You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by an...@apache.org on 2006/10/17 06:21:40 UTC
svn commit: r464797 - in /jakarta/commons/sandbox/openpgp/trunk: ./
src/main/java/org/apache/commons/openpgp/
src/main/java/org/apache/commons/openpgp/ant/ src/main/resources/
src/main/resources/org/ src/main/resources/org/apache/
src/main/resources/or...
Author: antoine
Date: Mon Oct 16 21:21:38 2006
New Revision: 464797
URL: http://svn.apache.org/viewvc?view=rev&rev=464797
Log:
fix for SANDBOX-177 and SANDBOX-178
Added:
jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/
jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/OpenPgpSignerTask.java
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/
jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/antlib.xml
jakarta/commons/sandbox/openpgp/trunk/src/site/apt/signer.apt
Modified:
jakarta/commons/sandbox/openpgp/trunk/pom.xml
jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSigner.java
jakarta/commons/sandbox/openpgp/trunk/src/site/site.xml
Modified: jakarta/commons/sandbox/openpgp/trunk/pom.xml
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/pom.xml?view=diff&rev=464797&r1=464796&r2=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/pom.xml (original)
+++ jakarta/commons/sandbox/openpgp/trunk/pom.xml Mon Oct 16 21:21:38 2006
@@ -23,8 +23,28 @@
<version>3.8.1</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>ant</groupId>
+ <artifactId>ant</artifactId>
+ <version>1.6.5</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>ant</groupId>
+ <artifactId>ant-launcher</artifactId>
+ <version>1.6.5</version>
+ <scope>runtime</scope>
+ </dependency>
</dependencies>
- <developers>
+ <build>
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ <filtering>true</filtering>
+ </resource>
+ </resources>
+ </build>
+ <developers>
<developer>
<id>brett</id>
<name>Brett Porter</name>
Modified: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSigner.java
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSigner.java?view=diff&rev=464797&r1=464796&r2=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSigner.java (original)
+++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/BouncyCastleOpenPgpStreamingSigner.java Mon Oct 16 21:21:38 2006
@@ -145,6 +145,7 @@
// TODO: more details
throw new OpenPgpException( "Error calculating detached signature", e );
}
+ bOut.close();
return signatureBytes != null ? signatureBytes.toByteArray() : null;
}
}
Added: jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/OpenPgpSignerTask.java
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/OpenPgpSignerTask.java?view=auto&rev=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/OpenPgpSignerTask.java (added)
+++ jakarta/commons/sandbox/openpgp/trunk/src/main/java/org/apache/commons/openpgp/ant/OpenPgpSignerTask.java Mon Oct 16 21:21:38 2006
@@ -0,0 +1,214 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.commons.openpgp.ant;
+
+import org.apache.tools.ant.Task;
+import org.apache.tools.ant.BuildException;
+import org.apache.tools.ant.DirectoryScanner;
+import org.apache.tools.ant.util.FileNameMapper;
+import org.apache.tools.ant.util.GlobPatternMapper;
+import org.apache.tools.ant.util.FileUtils;
+import org.apache.tools.ant.types.FileSet;
+import org.apache.tools.ant.types.Mapper;
+import org.apache.commons.openpgp.*;
+import org.bouncycastle.openpgp.PGPException;
+
+import java.io.*;
+import java.util.Collection;
+import java.util.ArrayList;
+import java.util.Iterator;
+
+/**
+ */
+public class OpenPgpSignerTask extends Task {
+ private File secring;
+ private File pubring;
+ private String password;
+ private String keyId;
+ private Collection tosign = new ArrayList();
+ private File artefact;
+ private boolean asciiarmor = true;
+ private Mapper mapperElement;
+
+ /**
+ * set the secret keyring
+ * @param secring secret keyring file
+ */
+ public void setSecring(File secring) {
+ this.secring = secring;
+ }
+
+ /**
+ * set the public keyring
+ * @param pubring public keyring file
+ */
+ public void setPubring(File pubring) {
+ this.pubring = pubring;
+ }
+
+ /**
+ * set the key id
+ * @param keyId
+ */
+ public void setKeyId(String keyId) {
+ this.keyId = keyId;
+ }
+
+ /**
+ * asciiarmor the signature ?
+ * @param asciiarmor ascii armored signature ?
