PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-10 02:39:39 +02:00
Code Issues Releases Wiki Activity

Wip: Adopt changes from the SOP specification version 2

Browse source
This commit is contained in:
Paul Schaub 2021-07-19 18:20:52 +02:00
parent 829068d5a8
commit 788c82531e
17 changed files with 328 additions and 217 deletions
Download patch file Download diff file Expand all files Collapse all files

45
sop-java-picocli/src/main/java/sop/cli/picocli/SOPExceptionExitCodeMapper.java Normal file
View file

@ -0,0 +1,45 @@
/*
* Copyright 2021 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package sop.cli.picocli;
import picocli.CommandLine;
import sop.exception.SOPGPException;
public class SOPExceptionExitCodeMapper implements CommandLine.IExitCodeExceptionMapper {
@Override
public int getExitCode(Throwable exception) {
if (exception instanceof SOPGPException) {
return ((SOPGPException) exception).getExitCode();
}
if (exception instanceof CommandLine.UnmatchedArgumentException) {
CommandLine.UnmatchedArgumentException ex = (CommandLine.UnmatchedArgumentException) exception;
// Unmatched option of subcommand (eg. `generate-key -k`)
if (ex.isUnknownOption()) {
return SOPGPException.UnsupportedOption.EXIT_CODE;
}
// Unmatched subcommand
return SOPGPException.UnsupportedSubcommand.EXIT_CODE;
}
// Invalid option (eg. `--label Invalid`)
if (exception instanceof CommandLine.ParameterException) {
return SOPGPException.UnsupportedOption.EXIT_CODE;
}
// Others, like IOException etc.
return 1;
}
}

37
sop-java-picocli/src/main/java/sop/cli/picocli/SOPExecutionExceptionHandler.java Normal file
View file

@ -0,0 +1,37 @@
/*
* Copyright 2021 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package sop.cli.picocli;
import picocli.CommandLine;
public class SOPExecutionExceptionHandler implements CommandLine.IExecutionExceptionHandler {
@Override
public int handleExecutionException(Exception ex, CommandLine commandLine, CommandLine.ParseResult parseResult) throws Exception {
int exitCode = commandLine.getExitCodeExceptionMapper() != null ?
commandLine.getExitCodeExceptionMapper().getExitCode(ex) :
commandLine.getCommandSpec().exitCodeOnExecutionException();
CommandLine.Help.ColorScheme colorScheme = commandLine.getColorScheme();
// CHECKSTYLE:OFF
if (ex.getMessage() != null) {
commandLine.getErr().println(colorScheme.errorText(ex.getMessage()));
}
ex.printStackTrace(commandLine.getErr());
// CHECKSTYLE:ON
return exitCode;
}
}

2
sop-java-picocli/src/main/java/sop/cli/picocli/SopCLI.java
View file

@ -58,6 +58,8 @@ public class SopCLI {
public static int execute(String[] args) {
return new CommandLine(SopCLI.class)
.setCommandName(EXECUTABLE_NAME)
.setExecutionExceptionHandler(new SOPExecutionExceptionHandler())
.setExitCodeExceptionMapper(new SOPExceptionExitCodeMapper())
.setCaseInsensitiveEnumValuesAllowed(true)
.execute(args);
}

183
sop-java-picocli/src/main/java/sop/cli/picocli/commands/DecryptCmd.java
View file

