b01c244323f47e4ebc87fc35b40a74727573742d726f6f74888f0413160a004105026206a57f09907c619691ddee5fc216a10489e1e05cb458758d0729eb0c7c619691ddee5fc2029e01029b01059602030100048b09080705950a09080b029901000080c100ff45d97dda133895e337416266f1ff2c38ff3947ecfbfe21328d51bc877ccba367010096698a5fbac9444b7b28b96389c66ca405821f04871f1bbbf5b5bf8b800f9104b838046206a57f120a2b06010401975501050101074074ff41705c50e8f27b18df40a53aded6cacd2ce4f88b471c7130036010ca60240301080788750418160a001d05026206a57f029e01029b0c059602030100048b09080705950a09080b000a09107c619691ddee5fc27b3c0100fba12230adf80a6a7a376b9568481ab4ae86628274db67412074cb4a846011a200ff437e4047bbafec42b41594b296f8be93fc03482b2d35ac92e87ce632b86bc900b833046206a57f16092b06010401da470f01010740ce99f97d1f0b5aa2f4e6f2a7a2aa231da8c2a2f489a593b747983a750f3928ae88d50418160a007d05026206a57f029e01029b02059602030100048b09080705950a09080b5f200419160a000605026206a57f000a0910b905cb706dec67e3f6050100a7ae51ea07f3d0d493fd1fdfbcbbe112c19de8dbbd29e03ba5e755345444402300fe2663252eeca21772012c5dc4eb9efa4e01566dffbb44e7d1536181eb3f8b420e000a09107c619691ddee5fc2a4190100fdbedf9defd5d30bad77937a5589441ef336028613a6fcfc4a959bee51de134e00fd128628567b66fa03ef099d6936324f7593e2060608b433828d336dda552e2c04"; + byte[] trustRootBytes = Hex.decode(trustRootHex); + ByteArrayInputStream trustRootIn = new ByteArrayInputStream(trustRootBytes); + Certificate trustRoot = store.insertCertificateBySpecialName("trust-root", trustRootIn, (data, existing) -> data); + + Set expectedFingerprints = new HashSet<>(); + expectedFingerprints.add(firstCert.getFingerprint()); + expectedFingerprints.add(secondCert.getFingerprint()); + + Iterator certificateIterator = store.getCertificates(); + Set actualFingerprints = new HashSet<>(); + Certificate c = certificateIterator.next(); + actualFingerprints.add(c.getFingerprint()); + c = certificateIterator.next(); + actualFingerprints.add(c.getFingerprint()); + assertFalse(certificateIterator.hasNext()); + + assertEquals(expectedFingerprints, actualFingerprints); + assertFalse(actualFingerprints.contains(trustRoot.getFingerprint())); + + Iterator fingerprintIterator = store.getFingerprints(); + actualFingerprints = new HashSet<>(); + actualFingerprints.add(fingerprintIterator.next()); + actualFingerprints.add(fingerprintIterator.next()); + assertFalse(fingerprintIterator.hasNext()); + + assertEquals(expectedFingerprints, actualFingerprints); + assertFalse(actualFingerprints.contains(trustRoot.getFingerprint())); + } +} diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java index d3fc5ec..7826746 100644 --- a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java +++ b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java @@ -7,7 +7,8 @@ package org.pgpainless.cert_d; import static org.junit.jupiter.api.Assertions.assertArrayEquals; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertNull; +import static org.junit.jupiter.api.Assumptions.assumeTrue; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; @@ -20,7 +21,6 @@ import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; import java.util.Map; -import java.util.NoSuchElementException; import java.util.Set; import java.util.stream.Stream; @@ -32,31 +32,36 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.MethodSource; import org.pgpainless.PGPainless; import org.pgpainless.algorithm.KeyFlag; -import org.pgpainless.certificate_store.PGPainlessCertD; +import org.pgpainless.certificate_store.CertificateReader; import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.eddsa.EdDSACurve; -import