Implement List command, adapt changes from cert-d-java

2022-08-12 15:04:54 +02:00 · 2022-08-12 15:04:54 +02:00 · 7a02ec865b
parent cd0150c4d9
commit 7a02ec865b
21 changed files with 151 additions and 44 deletions
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/MergeCallbacks.java
@ -10,8 +10,8 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.pgpainless.PGPainless;
 import org.pgpainless.certificate_store.CertificateFactory;
 import org.pgpainless.key.OpenPgpFingerprint;
-import pgp.certificate.KeyMaterial;
-import pgp.certificate.KeyMaterialMerger;
+import pgp.certificate_store.certificate.KeyMaterial;
+import pgp.certificate_store.certificate.KeyMaterialMerger;

 import java.io.IOException;
 import java.util.Iterator;
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/PGPCertDCli.java
@ -6,13 +6,15 @@ package pgp.cert_d.cli;

 import org.pgpainless.certificate_store.PGPainlessCertD;
 import pgp.cert_d.BaseDirectoryProvider;
-import pgp.cert_d.exception.NotAStoreException;
 import pgp.cert_d.cli.commands.Export;
+import pgp.cert_d.cli.commands.Find;
 import pgp.cert_d.cli.commands.Get;
 import pgp.cert_d.cli.commands.Insert;
 import pgp.cert_d.cli.commands.Import;
 import pgp.cert_d.cli.commands.List;
 import pgp.cert_d.cli.commands.Setup;
+import pgp.cert_d.jdbc.sqlite.DatabaseSubkeyLookupFactory;
+import pgp.certificate_store.exception.NotAStoreException;
 import picocli.CommandLine;

 import java.io.File;
@ -28,7 +30,8 @@ import java.sql.SQLException;
                Import.class,
                Get.class,
                Setup.class,
-                List.class
+                List.class,
+                Find.class
        }
 )
 public class PGPCertDCli {
@ -53,7 +56,7 @@ public class PGPCertDCli {
            baseDirectory = BaseDirectoryProvider.getDefaultBaseDir();
        }

-        PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory);
+        PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory, new DatabaseSubkeyLookupFactory());
    }

    public static void main(String[] args) {
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Export.java
@ -9,7 +9,7 @@ import org.bouncycastle.util.io.Streams;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import pgp.cert_d.cli.PGPCertDCli;
-import pgp.certificate.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import picocli.CommandLine;

 import java.io.IOException;
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Find.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Find.java
@ -0,0 +1,57 @@
+// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+//
+// SPDX-License-Identifier: Apache-2.0
+
+package pgp.cert_d.cli.commands;
+
+import org.pgpainless.key.OpenPgpFingerprint;
+import pgp.cert_d.cli.PGPCertDCli;
+import picocli.CommandLine;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+@CommandLine.Command(name = "find",
+        resourceBundle = "msg_find")
+public class Find implements Runnable {
+
+    private static final Pattern LONG_KEY_ID = Pattern.compile("^[0-9A-Fa-f]{16}$");
+
+    @CommandLine.Parameters(
+            paramLabel = "IDENTIFIER",
+            arity = "1")
+    String identifier;
+
+    @Override
+    public void run() {
+        if (identifier == null) {
+            throw new IllegalArgumentException("No subkey ID provided.");
+        }
+        identifier = identifier.trim();
+        long subkeyId = 0;
+        try {
+            OpenPgpFingerprint fingerprint = OpenPgpFingerprint.parse(identifier);
+            subkeyId = fingerprint.getKeyId();
+        } catch (IllegalArgumentException e) {
+            if (!LONG_KEY_ID.matcher(identifier).matches()) {
+                throw new IllegalArgumentException("Provided long key-id does not match expected format. " +
+                        "A long key-id consists of 16 hexadecimal characters.");
+            }
+            subkeyId =  new BigInteger(identifier, 16).longValue();
+        }
+
+        try {
+            Set<String> fingerprints = PGPCertDCli.getCertificateDirectory()
+                    .getCertificateFingerprintsForSubkeyId(subkeyId);
+            for (String fingerprint : fingerprints) {
+                // CHECKSTYLE:OFF
+                System.out.println(fingerprint);
+                // CHECKSTYLE:ON
+            }
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+}
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Get.java
@ -4,14 +4,15 @@

 package pgp.cert_d.cli.commands;

