Implement List command, adapt changes from cert-d-java

This commit is contained in:
Paul Schaub 2022-08-12 15:04:54 +02:00
parent cd0150c4d9
commit 7a02ec865b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
21 changed files with 151 additions and 44 deletions

View file

@ -10,8 +10,8 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.pgpainless.certificate_store.CertificateFactory; import org.pgpainless.certificate_store.CertificateFactory;
import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.OpenPgpFingerprint;
import pgp.certificate.KeyMaterial; import pgp.certificate_store.certificate.KeyMaterial;
import pgp.certificate.KeyMaterialMerger; import pgp.certificate_store.certificate.KeyMaterialMerger;
import java.io.IOException; import java.io.IOException;
import java.util.Iterator; import java.util.Iterator;

View file

@ -6,13 +6,15 @@ package pgp.cert_d.cli;
import org.pgpainless.certificate_store.PGPainlessCertD; import org.pgpainless.certificate_store.PGPainlessCertD;
import pgp.cert_d.BaseDirectoryProvider; import pgp.cert_d.BaseDirectoryProvider;
import pgp.cert_d.exception.NotAStoreException;
import pgp.cert_d.cli.commands.Export; import pgp.cert_d.cli.commands.Export;
import pgp.cert_d.cli.commands.Find;
import pgp.cert_d.cli.commands.Get; import pgp.cert_d.cli.commands.Get;
import pgp.cert_d.cli.commands.Insert; import pgp.cert_d.cli.commands.Insert;
import pgp.cert_d.cli.commands.Import; import pgp.cert_d.cli.commands.Import;
import pgp.cert_d.cli.commands.List; import pgp.cert_d.cli.commands.List;
import pgp.cert_d.cli.commands.Setup; import pgp.cert_d.cli.commands.Setup;
import pgp.cert_d.jdbc.sqlite.DatabaseSubkeyLookupFactory;
import pgp.certificate_store.exception.NotAStoreException;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.File; import java.io.File;
@ -28,7 +30,8 @@ import java.sql.SQLException;
Import.class, Import.class,
Get.class, Get.class,
Setup.class, Setup.class,
List.class List.class,
Find.class
} }
) )
public class PGPCertDCli { public class PGPCertDCli {
@ -53,7 +56,7 @@ public class PGPCertDCli {
baseDirectory = BaseDirectoryProvider.getDefaultBaseDir(); baseDirectory = BaseDirectoryProvider.getDefaultBaseDir();
} }
PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory); PGPCertDCli.certificateDirectory = PGPainlessCertD.fileBased(baseDirectory, new DatabaseSubkeyLookupFactory());
} }
public static void main(String[] args) { public static void main(String[] args) {

View file

@ -9,7 +9,7 @@ import org.bouncycastle.util.io.Streams;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.IOException; import java.io.IOException;

View file

@ -0,0 +1,57 @@
// SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
//
// SPDX-License-Identifier: Apache-2.0
package pgp.cert_d.cli.commands;
import org.pgpainless.key.OpenPgpFingerprint;
import pgp.cert_d.cli.PGPCertDCli;
import picocli.CommandLine;
import java.io.IOException;
import java.math.BigInteger;
import java.util.Set;
import java.util.regex.Pattern;
@CommandLine.Command(name = "find",
resourceBundle = "msg_find")
public class Find implements Runnable {
private static final Pattern LONG_KEY_ID = Pattern.compile("^[0-9A-Fa-f]{16}$");
@CommandLine.Parameters(
paramLabel = "IDENTIFIER",
arity = "1")
String identifier;
@Override
public void run() {
if (identifier == null) {
throw new IllegalArgumentException("No subkey ID provided.");
}
identifier = identifier.trim();
long subkeyId = 0;
try {
OpenPgpFingerprint fingerprint = OpenPgpFingerprint.parse(identifier);
subkeyId = fingerprint.getKeyId();
} catch (IllegalArgumentException e) {
if (!LONG_KEY_ID.matcher(identifier).matches()) {
throw new IllegalArgumentException("Provided long key-id does not match expected format. " +
"A long key-id consists of 16 hexadecimal characters.");
}
subkeyId = new BigInteger(identifier, 16).longValue();
}
try {
Set<String> fingerprints = PGPCertDCli.getCertificateDirectory()
.getCertificateFingerprintsForSubkeyId(subkeyId);
for (String fingerprint : fingerprints) {
// CHECKSTYLE:OFF
System.out.println(fingerprint);
// CHECKSTYLE:ON
}
} catch (IOException e) {
throw new RuntimeException(e);
}
}
}