pgp.cert_d.subkey_lookup.InMemorySubkeyLookupFactory; -import pgp.certificate_store.certificate.Certificate; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.certificate.KeyMaterialMerger; +import pgp.cert_d.CachingSharedPGPCertificateDirectoryWrapper; +import pgp.cert_d.FileLockingMechanism; +import pgp.cert_d.SharedPGPCertificateDirectory; +import pgp.cert_d.SharedPGPCertificateDirectoryImpl; import pgp.certificate_store.exception.BadDataException; import pgp.certificate_store.exception.BadNameException; import pgp.certificate_store.exception.NotAStoreException; +import pgp.certificate_store.Certificate; +import pgp.certificate_store.MergeCallback; public class SharedPGPCertificateDirectoryTest { - private static KeyMaterialMerger dummyMerge = new KeyMaterialMerger() { + private static MergeCallback dummyMerge = new MergeCallback() { @Override - public KeyMaterial merge(KeyMaterial data, KeyMaterial existing) { + public Certificate merge(Certificate data, Certificate existing) { return data; } }; - private static Stream provideTestSubjects() throws IOException, NotAStoreException { + private static Stream provideTestSubjects() throws IOException, NotAStoreException { return Stream.of( - PGPainlessCertD.fileBased(tempDir(), new InMemorySubkeyLookupFactory())); + new SharedPGPCertificateDirectoryImpl(tempDir(), new CertificateReader()), + new CachingSharedPGPCertificateDirectoryWrapper( + new SharedPGPCertificateDirectoryImpl(tempDir(), new CertificateReader())) + ); } private static File tempDir() throws IOException { @@ -67,21 +72,25 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void simpleInsertGet(PGPainlessCertD directory) + public void simpleInsertGet(SharedPGPCertificateDirectory directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException { - PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice"); + PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice", null); PGPPublicKeyRing cert = PGPainless.extractCertificate(key); OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(cert); ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); - // standard case: no cert found - assertThrows(NoSuchElementException.class, () -> directory.getByFingerprint(fingerprint.toString().toLowerCase())); + // standard case: get() is null + assertNull(directory.getByFingerprint(fingerprint.toString().toLowerCase())); // insert and check returned certs fingerprint Certificate certificate = directory.insert(certIn, dummyMerge); assertEquals(fingerprint.toString().toLowerCase(), certificate.getFingerprint()); + // getIfChanged + assertNull(directory.getByFingerprintIfChanged(certificate.getFingerprint(), certificate.getTag())); + assertNotNull(directory.getByFingerprintIfChanged(certificate.getFingerprint(), "invalidTag")); + // tryInsert certIn = new ByteArrayInputStream(cert.getEncoded()); assertNotNull(directory.tryInsert(certIn, dummyMerge)); @@ -89,7 +98,7 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void simpleInsertGetBySpecialName(PGPainlessCertD directory) + public void simpleInsertGetBySpecialName(SharedPGPCertificateDirectory directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException { PGPSecretKeyRing key = PGPainless.buildKeyRing() @@ -100,13 +109,17 @@ public class SharedPGPCertificateDirectoryTest { OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(trustRoot); ByteArrayInputStream certIn = new ByteArrayInputStream(trustRoot.getEncoded()); - // standard