PGPainless/pgpainless
PGPainless/pgpainless
1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2025-09-14 20:59:39 +02:00
Code Issues Releases Wiki Activity

SubkeyLookup: Return set of fingerprints instead of a single one

Browse source
This commit is contained in:
Paul Schaub 2022-02-16 14:23:05 +01:00
parent 0e4cf1c166
commit 7b66954199
10 changed files with 95 additions and 220 deletions
Download patch file Download diff file Expand all files Collapse all files

41
pgp-cert-d-java-jdbc-sqlite-lookup/src/main/java/pgp/cert_d/jdbc/sqlite/SpecialNameFingerprintComparator.java
View file

@ -1,41 +0,0 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package pgp.cert_d.jdbc.sqlite;
import java.util.Comparator;
public class SpecialNameFingerprintComparator implements Comparator<String> {
@Override
public int compare(String t0, String t1) {
boolean t0f = fastIsFingerprint(t0);
boolean t1f = fastIsFingerprint(t1);
return t0f ^ t1f ? // args are not of same "type", i.e. (fp, sn) / (sn, fp)
(t0f ? 1 : -1) // fps are "larger"
: t0.compareTo(t1); // else -> same arg type -> lexicographic comparison to not break sets
}
private boolean fastIsFingerprint(String fp) {
// OpenPGP v4 fingerprint is 40 hex chars
if (fp.length() != 40) {
return false;
}
// c is hex
for (char c : fp.toCharArray()) {
// c < '0' || c > 'f'
if (c < 48 || c > 102) {
return false;
}
// c > '9' && c < 'a'
if (c > 57 && c < 97) {
return false;
}
}
return true;
}
}

28
pgp-cert-d-java-jdbc-sqlite-lookup/src/main/java/pgp/cert_d/jdbc/sqlite/SqliteSubkeyLookup.java
View file

@ -13,8 +13,10 @@ import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.sqlite.SQLiteErrorCode;
import org.sqlite.SQLiteException;
@ -36,13 +38,6 @@ public class SqliteSubkeyLookup implements SubkeyLookup {
"INSERT INTO subkey_lookup(identifier, subkey_id) VALUES (?,?)";
private static final String QUERY_STMT = "" +
"SELECT * FROM subkey_lookup WHERE subkey_id=?";
private final Comparator<Entry> entryComparator = new Comparator<Entry>() {
final SpecialNameFingerprintComparator comparator = new SpecialNameFingerprintComparator();
@Override
public int compare(Entry o1, Entry o2) {
return comparator.compare(o1.getIdentifier(), o2.getIdentifier());
}
};
public SqliteSubkeyLookup(String databaseURL) throws SQLException {
this.databaseUrl = databaseURL;
@ -65,9 +60,9 @@ public class SqliteSubkeyLookup implements SubkeyLookup {
statement.setLong(2, subkeyId);
statement.executeUpdate();
} catch (SQLiteException e) {
if (ignoreDuplicates && e.getResultCode().code == SQLiteErrorCode.SQLITE_CONSTRAINT_UNIQUE.code) {
// ignore
} else {
// throw any exception, except:
// ignore unique constraint-related exceptions if we ignoreDuplicates
if (!ignoreDuplicates || e.getResultCode().code != SQLiteErrorCode.SQLITE_CONSTRAINT_UNIQUE.code) {
throw e;
}
}
@ -91,14 +86,15 @@ public class SqliteSubkeyLookup implements SubkeyLookup {
}
@Override
public String getIdentifierForSubkeyId(long subkeyId) throws IOException {
public Set<String> getIdentifiersForSubkeyId(long subkeyId) throws IOException {
try {
List<Entry> entries = get(subkeyId);
if (entries.isEmpty()) {
return null;
Set<String> identifiers = new HashSet<>();
for (Entry entry : entries) {
identifiers.add(entry.getIdentifier());
}
entries.sort(entryComparator);
return entries.get(0).getIdentifier();
return Collections.unmodifiableSet(identifiers);
} catch (SQLException e) {
throw new IOException("Cannot query for subkey lookup entries.", e);
}

21
pgp-cert-d-java-jdbc-sqlite-lookup/src/test/java/pgp/cert_d/jdbc/sqlite/EntryTest.java Normal file
View file

@ -0,0 +1,21 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package pgp.cert_d.jdbc.sqlite;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
public class EntryTest {
@Test
public void simpleGetterTest() {
Entry entry = new Entry(1, 123L, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
assertEquals(1, entry.getId());
assertEquals(123L, entry.getSubkeyId());
assertEquals("eb85bb5fa33a75e15e944e63f231550c4f47e38e", entry.getIdentifier());
}
}