+import org.bouncycastle.bcpg.ArmoredOutputStream;
 import org.bouncycastle.util.io.Streams;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import pgp.cert_d.exception.BadDataException;
-import pgp.cert_d.exception.BadNameException;
 import pgp.cert_d.SpecialNames;
 import pgp.cert_d.cli.PGPCertDCli;
-import pgp.certificate.KeyMaterial;
+import pgp.certificate_store.certificate.KeyMaterial;
+import pgp.certificate_store.exception.BadDataException;
+import pgp.certificate_store.exception.BadNameException;
 import picocli.CommandLine;

 import java.io.IOException;
@ -22,6 +23,9 @@ public class Get implements Runnable {

    private static final Logger LOGGER = LoggerFactory.getLogger(Get.class);

+    @CommandLine.Option(names = {"-a", "--armor"})
+    boolean armor = false;
+
    @CommandLine.Parameters(
            paramLabel = "IDENTIFIER",
            arity = "1"
@ -35,12 +39,20 @@ public class Get implements Runnable {
            if (SpecialNames.lookupSpecialName(identifer) != null) {
                record = PGPCertDCli.getCertificateDirectory().getBySpecialName(identifer);
            } else {
-                record = PGPCertDCli.getCertificateDirectory().getByFingerprint(identifer);
+                record = PGPCertDCli.getCertificateDirectory().getByFingerprint(identifer.toLowerCase());
            }
            if (record == null) {
                return;
            }
-            Streams.pipeAll(record.getInputStream(), System.out);
+
+            if (armor) {
+                ArmoredOutputStream armorOut = new ArmoredOutputStream(System.out);
+                Streams.pipeAll(record.getInputStream(), armorOut);
+                armorOut.close();
+            } else {
+                Streams.pipeAll(record.getInputStream(), System.out);
+            }
+
        } catch (IOException e) {
            LOGGER.error("IO Error", e);
            System.exit(-1);
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Import.java
@ -10,10 +10,10 @@ import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
 import org.pgpainless.PGPainless;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import pgp.cert_d.exception.BadDataException;
 import pgp.cert_d.cli.MergeCallbacks;
 import pgp.cert_d.cli.PGPCertDCli;
-import pgp.certificate.Certificate;
+import pgp.certificate_store.certificate.Certificate;
+import pgp.certificate_store.exception.BadDataException;
 import picocli.CommandLine;

 import java.io.ByteArrayInputStream;
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Insert.java
@ -6,10 +6,10 @@ package pgp.cert_d.cli.commands;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import pgp.cert_d.exception.BadDataException;
 import pgp.cert_d.cli.MergeCallbacks;
 import pgp.cert_d.cli.PGPCertDCli;
-import pgp.certificate.Certificate;
+import pgp.certificate_store.certificate.Certificate;
+import pgp.certificate_store.exception.BadDataException;
 import picocli.CommandLine;

 import java.io.IOException;
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/List.java
@ -5,7 +5,7 @@
 package pgp.cert_d.cli.commands;

 import pgp.cert_d.cli.PGPCertDCli;
-import pgp.certificate.Certificate;
+import pgp.certificate_store.certificate.Certificate;
 import picocli.CommandLine;

 import java.util.Iterator;
--- a/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java
+++ b/pgpainless-cert-d-cli/src/main/java/pgp/cert_d/cli/commands/Setup.java
@ -15,9 +15,9 @@ import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
 import org.pgpainless.util.Passphrase;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import pgp.cert_d.exception.BadDataException;
 import pgp.cert_d.cli.MergeCallbacks;
 import pgp.cert_d.cli.PGPCertDCli;
+import pgp.certificate_store.exception.BadDataException;
 import picocli.CommandLine;

 import java.io.ByteArrayInputStream;
--- a/pgpainless-cert-d-cli/src/main/resources/msg_export.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_export.properties
@ -2,6 +2,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 usage.header=Export all certificates in the store to Standard Output
+armor=Wrap the output in ASCII armor

 # Generic TODO: Remove when bumping picocli to 4.7.0
 usage.synopsisHeading=Usage:\u0020
--- a/pgpainless-cert-d-cli/src/main/resources/msg_export_de.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_export_de.properties
@ -2,6 +2,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 usage.header=Exportiere alle gespeicherten Zertifikate zur Standardausgabe
+armor=Verpacke the Ausgabe in ASCII Armor

