Remove usage of deprecated decryption/verification API in tests

2025-09-10 02:39:39 +02:00 · 2021-06-16 15:38:02 +02:00 · 2021-06-16 15:38:02 +02:00 · 88891e1337
commit 88891e1337
parent 715d055b41
24 changed files with 342 additions and 390 deletions
--- a/pgpainless-sop/src/main/java/org/pgpainless/sop/commands/Decrypt.java
+++ b/pgpainless-sop/src/main/java/org/pgpainless/sop/commands/Decrypt.java
@ -24,17 +24,15 @@ import java.io.IOException;
 import java.io.PrintStream;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
-import java.util.HashSet;
 import java.util.List;

 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
-import org.bouncycastle.openpgp.PGPSecretKeyRingCollection;
 import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.util.io.Streams;
 import org.pgpainless.PGPainless;
-import org.pgpainless.decryption_verification.DecryptionBuilderInterface;
+import org.pgpainless.decryption_verification.ConsumerOptions;
 import org.pgpainless.decryption_verification.DecryptionStream;
 import org.pgpainless.decryption_verification.OpenPgpMetadata;
 import org.pgpainless.key.OpenPgpV4Fingerprint;
@ -108,34 +106,34 @@ public class Decrypt implements Runnable {
            System.exit(1);
        }

-        PGPSecretKeyRingCollection secretKeys;
-        List<PGPPublicKeyRing> verifyWith = null;
+        ConsumerOptions options = new ConsumerOptions();

+        List<PGPPublicKeyRing> verifyWith = null;
        try {
+
            List<PGPSecretKeyRing> secretKeyRings = loadKeysFromFiles(keys);
-            secretKeys = new PGPSecretKeyRingCollection(secretKeyRings);
+            for (PGPSecretKeyRing secretKey : secretKeyRings) {
+                options.addDecryptionKey(secretKey);
+            }
+
            if (certs != null) {
                verifyWith = SopKeyUtil.loadCertificatesFromFile(certs);
+                for (PGPPublicKeyRing cert : verifyWith) {
+                    options.addVerificationCert(cert);
+                }
            }
+
        } catch (IOException | PGPException e) {
            err_ln(e.getMessage());
            System.exit(1);
            return;
        }

-
-        DecryptionBuilderInterface.Verify builder = PGPainless.decryptAndOrVerify()
-                .onInputStream(System.in)
-                .decryptWith(secretKeys);
-        DecryptionStream decryptionStream = null;
+        DecryptionStream decryptionStream;
        try {
-            if (verifyWith != null) {
-                decryptionStream = builder.verifyWith(new HashSet<>(verifyWith))
-                        .ignoreMissingPublicKeys().build();
-            } else {
-                decryptionStream = builder.doNotVerify()
-                        .build();
-            }
+            decryptionStream = PGPainless.decryptAndOrVerify()
+                    .onInputStream(System.in)
+                    .withOptions(options);
        } catch (IOException | PGPException e) {
            err_ln("Error constructing decryption stream: " + e.getMessage());
            System.exit(1);
@ -169,14 +167,14 @@ public class Decrypt implements Runnable {
                PGPSignature signature = metadata.getVerifiedSignatures().get(fingerprint);
                sb.append(df.format(signature.getCreationTime())).append(' ')
                        .append(fingerprint).append(' ')
-                        .append(new OpenPgpV4Fingerprint(verifier)).append('\n');
+                        .append(verifier != null ? new OpenPgpV4Fingerprint(verifier) : "null").append('\n');
            }

            try {
                verifyOut.createNewFile();
                PrintStream verifyPrinter = new PrintStream(new FileOutputStream(verifyOut));
                // CHECKSTYLE:OFF
-                verifyPrinter.println(sb.toString());
+                verifyPrinter.println(sb);
                // CHECKSTYLE:ON
                verifyPrinter.close();
            } catch (IOException e) {
--- a/pgpainless-sop/src/main/java/org/pgpainless/sop/commands/Verify.java
+++ b/pgpainless-sop/src/main/java/org/pgpainless/sop/commands/Verify.java
@ -15,20 +15,11 @@
 */
 package org.pgpainless.sop.commands;

-import org.bouncycastle.openpgp.PGPException;
-import org.bouncycastle.openpgp.PGPPublicKeyRing;
-import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
-import org.bouncycastle.openpgp.PGPSignature;
-import org.bouncycastle.util.io.Streams;
-import org.pgpainless.PGPainless;
-import org.pgpainless.decryption_verification.DecryptionStream;
-import org.pgpainless.decryption_verification.OpenPgpMetadata;
-import org.pgpainless.key.OpenPgpV4Fingerprint;
-import picocli.CommandLine;
+import static org.pgpainless.sop.Print.err_ln;
+import static org.pgpainless.sop.Print.print_ln;

 import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.text.DateFormat;
@ -36,12 +27,20 @@ import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Map;
 import java.util.TimeZone;

-import static org.pgpainless.sop.Print.err_ln;
-import static org.pgpainless.sop.Print.print_ln;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPPublicKeyRing;
+import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
+import org.bouncycastle.openpgp.PGPSignature;
+import org.bouncycastle.util.io.Streams;
+import org.pgpainless.PGPainless;
+import org.pgpainless.decryption_verification.ConsumerOptions;
+import org.pgpainless.decryption_verification.DecryptionStream;
+import org.pgpainless.decryption_verification.OpenPgpMetadata;
+import org.pgpainless.key.OpenPgpV4Fingerprint;
+import picocli.CommandLine;

@CommandLine.Command(name = "verify",
        description = "Verify a detached signature over the data from standard input",
@ -89,32 +88,35 @@ public class Verify implements Runnable {
        Date notBeforeDate = parseNotBefore();
        Date notAfterDate = parseNotAfter();

+        ConsumerOptions options = new ConsumerOptions();
+        try (FileInputStream sigIn = new FileInputStream(signature)) {
+            options.addVerificationOfDetachedSignatures(sigIn);
+        } catch (IOException | PGPException e) {
+            err_ln("Cannot read detached signature: " + e.getMessage());
+            System.exit(1);
+        }
+
        Map<PGPPublicKeyRing, File> publicKeys = readCertificatesFromFiles();
        if (publicKeys.isEmpty()) {
            err_ln("No certificates supplied.");
            System.exit(19);
        }

+        for (PGPPublicKeyRing cert : publicKeys.keySet()) {
+            options.addVerificationCert(cert);
+        }
+
        OpenPgpMetadata metadata;
-        try (FileInputStream sigIn = new FileInputStream(signature)) {
+        try {
            DecryptionStream verifier = PGPainless.decryptAndOrVerify()
                    .onInputStream(System.in)
-                    .doNotDecrypt()
-                    .verifyDetachedSignature(sigIn)
-                    .verifyWith(new HashSet<>(publicKeys.keySet()))
-                    .ignoreMissingPublicKeys()
-                    .build();
+                    .withOptions(options);

            OutputStream out = new NullOutputStream();
            Streams.pipeAll(verifier, out);
            verifier.close();

            metadata = verifier.getResult();
-        } catch (FileNotFoundException e) {
-            err_ln("Signature file not found:");
-            err_ln(e.getMessage());
-            System.exit(1);
-            return;
        } catch (IOException | PGPException e) {
            err_ln("Signature validation failed.");
            err_ln(e.getMessage());