View file

@ -4,14 +4,15 @@
package pgp.cert_d.cli.commands; package pgp.cert_d.cli.commands;
import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.util.io.Streams; import org.bouncycastle.util.io.Streams;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import pgp.cert_d.exception.BadDataException;
import pgp.cert_d.exception.BadNameException;
import pgp.cert_d.SpecialNames; import pgp.cert_d.SpecialNames;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate.KeyMaterial; import pgp.certificate_store.certificate.KeyMaterial;
import pgp.certificate_store.exception.BadDataException;
import pgp.certificate_store.exception.BadNameException;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.IOException; import java.io.IOException;
@ -22,6 +23,9 @@ public class Get implements Runnable {
private static final Logger LOGGER = LoggerFactory.getLogger(Get.class); private static final Logger LOGGER = LoggerFactory.getLogger(Get.class);
@CommandLine.Option(names = {"-a", "--armor"})
boolean armor = false;
@CommandLine.Parameters( @CommandLine.Parameters(
paramLabel = "IDENTIFIER", paramLabel = "IDENTIFIER",
arity = "1" arity = "1"
@ -35,12 +39,20 @@ public class Get implements Runnable {
if (SpecialNames.lookupSpecialName(identifer) != null) { if (SpecialNames.lookupSpecialName(identifer) != null) {
record = PGPCertDCli.getCertificateDirectory().getBySpecialName(identifer); record = PGPCertDCli.getCertificateDirectory().getBySpecialName(identifer);
} else { } else {
record = PGPCertDCli.getCertificateDirectory().getByFingerprint(identifer); record = PGPCertDCli.getCertificateDirectory().getByFingerprint(identifer.toLowerCase());
} }
if (record == null) { if (record == null) {
return; return;
} }
if (armor) {
ArmoredOutputStream armorOut = new ArmoredOutputStream(System.out);
Streams.pipeAll(record.getInputStream(), armorOut);
armorOut.close();
} else {
Streams.pipeAll(record.getInputStream(), System.out); Streams.pipeAll(record.getInputStream(), System.out);
}
} catch (IOException e) { } catch (IOException e) {
LOGGER.error("IO Error", e); LOGGER.error("IO Error", e);
System.exit(-1); System.exit(-1);

View file

@ -10,10 +10,10 @@ import org.bouncycastle.openpgp.PGPPublicKeyRingCollection;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import pgp.cert_d.exception.BadDataException;
import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.MergeCallbacks;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import pgp.certificate_store.exception.BadDataException;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;

View file

@ -6,10 +6,10 @@ package pgp.cert_d.cli.commands;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import pgp.cert_d.exception.BadDataException;
import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.MergeCallbacks;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import pgp.certificate_store.exception.BadDataException;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.IOException; import java.io.IOException;

View file

@ -5,7 +5,7 @@
package pgp.cert_d.cli.commands; package pgp.cert_d.cli.commands;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import picocli.CommandLine; import picocli.CommandLine;
import java.util.Iterator; import java.util.Iterator;

View file

@ -15,9 +15,9 @@ import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.util.Passphrase; import org.pgpainless.util.Passphrase;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import pgp.cert_d.exception.BadDataException;
import pgp.cert_d.cli.MergeCallbacks; import pgp.cert_d.cli.MergeCallbacks;
import pgp.cert_d.cli.PGPCertDCli; import pgp.cert_d.cli.PGPCertDCli;
import pgp.certificate_store.exception.BadDataException;
import picocli.CommandLine; import picocli.CommandLine;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;

View file

@ -2,6 +2,7 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
usage.header=Export all certificates in the store to Standard Output usage.header=Export all certificates in the store to Standard Output
armor=Wrap the output in ASCII armor
# Generic TODO: Remove when bumping picocli to 4.7.0 # Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Usage:\u0020 usage.synopsisHeading=Usage:\u0020

View file

@ -2,6 +2,7 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
usage.header=Exportiere alle gespeicherten Zertifikate zur Standardausgabe usage.header=Exportiere alle gespeicherten Zertifikate zur Standardausgabe
armor=Verpacke the Ausgabe in ASCII Armor
# Generic TODO: Remove when bumping picocli to 4.7.0 # Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Aufruf:\u0020 usage.synopsisHeading=Aufruf:\u0020

View file

@ -0,0 +1,11 @@
# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
#
# SPDX-License-Identifier: Apache-2.0
usage.header=Lookup primary certificate fingerprints by subkey ids or fingerprints
# Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Usage:\u0020
usage.commandListHeading = %nCommands:%n
usage.optionListHeading = %nOptions:%n
usage.footerHeading=Powered by picocli%n
store=Overwrite the default certificate directory path