@ -32,7 +32,6 @@ import sop.ReadyWithResult;
import sop.SessionKey;
import sop.Verification;
import sop.cli.picocli.DateParser;
import sop.cli.picocli.Print;
import sop.cli.picocli.SopCLI;
import sop.exception.SOPGPException;
import sop.operation.Decrypt;
@ -93,9 +92,13 @@ public class DecryptCmd implements Runnable {
@Override
public void run() {
unlinkExistingVerifyOut(verifyOut);
throwIfVerifyOutExists(verifyOut);
Decrypt decrypt = SopCLI.getSop().decrypt();
if (decrypt == null) {
throw new SOPGPException.UnsupportedSubcommand("Subcommand 'decrypt' not implemented.");
}
setNotAfter(notAfter, decrypt);
setNotBefore(notBefore, decrypt);
setWithPasswords(withPassword, decrypt);
@ -104,65 +107,63 @@ public class DecryptCmd implements Runnable {
setDecryptWith(keys, decrypt);
if (verifyOut != null && certs.isEmpty()) {
Print.errln("--verify-out is requested, but no --verify-with was provided.");
System.exit(23);
throw new SOPGPException.IncompleteVerification("--verify-out is requested, but no --verify-with was provided.");
}
try {
ReadyWithResult<DecryptionResult> ready = decrypt.ciphertext(System.in);
DecryptionResult result = ready.writeTo(System.out);
if (sessionKeyOut != null) {
if (sessionKeyOut.exists()) {
Print.errln("File " + sessionKeyOut.getAbsolutePath() + " already exists.");
Print.trace(new SOPGPException.OutputExists());
System.exit(1);
}
try (FileOutputStream outputStream = new FileOutputStream(sessionKeyOut)) {
if (!result.getSessionKey().isPresent()) {
Print.errln("Session key not extracted. Possibly the feature is not supported.");
System.exit(SOPGPException.UnsupportedOption.EXIT_CODE);
} else {
SessionKey sessionKey = result.getSessionKey().get();
outputStream.write(sessionKey.getAlgorithm());
outputStream.write(sessionKey.getKey());
}
}
}
if (verifyOut != null) {
if (!verifyOut.createNewFile()) {
throw new IOException("Cannot create file " + verifyOut.getAbsolutePath());
}
try (FileOutputStream outputStream = new FileOutputStream(verifyOut)) {
PrintWriter writer = new PrintWriter(outputStream);
for (Verification verification : result.getVerifications()) {
// CHECKSTYLE:OFF
writer.println(verification.toString());
// CHECKSTYLE:ON
}
writer.flush();
}
}
writeSessionKeyOut(result);
writeVerifyOut(result);
} catch (SOPGPException.BadData badData) {
Print.errln("No valid OpenPGP message found on Standard Input.");
Print.trace(badData);
System.exit(badData.getExitCode());
} catch (SOPGPException.MissingArg missingArg) {
Print.errln("Missing arguments.");
Print.trace(missingArg);
System.exit(missingArg.getExitCode());
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
} catch (SOPGPException.NoSignature noSignature) {
Print.errln("No verifiable signature found.");
Print.trace(noSignature);
System.exit(noSignature.getExitCode());
} catch (SOPGPException.CannotDecrypt cannotDecrypt) {
Print.errln("Cannot decrypt.");
Print.trace(cannotDecrypt);
System.exit(cannotDecrypt.getExitCode());
throw new SOPGPException.BadData("No valid OpenPGP message found on Standard Input.", badData);
} catch (IOException ioException) {
throw new RuntimeException(ioException);
}
}
private void writeVerifyOut(DecryptionResult result) throws IOException {
if (verifyOut != null) {
if (!verifyOut.createNewFile()) {
throw new IOException("Cannot create file " + verifyOut.getAbsolutePath());
}
try (FileOutputStream outputStream = new FileOutputStream(verifyOut)) {
PrintWriter writer = new PrintWriter(outputStream);
for (Verification verification : result.getVerifications()) {
// CHECKSTYLE:OFF
writer.println(verification.toString());
// CHECKSTYLE:ON
}
writer.flush();
}
}
}
private void writeSessionKeyOut(DecryptionResult result) throws IOException {
if (sessionKeyOut != null) {
if (sessionKeyOut.exists()) {
throw new SOPGPException.OutputExists("Target " + sessionKeyOut.getAbsolutePath() + " of option --session-key-out already exists.");
}
try (FileOutputStream outputStream = new FileOutputStream(sessionKeyOut)) {
if (!result.getSessionKey().isPresent()) {
throw new SOPGPException.UnsupportedOption("Session key not extracted. Possibly the feature --session-key-out is not supported.");
} else {
SessionKey sessionKey = result.getSessionKey().get();
outputStream.write(sessionKey.getAlgorithm());
outputStream.write(sessionKey.getKey());
}
}
}
}
private void throwIfVerifyOutExists(File verifyOut) throws SOPGPException.OutputExists {
if (verifyOut == null) {
return;
}
if (verifyOut.exists()) {
throw new SOPGPException.OutputExists("Target " + verifyOut.getAbsolutePath() + " of option --verify-out already exists.");
}
}
@ -171,25 +172,13 @@ public class DecryptCmd implements Runnable {
