You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by br...@apache.org on 2008/07/26 11:16:14 UTC
svn commit: r679973 - in /commons/sandbox/openpgp/trunk/src:
main/java/org/apache/commons/openpgp/ test/java/org/apache/commons/openpgp/
test/resources/
Author: brett
Date: Sat Jul 26 02:16:14 2008
New Revision: 679973
URL: http://svn.apache.org/viewvc?rev=679973&view=rev
Log:
handle concatenated detached signatures
Added:
commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-good.asc
commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-missing.asc
commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-bad-one-good.asc
commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-bad.asc
commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-missing.asc
commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-missing-one-good.asc
Modified:
commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java
Modified: commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java?rev=679973&r1=679972&r2=679973&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java (original)
+++ commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSignatureVerifier.java Sat Jul 26 02:16:14 2008
@@ -34,14 +34,14 @@
/**
* Bouncy Castle implementation of the OpenPGP signer.
- *
+ *
* @author <a href="mailto:brett@apache.org">Brett Porter</a>
*/
public class BouncyCastleOpenPgpStreamingSignatureVerifier
implements OpenPgpStreamingSignatureVerifier
{
private PGPSignature sig;
-
+
public BouncyCastleOpenPgpStreamingSignatureVerifier( InputStream signature, KeyRing keyRing )
throws OpenPgpException, IOException
{
@@ -58,29 +58,46 @@
{
signature = PGPUtil.getDecoderStream( signature );
- PGPObjectFactory pgpFact = new PGPObjectFactory( signature );
- PGPSignatureList p3;
-
- Object o = pgpFact.nextObject();
- if ( o instanceof PGPCompressedData )
+ PGPPublicKey key = null;
+ while ( key == null && signature.available() > 0 )
{
- PGPCompressedData c1 = (PGPCompressedData) o;
+ PGPObjectFactory pgpFact = new PGPObjectFactory( signature );
- pgpFact = new PGPObjectFactory( c1.getDataStream() );
+ PGPSignatureList p3;
+
+ Object o = pgpFact.nextObject();
+ if ( o instanceof PGPCompressedData )
+ {
+ PGPCompressedData c1 = (PGPCompressedData) o;
+
+ pgpFact = new PGPObjectFactory( c1.getDataStream() );
+
+ p3 = (PGPSignatureList) pgpFact.nextObject();
+ }
+ else
+ {
+ p3 = (PGPSignatureList) o;
+ }
+
+ for ( int i = 0; i < p3.size(); i++ )
+ {
+ sig = p3.get( i );
+ key = keyRing.getPublicKey( sig.getKeyID() );
+ if ( key != null )
+ {
+ break;
+ }
+ else
+ {
+ // TODO: log them all
+ }
+ }
- p3 = (PGPSignatureList) pgpFact.nextObject();
- }
- else
- {
- p3 = (PGPSignatureList) o;
}
- sig = p3.get( 0 );
- PGPPublicKey key = keyRing.getPublicKey( sig.getKeyID() );
-
if ( key == null )
{
- throw new OpenPgpException( "Unable to find key with key ID '"
+ throw new UnknownKeyException( "Unable to find key with key ID '"
+ Long.toHexString( sig.getKeyID() ).toUpperCase() + "' in public key ring" );
}
@@ -89,8 +106,8 @@
catch ( NoSuchProviderException e )
{
throw new OpenPgpException(
- "Unable to find the correct provider for PGP - check that the Bouncy Castle provider is correctly installed",
- e );
+ "Unable to find the correct provider for PGP - check that the Bouncy Castle provider is correctly installed",
+ e );
}
catch ( PGPException e )
{
Modified: commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java?rev=679973&r1=679972&r2=679973&view=diff
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java (original)
+++ commons/sandbox/openpgp/trunk/src/test/java/org/apache/commons/openpgp/BouncyCastleOpenPgpSignerTest.java Sat Jul 26 02:16:14 2008
@@ -25,7 +25,7 @@
/**
* Test the open pgp signer.