View file

@ -0,0 +1,11 @@
# SPDX-FileCopyrightText: 2022 Paul Schaub <vanitasvitae@fsfe.org>
#
# SPDX-License-Identifier: Apache-2.0
usage.header=Schlage primäre Fingerabdrücke von Zertifikaten per ID oder Fingerabdruck von Unterschlüsseln nach
# Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Aufruf:\u0020
usage.commandListHeading=%nBefehle:%n
usage.optionListHeading = %nOptionen:%n
usage.footerHeading=Powered by Picocli%n
store=Überschreibe den Standardpfad des Zertifikatsverzeichnisses

View file

@ -3,6 +3,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
usage.header=Retrieve certificates from the store usage.header=Retrieve certificates from the store
IDENTIFIER[0]=Certificate identifier (fingerprint or special name) IDENTIFIER[0]=Certificate identifier (fingerprint or special name)
armor=Wrap the output in ASCII armor
# Generic TODO: Remove when bumping picocli to 4.7.0 # Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Usage:\u0020 usage.synopsisHeading=Usage:\u0020

View file

@ -3,6 +3,7 @@
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
usage.header=Frage Zertifikate aus dem Speicher ab usage.header=Frage Zertifikate aus dem Speicher ab
IDENTIFIER[0]=Zertifikatskennung (Fingerabdruck oder Spezialname) IDENTIFIER[0]=Zertifikatskennung (Fingerabdruck oder Spezialname)
armor=Verpacke the Ausgabe in ASCII Armor
# Generic TODO: Remove when bumping picocli to 4.7.0 # Generic TODO: Remove when bumping picocli to 4.7.0
usage.synopsisHeading=Aufruf:\u0020 usage.synopsisHeading=Aufruf:\u0020

View file

@ -34,6 +34,7 @@ dependencies {
// pgp.cert.d // pgp.cert.d
api "org.pgpainless:pgp-cert-d-java:$pgpCertDJavaVersion" api "org.pgpainless:pgp-cert-d-java:$pgpCertDJavaVersion"
api "org.pgpainless:pgp-certificate-store:$pgpCertDJavaVersion"
} }
animalsniffer { animalsniffer {

View file

@ -8,16 +8,16 @@ import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.util.encoders.Base64; import org.bouncycastle.util.encoders.Base64;
import org.pgpainless.key.OpenPgpFingerprint; import org.pgpainless.key.OpenPgpFingerprint;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.HashSet; import java.util.ArrayList;
import java.util.Iterator; import java.util.Iterator;
import java.util.Set; import java.util.List;
public class CertificateFactory { public class CertificateFactory {
@ -46,8 +46,8 @@ public class CertificateFactory {
} }
@Override @Override
public Set<Long> getSubkeyIds() throws IOException { public List<Long> getSubkeyIds() throws IOException {
Set<Long> keyIds = new HashSet<>(); List<Long> keyIds = new ArrayList<>();
Iterator<PGPPublicKey> keys = publicKeyRing.getPublicKeys(); Iterator<PGPPublicKey> keys = publicKeyRing.getPublicKeys();
while (keys.hasNext()) { while (keys.hasNext()) {
keyIds.add(keys.next().getKeyID()); keyIds.add(keys.next().getKeyID());

View file

@ -8,15 +8,15 @@ import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.bouncycastle.util.encoders.Base64; import org.bouncycastle.util.encoders.Base64;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.Certificate;
import pgp.certificate.Key; import pgp.certificate_store.certificate.Key;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.util.Set; import java.util.List;
public class KeyFactory { public class KeyFactory {
@ -52,7 +52,7 @@ public class KeyFactory {
} }
@Override @Override
public Set<Long> getSubkeyIds() throws IOException { public List<Long> getSubkeyIds() throws IOException {
return getCertificate().getSubkeyIds(); return getCertificate().getSubkeyIds();
} }
}; };

View file

@ -8,9 +8,9 @@ import org.bouncycastle.openpgp.PGPKeyRing;
import org.bouncycastle.openpgp.PGPPublicKeyRing; import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.bouncycastle.openpgp.PGPSecretKeyRing; import org.bouncycastle.openpgp.PGPSecretKeyRing;
import org.pgpainless.PGPainless; import org.pgpainless.PGPainless;
import pgp.cert_d.exception.BadDataException; import pgp.certificate_store.certificate.KeyMaterial;
import pgp.certificate.KeyMaterial; import pgp.certificate_store.certificate.KeyMaterialReaderBackend;
import pgp.certificate.KeyMaterialReaderBackend; import pgp.certificate_store.exception.BadDataException;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;