try (FileInputStream keyIn = new FileInputStream(key)) {
decrypt.withKey(keyIn);
} catch (SOPGPException.KeyIsProtected keyIsProtected) {
Print.errln("Key in file " + key.getAbsolutePath() + " is password protected.");
Print.trace(keyIsProtected);
System.exit(1);
} catch (SOPGPException.UnsupportedAsymmetricAlgo unsupportedAsymmetricAlgo) {
Print.errln("Key uses unsupported asymmetric algorithm.");
Print.trace(unsupportedAsymmetricAlgo);
System.exit(unsupportedAsymmetricAlgo.getExitCode());
throw new SOPGPException.KeyIsProtected("Key in file " + key.getAbsolutePath() + " is password protected.", keyIsProtected);
} catch (SOPGPException.BadData badData) {
Print.errln("File " + key.getAbsolutePath() + " does not contain a private key.");
Print.trace(badData);
System.exit(badData.getExitCode());
throw new SOPGPException.BadData("File " + key.getAbsolutePath() + " does not contain a private key.", badData);
} catch (FileNotFoundException e) {
Print.errln("File " + key.getAbsolutePath() + " does not exist.");
Print.trace(e);
System.exit(1);
throw new SOPGPException.MissingInput("File " + key.getAbsolutePath() + " does not exist.", e);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new RuntimeException(e);
}
}
}
@ -199,30 +188,11 @@ public class DecryptCmd implements Runnable {
try (FileInputStream certIn = new FileInputStream(cert)) {
decrypt.verifyWithCert(certIn);
} catch (FileNotFoundException e) {
Print.errln("File " + cert.getAbsolutePath() + " does not exist.");
Print.trace(e);
System.exit(1);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new SOPGPException.MissingInput("File " + cert.getAbsolutePath() + " does not exist.", e);
} catch (SOPGPException.BadData badData) {
Print.errln("File " + cert.getAbsolutePath() + " does not contain a valid certificate.");
Print.trace(badData);
System.exit(badData.getExitCode());
}
}
}
private void unlinkExistingVerifyOut(File verifyOut) {
if (verifyOut == null) {
return;
}
if (verifyOut.exists()) {
if (!verifyOut.delete()) {
Print.errln("Cannot delete existing verification file" + verifyOut.getAbsolutePath());
System.exit(1);
throw new SOPGPException.BadData("File " + cert.getAbsolutePath() + " does not contain a valid certificate.", badData);
} catch (IOException ioException) {
throw new RuntimeException(ioException);
}
}
}
@ -231,9 +201,7 @@ public class DecryptCmd implements Runnable {
Pattern sessionKeyPattern = Pattern.compile("^\\d+:[0-9A-F]+$");
for (String sessionKey : withSessionKey) {
if (!sessionKeyPattern.matcher(sessionKey).matches()) {
Print.errln("Invalid session key format.");
Print.errln("Session keys are expected in the format 'ALGONUM:HEXKEY'");
System.exit(1);
throw new IllegalArgumentException("Session keys are expected in the format 'ALGONUM:HEXKEY'.");
}
String[] split = sessionKey.split(":");
byte algorithm = (byte) Integer.parseInt(split[0]);
@ -242,10 +210,7 @@ public class DecryptCmd implements Runnable {
try {
decrypt.withSessionKey(new SessionKey(algorithm, key));
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Unsupported option '--with-session-key'.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
return;
throw new SOPGPException.UnsupportedOption("Unsupported option '--with-session-key'.", unsupportedOption);
}
}
}
@ -254,14 +219,8 @@ public class DecryptCmd implements Runnable {
for (String password : withPassword) {
try {
decrypt.withPassword(password);
} catch (SOPGPException.PasswordNotHumanReadable passwordNotHumanReadable) {
Print.errln("Password not human readable.");
Print.trace(passwordNotHumanReadable);
System.exit(passwordNotHumanReadable.getExitCode());
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Unsupported option '--with-password'.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
throw new SOPGPException.UnsupportedOption("Unsupported option '--with-password'.", unsupportedOption);
}
}
}
@ -271,9 +230,7 @@ public class DecryptCmd implements Runnable {
try {
decrypt.verifyNotAfter(notAfterDate);
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Option '--not-after' not supported.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
throw new SOPGPException.UnsupportedOption("Option '--not-after' not supported.", unsupportedOption);
}
}
@ -282,9 +239,7 @@ public class DecryptCmd implements Runnable {
try {
decrypt.verifyNotBefore(notBeforeDate);
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Option '--not-before' not supported.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
throw new SOPGPException.UnsupportedOption("Option '--not-before' not supported.", unsupportedOption);
}
}
}