case: no cert found - assertThrows(NoSuchElementException.class, () -> directory.getBySpecialName("trust-root")); + // standard case: get() is null + assertNull(directory.getBySpecialName("trust-root")); // insert and check returned certs fingerprint Certificate certificate = directory.insertWithSpecialName("trust-root", certIn, dummyMerge); assertEquals(fingerprint.toString().toLowerCase(), certificate.getFingerprint()); + // getIfChanged + assertNull(directory.getBySpecialNameIfChanged("trust-root", certificate.getTag())); + assertNotNull(directory.getBySpecialNameIfChanged("trust-root", "invalidTag")); + // tryInsert certIn = new ByteArrayInputStream(trustRoot.getEncoded()); assertNotNull(directory.tryInsertWithSpecialName("trust-root", certIn, dummyMerge)); @@ -114,11 +127,29 @@ public class SharedPGPCertificateDirectoryTest { @ParameterizedTest @MethodSource("provideTestSubjects") - public void testGetItemsAndFingerprints(PGPainlessCertD directory) + public void tryInsertFailsWithLockedStore(SharedPGPCertificateDirectory directory) + throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, + BadDataException, InterruptedException { + assumeTrue(directory.getLock() instanceof FileLockingMechanism); + + PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice", null); + PGPPublicKeyRing cert = PGPainless.extractCertificate(key); + ByteArrayInputStream certIn = new ByteArrayInputStream(cert.getEncoded()); + + directory.getLock().lockDirectory(); + assertNull(directory.tryInsert(certIn, dummyMerge)); + + directory.getLock().releaseDirectory(); + assertNotNull(directory.tryInsert(certIn, dummyMerge)); + } + + @ParameterizedTest + @MethodSource("provideTestSubjects") + public void testGetItemsAndFingerprints(SharedPGPCertificateDirectory directory) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadDataException, InterruptedException, BadNameException { - PGPSecretKeyRing trustRootKey = PGPainless.generateKeyRing().modernKeyRing("Alice"); + PGPSecretKeyRing trustRootKey = PGPainless.generateKeyRing().modernKeyRing("Alice", null); PGPPublicKeyRing trustRootCert = PGPainless.extractCertificate(trustRootKey); OpenPgpFingerprint trustRootFingerprint = OpenPgpFingerprint.of(trustRootCert); ByteArrayInputStream trustRootCertIn = new ByteArrayInputStream(trustRootCert.getEncoded()); @@ -127,7 +158,7 @@ public class SharedPGPCertificateDirectoryTest { final int certificateCount = 3; Map certificateMap = new HashMap<>(); for (int i = 0; i < certificateCount; i++) { - PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice"); + PGPSecretKeyRing key = PGPainless.generateKeyRing().modernKeyRing("Alice", null); PGPPublicKeyRing cert = PGPainless.extractCertificate(key); OpenPgpFingerprint fingerprint = OpenPgpFingerprint.of(cert); certificateMap.put(fingerprint.toString().toLowerCase(), cert); diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/KeyMaterialReaderTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/KeyMaterialReaderTest.java deleted file mode 100644 index 327abdc..0000000 --- a/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/KeyMaterialReaderTest.java +++ /dev/null @@ -1,133 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import org.junit.jupiter.api.Test; -import pgp.certificate_store.certificate.Certificate; -import pgp.certificate_store.certificate.Key; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.exception.BadDataException; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.nio.charset.Charset; - -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertSame; -import