WKD-Java 0.1.3-SNAPSHOT

Bump pgpainless-core to 1.5.6
Bump cert-d-pgpainless to 0.2.2
Bump cert-d-java to 0.2.2

.reuse/dep5

@@ -13,3 +13,8 @@ Source: https://pgpainless.org
 Files: gradle*
 Copyright: 2015 the original author or authors.
 License: Apache-2.0
+
+# Woodpecker build files
+Files: .woodpecker/*
+Copyright: 2022 the original author or authors.
+License: Apache-2.0

.woodpecker/.build.yml

@@ -0,0 +1,12 @@
+pipeline:
+  run:
+    image: gradle:7.5-jdk8
+    commands:
+      - git checkout $CI_COMMIT_BRANCH
+      # Code works
+      - gradle test
+      # Code is clean
+      - gradle check javadocAll
+      # Code has coverage
+      - gradle jacocoRootReport coveralls
+    secrets: [COVERALLS_REPO_TOKEN]

.woodpecker/.reuse.yml

@@ -0,0 +1,7 @@
+# Code is licensed properly
+# See https://reuse.software/
+pipeline:
+  reuse:
+    image: fsfe/reuse:latest
+    commands:
+      - reuse lint

CHANGELOG.md

@@ -6,5 +6,21 @@ SPDX-License-Identifier: Apache-2.0
 
 # Changelog
 
+## 0.1.2
+- Bump `pgpainless-core` to `1.5.6`
+- Bump `cert-d-pgpainless` to `0.2.2`
+- Bump `cert-d-java` to `0.2.2`
+
+## 0.1.1
+- Bump `pgpainless-core` to `1.2.1`
+- Bump `cert-d-pgpainless` to `0.1.2`
+- Bump `pgp-certificate-store` to `0.1.1`
+- Bump `slf4j` to `1.7.36`
+- Bump `logback` to `1.2.11`
+- Bump `mockito` to `4.5.1`
+- Bump `jackson-data-bind` to `2.13.2.2`
+- Bump `jackson-data-format-xml` to `2.13.2`
+- Rename `fetch` command to `get`
+
 ## 0.1.0
 - Initial Release

README.md

@@ -6,6 +6,14 @@ SPDX-License-Identifier: Apache-2.0
 
 # Web Key Directory for Java
 
+[![status-badge](https://ci.codeberg.org/api/badges/PGPainless/wkd-java/status.svg)](https://ci.codeberg.org/PGPainless/wkd-java)
+[![Coverage Status](https://coveralls.io/repos/github/pgpainless/wkd-java/badge.svg?branch=main)](https://coveralls.io/github/pgpainless/wkd-java?branch=main)
+[![REUSE status](https://api.reuse.software/badge/github.com/pgpainless/wkd-java)](https://api.reuse.software/info/github.com/pgpainless/wkd-java)
+
+Client-side API for fetching OpenPGP certificates via the [Web Key Directory](https://www.ietf.org/archive/id/draft-koch-openpgp-webkey-service-13.html) protocol.
+
+## Modules
+
 This repository consists of the following modules:
 
 * [wkd-java](/wkd-java): An implementation of Certificate Discovery

build.gradle

@@ -9,7 +9,6 @@ buildscript {
         maven {
             url "https://plugins.gradle.org/m2/"
         }
-        mavenLocal()
         mavenCentral()
     }
     dependencies {
@@ -61,6 +60,7 @@ allprojects {
 
     repositories {
         mavenCentral()
+        mavenLocal()
     }
 
     // Reproducible Builds
@@ -70,10 +70,6 @@ allprojects {
     }
 
     project.ext {
-        junitVersion = '5.8.2'
-        slf4jVersion = '1.7.32'
-        logbackVersion = '1.2.10'
-        pgpainlessVersion = '1.1.1'
         rootConfigDir = new File(rootDir, 'config')
         gitCommit = getGitCommit()
         isContinuousIntegrationEnvironment = Boolean.parseBoolean(System.getenv('CI'))

version.gradle

@@ -4,9 +4,22 @@
 
 allprojects {
     ext {
-        shortVersion = '0.1.0'
+        shortVersion = '0.1.3'
-        isSnapshot = false
+        isSnapshot = true
         minAndroidSdk = 10
         javaSourceCompatibility = 1.8
+        jacksonDataBindVersion = '2.15.2'
+        jacksonDataFormatXmlVersion = '2.15.2'
+        junitVersion = '5.8.2'
+        junitSysExitVersion = '1.1.2'
+        jsrVersion = '3.0.2'
+        slf4jVersion = '1.7.36'
+        logbackVersion = '1.2.11'
+        mockitoVersion = '4.5.1'
+        pgpainlessVersion = '1.5.6'
+        pgpainlessCertDVersion = '0.2.2'
+        picocliVersion = '4.6.3'
+        certDJavaVersion = '0.2.2'
+        zbase32Version = '1.0.0'
     }
 }

wkd-java-cli/build.gradle

@@ -14,21 +14,31 @@ repositories {
 }
 
 dependencies {
+    // JUnit
     testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
     testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
 