84
pgp-cert-d-java-jdbc-sqlite-lookup/src/test/java/pgp/cert_d/jdbc/sqlite/SpecialNameFingerprintComparatorTest.java
View file

@ -1,84 +0,0 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package pgp.cert_d.jdbc.sqlite;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.junit.jupiter.api.Test;
public class SpecialNameFingerprintComparatorTest {
String fp1 = "eb85bb5fa33a75e15e944e63f231550c4f47e38e";
String fp2 = "d1a66e1a23b182c9980f788cfbfcc82a015e7330";
String specialName = "trust-root";
String invalidButSpecialName = "invalid";
SpecialNameFingerprintComparator comparator = new SpecialNameFingerprintComparator();
@Test
public void testFingerprintGreaterThanSpecialName() {
assertTrue(comparator.compare(fp1, specialName) > 0);
assertTrue(comparator.compare(fp2, specialName) > 0);
assertTrue(comparator.compare(fp1, invalidButSpecialName) > 0);
assertTrue(comparator.compare(fp2, invalidButSpecialName) > 0);
}
@Test
public void testSpecialNameLessThanFingerprint() {
assertTrue(comparator.compare(specialName, fp1) < 0);
assertTrue(comparator.compare(specialName,fp2) < 0);
assertTrue(comparator.compare(invalidButSpecialName, fp1) < 0);
assertTrue(comparator.compare(invalidButSpecialName, fp2) < 0);
}
@Test
public void testSortingList() {
// Expected: special names first, fingerprints after that
List<String> expected = Arrays.asList(invalidButSpecialName, specialName, fp2, fp1, fp1);
List<String> list = new ArrayList<>();
list.add(fp1);
list.add(specialName);
list.add(fp1);
list.add(fp2);
list.add(invalidButSpecialName);
list.sort(new SpecialNameFingerprintComparator());
assertEquals(expected, list);
}
@Test
public void fingerprintsAreSortedLexicographically() {
assertTrue(comparator.compare(fp1, fp2) > 0);
assertEquals(0, comparator.compare(fp1, fp1));
assertTrue(comparator.compare(fp2, fp1) < 0);
}
@Test
public void specialNamesAreSortedLexicographically() {
assertTrue(comparator.compare(invalidButSpecialName, specialName) < 0);
assertEquals(0, comparator.compare(invalidButSpecialName, invalidButSpecialName));
assertEquals(0, comparator.compare(specialName, specialName));
assertTrue(comparator.compare(specialName, invalidButSpecialName) > 0);
}
@Test
public void specialNamesAreAlwaysSmallerFingerprints() {
assertTrue(comparator.compare(invalidButSpecialName, fp1) < 0);
assertTrue(comparator.compare(specialName, fp1) < 0);
assertTrue(comparator.compare(fp2, specialName) > 0);
// upper case fingerprint is considered special name, since fingerprints are expected to be lower case
assertTrue(comparator.compare("D1A66E1A23B182C9980F788CFBFCC82A015E7330", fp1) < 0);
assertTrue(comparator.compare("D1A66E1A23B182C9980F788CFBFCC82A015E7330", fp2) < 0);
assertTrue(comparator.compare("-1A66E1A23B182C9980F788CFBFCC82A015E7330", fp1) < 0);
assertTrue(comparator.compare(":1A66E1A23B182C9980F788CFBFCC82A015E7330", fp1) < 0);
}
}

50
pgp-cert-d-java-jdbc-sqlite-lookup/src/test/java/pgp/cert_d/jdbc/sqlite/SqliteSubkeyLookupTest.java
View file