64
sop-java-picocli/src/main/java/sop/cli/picocli/commands/EncryptCmd.java
View file

@ -24,7 +24,6 @@ import java.util.List;
import picocli.CommandLine;
import sop.Ready;
import sop.cli.picocli.Print;
import sop.cli.picocli.SopCLI;
import sop.enums.EncryptAs;
import sop.exception.SOPGPException;
@ -67,28 +66,19 @@ public class EncryptCmd implements Runnable {
try {
encrypt.mode(type);
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Unsupported option '--as'.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
throw new SOPGPException.UnsupportedOption("Unsupported option '--as'.", unsupportedOption);
}
}
if (withPassword.isEmpty() && certs.isEmpty()) {
Print.errln("At least one password or cert file required for encryption.");
System.exit(19);
throw new SOPGPException.MissingArg("At least one password or cert file required for encryption.");
}
for (String password : withPassword) {
try {
encrypt.withPassword(password);
} catch (SOPGPException.PasswordNotHumanReadable passwordNotHumanReadable) {
Print.errln("Password is not human-readable.");
Print.trace(passwordNotHumanReadable);
System.exit(passwordNotHumanReadable.getExitCode());
} catch (SOPGPException.UnsupportedOption unsupportedOption) {
Print.errln("Unsupported option '--with-password'.");
Print.trace(unsupportedOption);
System.exit(unsupportedOption.getExitCode());
throw new SOPGPException.UnsupportedOption("Unsupported option '--with-password'.", unsupportedOption);
}
}
@ -96,29 +86,17 @@ public class EncryptCmd implements Runnable {
try (FileInputStream keyIn = new FileInputStream(keyFile)) {
encrypt.signWith(keyIn);
} catch (FileNotFoundException e) {
Print.errln("Key file " + keyFile.getAbsolutePath() + " not found.");
Print.trace(e);
System.exit(1);
throw new SOPGPException.MissingInput("Key file " + keyFile.getAbsolutePath() + " not found.", e);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new RuntimeException(e);
} catch (SOPGPException.KeyIsProtected keyIsProtected) {
Print.errln("Key from " + keyFile.getAbsolutePath() + " is password protected.");
Print.trace(keyIsProtected);
System.exit(1);
throw new SOPGPException.KeyIsProtected("Key from " + keyFile.getAbsolutePath() + " is password protected.", keyIsProtected);
} catch (SOPGPException.UnsupportedAsymmetricAlgo unsupportedAsymmetricAlgo) {
Print.errln("Key from " + keyFile.getAbsolutePath() + " has unsupported asymmetric algorithm.");
Print.trace(unsupportedAsymmetricAlgo);
System.exit(unsupportedAsymmetricAlgo.getExitCode());
throw new SOPGPException.UnsupportedAsymmetricAlgo("Key from " + keyFile.getAbsolutePath() + " has unsupported asymmetric algorithm.", unsupportedAsymmetricAlgo);
} catch (SOPGPException.CertCannotSign certCannotSign) {
Print.errln("Key from " + keyFile.getAbsolutePath() + " cannot sign.");
Print.trace(certCannotSign);
System.exit(1);
throw new RuntimeException("Key from " + keyFile.getAbsolutePath() + " cannot sign.", certCannotSign);
} catch (SOPGPException.BadData badData) {