- *
+ *
* @author <a href="mailto:brett@apache.org">Brett Porter</a>
* @todo test text input as well as binary - apparently it fails cross platform
*/
@@ -47,8 +47,9 @@
{
super.setUp();
- keyRing = new BouncyCastleKeyRing( getClass().getResourceAsStream( "/secring.gpg" ),
- getClass().getResourceAsStream( "/pubring.gpg" ), PASSWORD.toCharArray() );
+ keyRing =
+ new BouncyCastleKeyRing( getClass().getResourceAsStream( "/secring.gpg" ),
+ getClass().getResourceAsStream( "/pubring.gpg" ), PASSWORD.toCharArray() );
}
public void testSignDataDetachedBinary()
@@ -74,7 +75,7 @@
assertNotNull( "check we got a status", status );
assertTrue( "check it was successful", status.isValid() );
}
-
+
public void testVerifySignatureDetachedBinaryGpg()
throws IOException, OpenPgpException
{
@@ -109,4 +110,78 @@
assertNotNull( "check we got a status", status );
assertTrue( "check it was successful", status.isValid() );
}
+
+ public void testVerifyMultipleSignatureDetachedAsciiBothGood()
+ throws IOException, OpenPgpException
+ {
+ SignatureStatus status =
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-both-good.asc" ), keyRing );
+
+ assertNotNull( "check we got a status", status );
+ assertTrue( "check it was successful", status.isValid() );
+ }
+
+ public void testVerifyMultipleSignatureDetachedAsciiOneGoodOneBad()
+ throws IOException, OpenPgpException
+ {
+ SignatureStatus status =
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-one-good-one-bad.asc" ),
+ keyRing );
+
+ assertNotNull( "check we got a status", status );
+ assertTrue( "check it was successful", status.isValid() );
+ }
+
+ public void testVerifyMultipleSignatureDetachedAsciiOneGoodOneMissing()
+ throws IOException, OpenPgpException
+ {
+ SignatureStatus status =
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-one-good-one-missing.asc" ),
+ keyRing );
+
+ assertNotNull( "check we got a status", status );
+ assertTrue( "check it was successful", status.isValid() );
+ }
+
+ public void testVerifyMultipleSignatureDetachedAsciiOneBadOneGood()
+ throws IOException, OpenPgpException
+ {
+ SignatureStatus status =
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-one-bad-one-good.asc" ),
+ keyRing );
+
+ assertNotNull( "check we got a status", status );
+ assertFalse( "check it was not successful", status.isValid() );
+ }
+
+ public void testVerifyMultipleSignatureDetachedAsciiOneMissingOneGood()
+ throws IOException, OpenPgpException
+ {
+ SignatureStatus status =
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-one-missing-one-good.asc" ),
+ keyRing );
+
+ assertNotNull( "check we got a status", status );
+ assertTrue( "check it was successful", status.isValid() );
+ }
+
+ public void testVerifyMultipleSignatureDetachedAsciiBothMissing()
+ throws IOException, OpenPgpException
+ {
+ try
+ {
+ verifier.verifyDetachedSignature( getClass().getResourceAsStream( "/test-input" ),
+ getClass().getResourceAsStream( "/test-input-both-missing.asc" ), keyRing );
+ fail( "Expected failure due to missing keys" );
+ }
+ catch ( UnknownKeyException e )
+ {
+ assertTrue( true );
+ }
+ }
}
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-good.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-good.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-good.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-good.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK4HcACgkQCtKsbObCq2gIdgCg5wHhcFDpyV+NL/aHgCjasqKT
+D98AoMQpyypSxgBa7YfWJYSxl8sFTa8b
+=0FaX
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK2z4ACgkQTusOMqfRa9RyaACgqlksDFIk0d+QPdKU/SbILziV
+lI0AoLc96b0qxW4ATj0jCAVfPvjF6FGi
+=pKye
+-----END PGP SIGNATURE-----
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-missing.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-missing.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-missing.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-both-missing.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK22oACgkQxbsDNW2stZYkXwCfaPVm6RtlnipJKqCl0HS1lHmK
+g/4AoJmi7Y3soNucEvzUd3RcYGtZKfG0
+=1I3h
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK238ACgkQBZj5naYwbBqOOwCfTyaDEAh5R/X1KcBDhtE+Ad0n
+dtYAn2NcP5HrZd1u1eniye9Mu+bP/7id
+=GLaF
+-----END PGP SIGNATURE-----
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-bad-one-good.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-bad-one-good.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-bad-one-good.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-bad-one-good.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK6o4ACgkQTusOMqfRa9Se9wCeJGrkiHCFCgRDDPTpehRFkHny
+98EAoIz4/ZE+olTPHGk8tcaBluSXByoX
+=qCN7
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK2z4ACgkQTusOMqfRa9RyaACgqlksDFIk0d+QPdKU/SbILziV
+lI0AoLc96b0qxW4ATj0jCAVfPvjF6FGi
+=pKye
+-----END PGP SIGNATURE-----
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-bad.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-bad.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-bad.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-bad.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK2z4ACgkQTusOMqfRa9RyaACgqlksDFIk0d+QPdKU/SbILziV
+lI0AoLc96b0qxW4ATj0jCAVfPvjF6FGi
+=pKye
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK6o4ACgkQTusOMqfRa9Se9wCeJGrkiHCFCgRDDPTpehRFkHny
+98EAoIz4/ZE+olTPHGk8tcaBluSXByoX
+=qCN7
+-----END PGP SIGNATURE-----
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-missing.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-missing.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-missing.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-good-one-missing.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK2z4ACgkQTusOMqfRa9RyaACgqlksDFIk0d+QPdKU/SbILziV
+lI0AoLc96b0qxW4ATj0jCAVfPvjF6FGi
+=pKye
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK22oACgkQxbsDNW2stZYkXwCfaPVm6RtlnipJKqCl0HS1lHmK
+g/4AoJmi7Y3soNucEvzUd3RcYGtZKfG0
+=1I3h
+-----END PGP SIGNATURE-----
Added: commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-missing-one-good.asc
URL: http://svn.apache.org/viewvc/commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-missing-one-good.asc?rev=679973&view=auto
==============================================================================
--- commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-missing-one-good.asc (added)
+++ commons/sandbox/openpgp/trunk/src/test/resources/test-input-one-missing-one-good.asc Sat Jul 26 02:16:14 2008
@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK22oACgkQxbsDNW2stZYkXwCfaPVm6RtlnipJKqCl0HS1lHmK
+g/4AoJmi7Y3soNucEvzUd3RcYGtZKfG0
+=1I3h
+-----END PGP SIGNATURE-----
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.8 (Darwin)
+
+iEYEABECAAYFAkiK2z4ACgkQTusOMqfRa9RyaACgqlksDFIk0d+QPdKU/SbILziV
+lI0AoLc96b0qxW4ATj0jCAVfPvjF6FGi
+=pKye
+-----END PGP SIGNATURE-----