@ -4,19 +4,20 @@
package pgp.cert_d.jdbc.sqlite;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.sql.SQLException;
import java.util.List;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
public class SqliteSubkeyLookupTest {
@ -33,43 +34,30 @@ public class SqliteSubkeyLookupTest {
@Test
public void simpleInsertAndGet() throws IOException {
lookup.storeIdentifierForSubkeyId(123L, "trust-root");
lookup.storeIdentifierForSubkeyId(234L, "trust-root");
assertEquals("trust-root", lookup.getIdentifierForSubkeyId(123L));
assertEquals("trust-root", lookup.getIdentifierForSubkeyId(234L));
lookup.storeIdentifierForSubkeyId(123L, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
lookup.storeIdentifierForSubkeyId(234L, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
lookup.storeIdentifierForSubkeyId(234L, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
assertEquals(Collections.singleton("eb85bb5fa33a75e15e944e63f231550c4f47e38e"), lookup.getIdentifiersForSubkeyId(123L));
assertEquals(
new HashSet<>(Arrays.asList("eb85bb5fa33a75e15e944e63f231550c4f47e38e", "d1a66e1a23b182c9980f788cfbfcc82a015e7330")),
lookup.getIdentifiersForSubkeyId(234L));
}
@Test
public void getNonExistingSubkeyYieldsNull() throws IOException, SQLException {
assertTrue(lookup.get(6666666).isEmpty());
assertNull(lookup.getIdentifierForSubkeyId(6666666));
assertTrue(lookup.getIdentifiersForSubkeyId(6666666).isEmpty());
}
@Test
public void secondInstanceLookupTest() throws IOException, SQLException {
lookup.storeIdentifierForSubkeyId(1337, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
assertEquals("eb85bb5fa33a75e15e944e63f231550c4f47e38e", lookup.getIdentifierForSubkeyId(1337));
assertEquals(Collections.singleton("eb85bb5fa33a75e15e944e63f231550c4f47e38e"), lookup.getIdentifiersForSubkeyId(1337));
// do the lookup using a second db instance on the same file
SqliteSubkeyLookup secondInstance = SqliteSubkeyLookup.forDatabaseFile(databaseFile);
assertEquals("eb85bb5fa33a75e15e944e63f231550c4f47e38e", secondInstance.getIdentifierForSubkeyId(1337));
}
@Test
public void specialNamesAreFavoured() throws IOException, SQLException {
// insert 3 different entries for subkey 1234L
lookup.storeIdentifierForSubkeyId(1234L, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
lookup.storeIdentifierForSubkeyId(1234L, "trust-root");
lookup.storeIdentifierForSubkeyId(1234L, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
List<Entry> allEntries = lookup.get(1234L);
assertEquals(3, allEntries.size());
for (Entry e : allEntries) {
assertEquals(1234L, e.getSubkeyId());
}
// we always expect the special name to be favoured
assertEquals("trust-root", lookup.getIdentifierForSubkeyId(1234L));
assertEquals(Collections.singleton("eb85bb5fa33a75e15e944e63f231550c4f47e38e"), secondInstance.getIdentifiersForSubkeyId(1337));
}
@Test

20
pgp-cert-d-java/src/main/java/pgp/cert_d/InMemorySubkeyLookup.java
View file

@ -6,21 +6,33 @@ package pgp.cert_d;
import pgp.certificate_store.SubkeyLookup;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
public class InMemorySubkeyLookup implements SubkeyLookup {
private static final Map<Long, String> subkeyMap = new HashMap<>();
private static final Map<Long, Set<String>> subkeyMap = new HashMap<>();
@Override
public String getIdentifierForSubkeyId(long subkeyId) {
return subkeyMap.get(subkeyId);
public Set<String> getIdentifiersForSubkeyId(long subkeyId) {
Set<String> identifiers = subkeyMap.get(subkeyId);
if (identifiers == null) {
return Collections.emptySet();
}
return Collections.unmodifiableSet(identifiers);
}
@Override
public void storeIdentifierForSubkeyId(long subkeyId, String identifier) {
subkeyMap.put(subkeyId, identifier);
Set<String> identifiers = subkeyMap.get(subkeyId);
if (identifiers == null) {
identifiers = new HashSet<>();
subkeyMap.put(subkeyId, identifiers);
}
identifiers.add(identifier);
}
public void clear() {

21
pgp-cert-d-java/src/main/java/pgp/cert_d/SubkeyLookupImpl.java
View file

@ -1,21 +0,0 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package pgp.cert_d;
import pgp.certificate_store.SubkeyLookup;
public class SubkeyLookupImpl implements SubkeyLookup {
@Override
public String getIdentifierForSubkeyId(long subkeyId) {
return null;
}
@Override
public void storeIdentifierForSubkeyId(long subkeyId, String identifier) {
}
}