static org.junit.jupiter.api.Assertions.assertThrows; -import static org.junit.jupiter.api.Assertions.assertTrue; - -public class KeyMaterialReaderTest { - - private static final String KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + - "Comment: B21A ABBF 15DF 0FDA 3742 4DE9 AD00 8384 AD0A 064C\n" + - "Comment: Volodymyr Zelenskyy \n" + - "\n" + - "xVgEYwdKchYJKwYBBAHaRw8BAQdARSvx9BDpV0AoNYTmN/wrZXQAB7VzOV0rKEQc\n" + - "OkhbP5wAAP0QE5FCIOvzea7wu3Yw3LDMmOOgMaWXngYp0948VPP2+xM7wsARBB8W\n" + - "CgCDBYJjB0pyBYkFn6YAAwsJBwkQrQCDhK0KBkxHFAAAAAAAHgAgc2FsdEBub3Rh\n" + - "dGlvbnMuc2VxdW9pYS1wZ3Aub3JnpqJFBi2xLa0V4D9k4rlmibhIsMRlcvK/MK83\n" + - "Hjfh2CIDFQoIApsBAh4BFiEEshqrvxXfD9o3Qk3prQCDhK0KBkwAAIwNAP41uywA\n" + - "z+qaRhWoj0stYmmefok4WHXk34jfameTopO1LAEA6L6/crPYzIcAZraaz0s5AM/2\n" + - "OvJZR8LaBSj92uBDbAzNJlZvbG9keW15ciBaZWxlbnNreXkgPHplbGVuc2t5eUBn\n" + - "b3YudWE+wsAUBBMWCgCGBYJjB0pyBYkFn6YAAwsJBwkQrQCDhK0KBkxHFAAAAAAA\n" + - "HgAgc2FsdEBub3RhdGlvbnMuc2VxdW9pYS1wZ3Aub3JnuD/qrSefYHLBUQ70qQhb\n" + - "cClzXkMQCoGO4S3WJzib/IADFQoIApkBApsBAh4BFiEEshqrvxXfD9o3Qk3prQCD\n" + - "hK0KBkwAAL8DAP42+z1sDJlv64PW4iq2ODYcdY1NSptjzfiQ2hyodNBFpgD+Mkiv\n" + - "9e2bFvlRj2Q5Brypy3ZwKvGtikUe3s+NlKMPlgTHWARjB0pyFgkrBgEEAdpHDwEB\n" + - "B0BNjMb280vf8zNJ/YAtcc6nLe8uCSTtxKKHF0Go9kU+VgABAKTAn5oiixsRxfEb\n" + - "k1I6WQbIGk/XNPZ241k65WRdg1qODvXCwMUEGBYKATcFgmMHSnIFiQWfpgAJEK0A\n" + - "g4StCgZMRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9yZ9el\n" + - "oLUj9wUjbwI91PYFiLbcIMYw+G2w85rw5nLaXzHEApsCvqAEGRYKAG8FgmMHSnIJ\n" + - "EDWWq2wLl0UaRxQAAAAAAB4AIHNhbHRAbm90YXRpb25zLnNlcXVvaWEtcGdwLm9y\n" + - "Z622EwAZW4CP32L2ysCphw7DasyPOdBpDsiMv2LB7dz8FiEEZQkoZquL7+v7NBoA\n" + - "NZarbAuXRRoAAOu3AP0X6dEVabI84d7t4AwRpmEiShSum9CJiODSs580lzkjlAD/\n" + - "QOGSIE5iO155kPudwi8ubif+v4tXe4Ro++tIP85bTQ8WIQSyGqu/Fd8P2jdCTemt\n" + - "AIOErQoGTAAAScwBAJ2A8vuK0wEMQHhVJR1lcjUaUm7EoBVuplF85dFipXjuAP40\n" + - "bwvHajjg8wFLo8pwAATBd2gnNYXXDK7J2WwiZPAKAcddBGMHSnISCisGAQQBl1UB\n" + - "BQEBB0DG0ue4giLkEecm/qz1wPQQBIl5v18/9M0SrMUk/M16agMBCAcAAP9Z4R+9\n" + - "tmG3aUKOB9nwN1t4N1GnbYCmaZzTn3uJXLetYBFTwsAGBBgWCgB4BYJjB0pyBYkF\n" + - "n6YACRCtAIOErQoGTEcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBn\n" + - "cC5vcmfZNJZA/uU2jCW1zQzCT9oK5hj0sL2taNvDFlLtkMCNqwKbDBYhBLIaq78V\n" + - "3w/aN0JN6a0Ag4StCgZMAAAlKwD/eUEbC8MoIitKulDZawtlC0rSITXtQJqUkGNc\n" + - "ujTPgIAA/1p/Y3sHn4nhmYcVX902BRXBp8YMD/cHQWZkWPhvM9YF\n" + - "=3nhb\n" + - "-----END PGP PRIVATE KEY BLOCK-----\n"; - - private static final String CERT = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" + - "Comment: B21A ABBF 15DF 0FDA 3742 4DE9 AD00 8384 AD0A 064C\n" + - "Comment: Volodymyr Zelenskyy \n" + - "\n" + - "xjMEYwdKchYJKwYBBAHaRw8BAQdARSvx9BDpV0AoNYTmN/wrZXQAB7VzOV0rKEQc\n" + - "OkhbP5zCwBEEHxYKAIMFgmMHSnIFiQWfpgADCwkHCRCtAIOErQoGTEcUAAAAAAAe\n" + - "ACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmemokUGLbEtrRXgP2TiuWaJ\n" + - "uEiwxGVy8r8wrzceN+HYIgMVCggCmwECHgEWIQSyGqu/Fd8P2jdCTemtAIOErQoG\n" + - "TAAAjA0A/jW7LADP6ppGFaiPSy1iaZ5+iThYdeTfiN9qZ5Oik7UsAQDovr9ys9jM\n" + - "hwBmtprPSzkAz/Y68llHwtoFKP3a4ENsDM0mVm9sb2R5bXlyIFplbGVuc2t5eSA8\n" + - "emVsZW5za3l5QGdvdi51YT7CwBQEExYKAIYFgmMHSnIFiQWfpgADCwkHCRCtAIOE\n" + - "rQoGTEcUAAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcme4P+qt\n" + - "J59gcsFRDvSpCFtwKXNeQxAKgY7hLdYnOJv8gAMVCggCmQECmwECHgEWIQSyGqu/\n" + - "Fd8P2jdCTemtAIOErQoGTAAAvwMA/jb7PWwMmW/rg9biKrY4Nhx1jU1Km2PN+JDa\n" + - "HKh00EWmAP4ySK/17ZsW+VGPZDkGvKnLdnAq8a2KRR7ez42Uow+WBM4zBGMHSnIW\n" + - "CSsGAQQB2kcPAQEHQE2MxvbzS9/zM0n9gC1xzqct7y4JJO3EoocXQaj2RT5WwsDF\n" + - "BBgWCgE3BYJjB0pyBYkFn6YACRCtAIOErQoGTEcUAAAAAAAeACBzYWx0QG5vdGF0\n" + - "aW9ucy5zZXF1b2lhLXBncC5vcmfXpaC1I/cFI28CPdT2BYi23CDGMPhtsPOa8OZy\n" + - "2l8xxAKbAr6gBBkWCgBvBYJjB0pyCRA1lqtsC5dFGkcUAAAAAAAeACBzYWx0QG5v\n" + - "dGF0aW9ucy5zZXF1b2lhLXBncC5vcmetthMAGVuAj99i9srAqYcOw2rMjznQaQ7I\n" + - "jL9iwe3c/BYhBGUJKGari+/r+zQaADWWq2wLl0UaAADrtwD9F+nRFWmyPOHe7eAM\n" + - "EaZhIkoUrpvQiYjg0rOfNJc5I5QA/0DhkiBOYjteeZD7ncIvLm4n/r+LV3uEaPvr\n" + - "SD/OW00PFiEEshqrvxXfD9o3Qk3prQCDhK0KBkwAAEnMAQCdgPL7itMBDEB4VSUd\n" + - "ZXI1GlJuxKAVbqZRfOXRYqV47gD+NG8Lx2o44PMBS6PKcAAEwXdoJzWF1wyuydls\n" + - "ImTwCgHOOARjB0pyEgorBgEEAZdVAQUBAQdAxtLnuIIi5BHnJv6s9cD0EASJeb9f\n" + - "P/TNEqzFJPzNemoDAQgHwsAGBBgWCgB4BYJjB0pyBYkFn6YACRCtAIOErQoGTEcU\n" + - "AAAAAAAeACBzYWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmfZNJZA/uU2jCW1\n" + - "zQzCT9oK5hj0sL2taNvDFlLtkMCNqwKbDBYhBLIaq78V3w/aN0JN6a0Ag4StCgZM\n" + - "AAAlKwD/eUEbC8MoIitKulDZawtlC0rSITXtQJqUkGNcujTPgIAA/1p/Y3sHn4nh\n" + - "mYcVX902BRXBp8YMD/cHQWZkWPhvM9YF\n" + - "=o64m\n" + - "-----END PGP PUBLIC KEY BLOCK-----"; - - private final KeyMaterialReader reader = new KeyMaterialReader(); - private final Charset UTF8 = Charset.forName("UTF8"); - - @Test - public void readBadDataTest() { - assertThrows(BadDataException.class, () -> reader.read( - new ByteArrayInputStream(CERT.substring(0, CERT.length() - 100).getBytes(UTF8)), null)); - } - - @Test - public void readIncompleteDataTest() { - assertThrows(BadDataException.class, () -> reader.read( - new ByteArrayInputStream("ThisIsNotOpenPGPDataAtAllLol".getBytes(UTF8)), null)); - } - - @Test - public void readKeyTest() throws BadDataException, IOException { - KeyMaterial keyMaterial = reader.read(new ByteArrayInputStream(KEY.getBytes(UTF8)), 12L); - assertNotNull(keyMaterial); - assertTrue(keyMaterial instanceof Key); - Key key = (Key) keyMaterial; - assertEquals("b21aabbf15df0fda37424de9ad008384ad0a064c", key.getFingerprint()); - assertEquals(12L, key.getTag()); - Certificate certificate = key.getCertificate(); - assertEquals(key.getFingerprint(), certificate.getFingerprint()); - assertEquals(key.getTag(), certificate.getTag()); - assertEquals(key.getSubkeyIds(), certificate.getSubkeyIds()); - } - - @Test - public void readCertTest() throws BadDataException, IOException { - KeyMaterial keyMaterial = reader.read(new ByteArrayInputStream(CERT.getBytes(UTF8)), null); - assertNotNull(keyMaterial); - assertTrue(keyMaterial instanceof Certificate); - Certificate certificate = (Certificate) keyMaterial; - assertEquals("b21aabbf15df0fda37424de9ad008384ad0a064c", certificate.getFingerprint()); - assertNull(certificate.getTag()); - assertSame(certificate, certificate.asCertificate()); - } -} diff --git a/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/MergeCallbacksTest.java b/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/MergeCallbacksTest.java deleted file mode 100644 index 6101154..0000000 --- a/pgpainless-cert-d/src/test/java/org/pgpainless/certificate_store/MergeCallbacksTest.java +++ /dev/null @@ -1,244 +0,0 @@ -// SPDX-FileCopyrightText: 2022 Paul Schaub -// -// SPDX-License-Identifier: Apache-2.0 - -package org.pgpainless.certificate_store; - -import org.bouncycastle.util.io.Streams; -import org.junit.jupiter.api.Test; -import pgp.certificate_store.certificate.KeyMaterial; -import