 # Generic TODO: Remove when bumping picocli to 4.7.0
 usage.synopsisHeading=Aufruf:\u0020
--- a/pgpainless-cert-d-cli/src/main/resources/msg_find.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_find.properties
@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Lookup primary certificate fingerprints by subkey ids or fingerprints
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Usage:\u0020
+usage.commandListHeading = %nCommands:%n
+usage.optionListHeading = %nOptions:%n
+usage.footerHeading=Powered by picocli%n
+store=Overwrite the default certificate directory path
--- a/pgpainless-cert-d-cli/src/main/resources/msg_find_de.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_find_de.properties
@ -0,0 +1,11 @@
+# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
+#
+# SPDX-License-Identifier: Apache-2.0
+usage.header=Schlage primäre Fingerabdrücke von Zertifikaten per ID oder Fingerabdruck von Unterschlüsseln nach
+
+# Generic TODO: Remove when bumping picocli to 4.7.0
+usage.synopsisHeading=Aufruf:\u0020
+usage.commandListHeading=%nBefehle:%n
+usage.optionListHeading = %nOptionen:%n
+usage.footerHeading=Powered by Picocli%n
+store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses
--- a/pgpainless-cert-d-cli/src/main/resources/msg_get.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_get.properties
@ -3,6 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 usage.header=Retrieve certificates from the store
 IDENTIFIER[0]=Certificate identifier (fingerprint or special name)
+armor=Wrap the output in ASCII armor

 # Generic TODO: Remove when bumping picocli to 4.7.0
 usage.synopsisHeading=Usage:\u0020
--- a/pgpainless-cert-d-cli/src/main/resources/msg_get_de.properties
+++ b/pgpainless-cert-d-cli/src/main/resources/msg_get_de.properties
@ -3,6 +3,7 @@
 # SPDX-License-Identifier: Apache-2.0
 usage.header=Frage Zertifikate aus dem Speicher ab
 IDENTIFIER[0]=Zertifikatskennung (Fingerabdruck oder Spezialname)
+armor=Verpacke the Ausgabe in ASCII Armor

 # Generic TODO: Remove when bumping picocli to 4.7.0
 usage.synopsisHeading=Aufruf:\u0020
--- a/pgpainless-cert-d/build.gradle
+++ b/pgpainless-cert-d/build.gradle
@ -34,6 +34,7 @@ dependencies {

    // pgp.cert.d
    api "org.pgpainless:pgp-cert-d-java:$pgpCertDJavaVersion"
+    api "org.pgpainless:pgp-certificate-store:$pgpCertDJavaVersion"
 }

 animalsniffer {
--- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java
+++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/CertificateFactory.java
@ -8,16 +8,16 @@ import org.bouncycastle.openpgp.PGPPublicKey;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.bouncycastle.util.encoders.Base64;
 import org.pgpainless.key.OpenPgpFingerprint;
-import pgp.certificate.Certificate;
+import pgp.certificate_store.certificate.Certificate;

 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.util.HashSet;
+import java.util.ArrayList;
 import java.util.Iterator;
-import java.util.Set;
+import java.util.List;

 public class CertificateFactory {

@ -46,8 +46,8 @@ public class CertificateFactory {
            }

            @Override
-            public Set<Long> getSubkeyIds() throws IOException {
-                Set<Long> keyIds = new HashSet<>();
+            public List<Long> getSubkeyIds() throws IOException {
+                List<Long> keyIds = new ArrayList<>();
                Iterator<PGPPublicKey> keys = publicKeyRing.getPublicKeys();
                while (keys.hasNext()) {
                    keyIds.add(keys.next().getKeyID());
--- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java
+++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyFactory.java
@ -8,15 +8,15 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.bouncycastle.util.encoders.Base64;
 import org.pgpainless.PGPainless;
-import pgp.certificate.Certificate;
-import pgp.certificate.Key;
+import pgp.certificate_store.certificate.Certificate;
+import pgp.certificate_store.certificate.Key;

 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.util.Set;
+import java.util.List;

 public class KeyFactory {

@ -52,7 +52,7 @@ public class KeyFactory {
            }

            @Override
-            public Set<Long> getSubkeyIds() throws IOException {
+            public List<Long> getSubkeyIds() throws IOException {
                return getCertificate().getSubkeyIds();
            }
        };
--- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java
+++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/KeyMaterialReader.java
@ -8,9 +8,9 @@ import org.bouncycastle.openpgp.PGPKeyRing;
 import org.bouncycastle.openpgp.PGPPublicKeyRing;
 import org.bouncycastle.openpgp.PGPSecretKeyRing;
 import org.pgpainless.PGPainless;
-import pgp.cert_d.exception.BadDataException;
-import pgp.certificate.KeyMaterial;
-import pgp.certificate.KeyMaterialReaderBackend;
+import pgp.certificate_store.certificate.KeyMaterial;
+import pgp.certificate_store.certificate.KeyMaterialReaderBackend;
+import pgp.certificate_store.exception.BadDataException;