+    // Test CLI Exit Codes
     // https://todd.ginsberg.com/post/testing-system-exit/
-    testImplementation 'com.ginsberg:junit5-system-exit:1.1.2'
+    testImplementation "com.ginsberg:junit5-system-exit:$junitSysExitVersion"
-    testImplementation 'org.mockito:mockito-core:4.3.1'
 
-    implementation("org.pgpainless:pgpainless-cert-d:0.1.1")
+    // Test using mocked components
+    testImplementation "org.mockito:mockito-core:$mockitoVersion"
+
+    // Certificates
+    implementation("org.pgpainless:pgpainless-cert-d:$pgpainlessCertDVersion")
+
+    // WKD
     implementation project(':wkd-java')
-    implementation "info.picocli:picocli:4.6.3"
+
+    // CLI
+    implementation "info.picocli:picocli:$picocliVersion"
 
     // Logging
     testImplementation "ch.qos.logback:logback-classic:$logbackVersion"
-    implementation 'org.slf4j:slf4j-nop:1.7.36'
+    implementation "org.slf4j:slf4j-nop:$slf4jVersion"
 
+    // Test Suite
     testImplementation project(":wkd-test-suite")
 }
 

wkd-java-cli/src/main/java/pgp/wkd/cli/PGPainlessCertificateParser.java

@@ -6,11 +6,11 @@ package pgp.wkd.cli;
 
 import org.bouncycastle.openpgp.PGPException;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
-import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
 import org.pgpainless.PGPainless;
 import org.pgpainless.certificate_store.CertificateFactory;
+import org.pgpainless.key.collection.PGPKeyRingCollection;
 import org.pgpainless.key.info.KeyRingInfo;
-import pgp.certificate_store.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import pgp.wkd.CertificateAndUserIds;
 import pgp.wkd.discovery.CertificateParser;
 
@@ -24,10 +24,13 @@ public class PGPainlessCertificateParser implements CertificateParser {
     public List<CertificateAndUserIds> read(InputStream inputStream) throws IOException {
         List<CertificateAndUserIds> certificatesAndUserIds = new ArrayList<>();
         try {
-            PGPPublicKeyRingCollection certificates = PGPainless.readKeyRing().publicKeyRingCollection(inputStream);
+            PGPKeyRingCollection keyMaterial = PGPainless.readKeyRing().keyRingCollection(inputStream, true);
-            for (PGPPublicKeyRing certificate : certificates) {
+            if (keyMaterial.getPGPSecretKeyRingCollection().size() != 0) {
+                throw new PGPException("Secret key material encountered!");
+            }
+            for (PGPPublicKeyRing certificate : keyMaterial.getPgpPublicKeyRingCollection()) {
                 KeyRingInfo info = PGPainless.inspectKeyRing(certificate);
-                Certificate parsedCert = CertificateFactory.certificateFromPublicKeyRing(certificate);
+                Certificate parsedCert = CertificateFactory.certificateFromPublicKeyRing(certificate, 0L);
                 List<String> userIds = info.getValidAndExpiredUserIds();
                 certificatesAndUserIds.add(new CertificateAndUserIds(parsedCert, userIds));
             }

wkd-java-cli/src/main/java/pgp/wkd/cli/WKDCLI.java

@@ -6,13 +6,15 @@ package pgp.wkd.cli;
 
 import pgp.wkd.exception.CertNotFetchableException;
 import pgp.wkd.exception.RejectedCertificateException;
-import pgp.wkd.cli.command.Fetch;
+import pgp.wkd.cli.command.GetCmd;
 import picocli.CommandLine;
 
 @CommandLine.Command(
+        name = "wkd",
+        resourceBundle = "msg_wkd",
         subcommands = {
                 CommandLine.HelpCommand.class,
-                Fetch.class
+                GetCmd.class
         }
 )
 public class WKDCLI {

wkd-java-cli/src/main/java/pgp/wkd/cli/command/GetCmd.java

@@ -20,23 +20,19 @@ import java.io.IOException;
 import java.io.OutputStream;
 
 @CommandLine.Command(
-        name = "fetch",
+        name = "get",
-        description = "Fetch an OpenPGP Certificate via the Web Key Directory"
+        resourceBundle = "msg_get"
 )
-public class Fetch implements Runnable {
+public class GetCmd implements Runnable {
 
     @CommandLine.Parameters(
             index = "0",
             arity = "1",
-            paramLabel = "USERID",
+            paramLabel = "USERID")
-            description = "Certificate User-ID"
-    )
     String userId;
 