pgp.certificate_store.certificate.KeyMaterialMerger; -import pgp.certificate_store.exception.BadDataException; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.nio.charset.Charset; - -import static org.junit.jupiter.api.Assertions.assertArrayEquals; -import static org.junit.jupiter.api.Assertions.assertNull; -import static org.junit.jupiter.api.Assertions.assertSame; - -public class MergeCallbacksTest { - - private static final String KEY = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + - "Version: PGPainless\n" + - "Comment: 8E0F C503 D081 002A 2BC8 60A1 1CFC 3439 106D 1DD1\n" + - "Comment: Marge Simpson \n" + - "\n" + - "lFgEYwdeTxYJKwYBBAHaRw8BAQdA/culAZNfjpo8NyfJv9ggwUJBY/9Ps27wRzj1\n" + - "3i5Y/akAAQCel3XRH2ERU2+6C4kJEb3YXNtbH3CHJhkP+co3JQBJygz0tCBNYXJn\n" + - "ZSBTaW1wc29uIDxtYXJnZUBzaW1wc29uLnR2PoiPBBMWCgBBBQJjB15QCRAc/DQ5\n" + - "EG0d0RYhBI4PxQPQgQAqK8hgoRz8NDkQbR3RAp4BApsBBRYCAwEABAsJCAcFFQoJ\n" + - "CAsCmQEAAC34AP9jqFThNA0FeNxEEh+BKA/diGkxsAZaI0HscLeuoECOoAD9FjcO\n" + - "1TtI0UjF1wvRAGuoL6PrgNQ/kAE++zyzaXlbDAKcXQRjB15QEgorBgEEAZdVAQUB\n" + - "AQdAHQPnqtZwENOdLiD19wgjUpo/U0pJ4s/HCjgUQrFro38DAQgHAAD/VrXgi8fE\n" + - "UUAVLn+C3GXCJV0CBnCvLvMn6QwDUIbi1sgQF4h1BBgWCgAdBQJjB15QAp4BApsM\n" + - "BRYCAwEABAsJCAcFFQoJCAsACgkQHPw0ORBtHdGDdgD8DS1IyA0j4mnKPw93BLLn\n" + - "Wkt6Tc8tEc1Yy3fddhaGXXMBAIMu6ww43TM2EdQM/2orh8MhDZaBdDnD4egQ1ES4\n" + - "zxYJnFgEYwdeUBYJKwYBBAHaRw8BAQdAw/Pfecs1QEMAuTY8wGqEgpigYFx6GLHS\n" + - "qpgJkVds4hsAAP9JZ3XgkUguI4tUO9CyGCwxfBoUv1+F+XlYoxlyZV0M2A4qiNUE\n" + - "GBYKAH0FAmMHXlACngECmwIFFgIDAQAECwkIBwUVCgkIC18gBBkWCgAGBQJjB15Q\n" + - "AAoJEO8Ou9qRn4/Lk4ABAOTUMLOTPL9svmyoHmeVKYh4pL92/+zrsNL2Kh8BX7/F\n" + - "APsE3/N3J5MB2ZEyzNSU84STG3Aqa+2I2u4w58CeL8eRCAAKCRAc/DQ5EG0d0QBm\n" + - "AQDvHR1I/B4VBqMu44wcw1czqqFojv1KQMETnLCfU5Q4cwD+Mt6mNoXADACcnw2P\n" + - "3u5u3NoFQ0v2vFSaCoBxVzUQrgo=\n" + - "=OKv0\n" + - "-----END PGP PRIVATE KEY BLOCK-----"; - private static final String KEY_WITH_SIG = "-----BEGIN PGP PRIVATE KEY BLOCK-----\n" + - "Version: PGPainless\n" + - "Comment: 8E0F C503 D081 002A 2BC8 60A1 1CFC 3439 106D 1DD1\n" + - "Comment: Marge Simpson \n" + - "\n" + - "lFgEYwdeTxYJKwYBBAHaRw8BAQdA/culAZNfjpo8NyfJv9ggwUJBY/9Ps27wRzj1\n" + - "3i5Y/akAAQCel3XRH2ERU2+6C4kJEb3YXNtbH3CHJhkP+co3JQBJygz0iHUEHxYK\n" + - "ACcFAmMHXlAJEBz8NDkQbR3RFiEEjg/FA9CBACoryGChHPw0ORBtHdEAAEI4AP4w\n" + - "H667enh2czzfH8n4NeluivHQIavx6THn40MELAiBQQD/T3IdrTn0YDVmfdAGmCPL\n" + - "lNjOxPDus5SESpLuS6A7IAi0IE1hcmdlIFNpbXBzb24gPG1hcmdlQHNpbXBzb24u\n" + - "dHY+iI8EExYKAEEFAmMHXlAJEBz8NDkQbR3RFiEEjg/FA9CBACoryGChHPw0ORBt\n" + - "HdECngECmwEFFgIDAQAECwkIBwUVCgkICwKZAQAALfgA/2OoVOE0DQV43EQSH4Eo\n" + - "D92IaTGwBlojQexwt66gQI6gAP0WNw7VO0jRSMXXC9EAa6gvo+uA1D+QAT77PLNp\n" + - "eVsMApxdBGMHXlASCisGAQQBl1UBBQEBB0AdA+eq1nAQ050uIPX3CCNSmj9TSkni\n" + - "z8cKOBRCsWujfwMBCAcAAP9WteCLx8RRQBUuf4LcZcIlXQIGcK8u8yfpDANQhuLW\n" + - "yBAXiHUEGBYKAB0FAmMHXlACngECmwwFFgIDAQAECwkIBwUVCgkICwAKCRAc/DQ5\n" + - "EG0d0YN2APwNLUjIDSPiaco/D3cEsudaS3pNzy0RzVjLd912FoZdcwEAgy7rDDjd\n" + - "MzYR1Az/aiuHwyENloF0OcPh6BDURLjPFgmcWARjB15QFgkrBgEEAdpHDwEBB0DD\n" + - "8995yzVAQwC5NjzAaoSCmKBgXHoYsdKqmAmRV2ziGwAA/0lndeCRSC4ji1Q70LIY\n" + - "LDF8GhS/X4X5eVijGXJlXQzYDiqI1QQYFgoAfQUCYwdeUAKeAQKbAgUWAgMBAAQL\n" + - "CQgHBRUKCQgLXyAEGRYKAAYFAmMHXlAACgkQ7w672pGfj8uTgAEA5NQws5M8v2y+\n" + - "bKgeZ5UpiHikv3b/7Ouw0vYqHwFfv8UA+wTf83cnkwHZkTLM1JTzhJMbcCpr7Yja\n" + - "7jDnwJ4vx5EIAAoJEBz8NDkQbR3RAGYBAO8dHUj8HhUGoy7jjBzDVzOqoWiO/UpA\n" + - "wROcsJ9TlDhzAP4y3qY2hcAMAJyfDY/e7m7c2gVDS/a8VJoKgHFXNRCuCg==\n" + - "=WrKH\n" + - "-----END