Print.errln("Key file " + keyFile.getAbsolutePath() + " does not contain a valid OpenPGP private key.");
Print.trace(badData);
System.exit(badData.getExitCode());
throw new SOPGPException.BadData("Key file " + keyFile.getAbsolutePath() + " does not contain a valid OpenPGP private key.", badData);
}
}
@ -126,25 +104,15 @@ public class EncryptCmd implements Runnable {
try (FileInputStream certIn = new FileInputStream(certFile)) {
encrypt.withCert(certIn);
} catch (FileNotFoundException e) {
Print.errln("Certificate file " + certFile.getAbsolutePath() + " not found.");
Print.trace(e);
System.exit(1);
throw new SOPGPException.MissingInput("Certificate file " + certFile.getAbsolutePath() + " not found.", e);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new RuntimeException(e);
} catch (SOPGPException.UnsupportedAsymmetricAlgo unsupportedAsymmetricAlgo) {
Print.errln("Certificate from " + certFile.getAbsolutePath() + " has unsupported asymmetric algorithm.");
Print.trace(unsupportedAsymmetricAlgo);
System.exit(unsupportedAsymmetricAlgo.getExitCode());
throw new SOPGPException.UnsupportedAsymmetricAlgo("Certificate from " + certFile.getAbsolutePath() + " has unsupported asymmetric algorithm.", unsupportedAsymmetricAlgo);
} catch (SOPGPException.CertCannotEncrypt certCannotEncrypt) {
Print.errln("Certificate from " + certFile.getAbsolutePath() + " is not capable of encryption.");
Print.trace(certCannotEncrypt);
System.exit(certCannotEncrypt.getExitCode());
throw new SOPGPException.CertCannotEncrypt("Certificate from " + certFile.getAbsolutePath() + " is not capable of encryption.", certCannotEncrypt);
} catch (SOPGPException.BadData badData) {
Print.errln("Certificate file " + certFile.getAbsolutePath() + " does not contain a valid OpenPGP certificate.");
Print.trace(badData);
System.exit(badData.getExitCode());
throw new SOPGPException.BadData("Certificate file " + certFile.getAbsolutePath() + " does not contain a valid OpenPGP certificate.", badData);
}
}
@ -156,9 +124,7 @@ public class EncryptCmd implements Runnable {
Ready ready = encrypt.plaintext(System.in);
ready.writeTo(System.out);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new RuntimeException(e);
}
}
}

9
sop-java-picocli/src/main/java/sop/cli/picocli/commands/ExtractCertCmd.java
View file

@ -19,7 +19,6 @@ import java.io.IOException;
import picocli.CommandLine;
import sop.Ready;
import sop.cli.picocli.Print;
import sop.cli.picocli.SopCLI;
import sop.exception.SOPGPException;
import sop.operation.ExtractCert;
@ -45,13 +44,9 @@ public class ExtractCertCmd implements Runnable {
Ready ready = extractCert.key(System.in);
ready.writeTo(System.out);
} catch (IOException e) {
Print.errln("IO Error.");
Print.trace(e);
System.exit(1);
throw new RuntimeException(e);
} catch (SOPGPException.BadData badData) {
Print.errln("Standard Input does not contain valid OpenPGP private key material.");
Print.trace(badData);
System.exit(badData.getExitCode());
throw new SOPGPException.BadData("Standard Input does not contain valid OpenPGP private key material.", badData);
}
}
}