View file

@ -7,8 +7,11 @@ package org.pgpainless.certificate_store;
import pgp.cert_d.BaseDirectoryProvider; import pgp.cert_d.BaseDirectoryProvider;
import pgp.cert_d.backend.FileBasedCertificateDirectoryBackend; import pgp.cert_d.backend.FileBasedCertificateDirectoryBackend;
import pgp.cert_d.backend.InMemoryCertificateDirectoryBackend; import pgp.cert_d.backend.InMemoryCertificateDirectoryBackend;
import pgp.cert_d.exception.NotAStoreException;
import pgp.cert_d.PGPCertificateDirectory; import pgp.cert_d.PGPCertificateDirectory;
import pgp.cert_d.subkey_lookup.InMemorySubkeyLookup;
import pgp.cert_d.subkey_lookup.SubkeyLookup;
import pgp.cert_d.subkey_lookup.SubkeyLookupFactory;
import pgp.certificate_store.exception.NotAStoreException;
import java.io.File; import java.io.File;
@ -16,21 +19,25 @@ public class PGPainlessCertD extends PGPCertificateDirectory {
private static final KeyMaterialReader keyMaterialReader = new KeyMaterialReader(); private static final KeyMaterialReader keyMaterialReader = new KeyMaterialReader();
public PGPainlessCertD(Backend backend) { public PGPainlessCertD(Backend backend, SubkeyLookup subkeyLookup) {
super(backend); super(backend, subkeyLookup);
} }
public static PGPainlessCertD inMemory() { public static PGPainlessCertD inMemory() {
Backend backend = new InMemoryCertificateDirectoryBackend(keyMaterialReader); Backend backend = new InMemoryCertificateDirectoryBackend(keyMaterialReader);
return new PGPainlessCertD(backend); SubkeyLookup subkeyLookup = new InMemorySubkeyLookup();
return new PGPainlessCertD(backend, subkeyLookup);
} }
public static PGPainlessCertD fileBased() throws NotAStoreException { public static PGPainlessCertD fileBased(SubkeyLookupFactory subkeyLookupFactory)
return fileBased(BaseDirectoryProvider.getDefaultBaseDir()); throws NotAStoreException {
return fileBased(BaseDirectoryProvider.getDefaultBaseDir(), subkeyLookupFactory);
} }
public static PGPainlessCertD fileBased(File baseDirectory) throws NotAStoreException { public static PGPainlessCertD fileBased(File baseDirectory, SubkeyLookupFactory subkeyLookupFactory)
throws NotAStoreException {
Backend backend = new FileBasedCertificateDirectoryBackend(baseDirectory, keyMaterialReader); Backend backend = new FileBasedCertificateDirectoryBackend(baseDirectory, keyMaterialReader);
return new PGPainlessCertD(backend); SubkeyLookup subkeyLookup = subkeyLookupFactory.createFileBasedInstance(baseDirectory);
return new PGPainlessCertD(backend, subkeyLookup);
} }
} }

View file

@ -36,12 +36,13 @@ import org.pgpainless.key.OpenPgpFingerprint;
import org.pgpainless.key.generation.KeySpec; import org.pgpainless.key.generation.KeySpec;
import org.pgpainless.key.generation.type.KeyType; import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve; import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import pgp.cert_d.exception.BadDataException; import pgp.cert_d.subkey_lookup.InMemorySubkeyLookupFactory;
import pgp.cert_d.exception.BadNameException; import pgp.certificate_store.certificate.Certificate;
import pgp.cert_d.exception.NotAStoreException; import pgp.certificate_store.certificate.KeyMaterial;
import pgp.certificate.Certificate; import pgp.certificate_store.certificate.KeyMaterialMerger;
import pgp.certificate.KeyMaterial; import pgp.certificate_store.exception.BadDataException;
import pgp.certificate.KeyMaterialMerger; import pgp.certificate_store.exception.BadNameException;
import pgp.certificate_store.exception.NotAStoreException;
public class SharedPGPCertificateDirectoryTest { public class SharedPGPCertificateDirectoryTest {
@ -54,7 +55,7 @@ public class SharedPGPCertificateDirectoryTest {
private static Stream<PGPainlessCertD> provideTestSubjects() throws IOException, NotAStoreException { private static Stream<PGPainlessCertD> provideTestSubjects() throws IOException, NotAStoreException {
return Stream.of( return Stream.of(
PGPainlessCertD.fileBased(tempDir())); PGPainlessCertD.fileBased(tempDir(), new InMemorySubkeyLookupFactory()));
} }
private static File tempDir() throws IOException { private static File tempDir() throws IOException {