PGP PRIVATE KEY BLOCK-----"; - private static final String CERT = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" + - "Version: PGPainless\n" + - "Comment: 8E0F C503 D081 002A 2BC8 60A1 1CFC 3439 106D 1DD1\n" + - "Comment: Marge Simpson \n" + - "\n" + - "mDMEYwdeTxYJKwYBBAHaRw8BAQdA/culAZNfjpo8NyfJv9ggwUJBY/9Ps27wRzj1\n" + - "3i5Y/am0IE1hcmdlIFNpbXBzb24gPG1hcmdlQHNpbXBzb24udHY+iI8EExYKAEEF\n" + - "AmMHXlAJEBz8NDkQbR3RFiEEjg/FA9CBACoryGChHPw0ORBtHdECngECmwEFFgID\n" + - "AQAECwkIBwUVCgkICwKZAQAALfgA/2OoVOE0DQV43EQSH4EoD92IaTGwBlojQexw\n" + - "t66gQI6gAP0WNw7VO0jRSMXXC9EAa6gvo+uA1D+QAT77PLNpeVsMArg4BGMHXlAS\n" + - "CisGAQQBl1UBBQEBB0AdA+eq1nAQ050uIPX3CCNSmj9TSkniz8cKOBRCsWujfwMB\n" + - "CAeIdQQYFgoAHQUCYwdeUAKeAQKbDAUWAgMBAAQLCQgHBRUKCQgLAAoJEBz8NDkQ\n" + - "bR3Rg3YA/A0tSMgNI+Jpyj8PdwSy51pLek3PLRHNWMt33XYWhl1zAQCDLusMON0z\n" + - "NhHUDP9qK4fDIQ2WgXQ5w+HoENREuM8WCbgzBGMHXlAWCSsGAQQB2kcPAQEHQMPz\n" + - "33nLNUBDALk2PMBqhIKYoGBcehix0qqYCZFXbOIbiNUEGBYKAH0FAmMHXlACngEC\n" + - "mwIFFgIDAQAECwkIBwUVCgkIC18gBBkWCgAGBQJjB15QAAoJEO8Ou9qRn4/Lk4AB\n" + - "AOTUMLOTPL9svmyoHmeVKYh4pL92/+zrsNL2Kh8BX7/FAPsE3/N3J5MB2ZEyzNSU\n" + - "84STG3Aqa+2I2u4w58CeL8eRCAAKCRAc/DQ5EG0d0QBmAQDvHR1I/B4VBqMu44wc\n" + - "w1czqqFojv1KQMETnLCfU5Q4cwD+Mt6mNoXADACcnw2P3u5u3NoFQ0v2vFSaCoBx\n" + - "VzUQrgo=\n" + - "=mKjW\n" + - "-----END PGP PUBLIC KEY BLOCK-----"; - private static final String CERT_WITH_SIG = "-----BEGIN PGP PUBLIC KEY BLOCK-----\n" + - "Version: PGPainless\n" + - "Comment: 8E0F C503 D081 002A 2BC8 60A1 1CFC 3439 106D 1DD1\n" + - "Comment: Marge Simpson \n" + - "\n" + - "mDMEYwdeTxYJKwYBBAHaRw8BAQdA/culAZNfjpo8NyfJv9ggwUJBY/9Ps27wRzj1\n" + - "3i5Y/amIdQQfFgoAJwUCYwdeUAkQHPw0ORBtHdEWIQSOD8UD0IEAKivIYKEc/DQ5\n" + - "EG0d0QAAQjgA/jAfrrt6eHZzPN8fyfg16W6K8dAhq/HpMefjQwQsCIFBAP9Pch2t\n" + - "OfRgNWZ90AaYI8uU2M7E8O6zlIRKku5LoDsgCLQgTWFyZ2UgU2ltcHNvbiA8bWFy\n" + - "Z2VAc2ltcHNvbi50dj6IjwQTFgoAQQUCYwdeUAkQHPw0ORBtHdEWIQSOD8UD0IEA\n" + - "KivIYKEc/DQ5EG0d0QKeAQKbAQUWAgMBAAQLCQgHBRUKCQgLApkBAAAt+AD/Y6hU\n" + - "4TQNBXjcRBIfgSgP3YhpMbAGWiNB7HC3rqBAjqAA/RY3DtU7SNFIxdcL0QBrqC+j\n" + - "64DUP5ABPvs8s2l5WwwCuDgEYwdeUBIKKwYBBAGXVQEFAQEHQB0D56rWcBDTnS4g\n" + - "9fcII1KaP1NKSeLPxwo4FEKxa6N/AwEIB4h1BBgWCgAdBQJjB15QAp4BApsMBRYC\n" + - "AwEABAsJCAcFFQoJCAsACgkQHPw0ORBtHdGDdgD8DS1IyA0j4mnKPw93BLLnWkt6\n" + - "Tc8tEc1Yy3fddhaGXXMBAIMu6ww43TM2EdQM/2orh8MhDZaBdDnD4egQ1ES4zxYJ\n" + - "uDMEYwdeUBYJKwYBBAHaRw8BAQdAw/Pfecs1QEMAuTY8wGqEgpigYFx6GLHSqpgJ\n" + - "kVds4huI1QQYFgoAfQUCYwdeUAKeAQKbAgUWAgMBAAQLCQgHBRUKCQgLXyAEGRYK\n" + - "AAYFAmMHXlAACgkQ7w672pGfj8uTgAEA5NQws5M8v2y+bKgeZ5UpiHikv3b/7Ouw\n" + - "0vYqHwFfv8UA+wTf83cnkwHZkTLM1JTzhJMbcCpr7Yja7jDnwJ4vx5EIAAoJEBz8\n" + - "NDkQbR3RAGYBAO8dHUj8HhUGoy7jjBzDVzOqoWiO/UpAwROcsJ9TlDhzAP4y3qY2\n" + - "hcAMAJyfDY/e7m7c2gVDS/a8VJoKgHFXNRCuCg==\n" + - "=H6OY\n" + - "-----END PGP PUBLIC KEY BLOCK-----"; - - private static final KeyMaterialReader reader = new KeyMaterialReader(); - - @Test - public void testOverrideExisting() throws IOException, BadDataException { - KeyMaterialMerger merger = MergeCallbacks.overrideExisting(); - KeyMaterial existing = parse(CERT); - KeyMaterial update = parse(KEY); - - assertSame(update, merger.merge(update, existing)); - } - - @Test - public void testOverrideExistingNull() throws IOException, BadDataException { - KeyMaterialMerger merger = MergeCallbacks.overrideExisting(); - KeyMaterial existing = null; - KeyMaterial update = parse(KEY); - - assertSame(update, merger.merge(update, existing)); - } - - @Test - public void testOverrideExistingWithNull() throws IOException, BadDataException { - KeyMaterialMerger merger = MergeCallbacks.overrideExisting(); - KeyMaterial existing = parse(CERT); - KeyMaterial update = null; - - assertNull(merger.merge(update, existing)); - } - - @Test - public void testMergeExistingCertWithSelf() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT); - KeyMaterial update = parse(CERT); - - assertEncodingEquals(existing, merger.merge(update, existing)); - } - - @Test - public void testMergeExistingCertWithNull() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT); - - assertEncodingEquals(existing, merger.merge(null, existing)); - } - - - @Test - public void testMergeNullWithCert() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial update = parse(CERT); - - assertEncodingEquals(update, merger.merge(update, null)); - } - - @Test - public void testMergeCertWithUpdate() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT); - KeyMaterial update = parse(CERT_WITH_SIG); - - assertEncodingEquals(update, merger.merge(update, existing)); - } - - @Test - public void testMergeUpdateWithCert() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT_WITH_SIG); - KeyMaterial update = parse(CERT); - - assertEncodingEquals(existing, merger.merge(update, existing)); - } - - @Test - public void testMergeKeyWithCert() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(KEY); - KeyMaterial update = parse(CERT); - - assertEncodingEquals(existing, merger.merge(update, existing)); - } - - @Test - public void testMergeCertWithKey() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT); - KeyMaterial update = parse(KEY); - - assertEncodingEquals(update, merger.merge(update, existing)); - } - - @Test - public void testMergeKeyWithUpdateCert() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(KEY); - KeyMaterial update = parse(CERT_WITH_SIG); - KeyMaterial expected = parse(KEY_WITH_SIG); - assertEncodingEquals(expected, merger.merge(update, existing)); - } - - @Test - public void testMergeUpdateCertWithKey() throws BadDataException, IOException { - KeyMaterialMerger merger = MergeCallbacks.mergeWithExisting(); - KeyMaterial existing = parse(CERT_WITH_SIG); - KeyMaterial update = parse(KEY); - KeyMaterial expected = parse(KEY_WITH_SIG); - - assertEncodingEquals(expected, merger.merge(update, existing)); - } - - private static KeyMaterial parse(String encoding) throws BadDataException, IOException { - return reader.read(new ByteArrayInputStream(encoding.getBytes(Charset.forName("UTF8"))), null); - } - - private static void assertEncodingEquals(KeyMaterial one, KeyMaterial two) throws IOException { - ByteArrayOutputStream oneOut = new ByteArrayOutputStream(); - ByteArrayOutputStream twoOut = new ByteArrayOutputStream(); - - Streams.pipeAll(one.getInputStream(), oneOut); - Streams.pipeAll(two.getInputStream(), twoOut); - - assertArrayEquals(oneOut.toByteArray(), twoOut.toByteArray()); - } -} diff --git a/version.gradle b/version.gradle index beeb5c3..ca8cdd4 100644 --- a/version.gradle +++ b/version.gradle @@ -4,16 +4,9 @@ allprojects { ext { - shortVersion = '0.2.3' - isSnapshot = true + shortVersion = '0.1.0' + isSnapshot = false minAndroidSdk = 10 javaSourceCompatibility = 1.8 - slf4jVersion = '1.7.36' - logbackVersion = '1.2.11' - junitVersion = '5.8.2' - mockitoVersion = '4.5.1' - pgpainlessVersion = '1.5.6' - pgpCertDJavaVersion = '0.2.2' - picocliVersion = '4.6.3' } }