     @CommandLine.Option(
-            names = {"-a", "--armor"},
+            names = {"-a", "--armor"})
-            description = "ASCII Armor the output"
-    )
     boolean armor = false;
 
     public static final CertificateDiscoverer DEFAULT_DISCOVERER = new ValidatingCertificateDiscoverer(
@@ -67,7 +63,7 @@ public class Fetch implements Runnable {
             throw new NullPointerException("CertificateDiscoverer cannot be null.");
         }
 
-        Fetch.discoverer = discoverer;
+        GetCmd.discoverer = discoverer;
     }
 
     private WKDAddress addressFromUserId(String userId) {

wkd-java-cli/src/main/resources/msg_get.properties

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Get an OpenPGP Certificate via the Web Key Directory
+USERID[0]=Certificate User-ID
+armor=ASCII Armor the output
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Usage:\u0020
+usage.commandListHeading = %nCommands:%n
+usage.optionListHeading = %nOptions:%n
+usage.footerHeading=Powered by picocli%n

wkd-java-cli/src/main/resources/msg_get_de.properties

@@ -0,0 +1,12 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Empfange ein OpenPGP Zertifikat mithilfe des Web Key Directory
+USERID[0]=Nutzeridentität des Zertifikats
+armor=Schütze die Ausgabe mit ASCII Armor
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Aufruf:\u0020
+usage.commandListHeading=%nBefehle:%n
+usage.optionListHeading = %nOptionen:%n
+usage.footerHeading=Powered by Picocli%n

wkd-java-cli/src/main/resources/msg_wkd.properties

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Interact with the Web Key Directory
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Usage:\u0020
+usage.commandListHeading = %nCommands:%n
+usage.optionListHeading = %nOptions:%n
+usage.footerHeading=Powered by picocli%n

wkd-java-cli/src/main/resources/msg_wkd_de.properties

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Interagiere mit dem Web Key Directory
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Aufruf:\u0020
+usage.commandListHeading=%nBefehle:%n
+usage.optionListHeading = %nOptionen:%n
+usage.footerHeading=Powered by Picocli%n

wkd-java-cli/src/test/java/pgp/wkd/cli/online_test_vectors/TestGetKeysFromGithubPages.java

@@ -12,11 +12,11 @@ import pgp.wkd.cli.WKDCLI;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
 @Disabled("For privacy reasons")
-public class TestFetchKeysFromGithubPages extends RedirectSystemStreamsTest {
+public class TestGetKeysFromGithubPages extends RedirectSystemStreamsTest {
 
     // Valid WKD publication.
     // Cert is available at https://pgpainless.github.io/.well-known/openpgpkey/hu/eprjcbeppbna3f6xabhtpddzpn41nknw
-    private static final String USERID_BASE = "WKD Test <wkd-test-base@pgpainless.github.io> [Base Case - Valid User-ID]";
+    private static final String USERID_BASE = "WKD Test (Base Case - Valid User-ID) <wkd-test-base@pgpainless.github.io>";
     private static final String MAIL_BASE = "wkd-test-base@pgpainless.github.io";
 
     @Test

wkd-java-cli/src/test/java/pgp/wkd/cli/test_suite/TestSuiteTestRunner.java

@@ -10,7 +10,7 @@ import org.junit.jupiter.api.DynamicTest;
 import org.junit.jupiter.api.TestFactory;
 import pgp.wkd.cli.PGPainlessCertificateParser;
 import pgp.wkd.cli.WKDCLI;
-import pgp.wkd.cli.command.Fetch;
+import pgp.wkd.cli.command.GetCmd;
 import pgp.wkd.discovery.CertificateDiscoverer;
 import pgp.wkd.discovery.ValidatingCertificateDiscoverer;
 import pgp.wkd.discovery.DiscoveryMethod;
@@ -45,7 +45,7 @@ public class TestSuiteTestRunner {
         // Fetch certificates from a local directory instead of the internetzzz.
         CertificateDiscoverer discoverer = new ValidatingCertificateDiscoverer(
                 new PGPainlessCertificateParser(), new DirectoryBasedCertificateFetcher(tempPath));
-        Fetch.setCertificateDiscoverer(discoverer);
+        GetCmd.setCertificateDiscoverer(discoverer);
     }
 
     @TestFactory
@@ -61,7 +61,7 @@ public class TestSuiteTestRunner {
 
             String mail = testCase.getLookupMailAddress();
             int exitCode = WKDCLI.execute(new String[] {
-                    "fetch", "--armor", mail
+                    "get", "--armor", mail
             });
 
             if (testCase.isExpectSuccess()) {
@@ -74,6 +74,6 @@ public class TestSuiteTestRunner {
 