+ */
+ public void setAsciiarmor(boolean asciiarmor) {
+ this.asciiarmor = asciiarmor;
+ }
+
+ /**
+ * set the value of the password
+ * @param password value of the password
+ */
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ /**
+ * artefact to be signed
+ * @param artefact artefact to be signed
+ */
+ public void setArtefact(File artefact) {
+ this.artefact = artefact;
+ }
+
+
+ public void add(FileSet fs) {
+ tosign.add(fs);
+ }
+
+ /**
+ * Define the mapper to map source to destination files.
+ * @return a mapper to be configured.
+ * @exception org.apache.tools.ant.BuildException if more than one mapper is defined.
+ */
+ public Mapper createMapper() throws BuildException {
+ if (mapperElement != null) {
+ throw new BuildException("Cannot define more than one mapper",
+ getLocation());
+ }
+ mapperElement = new Mapper(getProject());
+ return mapperElement;
+ }
+
+ public void execute() {
+ if (secring == null) {
+ throw new BuildException("secring attribute compulsory");
+ }
+ if (pubring == null) {
+ throw new BuildException("pubring attribute compulsory");
+ }
+ if (password == null) {
+ throw new BuildException("password attribute compulsory");
+ }
+ if (tosign.size() == 0 && artefact == null) {
+ throw new BuildException("supply the attribute tosign or one nested fileset");
+ }
+ if (!secring.exists() || !secring.canRead()) {
+ throw new BuildException("secret keyring file does not exist or is not readable");
+ }
+ if (!pubring.exists() || !pubring.canRead()) {
+ throw new BuildException("public keyring file does not exist or is not readable");
+ }
+ FileInputStream secStream;
+ FileInputStream pubStream;
+ KeyRing keyRing = null;
+ try {
+ secStream = new FileInputStream(secring);
+ pubStream = new FileInputStream(pubring);
+ keyRing = new BouncyCastleKeyRing(secStream,
+ pubStream, password.toCharArray() );
+ } catch (IOException ioe) {
+ throw new BuildException(ioe);
+ } catch (PGPException pgpe) {
+ throw new BuildException(pgpe);
+ }
+ if (artefact != null) {
+ dosign(keyRing, artefact);
+ }
+ if (tosign.size() != 0) {
+ for (Iterator it = tosign.iterator(); it.hasNext(); ) {
+ FileSet fs = (FileSet) it.next();
+ dosign(keyRing, fs);
+ }
+ }
+ FileUtils.close(secStream);
+ FileUtils.close(pubStream);
+ }
+ private void dosign(KeyRing keyRing, FileSet fs) {
+ DirectoryScanner ds = fs.getDirectoryScanner(getProject());
+ String[] artefacts = ds.getIncludedFiles();
+ for (int counter = 0; counter < artefacts.length; counter++) {
+ dosign(keyRing,
+ new File(fs.getDir(getProject()), artefacts[counter]), fs.getDir(getProject()), artefacts[counter]);
+ }
+ }
+ private void dosign(KeyRing keyRing, File oneartefact) {
+ dosign(keyRing, oneartefact, oneartefact.getParentFile(), oneartefact.getName());
+ }
+ private void dosign(KeyRing keyRing, File oneartefact, File basedir, String relpath) {
+ FileInputStream fis = null;
+ FileOutputStream fos = null;
+ File signature;
+
+ try {
+ fis = new FileInputStream(oneartefact);
+ FileNameMapper mapper = getMapper();
+ String [] mappedFiles = mapper.mapFileName(relpath);
+ if (mappedFiles == null || mappedFiles.length != 1) {
+ throw new BuildException("mapper returned more or less than one output");
+ }
+ signature = new File(basedir, mappedFiles[0]);
+ fos = new FileOutputStream(signature);
+ OpenPgpSigner signer = new BouncyCastleOpenPgpSigner();
+ signer.detachedSign(fis, fos, keyId, keyRing, asciiarmor);
+ } catch (FileNotFoundException fnfe) {
+ throw new BuildException(fnfe);
+ } catch (IOException ioe) {
+ throw new BuildException(ioe);
+ } catch (OpenPgpException opgpe) {
+ throw new BuildException(opgpe);
+ }
+ FileUtils.close(fos);
+ FileUtils.close(fis);
+
+ }
+ /**
+ * returns the mapper to use based on nested elements or the
+ */
+ private FileNameMapper getMapper() {
+ FileNameMapper mapper = null;
+ if (mapperElement != null) {
+ mapper = mapperElement.getImplementation();
+ } else {
+ mapper = new GlobPatternMapper();
+ mapper.setFrom("*");
+ if (asciiarmor) {
+ mapper.setTo("*.asc");
+ } else {
+ mapper.setTo("*.sig");
+ }
+ }
+ return mapper;
+ }
+
+}
Added: jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/antlib.xml
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/antlib.xml?view=auto&rev=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/antlib.xml (added)
+++ jakarta/commons/sandbox/openpgp/trunk/src/main/resources/org/apache/commons/openpgp/ant/antlib.xml Mon Oct 16 21:21:38 2006
@@ -0,0 +1,6 @@
+<?xml version="1.0"?>
+<antlib>
+ <taskdef name="signer"
+ classname="org.apache.commons.openpgp.ant.OpenPgpSignerTask"
+ />
+</antlib>
\ No newline at end of file
Added: jakarta/commons/sandbox/openpgp/trunk/src/site/apt/signer.apt
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/src/site/apt/signer.apt?view=auto&rev=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/src/site/apt/signer.apt (added)
+++ jakarta/commons/sandbox/openpgp/trunk/src/site/apt/signer.apt Mon Oct 16 21:21:38 2006
@@ -0,0 +1,55 @@
+Signer Ant Task
+
+This task will be packaged in the commons-openpgp.jar.