38
pgp-cert-d-java/src/test/java/pgp/cert_d/SubkeyLookupTest.java
View file

@ -4,11 +4,17 @@
package pgp.cert_d;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.stream.Stream;
@ -19,9 +25,6 @@ import org.junit.jupiter.params.provider.MethodSource;
import pgp.cert_d.jdbc.sqlite.SqliteSubkeyLookup;
import pgp.certificate_store.SubkeyLookup;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNull;
public class SubkeyLookupTest {
private static final List<SubkeyLookup> testSubjects = new ArrayList<>();
@ -52,32 +55,33 @@ public class SubkeyLookupTest {
public void testInsertGet(SubkeyLookup subject) throws IOException {
// Initially all null
assertNull(subject.getIdentifierForSubkeyId(123));
assertNull(subject.getIdentifierForSubkeyId(1337));
assertNull(subject.getIdentifierForSubkeyId(420));
assertTrue(subject.getIdentifiersForSubkeyId(123).isEmpty());
assertTrue(subject.getIdentifiersForSubkeyId(1337).isEmpty());
assertTrue(subject.getIdentifiersForSubkeyId(420).isEmpty());
// Store one val, others still null
subject.storeIdentifierForSubkeyId(123, "trust-root");
subject.storeIdentifierForSubkeyId(123, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
assertEquals("trust-root", subject.getIdentifierForSubkeyId(123));
assertNull(subject.getIdentifierForSubkeyId(1337));
assertNull(subject.getIdentifierForSubkeyId(420));
assertEquals(Collections.singleton("d1a66e1a23b182c9980f788cfbfcc82a015e7330"), subject.getIdentifiersForSubkeyId(123));
assertTrue(subject.getIdentifiersForSubkeyId(1337).isEmpty());
assertTrue(subject.getIdentifiersForSubkeyId(420).isEmpty());
// Store other val, first stays intact
subject.storeIdentifierForSubkeyId(1337, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
subject.storeIdentifierForSubkeyId(420, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
assertEquals("trust-root", subject.getIdentifierForSubkeyId(123));
assertEquals("d1a66e1a23b182c9980f788cfbfcc82a015e7330", subject.getIdentifierForSubkeyId(1337));
assertEquals("d1a66e1a23b182c9980f788cfbfcc82a015e7330", subject.getIdentifierForSubkeyId(420));
assertEquals(Collections.singleton("d1a66e1a23b182c9980f788cfbfcc82a015e7330"), subject.getIdentifiersForSubkeyId(123));
assertEquals(Collections.singleton("d1a66e1a23b182c9980f788cfbfcc82a015e7330"), subject.getIdentifiersForSubkeyId(1337));
assertEquals(Collections.singleton("d1a66e1a23b182c9980f788cfbfcc82a015e7330"), subject.getIdentifiersForSubkeyId(420));
// overwrite existing
// add additional entry for subkey
subject.storeIdentifierForSubkeyId(123, "d1a66e1a23b182c9980f788cfbfcc82a015e7330");
subject.storeIdentifierForSubkeyId(123, "eb85bb5fa33a75e15e944e63f231550c4f47e38e");
// TODO: Decide on expected result and fix test
// assertEquals("d1a66e1a23b182c9980f788cfbfcc82a015e7330", subject.getIdentifierForSubkeyId(123));
assertEquals(
new HashSet<>(Arrays.asList("eb85bb5fa33a75e15e944e63f231550c4f47e38e", "d1a66e1a23b182c9980f788cfbfcc82a015e7330")),
subject.getIdentifiersForSubkeyId(123));
}
}

11
pgp-certificate-store/src/main/java/pgp/certificate_store/SubkeyLookup.java
View file

@ -5,23 +5,24 @@
package pgp.certificate_store;
import java.io.IOException;
import java.util.Set;
public interface SubkeyLookup {
/**
* Lookup the identifier of the certificate that contains the given subkey.
* Lookup the fingerprint of the certificate that contains the given subkey.
* If no record is found, return null.
*
* @param subkeyId subkey id
* @return identifier (fingerprint or special name) of the certificate
* @return fingerprint of the certificate
*/
String getIdentifierForSubkeyId(long subkeyId) throws IOException;
Set<String> getIdentifiersForSubkeyId(long subkeyId) throws IOException;
/**
* Store a record of the subkey id that points to the identifier.
* Store a record of the subkey id that points to the fingerprint.
*
* @param subkeyId subkey id
* @param identifier fingerprint or special name of the certificate
* @param identifier fingerprint of the certificate
*/
void storeIdentifierForSubkeyId(long subkeyId, String identifier) throws IOException;
}

1
pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryAdapterTest.java
View file

@ -56,7 +56,6 @@ public class SharedPGPCertificateDirectoryAdapterTest {
@Test
public void getNonExistentCertIsNull() throws IOException, BadDataException, BadNameException {
assertNull(store.getCertificate("trust-root"));
assertNull(store.getCertificate("eb85bb5fa33a75e15e944e63f231550c4f47e38e"));
}