 import java.io.IOException;
 import java.io.InputStream;
--- a/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java
+++ b/pgpainless-cert-d/src/main/java/org/pgpainless/certificate_store/PGPainlessCertD.java
@ -7,8 +7,11 @@ package org.pgpainless.certificate_store;
 import pgp.cert_d.BaseDirectoryProvider;
 import pgp.cert_d.backend.FileBasedCertificateDirectoryBackend;
 import pgp.cert_d.backend.InMemoryCertificateDirectoryBackend;
-import pgp.cert_d.exception.NotAStoreException;
 import pgp.cert_d.PGPCertificateDirectory;
+import pgp.cert_d.subkey_lookup.InMemorySubkeyLookup;
+import pgp.cert_d.subkey_lookup.SubkeyLookup;
+import pgp.cert_d.subkey_lookup.SubkeyLookupFactory;
+import pgp.certificate_store.exception.NotAStoreException;

 import java.io.File;

@ -16,21 +19,25 @@ public class PGPainlessCertD extends PGPCertificateDirectory {

    private static final KeyMaterialReader keyMaterialReader = new KeyMaterialReader();

-    public PGPainlessCertD(Backend backend) {
-        super(backend);
+    public PGPainlessCertD(Backend backend, SubkeyLookup subkeyLookup) {
+        super(backend, subkeyLookup);
    }

    public static PGPainlessCertD inMemory() {
        Backend backend = new InMemoryCertificateDirectoryBackend(keyMaterialReader);
-        return new PGPainlessCertD(backend);
+        SubkeyLookup subkeyLookup = new InMemorySubkeyLookup();
+        return new PGPainlessCertD(backend, subkeyLookup);
    }

-    public static PGPainlessCertD fileBased() throws NotAStoreException {
-        return fileBased(BaseDirectoryProvider.getDefaultBaseDir());
+    public static PGPainlessCertD fileBased(SubkeyLookupFactory subkeyLookupFactory)
+            throws NotAStoreException {
+        return fileBased(BaseDirectoryProvider.getDefaultBaseDir(), subkeyLookupFactory);
    }

-    public static PGPainlessCertD fileBased(File baseDirectory) throws NotAStoreException {
+    public static PGPainlessCertD fileBased(File baseDirectory, SubkeyLookupFactory subkeyLookupFactory)
+            throws NotAStoreException {
        Backend backend = new FileBasedCertificateDirectoryBackend(baseDirectory, keyMaterialReader);
-        return new PGPainlessCertD(backend);
+        SubkeyLookup subkeyLookup = subkeyLookupFactory.createFileBasedInstance(baseDirectory);
+        return new PGPainlessCertD(backend, subkeyLookup);
    }
 }
--- a/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java
+++ b/pgpainless-cert-d/src/test/java/org/pgpainless/cert_d/SharedPGPCertificateDirectoryTest.java
@ -36,12 +36,13 @@ import org.pgpainless.key.OpenPgpFingerprint;
 import org.pgpainless.key.generation.KeySpec;
 import org.pgpainless.key.generation.type.KeyType;
 import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
-import pgp.cert_d.exception.BadDataException;
-import pgp.cert_d.exception.BadNameException;
-import pgp.cert_d.exception.NotAStoreException;
-import pgp.certificate.Certificate;
-import pgp.certificate.KeyMaterial;
-import pgp.certificate.KeyMaterialMerger;
+import pgp.cert_d.subkey_lookup.InMemorySubkeyLookupFactory;
+import pgp.certificate_store.certificate.Certificate;
+import pgp.certificate_store.certificate.KeyMaterial;
+import pgp.certificate_store.certificate.KeyMaterialMerger;
+import pgp.certificate_store.exception.BadDataException;
+import pgp.certificate_store.exception.BadNameException;
+import pgp.certificate_store.exception.NotAStoreException;

 public class SharedPGPCertificateDirectoryTest {

@ -54,7 +55,7 @@ public class SharedPGPCertificateDirectoryTest {

    private static Stream<PGPainlessCertD> provideTestSubjects() throws IOException, NotAStoreException {
        return Stream.of(
-                PGPainlessCertD.fileBased(tempDir()));
+                PGPainlessCertD.fileBased(tempDir(), new InMemorySubkeyLookupFactory()));
    }

    private static File tempDir() throws IOException {