+It will use the bouncy castle jars at runtime. It has been tested with bcpg-jdk12-134.jar and bcprov-jdk12-134.jar.
+The generated signatures can be verified with gpg.
+
+<<<signer>>> can sign one or several files at once.
+
+* <<<attributes>>>
+
+
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| Attribute | Description | Required |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<secring>>> | Secret key ring file. | Yes |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<pubring>>> | Public key ring file. | Yes |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<password>>> | Password of the secret key ring. | Yes |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<keyid>>> | Id of the key used to sign. | Yes |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<asciiarmor>>> | Boolean, defaults to true. | No |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+| <<<artefact>>> | The file that you want to sign. | No, if fileset nested element present. |
+*------------------+--------------------------------------------------------------------------+-------------------------------------------------+
+
+ The task must also take a either one or several nested <<<fileset>>> element, or an <<<artefact>>> attribute.
+
+** <<<fileset>>> nested element
+
+ The task can take one or several fileset nested elements.
+ See the {{{http://ant.apache.org/manual/CoreTypes/fileset.html} ant manual}} for an explanation.
+ If you want to sign just one file, the <<<artefact>>> attribute can be used instead.
+
+** <<<mapper>>> nested element
+
+ The task may take a {{{http://ant.apache.org/manual/CoreTypes/mapper.html} mapper}} nested element.
+ This nested element tells the task how the signature files should be called.
+ If you do not supply this element, the signature files will be located in the same directory as the files that
+ you sign. An ending of <<<.asc>>> will be appended to the file name for ascii armored output (the default).
+ If you set <<<asciiarmor>>> to false, the ending will be <<<.sig>>>
+
+
+* example
+-----
+<project name="test1" xmlns:openpgp="antlib:org.apache.commons.openpgp.ant">
+ <taskdef resource="org/apache/commons/openpgp/ant/antlib.xml" uri="antlib:org.apache.commons.openpgp.ant"/>
+ <openpgp:signer secring="${env.USERPROFILE}\Application Data\gnupg\secring.gpg"
+ pubring="${env.USERPROFILE}\Application Data\gnupg\pubring.gpg"
+ password="secret" keyid="12345678"
+ artefact="target\commons-openpgp-1.0-SNAPSHOT.jar"
+ asciiarmor="true"/>
+</project>
+-----
Modified: jakarta/commons/sandbox/openpgp/trunk/src/site/site.xml
URL: http://svn.apache.org/viewvc/jakarta/commons/sandbox/openpgp/trunk/src/site/site.xml?view=diff&rev=464797&r1=464796&r2=464797
==============================================================================
--- jakarta/commons/sandbox/openpgp/trunk/src/site/site.xml (original)
+++ jakarta/commons/sandbox/openpgp/trunk/src/site/site.xml Mon Oct 16 21:21:38 2006
@@ -13,6 +13,7 @@
<menu name="Subproject menu">
<item name="Introduction" href="/index.html" />
<item name="Usage" href="/usage.html" />
+ <item name="Signer Ant Task" href="/signer.html"/>
</menu>
${reports}
</body>
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org