     @AfterAll
     public static void reset() {
-        Fetch.setCertificateDiscoverer(Fetch.DEFAULT_DISCOVERER);
+        GetCmd.setCertificateDiscoverer(GetCmd.DEFAULT_DISCOVERER);
     }
 }

wkd-java/build.gradle

@@ -13,19 +13,22 @@ repositories {
 }
 
 dependencies {
+    // JUnit
     testImplementation "org.junit.jupiter:junit-jupiter-api:$junitVersion"
     testRuntimeOnly "org.junit.jupiter:junit-jupiter-engine:$junitVersion"
 
     // Logging
     api "org.slf4j:slf4j-api:$slf4jVersion"
     testImplementation "ch.qos.logback:logback-classic:$logbackVersion"
-    api "org.pgpainless:pgp-certificate-store:0.1.0"
+
+    // Certificate store
+    api "org.pgpainless:pgp-certificate-store:$certDJavaVersion"
 
     // Z-Base32
-    implementation 'com.sandinh:zbase32-commons-codec:1.0.0'
+    implementation "com.sandinh:zbase32-commons-codec:$zbase32Version"
 
     // @Nullable etc.
-    implementation "com.google.code.findbugs:jsr305:3.0.2"
+    implementation "com.google.code.findbugs:jsr305:$jsrVersion"
 }
 
 test {

wkd-java/src/main/java/pgp/wkd/CertificateAndUserIds.java

@@ -4,7 +4,7 @@
 
 package pgp.wkd;
 
-import pgp.certificate_store.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 
 import java.util.ArrayList;
 import java.util.List;

wkd-java/src/main/java/pgp/wkd/RejectedCertificate.java

@@ -4,7 +4,8 @@
 
 package pgp.wkd;
 
-import pgp.certificate_store.Certificate;
+
+import pgp.certificate_store.certificate.Certificate;
 
 /**
  * A rejected OpenPGP certificate.

wkd-java/src/main/java/pgp/wkd/discovery/DiscoveryResponse.java

@@ -4,7 +4,7 @@
 
 package pgp.wkd.discovery;
 
-import pgp.certificate_store.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import pgp.wkd.RejectedCertificate;
 import pgp.wkd.WKDAddress;
 import pgp.wkd.exception.MissingPolicyFileException;
@@ -12,6 +12,7 @@ import pgp.wkd.exception.MissingPolicyFileException;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 import java.net.URI;
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -170,8 +171,8 @@ public final class DiscoveryResponse {
 
         private DiscoveryMethod discoveryMethod;
         private WKDAddress address;
-        private List<Certificate> acceptableCertificates;
+        private List<Certificate> acceptableCertificates = new ArrayList<>();
-        private List<RejectedCertificate> rejectedCertificates;
+        private List<RejectedCertificate> rejectedCertificates = new ArrayList<>();
         private Throwable fetchingFailure;
         private WKDPolicy policy;
         private MissingPolicyFileException missingPolicyFileException;

wkd-java/src/main/java/pgp/wkd/discovery/DiscoveryResult.java

@@ -4,7 +4,7 @@
 
 package pgp.wkd.discovery;
 
-import pgp.certificate_store.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import pgp.wkd.exception.CertNotFetchableException;
 
 import javax.annotation.Nonnull;

wkd-java/src/main/java/pgp/wkd/discovery/ValidatingCertificateDiscoverer.java

@@ -4,7 +4,7 @@
 
 package pgp.wkd.discovery;
 
-import pgp.certificate_store.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import pgp.wkd.CertificateAndUserIds;
 import pgp.wkd.exception.MissingPolicyFileException;
 import pgp.wkd.exception.RejectedCertificateException;

wkd-test-suite/build.gradle

@@ -26,11 +26,11 @@ dependencies {
     implementation "org.pgpainless:pgpainless-core:$pgpainlessVersion"
 
     // CLI
-    implementation "info.picocli:picocli:4.6.3"
+    implementation "info.picocli:picocli:$picocliVersion"
 
     // Object Mapping
-    implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-xml:2.13.1'
+    implementation "com.fasterxml.jackson.dataformat:jackson-dataformat-xml:$jacksonDataFormatXmlVersion"
-    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.1'
+    implementation "com.fasterxml.jackson.core:jackson-databind:$jacksonDataBindVersion"
 }
 
 application {

wkd-test-suite/src/main/java/pgp/wkd/test_suite/AbstractTestSuiteGenerator.java

@@ -38,7 +38,7 @@ public class AbstractTestSuiteGenerator {
     }
 
     protected PGPSecretKeyRing secretKey(String userId) throws PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException {
-        PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing(userId, null);
+        PGPSecretKeyRing secretKeys = PGPainless.generateKeyRing().modernKeyRing(userId);
         return secretKeys;
     }